Warning: Permanently added '10.128.0.64' (ED25519) to the list of known hosts.
2025/12/14 16:12:06 parsed 1 programs
[   91.174080][  T919] cfg80211: failed to load regulatory.db
[   91.652068][ T5827] cgroup: Unknown subsys name 'net'
[   91.866929][ T5827] cgroup: Unknown subsys name 'cpuset'
[   91.877360][ T5827] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   93.450592][ T5827] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.305359][ T5840] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   98.131071][ T5878] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   98.139801][ T5878] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   98.148918][ T5878] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   98.157241][ T5878] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   98.165799][ T5878] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   99.468583][ T5899] chnl_net:caif_netlink_parms(): no params data found
[   99.570755][ T5899] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.578046][ T5899] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.585538][ T5899] bridge_slave_0: entered allmulticast mode
[   99.593310][ T5899] bridge_slave_0: entered promiscuous mode
[   99.603322][ T5899] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.611043][ T5899] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.618292][ T5899] bridge_slave_1: entered allmulticast mode
[   99.625851][ T5899] bridge_slave_1: entered promiscuous mode
[   99.663513][ T5899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.675733][ T5899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.713608][ T5899] team0: Port device team_slave_0 added
[   99.721782][ T5899] team0: Port device team_slave_1 added
[   99.755315][ T5899] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.762358][ T5899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.789045][ T5899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.802112][ T5899] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.809067][ T5899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.835159][ T5899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.887906][ T5899] hsr_slave_0: entered promiscuous mode
[   99.895057][ T5899] hsr_slave_1: entered promiscuous mode
[  100.062260][ T5899] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  100.075699][ T5899] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  100.086781][ T5899] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  100.097790][ T5899] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  100.130940][ T5899] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.138223][ T5899] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.146368][ T5899] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.153597][ T5899] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.219340][ T5899] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.238381][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.247418][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.264244][ T5899] 8021q: adding VLAN 0 to HW filter on device team0
[  100.280336][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.287533][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.301555][ T2200] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.308720][ T2200] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.517632][ T5899] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.568230][ T5899] veth0_vlan: entered promiscuous mode
[  100.581532][ T5899] veth1_vlan: entered promiscuous mode
[  100.609332][ T5899] veth0_macvtap: entered promiscuous mode
[  100.625948][ T5899] veth1_macvtap: entered promiscuous mode
[  100.645517][ T5899] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.660286][ T5899] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.678746][   T60] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.691827][   T60] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.710515][   T60] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.720854][   T60] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.854918][ T1102] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.947001][ T1102] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.994848][ T2200] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.006017][ T2200] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.033304][ T1102] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.064290][ T4851] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.073463][ T4851] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.114781][ T1102] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/12/14 16:12:20 executed programs: 0
[  101.963583][ T5878] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.971855][ T5878] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.981300][ T5878] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.989475][ T5878] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.998827][ T5878] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  102.198851][ T5935] chnl_net:caif_netlink_parms(): no params data found
[  102.302956][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.310178][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.317548][ T5935] bridge_slave_0: entered allmulticast mode
[  102.325461][ T5935] bridge_slave_0: entered promiscuous mode
[  102.334054][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.341184][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.348831][ T5935] bridge_slave_1: entered allmulticast mode
[  102.357673][ T5935] bridge_slave_1: entered promiscuous mode
[  102.400311][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.413196][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.456416][ T5935] team0: Port device team_slave_0 added
[  102.465131][ T5935] team0: Port device team_slave_1 added
