Warning: Permanently added '10.128.0.156' (ED25519) to the list of known hosts.
2026/04/20 10:47:34 parsed 1 programs
[ 81.621068][ T9] cfg80211: failed to load regulatory.db
[ 84.077269][ T5818] cgroup: Unknown subsys name 'net'
[ 84.321318][ T5818] cgroup: Unknown subsys name 'cpuset'
[ 84.373577][ T5818] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 86.061574][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 89.768555][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 89.778189][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 89.779025][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 89.780394][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 89.781080][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 90.378642][ T4521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.378668][ T4521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.447761][ T162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.447782][ T162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 94.214550][ T5890] chnl_net:caif_netlink_parms(): no params data found
[ 94.309263][ T5890] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.310646][ T5890] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.310779][ T5890] bridge_slave_0: entered allmulticast mode
[ 94.312273][ T5890] bridge_slave_0: entered promiscuous mode
[ 94.326639][ T5890] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.326763][ T5890] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.326945][ T5890] bridge_slave_1: entered allmulticast mode
[ 94.331353][ T5890] bridge_slave_1: entered promiscuous mode
[ 94.399512][ T5890] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 94.402801][ T5890] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 94.439167][ T5890] team0: Port device team_slave_0 added
[ 94.441189][ T5890] team0: Port device team_slave_1 added
[ 94.470143][ T5890] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 94.470154][ T5890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 94.470167][ T5890] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 94.472814][ T5890] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 94.472829][ T5890] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 94.472851][ T5890] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 94.539837][ T5890] hsr_slave_0: entered promiscuous mode
[ 94.541371][ T5890] hsr_slave_1: entered promiscuous mode
[ 94.971745][ T5890] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 95.011219][ T5890] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 95.011912][ T5890] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 95.048228][ T5890] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 95.048917][ T5890] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 95.091601][ T5890] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 95.163280][ T5890] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 95.187419][ T5890] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 95.370794][ T5890] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.531642][ T5890] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.554884][ T2792] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.555193][ T2792] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.561014][ T2792] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.561086][ T2792] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.821118][ T5890] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 95.886717][ T5890] veth0_vlan: entered promiscuous mode
[ 95.892237][ T5890] veth1_vlan: entered promiscuous mode
[ 95.946033][ T5890] veth0_macvtap: entered promiscuous mode
[ 95.949700][ T5890] veth1_macvtap: entered promiscuous mode
