Warning: Permanently added '10.128.0.56' (ED25519) to the list of known hosts.
2026/05/02 14:03:51 parsed 1 programs
syzkaller login: [   81.589398][   T31] cfg80211: failed to load regulatory.db
[   81.850022][ T5613] cgroup: Unknown subsys name 'net'
[   82.090622][ T5613] cgroup: Unknown subsys name 'cpuset'
[   82.147178][ T5613] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   83.809248][ T5613] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   88.120729][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   88.122202][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   88.122856][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   88.123838][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   88.124773][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   90.550827][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.550851][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.659035][ T1183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.659055][ T1183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.072708][ T5696] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.076584][ T5696] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.076846][ T5696] bridge_slave_0: entered allmulticast mode
[   93.079175][ T5696] bridge_slave_0: entered promiscuous mode
[   93.104235][ T5696] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.104299][ T5696] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.104557][ T5696] bridge_slave_1: entered allmulticast mode
[   93.105962][ T5696] bridge_slave_1: entered promiscuous mode
[   93.166127][ T5696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.173134][ T5696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.201799][ T5696] team0: Port device team_slave_0 added
[   93.203679][ T5696] team0: Port device team_slave_1 added
[   93.235187][ T5696] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.235196][ T5696] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   93.235209][ T5696] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.238284][ T5696] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.238296][ T5696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   93.238320][ T5696] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.320678][ T5696] hsr_slave_0: entered promiscuous mode
[   93.321989][ T5696] hsr_slave_1: entered promiscuous mode
[   93.920943][ T5696] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.972264][ T5696] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   93.989879][ T5696] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.029989][ T5696] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   94.031551][ T5696] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.062212][ T5696] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   94.063336][ T5696] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.112526][ T5696] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   94.228984][ T5696] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.254934][ T5696] 8021q: adding VLAN 0 to HW filter on device team0
[   94.281763][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.282560][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.301194][ T3381] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.301311][ T3381] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.642388][ T5696] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.710794][ T5696] veth0_vlan: entered promiscuous mode
[   94.720270][ T5696] veth1_vlan: entered promiscuous mode
[   94.770286][ T5696] veth0_macvtap: entered promiscuous mode
[   94.774679][ T5696] veth1_macvtap: entered promiscuous mode
[   94.792101][ T5696] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.809189][ T5696] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.838855][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.841014][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.841052][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.841085][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.413195][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.661373][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/05/02 14:04:08 executed programs: 0
[   95.894847][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.896558][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.917911][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.921662][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.924332][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   95.938883][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.220954][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.613510][ T5738] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.613608][ T5738] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.613692][ T5738] bridge_slave_0: entered allmulticast mode