[  102.500745][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.507855][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.534188][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.547840][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.556498][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.583307][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.639669][ T5935] hsr_slave_0: entered promiscuous mode
[  102.647093][ T5935] hsr_slave_1: entered promiscuous mode
[  102.653637][ T5935] debugfs: 'hsr0' already exists in 'hsr'
[  102.659419][ T5935] Cannot create hsr debugfs directory
[  104.052962][   T52] Bluetooth: hci0: command tx timeout
[  104.143445][ T1102] bridge_slave_1: left allmulticast mode
[  104.149180][ T1102] bridge_slave_1: left promiscuous mode
[  104.155827][ T1102] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.169353][ T1102] bridge_slave_0: left allmulticast mode
[  104.176083][ T1102] bridge_slave_0: left promiscuous mode
[  104.182235][ T1102] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.476110][ T1102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.492529][ T1102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.503192][ T1102] bond0 (unregistering): Released all slaves
[  104.632456][ T1102] hsr_slave_0: left promiscuous mode
[  104.638779][ T1102] hsr_slave_1: left promiscuous mode
[  104.646485][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.655803][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.664433][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.671834][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.693535][ T1102] veth1_macvtap: left promiscuous mode
[  104.699294][ T1102] veth0_macvtap: left promiscuous mode
[  104.705364][ T1102] veth1_vlan: left promiscuous mode
[  104.710803][ T1102] veth0_vlan: left promiscuous mode
[  105.039312][ T1102] team0 (unregistering): Port device team_slave_1 removed
[  105.070826][ T1102] team0 (unregistering): Port device team_slave_0 removed
[  105.555455][ T5935] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.574979][ T5935] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  105.597622][ T5935] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.620445][ T5935] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  105.993310][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.016398][ T5935] 8021q: adding VLAN 0 to HW filter on device team0
[  106.034916][ T2200] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.042096][ T2200] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.066243][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.073426][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.122345][   T52] Bluetooth: hci0: command tx timeout
[  106.356127][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.400735][ T5935] veth0_vlan: entered promiscuous mode
[  106.413676][ T5935] veth1_vlan: entered promiscuous mode
[  106.445701][ T5935] veth0_macvtap: entered promiscuous mode
[  106.456188][ T5935] veth1_macvtap: entered promiscuous mode
[  106.482642][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.497277][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.512945][ T2200] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.523575][ T2200] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.536009][ T2200] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.547520][ T2200] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.634281][ T2200] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.642306][ T2200] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.685067][ T3524] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.693969][ T3524] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.069719][ T5982] loop0: detected capacity change from 0 to 32768
[  107.105347][ T5982] 
[  107.105347][ T5982]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.105347][ T5982] 
2025/12/14 16:12:25 executed programs: 3
[  107.133558][ T4851] 
[  107.133558][ T4851]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.133558][ T4851] 
[  107.145898][ T4851] 
[  107.145898][ T4851]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.145898][ T4851] 
[  107.160396][ T5935] 
[  107.160396][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.160396][ T5935] 
[  107.175895][  T112] 
[  107.175895][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.175895][  T112] 
[  107.192127][ T5935] 
[  107.192127][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.192127][ T5935] 
[  107.497924][ T5983] loop0: detected capacity change from 0 to 32768
[  107.524028][ T5983] 
[  107.524028][ T5983]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.524028][ T5983] 
[  107.545986][ T1102] 
[  107.545986][ T1102]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.545986][ T1102] 
[  107.557575][ T1102] 
[  107.557575][ T1102]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.557575][ T1102] 
[  107.569866][  T112] 
[  107.569866][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.569866][  T112] 
[  107.582833][ T5935] 
[  107.582833][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.582833][ T5935] 
[  107.595143][ T5935] 
[  107.595143][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.595143][ T5935] 
[  107.908418][ T5984] loop0: detected capacity change from 0 to 32768
[  107.936341][ T5984] 
[  107.936341][ T5984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.936341][ T5984] 
[  107.959778][ T4851] 
[  107.959778][ T4851]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.959778][ T4851] 
[  107.972902][ T4851] 
[  107.972902][ T4851]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.972902][ T4851] 
[  107.986307][ T5935] 
[  107.986307][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.986307][ T5935] 
[  107.997806][  T111] 
[  107.997806][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.997806][  T111] 
[  108.016569][ T5935] 
[  108.016569][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.016569][ T5935] 
[  108.202554][   T52] Bluetooth: hci0: command tx timeout
[  108.334050][ T5985] loop0: detected capacity change from 0 to 32768