[ 95.979731][ T5890] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.000072][ T5890] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.021652][ T4521] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.038503][ T2792] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.042321][ T2792] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.058847][ T2792] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.678080][ T4521] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.947205][ T4521] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.355136][ T4521] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/04/20 10:47:51 executed programs: 0
[ 98.695486][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 98.728912][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 98.729684][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 98.730651][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 98.731307][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 98.949740][ T5928] chnl_net:caif_netlink_parms(): no params data found
[ 99.033924][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.034047][ T5928] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.034329][ T5928] bridge_slave_0: entered allmulticast mode
[ 99.035687][ T5928] bridge_slave_0: entered promiscuous mode
[ 99.043290][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.043449][ T5928] bridge0: port 2(bridge_slave_1) entered disabled state
[ 99.043633][ T5928] bridge_slave_1: entered allmulticast mode
[ 99.046013][ T5928] bridge_slave_1: entered promiscuous mode
[ 99.091164][ T5928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.095045][ T5928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.129684][ T5928] team0: Port device team_slave_0 added
[ 99.135400][ T5928] team0: Port device team_slave_1 added
[ 99.164482][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.164498][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 99.164510][ T5928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.167947][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.167961][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 99.167983][ T5928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 99.235860][ T5928] hsr_slave_0: entered promiscuous mode
[ 99.237110][ T5928] hsr_slave_1: entered promiscuous mode
[ 99.239276][ T5928] debugfs: 'hsr0' already exists in 'hsr'
[ 99.239957][ T5928] Cannot create hsr debugfs directory
[ 99.811982][ T4521] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.533418][ T4521] bridge_slave_1: left allmulticast mode
[ 100.533593][ T4521] bridge_slave_1: left promiscuous mode
[ 100.537478][ T4521] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.604209][ T4521] bridge_slave_0: left allmulticast mode
[ 100.604229][ T4521] bridge_slave_0: left promiscuous mode
[ 100.604389][ T4521] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.866397][ T5133] Bluetooth: hci0: command tx timeout
[ 101.304666][ T4521] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 101.363776][ T4521] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 101.385065][ T4521] bond0 (unregistering): Released all slaves
[ 101.425837][ T5478] 8021q: adding VLAN 0 to HW filter on device eth1
[ 101.877928][ T4521] hsr_slave_0: left promiscuous mode
[ 101.913272][ T4521] hsr_slave_1: left promiscuous mode
[ 101.916941][ T4521] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 101.917019][ T4521] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 101.956923][ T4521] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 101.956951][ T4521] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 102.034533][ T4521] veth1_macvtap: left promiscuous mode
[ 102.035743][ T4521] veth0_macvtap: left promiscuous mode
[ 102.035918][ T4521] veth1_vlan: left promiscuous mode
[ 102.036092][ T4521] veth0_vlan: left promiscuous mode
[ 102.715587][ T4521] team0 (unregistering): Port device team_slave_1 removed
[ 102.773964][ T4521] team0 (unregistering): Port device team_slave_0 removed
[ 102.943193][ T5133] Bluetooth: hci0: command tx timeout