[   96.615017][ T5738] bridge_slave_0: entered promiscuous mode
[   96.635680][ T5738] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.635803][ T5738] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.636018][ T5738] bridge_slave_1: entered allmulticast mode
[   96.638763][ T5738] bridge_slave_1: entered promiscuous mode
[   96.686989][ T5738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.690021][ T5738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.720068][ T5738] team0: Port device team_slave_0 added
[   96.723894][ T5738] team0: Port device team_slave_1 added
[   96.866670][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.866687][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.866710][ T5738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.868518][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.868529][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.868550][ T5738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.943465][ T5738] hsr_slave_0: entered promiscuous mode
[   96.944592][ T5738] hsr_slave_1: entered promiscuous mode
[   96.945453][ T5738] debugfs: 'hsr0' already exists in 'hsr'
[   96.945541][ T5738] Cannot create hsr debugfs directory
[   97.966891][   T12] bridge_slave_1: left allmulticast mode
[   97.966989][   T12] bridge_slave_1: left promiscuous mode
[   97.971559][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.018928][   T59] Bluetooth: hci0: command tx timeout
[   98.037567][   T12] bridge_slave_0: left allmulticast mode
[   98.037588][   T12] bridge_slave_0: left promiscuous mode
[   98.037719][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.767745][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   98.847179][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.868356][   T12] bond0 (unregistering): Released all slaves
[   98.974463][ T5263] 8021q: adding VLAN 0 to HW filter on device eth1
[   99.216785][   T12] hsr_slave_0: left promiscuous mode
[   99.256775][   T12] hsr_slave_1: left promiscuous mode
[   99.258069][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.259705][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.328767][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.328790][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.427666][   T12] veth1_macvtap: left promiscuous mode
[   99.427799][   T12] veth0_macvtap: left promiscuous mode
[   99.428093][   T12] veth1_vlan: left promiscuous mode
[   99.430974][   T12] veth0_vlan: left promiscuous mode
[  100.078406][   T12] team0 (unregistering): Port device team_slave_1 removed
[  100.096724][   T59] Bluetooth: hci0: command tx timeout
[  100.117079][   T12] team0 (unregistering): Port device team_slave_0 removed
[  100.279136][ T5263] 8021q: adding VLAN 0 to HW filter on device eth2
[  101.118775][ T5738] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  101.178090][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  101.179389][ T5738] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  101.233981][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  101.235324][ T5738] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  101.280764][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  101.282679][ T5738] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.328996][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  101.421738][ T5738] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.438673][ T5738] 8021q: adding VLAN 0 to HW filter on device team0
[  101.458713][ T3381] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.458784][ T3381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.486355][ T3381] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.486424][ T3381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.964874][ T5738] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.018537][ T5738] veth0_vlan: entered promiscuous mode
[  102.023745][ T5738] veth1_vlan: entered promiscuous mode
[  102.069626][ T5738] veth0_macvtap: entered promiscuous mode
[  102.072848][ T5738] veth1_macvtap: entered promiscuous mode
[  102.101439][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.121130][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.136200][   T67] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.136243][   T67] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.136277][   T67] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.136308][   T67] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.181048][   T59] Bluetooth: hci0: command tx timeout
[  102.467210][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.467230][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.504043][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.504060][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/02 14:04:15 executed programs: 2