[ 103.562909][ T5928] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 103.599781][ T5928] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 103.600639][ T5928] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 103.646902][ T5928] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 103.647783][ T5928] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 103.712141][ T5928] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 103.720455][ T5928] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 103.775659][ T5928] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 104.097114][ T5928] 8021q: adding VLAN 0 to HW filter on device bond0
[ 104.148486][ T5928] 8021q: adding VLAN 0 to HW filter on device team0
[ 104.164970][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.167509][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 104.187373][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.187567][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 104.512136][ T5928] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 104.822171][ T5928] veth0_vlan: entered promiscuous mode
[ 104.876277][ T5928] veth1_vlan: entered promiscuous mode
[ 104.920078][ T5928] veth0_macvtap: entered promiscuous mode
[ 104.924040][ T5928] veth1_macvtap: entered promiscuous mode
[ 104.939583][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.966710][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 104.990766][ T327] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.007417][ T327] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.009408][ T327] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.012261][ T327] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 105.024766][ T5133] Bluetooth: hci0: command tx timeout
[ 105.491844][ T162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.491864][ T162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.666329][ T2792] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 105.666350][ T2792] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/20 10:47:58 executed programs: 2
[ 106.069765][ T6003] loop0: detected capacity change from 0 to 32768
[ 106.749909][ T6004] loop0: detected capacity change from 0 to 32768
[ 107.105773][ T5133] Bluetooth: hci0: command tx timeout
[ 107.224278][ T6005] loop0: detected capacity change from 0 to 32768
[ 107.600460][ T6006] loop0: detected capacity change from 0 to 32768
[ 108.018806][ T6007] loop0: detected capacity change from 0 to 32768
[ 108.401897][ T6008] loop0: detected capacity change from 0 to 32768
[ 108.797468][ T6009] loop0: detected capacity change from 0 to 32768
[ 109.223984][ T6010] loop0: detected capacity change from 0 to 32768
[ 109.574046][ T6011] loop0: detected capacity change from 0 to 32768
[ 109.946977][ T6012] loop0: detected capacity change from 0 to 32768
2026/04/20 10:48:04 executed programs: 15
[ 111.356966][ T6016] set_capacity_and_notify: 3 callbacks suppressed
[ 111.356978][ T6016] loop0: detected capacity change from 0 to 32768
[ 111.723506][ T6017] loop0: detected capacity change from 0 to 32768
[ 112.070456][ T6018] loop0: detected capacity change from 0 to 32768
[ 112.462643][ T6019] loop0: detected capacity change from 0 to 32768
[ 112.832559][ T6021] loop0: detected capacity change from 0 to 32768
[ 113.186205][ T6022] loop0: detected capacity change from 0 to 32768
[ 113.531095][ T6023] loop0: detected capacity change from 0 to 32768
[ 113.897859][ T6024] loop0: detected capacity change from 0 to 32768
[ 114.310149][ T6025] loop0: detected capacity change from 0 to 32768
[ 114.780317][ T6027] loop0: detected capacity change from 0 to 32768
[ 116.377273][ T6035] set_capacity_and_notify: 3 callbacks suppressed
[ 116.377286][ T6035] loop0: detected capacity change from 0 to 32768
2026/04/20 10:48:09 executed programs: 29
[ 116.740132][ T6036] loop0: detected capacity change from 0 to 32768
[ 117.112184][ T6037] loop0: detected capacity change from 0 to 32768
[ 117.468309][ T6038] loop0: detected capacity change from 0 to 32768
[ 117.801476][ T6039] loop0: detected capacity change from 0 to 32768
[ 118.195825][ T6040] loop0: detected capacity change from 0 to 32768
[ 118.526749][ T6041] loop0: detected capacity change from 0 to 32768
[ 118.887348][ T6042] loop0: detected capacity change from 0 to 32768
[ 119.258691][ T6043] loop0: detected capacity change from 0 to 32768
[ 119.596076][ T6044] loop0: detected capacity change from 0 to 32768
[ 121.652887][ T6050] set_capacity_and_notify: 5 callbacks suppressed
[ 121.652899][ T6050] loop0: detected capacity change from 0 to 32768
2026/04/20 10:48:14 executed programs: 44
[ 122.035308][ T6051] loop0: detected capacity change from 0 to 32768
[ 122.377659][ T6052] loop0: detected capacity change from 0 to 32768
[ 122.740931][ T6053] loop0: detected capacity change from 0 to 32768
[ 123.115136][ T6054] loop0: detected capacity change from 0 to 32768
[ 123.496546][ T6055] loop0: detected capacity change from 0 to 32768
[ 123.891522][ T6056] loop0: detected capacity change from 0 to 32768
[ 124.278656][ T6057] loop0: detected capacity change from 0 to 32768
[ 124.661160][ T6058] loop0: detected capacity change from 0 to 32768
[ 125.006668][ T6059] loop0: detected capacity change from 0 to 32768
[ 126.729913][ T6064] set_capacity_and_notify: 4 callbacks suppressed
[ 126.729925][ T6064] loop0: detected capacity change from 0 to 32768
2026/04/20 10:48:19 executed programs: 58
[ 127.067153][ T6065] loop0: detected capacity change from 0 to 32768
[ 127.445116][ T6066] loop0: detected capacity change from 0 to 32768
[ 127.819674][ T6067] loop0: detected capacity change from 0 to 32768
[ 128.145719][ T6068] loop0: detected capacity change from 0 to 32768
[ 128.508678][ T6069] loop0: detected capacity change from 0 to 32768
[ 128.870010][ T6070] loop0: detected capacity change from 0 to 32768
[ 129.248970][ T6071] loop0: detected capacity change from 0 to 32768
[ 129.619806][ T6072] loop0: detected capacity change from 0 to 32768
[ 129.974375][ T6073] loop0: detected capacity change from 0 to 32768
[ 131.773567][ T6078] set_capacity_and_notify: 4 callbacks suppressed
[ 131.773580][ T6078] loop0: detected capacity change from 0 to 32768
2026/04/20 10:48:24 executed programs: 72
[ 132.127340][ T6079] loop0: detected capacity change from 0 to 32768
[ 132.510682][ T6080] loop0: detected capacity change from 0 to 32768
[ 132.788675][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.788763][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[ 132.892669][ T6081] loop0: detected capacity change from 0 to 32768
[ 133.244031][ T6082] loop0: detected capacity change from 0 to 32768
[ 133.571665][ T6083] loop0: detected capacity change from 0 to 32768
[ 133.947218][ T6084] loop0: detected capacity change from 0 to 32768
[ 133.991808][ T162] ==================================================================
[ 133.991824][ T162] BUG: KASA[ 133.991824][ T162] BUG: KASAN: use-after-free in copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 133.991868][ T162] Read of size 4096 at addr ffff88804e15a000 by task kworker/u8:6/162
[ 133.991884][ T162]
[ 133.991909][ T162] CPU: 0 UID: 0 PID: 162 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 133.991930][ T162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 133.991941][ T162] Workqueue: loop0 loop_workfn
[ 133.991981][ T162] Call Trace:
[ 133.991989][ T162]
[ 133.991997][ T162] dump_stack_lvl+0xe8/0x150
[ 133.992029][ T162] print_address_description+0x55/0x1e0
[ 133.992058][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 133.992079][ T162] print_report+0x58/0x70
[ 133.992104][ T162] kasan_report+0x117/0x150
[ 133.992128][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 133.992153][ T162] kasan_check_range+0x264/0x2c0
[ 133.992171][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 133.992195][ T162] __asan_memcpy+0x29/0x70
[ 133.992220][ T162] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 133.992253][ T162] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 133.992276][ T162] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[ 133.992300][ T162] ? shmem_write_begin+0x1ce/0x320
[ 133.992320][ T162] generic_perform_write+0x5b1/0x8b0