[  102.833053][ T5828] loop0: detected capacity change from 0 to 32768
[  102.931183][ T5828] 
[  102.931183][ T5828]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  102.931183][ T5828] 
[  103.000575][ T5738] 
[  103.000575][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.000575][ T5738] 
[  103.004304][ T5738] 
[  103.004304][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.004304][ T5738] 
[  103.436445][ T5829] loop0: detected capacity change from 0 to 32768
[  103.486120][ T5829] 
[  103.486120][ T5829]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.486120][ T5829] 
[  103.555964][ T5738] 
[  103.555964][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.555964][ T5738] 
[  103.616846][ T5738] 
[  103.616846][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.616846][ T5738] 
[  103.935376][ T5830] loop0: detected capacity change from 0 to 32768
[  103.954676][ T5830] 
[  103.954676][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.954676][ T5830] 
[  104.018133][ T5738] 
[  104.018133][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.018133][ T5738] 
[  104.018356][ T5738] 
[  104.018356][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.018356][ T5738] 
[  104.256823][   T59] Bluetooth: hci0: command tx timeout
[  104.347799][ T5831] loop0: detected capacity change from 0 to 32768
[  104.358733][ T5831] 
[  104.358733][ T5831]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.358733][ T5831] 
[  104.408355][ T5738] 
[  104.408355][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.408355][ T5738] 
[  104.408615][ T5738] 
[  104.408615][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.408615][ T5738] 
[  104.741493][ T5832] loop0: detected capacity change from 0 to 32768
[  104.769628][ T5832] 
[  104.769628][ T5832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.769628][ T5832] 
[  104.812029][ T5738] 
[  104.812029][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.812029][ T5738] 
[  104.812369][ T5738] 
[  104.812369][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  104.812369][ T5738] 
[  105.124020][ T5833] loop0: detected capacity change from 0 to 32768
[  105.151497][ T5833] 
[  105.151497][ T5833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.151497][ T5833] 
[  105.197130][ T5738] 
[  105.197130][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.197130][ T5738] 
[  105.197618][ T5738] 
[  105.197618][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.197618][ T5738] 
[  105.512469][ T5834] loop0: detected capacity change from 0 to 32768
[  105.531392][ T5834] 
[  105.531392][ T5834]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.531392][ T5834] 
[  105.576967][ T5738] 
[  105.576967][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.576967][ T5738] 
[  105.581824][ T5738] 
[  105.581824][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.581824][ T5738] 
[  105.914286][ T5835] loop0: detected capacity change from 0 to 32768
[  105.936393][ T5835] 
[  105.936393][ T5835]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.936393][ T5835] 
[  105.979264][ T5738] 
[  105.979264][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.979264][ T5738] 
[  105.979493][ T5738] 
[  105.979493][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  105.979493][ T5738] 
[  106.287265][ T5836] loop0: detected capacity change from 0 to 32768
[  106.308696][ T5836] 
[  106.308696][ T5836]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.308696][ T5836] 
[  106.356276][ T5738] 
[  106.356276][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.356276][ T5738] 
[  106.376389][ T5738] 
[  106.376389][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.376389][ T5738] 
[  106.674440][ T5837] loop0: detected capacity change from 0 to 32768
[  106.690531][ T5837] 
[  106.690531][ T5837]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.690531][ T5837] 
[  106.738265][ T5738] 
[  106.738265][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.738265][ T5738] 
[  106.738925][ T5738] 
[  106.738925][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  106.738925][ T5738] 
[  107.052944][ T5838] 
[  107.052944][ T5838]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.052944][ T5838] 
[  107.087074][ T5738] 
[  107.087074][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.087074][ T5738] 
[  107.087464][ T5738] 
[  107.087464][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.087464][ T5738] 
[  107.400397][ T5839] 
[  107.400397][ T5839]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.400397][ T5839] 
[  107.437085][ T5738] 
[  107.437085][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.437085][ T5738] 
[  107.437350][ T5738] 
[  107.437350][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.437350][ T5738] 