[ 133.992344][ T162] ? __pfx_generic_perform_write+0x10/0x10
[ 133.992366][ T162] ? file_update_time_flags+0x3b9/0x4b0
[ 133.992404][ T162] shmem_file_write_iter+0xfb/0x120
[ 133.992429][ T162] lo_rw_aio+0xc80/0xf00
[ 133.992462][ T162] ? __pfx_lo_rw_aio+0x10/0x10
[ 133.992492][ T162] ? kthread_associate_blkcg+0x490/0x600
[ 133.992514][ T162] ? rt_spin_unlock+0x160/0x200
[ 133.992537][ T162] loop_process_work+0x637/0x11b0
[ 133.992568][ T162] ? __pfx_loop_process_work+0x10/0x10
[ 133.992595][ T162] ? __lock_acquire+0x6b5/0x2cf0
[ 133.992615][ T162] ? look_up_lock_class+0x57/0x110
[ 133.992642][ T162] ? register_lock_class+0x31/0x2e0
[ 133.992663][ T162] ? __lock_acquire+0x6b5/0x2cf0
[ 133.992686][ T162] ? trace_hrtimer_start+0x82/0x200
[ 133.992715][ T162] ? do_raw_spin_lock+0x12b/0x2f0
[ 133.992733][ T162] ? lock_acquire+0x106/0x350
[ 133.992753][ T162] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 133.992772][ T162] ? process_scheduled_works+0xa70/0x1860
[ 133.992802][ T162] ? process_scheduled_works+0xa70/0x1860
[ 133.992831][ T162] ? process_scheduled_works+0xa70/0x1860
[ 133.992858][ T162] ? process_scheduled_works+0xa70/0x1860
[ 133.992886][ T162] process_scheduled_works+0xb5d/0x1860
[ 133.992926][ T162] ? __pfx_process_scheduled_works+0x10/0x10
[ 133.992957][ T162] ? assign_work+0x3d5/0x5e0
[ 133.992985][ T162] worker_thread+0xa53/0xfc0
[ 133.993008][ T162] kthread+0x388/0x470
[ 133.993026][ T162] ? __pfx_worker_thread+0x10/0x10
[ 133.993040][ T162] ? __pfx_kthread+0x10/0x10
[ 133.993059][ T162] ret_from_fork+0x514/0xb70
[ 133.993076][ T162] ? __pfx_ret_from_fork+0x10/0x10
[ 133.993091][ T162] ? __switch_to+0xc79/0x1410
[ 133.993115][ T162] ? __pfx_kthread+0x10/0x10
[ 133.993134][ T162] ret_from_fork_asm+0x1a/0x30
[ 133.993158][ T162]
[ 133.993164][ T162]
[ 133.993169][ T162] The buggy address belongs to the physical page:
[ 133.993190][ T162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xf8e pfn:0x4e15a
[ 133.993207][ T162] flags: 0x80000000000000(node=0|zone=1)
[ 133.993233][ T162] raw: 0080000000000000 ffffea0000a2e448 ffffea0000dd5888 0000000000000000
[ 133.993249][ T162] raw: 0000000000000f8e 0000000000000000 00000000ffffffff 0000000000000000
[ 133.993259][ T162] page dumped because: kasan: bad access detected
[ 133.993278][ T162] page_owner tracks the page as freed
[ 133.993284][ T162] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xdc0(GFP_KERNEL|__GFP_ZERO), pid 6084, tgid 6084 (syz.0.92), ts 133951473283, free_ts 133989363522
[ 133.993313][ T162] post_alloc_hook+0x231/0x280
[ 133.993341][ T162] get_page_from_freelist+0x27c8/0x2840
[ 133.993360][ T162] __alloc_frozen_pages_noprof+0x18d/0x380
[ 133.993379][ T162] alloc_pages_mpol+0xd1/0x380
[ 133.993403][ T162] alloc_pages_noprof+0xd2/0x2f0
[ 133.993419][ T162] lmLogInit+0x357/0x1a00
[ 133.993435][ T162] lmLogOpen+0x4e1/0xfa0
[ 133.993448][ T162] jfs_mount_rw+0xee/0x670
[ 133.993474][ T162] jfs_fill_super+0x754/0xd80
[ 133.993494][ T162] get_tree_bdev_flags+0x431/0x4f0
[ 133.993509][ T162] vfs_get_tree+0x92/0x2a0
[ 133.993523][ T162] do_new_mount+0x341/0xd30
[ 133.993544][ T162] __se_sys_mount+0x31d/0x420
[ 133.993565][ T162] do_syscall_64+0x15f/0xf80
[ 133.993589][ T162] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 133.993606][ T162] page last free pid 5928 tgid 5928 stack trace:
[ 133.993616][ T162] __free_frozen_pages+0xfa6/0x10f0
[ 133.993631][ T162] lmLogShutdown+0x44e/0x850
[ 133.993646][ T162] lmLogClose+0x28a/0x520
[ 133.993661][ T162] jfs_umount+0x2fb/0x3d0
[ 133.993687][ T162] jfs_put_super+0x8c/0x190
[ 133.993707][ T162] generic_shutdown_super+0x13d/0x2d0
[ 133.993732][ T162] kill_block_super+0x44/0x90
[ 133.993747][ T162] deactivate_locked_super+0xbc/0x130
[ 133.993771][ T162] cleanup_mnt+0x437/0x4d0
[ 133.993797][ T162] task_work_run+0x1d9/0x270
[ 133.993818][ T162] exit_to_user_mode_loop+0xed/0x480
[ 133.993837][ T162] do_syscall_64+0x33e/0xf80
[ 133.993861][ T162] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 133.993877][ T162]