[  107.742310][ T5840] 
[  107.742310][ T5840]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.742310][ T5840] 
2026/05/02 14:04:20 executed programs: 15
[  107.817085][ T5738] 
[  107.817085][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.817085][ T5738] 
[  107.820926][ T5738] 
[  107.820926][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.820926][ T5738] 
[  108.132340][ T5841] set_capacity_and_notify: 3 callbacks suppressed
[  108.132351][ T5841] loop0: detected capacity change from 0 to 32768
[  108.154853][ T5841] 
[  108.154853][ T5841]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.154853][ T5841] 
[  108.197041][ T5738] 
[  108.197041][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.197041][ T5738] 
[  108.197411][ T5738] 
[  108.197411][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.197411][ T5738] 
[  108.504139][ T5842] loop0: detected capacity change from 0 to 32768
[  108.522604][ T5842] 
[  108.522604][ T5842]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.522604][ T5842] 
[  108.567173][ T5738] 
[  108.567173][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.567173][ T5738] 
[  108.567598][ T5738] 
[  108.567598][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.567598][ T5738] 
[  108.873770][ T5843] loop0: detected capacity change from 0 to 32768
[  108.894108][ T5843] 
[  108.894108][ T5843]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.894108][ T5843] 
[  108.926992][ T5738] 
[  108.926992][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.926992][ T5738] 
[  108.927314][ T5738] 
[  108.927314][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.927314][ T5738] 
[  109.221815][ T5844] loop0: detected capacity change from 0 to 32768
[  109.238364][ T5844] 
[  109.238364][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.238364][ T5844] 
[  109.287132][ T5738] 
[  109.287132][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.287132][ T5738] 
[  109.287688][ T5738] 
[  109.287688][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.287688][ T5738] 
[  109.584112][ T5845] loop0: detected capacity change from 0 to 32768
[  109.597787][ T5845] 
[  109.597787][ T5845]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.597787][ T5845] 
[  109.647008][ T5738] 
[  109.647008][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.647008][ T5738] 
[  109.647535][ T5738] 
[  109.647535][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.647535][ T5738] 
[  109.935747][ T5846] loop0: detected capacity change from 0 to 32768
[  109.950147][ T5846] 
[  109.950147][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.950147][ T5846] 
[  109.997028][ T5738] 
[  109.997028][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.997028][ T5738] 
[  109.997412][ T5738] 
[  109.997412][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  109.997412][ T5738] 
[  110.300103][ T5847] loop0: detected capacity change from 0 to 32768
[  110.339153][ T5847] 
[  110.339153][ T5847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.339153][ T5847] 
[  110.378599][ T5738] 
[  110.378599][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.378599][ T5738] 
[  110.378998][ T5738] 
[  110.378998][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.378998][ T5738] 
[  110.663138][ T5848] loop0: detected capacity change from 0 to 32768
[  110.682232][ T5848] 
[  110.682232][ T5848]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.682232][ T5848] 
[  110.737525][ T5738] 
[  110.737525][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.737525][ T5738] 
[  110.737984][ T5738] 
[  110.737984][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.737984][ T5738] 
[  111.031233][ T5849] loop0: detected capacity change from 0 to 32768
[  111.052350][ T5849] 
[  111.052350][ T5849]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  111.052350][ T5849] 
[  111.097865][ T5738] 
[  111.097865][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  111.097865][ T5738] 
[  111.098171][ T5738] 
[  111.098171][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  111.098171][ T5738] 
[  111.396426][ T5850] loop0: detected capacity change from 0 to 32768
[  111.412555][ T5850] 
[  111.412555][ T5850]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  111.412555][ T5850] 
[  111.472236][ T5738] 
[  111.472236][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  111.472236][ T5738] 
[  111.472815][ T5738] 
[  111.472815][ T5738]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  111.472815][ T5738] 
[  111.489494][ T1538] ==================================================================
[  111.489507][ T1538] BUG: KASAN: use-after-fre[  111.489507][ T1538] BUG: KASAN: use-after-free in copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.489545][ T1538] Read of size 4096 at addr ffff888031482000 by task kworker/u8:15/1538
[  111.489560][ T1538] 
[  111.489585][ T1538] CPU: 0 UID: 0 PID: 1538 Comm: kworker/u8:15 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  111.489605][ T1538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  111.489617][ T1538] Workqueue: loop0 loop_workfn
[  111.489650][ T1538] Call Trace:
[  111.489658][ T1538]  <TASK>
[  111.489665][ T1538]  dump_stack_lvl+0xe8/0x150
[  111.489687][ T1538]  print_address_description+0x55/0x1e0
[  111.489707][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.489725][ T1538]  print_report+0x58/0x70
[  111.489743][ T1538]  kasan_report+0x117/0x150
[  111.489765][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.489786][ T1538]  kasan_check_range+0x264/0x2c0
[  111.489805][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.489821][ T1538]  __asan_memcpy+0x29/0x70
[  111.489847][ T1538]  copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.489874][ T1538]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  111.489893][ T1538]  ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[  111.489920][ T1538]  ? shmem_write_begin+0x1ce/0x320
[  111.489943][ T1538]  generic_perform_write+0x5b1/0x8b0
[  111.489970][ T1538]  ? __pfx_generic_perform_write+0x10/0x10
[  111.489995][ T1538]  ? file_update_time_flags+0x3b9/0x4b0
[  111.490017][ T1538]  shmem_file_write_iter+0xfb/0x120
[  111.490043][ T1538]  lo_rw_aio+0xc80/0xf00
[  111.490072][ T1538]  ? __pfx_lo_rw_aio+0x10/0x10
[  111.490098][ T1538]  ? kthread_associate_blkcg+0x490/0x600
[  111.490130][ T1538]  ? rt_spin_unlock+0x160/0x200
[  111.490157][ T1538]  loop_process_work+0x637/0x11b0
[  111.490188][ T1538]  ? __pfx_loop_process_work+0x10/0x10
[  111.490211][ T1538]  ? __lock_acquire+0x6b5/0x2cf0
[  111.490234][ T1538]  ? look_up_lock_class+0x57/0x110
[  111.490254][ T1538]  ? register_lock_class+0x31/0x2e0
[  111.490279][ T1538]  ? __lock_acquire+0x6b5/0x2cf0
[  111.490304][ T1538]  ? trace_hrtimer_start+0x82/0x200
[  111.490325][ T1538]  ? do_raw_spin_lock+0x12b/0x2f0
[  111.490343][ T1538]  ? lock_acquire+0x106/0x350
[  111.490365][ T1538]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  111.490385][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.490404][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.490426][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.490444][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.490462][ T1538]  process_scheduled_works+0xb5d/0x1860
[  111.490493][ T1538]  ? __pfx_process_scheduled_works+0x10/0x10
[  111.490514][ T1538]  ? assign_work+0x3d5/0x5e0
[  111.490534][ T1538]  worker_thread+0xa53/0xfc0
[  111.490564][ T1538]  kthread+0x388/0x470
[  111.490586][ T1538]  ? __pfx_worker_thread+0x10/0x10
[  111.490603][ T1538]  ? __pfx_kthread+0x10/0x10
[  111.490627][ T1538]  ret_from_fork+0x514/0xb70
[  111.490648][ T1538]  ? __pfx_ret_from_fork+0x10/0x10
[  111.490667][ T1538]  ? __switch_to+0xc79/0x1410
[  111.490694][ T1538]  ? __pfx_kthread+0x10/0x10
[  111.490717][ T1538]  ret_from_fork_asm+0x1a/0x30
[  111.490746][ T1538]  </TASK>
[  111.490752][ T1538] 
[  111.490757][ T1538] The buggy address belongs to the physical page:
[  111.490771][ T1538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x31482
[  111.490789][ T1538] flags: 0x80000000000000(node=0|zone=1)
[  111.490814][ T1538] raw: 0080000000000000 ffffea00015adf48 ffffea00015ad3c8 0000000000000000
[  111.490829][ T1538] raw: ffff888000000000 0000000000000000 00000000ffffffff 0000000000000000
[  111.490838][ T1538] page dumped because: kasan: bad access detected
[  111.490850][ T1538] page_owner tracks the page as freed
[  111.490855][ T1538] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xdc0(GFP_KERNEL|__GFP_ZERO), pid 5850, tgid 5850 (syz.0.39), ts 111411019296, free_ts 111488115681
[  111.490882][ T1538]  post_alloc_hook+0x231/0x280
[  111.490901][ T1538]  get_page_from_freelist+0x27c8/0x2840
[  111.490922][ T1538]  __alloc_frozen_pages_noprof+0x18d/0x380
[  111.490944][ T1538]  alloc_pages_mpol+0xd1/0x380
[  111.490962][ T1538]  alloc_pages_noprof+0xd2/0x2f0
[  111.490981][ T1538]  lmLogInit+0x357/0x1a00
[  111.491001][ T1538]  lmLogOpen+0x4e1/0xfa0
[  111.491020][ T1538]  jfs_mount_rw+0xee/0x670
[  111.491039][ T1538]  jfs_fill_super+0x754/0xd80
[  111.491053][ T1538]  get_tree_bdev_flags+0x431/0x4f0
[  111.491070][ T1538]  vfs_get_tree+0x92/0x2a0
[  111.491088][ T1538]  do_new_mount+0x341/0xd30
[  111.491112][ T1538]  __se_sys_mount+0x31d/0x420
[  111.491140][ T1538]  do_syscall_64+0x15f/0xf80
[  111.491157][ T1538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.491173][ T1538] page last free pid 5738 tgid 5738 stack trace:
[  111.491183][ T1538]  __free_frozen_pages+0xfa6/0x10f0
[  111.491200][ T1538]  lmLogShutdown+0x44e/0x850