[ 133.993882][ T162] Memory state around the buggy address:
[ 133.993891][ T162] ffff88804e159f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 133.993904][ T162] ffff88804e159f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 133.993923][ T162] >ffff88804e15a000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 133.993932][ T162] ^
[ 133.993942][ T162] ffff88804e15a080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 133.993954][ T162] ffff88804e15a100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 133.993963][ T162] ==================================================================
[ 134.002962][ T162] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 134.002985][ T162] CPU: 0 UID: 0 PID: 162 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 134.003004][ T162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 134.003015][ T162] Workqueue: loop0 loop_workfn
[ 134.003046][ T162] Call Trace:
[ 134.003053][ T162]
[ 134.003060][ T162] vpanic+0x56c/0xa60
[ 134.003080][ T162] ? __pfx_vpanic+0x10/0x10
[ 134.003100][ T162] panic+0xc5/0xd0
[ 134.003115][ T162] ? __pfx_panic+0x10/0x10
[ 134.003131][ T162] ? preempt_schedule_thunk+0x16/0x30
[ 134.003156][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 134.003179][ T162] ? preempt_schedule_thunk+0x16/0x30
[ 134.003203][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 134.003225][ T162] check_panic_on_warn+0x89/0xb0
[ 134.003249][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 134.003269][ T162] end_report+0x73/0x170
[ 134.003286][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 134.003307][ T162] kasan_report+0x128/0x150
[ 134.003325][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 134.003350][ T162] kasan_check_range+0x264/0x2c0
[ 134.003367][ T162] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 134.003396][ T162] __asan_memcpy+0x29/0x70
[ 134.003420][ T162] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 134.003452][ T162] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 134.003474][ T162] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[ 134.003500][ T162] ? shmem_write_begin+0x1ce/0x320
[ 134.003520][ T162] generic_perform_write+0x5b1/0x8b0
[ 134.003544][ T162] ? __pfx_generic_perform_write+0x10/0x10
[ 134.003565][ T162] ? file_update_time_flags+0x3b9/0x4b0
[ 134.003595][ T162] shmem_file_write_iter+0xfb/0x120
[ 134.003618][ T162] lo_rw_aio+0xc80/0xf00
[ 134.003651][ T162] ? __pfx_lo_rw_aio+0x10/0x10
[ 134.003681][ T162] ? kthread_associate_blkcg+0x490/0x600
[ 134.003703][ T162] ? rt_spin_unlock+0x160/0x200
[ 134.003725][ T162] loop_process_work+0x637/0x11b0
[ 134.003760][ T162] ? __pfx_loop_process_work+0x10/0x10
[ 134.003786][ T162] ? __lock_acquire+0x6b5/0x2cf0
[ 134.003806][ T162] ? look_up_lock_class+0x57/0x110
[ 134.003832][ T162] ? register_lock_class+0x31/0x2e0
[ 134.003854][ T162] ? __lock_acquire+0x6b5/0x2cf0
[ 134.003877][ T162] ? trace_hrtimer_start+0x82/0x200
[ 134.003905][ T162] ? do_raw_spin_lock+0x12b/0x2f0
[ 134.003921][ T162] ? lock_acquire+0x106/0x350
[ 134.003942][ T162] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 134.003960][ T162] ? process_scheduled_works+0xa70/0x1860
[ 134.003987][ T162] ? process_scheduled_works+0xa70/0x1860
[ 134.004017][ T162] ? process_scheduled_works+0xa70/0x1860
[ 134.004043][ T162] ? process_scheduled_works+0xa70/0x1860
[ 134.004070][ T162] process_scheduled_works+0xb5d/0x1860
[ 134.004109][ T162] ? __pfx_process_scheduled_works+0x10/0x10
[ 134.004138][ T162] ? assign_work+0x3d5/0x5e0
[ 134.004166][ T162] worker_thread+0xa53/0xfc0
[ 134.004193][ T162] kthread+0x388/0x470
[ 134.004213][ T162] ? __pfx_worker_thread+0x10/0x10
[ 134.004228][ T162] ? __pfx_kthread+0x10/0x10
[ 134.004248][ T162] ret_from_fork+0x514/0xb70
[ 134.004267][ T162] ? __pfx_ret_from_fork+0x10/0x10
[ 134.004283][ T162] ? __switch_to+0xc79/0x1410
[ 134.004308][ T162] ? __pfx_kthread+0x10/0x10
[ 134.004329][ T162] ret_from_fork_asm+0x1a/0x30
[ 134.004355][ T162]
[ 134.004721][ T162] Kernel Offset: disabled