[  111.491221][ T1538]  lmLogClose+0x28a/0x520
[  111.491241][ T1538]  jfs_umount+0x2fb/0x3d0
[  111.491259][ T1538]  jfs_put_super+0x8c/0x190
[  111.491271][ T1538]  generic_shutdown_super+0x13d/0x2d0
[  111.491286][ T1538]  kill_block_super+0x44/0x90
[  111.491304][ T1538]  deactivate_locked_super+0xbc/0x130
[  111.491318][ T1538]  cleanup_mnt+0x437/0x4d0
[  111.491335][ T1538]  task_work_run+0x1d9/0x270
[  111.491357][ T1538]  exit_to_user_mode_loop+0xed/0x480
[  111.491378][ T1538]  do_syscall_64+0x33e/0xf80
[  111.491395][ T1538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.491415][ T1538] 
[  111.491419][ T1538] Memory state around the buggy address:
[  111.491428][ T1538]  ffff888031481f00: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb
[  111.491440][ T1538]  ffff888031481f80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  111.491451][ T1538] >ffff888031482000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  111.491460][ T1538]                    ^
[  111.491469][ T1538]  ffff888031482080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  111.491481][ T1538]  ffff888031482100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  111.491489][ T1538] ==================================================================
[  111.510605][ T1538] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  111.510625][ T1538] CPU: 0 UID: 0 PID: 1538 Comm: kworker/u8:15 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  111.510649][ T1538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  111.510661][ T1538] Workqueue: loop0 loop_workfn
[  111.510690][ T1538] Call Trace:
[  111.510697][ T1538]  <TASK>
[  111.510704][ T1538]  vpanic+0x56c/0xa60
[  111.510729][ T1538]  ? __pfx_vpanic+0x10/0x10
[  111.510755][ T1538]  panic+0xc5/0xd0
[  111.510776][ T1538]  ? __pfx_panic+0x10/0x10
[  111.510797][ T1538]  ? preempt_schedule_thunk+0x16/0x30
[  111.510825][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.510844][ T1538]  ? preempt_schedule_thunk+0x16/0x30
[  111.510871][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.510888][ T1538]  check_panic_on_warn+0x89/0xb0
[  111.510913][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.510931][ T1538]  end_report+0x73/0x170
[  111.510952][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.510969][ T1538]  kasan_report+0x128/0x150
[  111.510990][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.511011][ T1538]  kasan_check_range+0x264/0x2c0
[  111.511031][ T1538]  ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.511050][ T1538]  __asan_memcpy+0x29/0x70
[  111.511076][ T1538]  copy_folio_from_iter_atomic+0xbb5/0x1ad0
[  111.511102][ T1538]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  111.511126][ T1538]  ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[  111.511150][ T1538]  ? shmem_write_begin+0x1ce/0x320
[  111.511172][ T1538]  generic_perform_write+0x5b1/0x8b0
[  111.511196][ T1538]  ? __pfx_generic_perform_write+0x10/0x10
[  111.511220][ T1538]  ? file_update_time_flags+0x3b9/0x4b0
[  111.511241][ T1538]  shmem_file_write_iter+0xfb/0x120
[  111.511267][ T1538]  lo_rw_aio+0xc80/0xf00
[  111.511296][ T1538]  ? __pfx_lo_rw_aio+0x10/0x10
[  111.511321][ T1538]  ? kthread_associate_blkcg+0x490/0x600
[  111.511347][ T1538]  ? rt_spin_unlock+0x160/0x200
[  111.511375][ T1538]  loop_process_work+0x637/0x11b0
[  111.511405][ T1538]  ? __pfx_loop_process_work+0x10/0x10
[  111.511428][ T1538]  ? __lock_acquire+0x6b5/0x2cf0
[  111.511451][ T1538]  ? look_up_lock_class+0x57/0x110
[  111.511471][ T1538]  ? register_lock_class+0x31/0x2e0
[  111.511495][ T1538]  ? __lock_acquire+0x6b5/0x2cf0
[  111.511520][ T1538]  ? trace_hrtimer_start+0x82/0x200
[  111.511541][ T1538]  ? do_raw_spin_lock+0x12b/0x2f0
[  111.511561][ T1538]  ? lock_acquire+0x106/0x350
[  111.511584][ T1538]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  111.511605][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.511625][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.511647][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.511665][ T1538]  ? process_scheduled_works+0xa70/0x1860
[  111.511684][ T1538]  process_scheduled_works+0xb5d/0x1860
[  111.511714][ T1538]  ? __pfx_process_scheduled_works+0x10/0x10
[  111.511736][ T1538]  ? assign_work+0x3d5/0x5e0
[  111.511755][ T1538]  worker_thread+0xa53/0xfc0
[  111.511786][ T1538]  kthread+0x388/0x470
[  111.511808][ T1538]  ? __pfx_worker_thread+0x10/0x10
[  111.511826][ T1538]  ? __pfx_kthread+0x10/0x10
[  111.511850][ T1538]  ret_from_fork+0x514/0xb70
[  111.511870][ T1538]  ? __pfx_ret_from_fork+0x10/0x10
[  111.511889][ T1538]  ? __switch_to+0xc79/0x1410
[  111.511915][ T1538]  ? __pfx_kthread+0x10/0x10
[  111.511939][ T1538]  ret_from_fork_asm+0x1a/0x30
[  111.511967][ T1538]  </TASK>
[  111.512328][ T1538] Kernel Offset: disabled