[  108.354460][ T5985] 
[  108.354460][ T5985]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.354460][ T5985] 
[  108.377844][ T2200] 
[  108.377844][ T2200]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.377844][ T2200] 
[  108.389781][ T2200] 
[  108.389781][ T2200]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.389781][ T2200] 
[  108.402156][  T111] 
[  108.402156][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.402156][  T111] 
[  108.433013][ T5935] 
[  108.433013][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.433013][ T5935] 
[  108.453333][ T5935] 
[  108.453333][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.453333][ T5935] 
[  108.757671][ T5986] loop0: detected capacity change from 0 to 32768
[  108.776284][ T5986] 
[  108.776284][ T5986]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.776284][ T5986] 
[  108.806381][ T2200] 
[  108.806381][ T2200]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.806381][ T2200] 
[  108.817666][ T2200] 
[  108.817666][ T2200]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.817666][ T2200] 
[  108.829800][ T5935] 
[  108.829800][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.829800][ T5935] 
[  108.841700][ T5935] 
[  108.841700][ T5935]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.841700][ T5935] 
[  108.863772][  T112] ==================================================================
[  108.871878][  T112] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0xa7/0xf0
[  108.880066][  T112] Read of size 1 at addr ffff888026be68d8 by task jfsCommit/112
[  108.887695][  T112] 
[  108.890014][  T112] CPU: 1 UID: 0 PID: 112 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  108.890038][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.890050][  T112] Call Trace:
[  108.890061][  T112]  <TASK>
[  108.890070][  T112]  dump_stack_lvl+0x189/0x250
[  108.890099][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.890124][  T112]  ? __kasan_check_byte+0x12/0x40
[  108.890150][  T112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.890173][  T112]  ? rcu_is_watching+0x15/0xb0
[  108.890199][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.890222][  T112]  ? lock_release+0x4b/0x3b0
[  108.890245][  T112]  ? __virt_addr_valid+0x1c8/0x5c0
[  108.890274][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.890297][  T112]  ? __virt_addr_valid+0x4a5/0x5c0
[  108.890327][  T112]  print_report+0xca/0x240
[  108.890349][  T112]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  108.890381][  T112]  kasan_report+0x118/0x150
[  108.890407][  T112]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  108.890442][  T112]  ? __mutex_lock+0x3d1/0x1350
[  108.890462][  T112]  __kasan_check_byte+0x2a/0x40
[  108.890491][  T112]  lock_acquire+0x84/0x340
[  108.890511][  T112]  ? __pfx___schedule+0x10/0x10
[  108.890547][  T112]  _raw_spin_lock_irqsave+0xa7/0xf0
[  108.890579][  T112]  ? __mutex_lock+0x3d1/0x1350
[  108.890600][  T112]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  108.890634][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.890657][  T112]  ? schedule+0x16f/0x360
[  108.890674][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.890698][  T112]  ? __mutex_lock+0x37a/0x1350
[  108.890719][  T112]  __mutex_lock+0x3d1/0x1350
[  108.890741][  T112]  ? do_raw_spin_lock+0x121/0x290
[  108.890775][  T112]  ? jfs_syncpt+0x25/0x90
[  108.890796][  T112]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  108.890828][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.890853][  T112]  ? __pfx___mutex_lock+0x10/0x10
[  108.890874][  T112]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  108.890906][  T112]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  108.890943][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.890970][  T112]  jfs_syncpt+0x25/0x90
[  108.890993][  T112]  txEnd+0x2e5/0x530
[  108.891019][  T112]  jfs_lazycommit+0x5ba/0xa90
[  108.891049][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  108.891076][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  108.891097][  T112]  ? __kthread_parkme+0x7b/0x200
[  108.891120][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.891144][  T112]  ? __kthread_parkme+0x1a1/0x200
[  108.891170][  T112]  kthread+0x711/0x8a0
[  108.891198][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  108.891225][  T112]  ? __pfx_kthread+0x10/0x10
[  108.891250][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.891275][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.891306][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  108.891329][  T112]  ? lockdep_hardirqs_on+0x98/0x140
[  108.891349][  T112]  ? __pfx_kthread+0x10/0x10
[  108.891376][  T112]  ret_from_fork+0x599/0xb30
[  108.891397][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  108.891421][  T112]  ? __switch_to_asm+0x39/0x70
[  108.891448][  T112]  ? __switch_to_asm+0x33/0x70
[  108.891480][  T112]  ? __pfx_kthread+0x10/0x10
[  108.891507][  T112]  ret_from_fork_asm+0x1a/0x30
[  108.891544][  T112]  </TASK>
[  108.891551][  T112] 
[  109.203062][  T112] Allocated by task 5986:
[  109.207373][  T112]  kasan_save_track+0x3e/0x80
[  109.212042][  T112]  __kasan_kmalloc+0x93/0xb0
[  109.216626][  T112]  __kmalloc_cache_noprof+0x3e2/0x700
[  109.221993][  T112]  lmLogOpen+0x2d1/0xfa0
[  109.226241][  T112]  jfs_mount_rw+0xe9/0x670
[  109.230649][  T112]  jfs_fill_super+0x754/0xd80
[  109.235324][  T112]  get_tree_bdev_flags+0x40e/0x4d0
[  109.240423][  T112]  vfs_get_tree+0x92/0x2a0
[  109.244824][  T112]  do_new_mount+0x302/0xa10
[  109.249321][  T112]  __se_sys_mount+0x313/0x410
[  109.253990][  T112]  do_syscall_64+0xfa/0xf80
[  109.258486][  T112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.264455][  T112] 
[  109.266764][  T112] Freed by task 5935:
[  109.270758][  T112]  kasan_save_track+0x3e/0x80
[  109.275426][  T112]  kasan_save_free_info+0x46/0x50
[  109.280451][  T112]  __kasan_slab_free+0x5c/0x80
[  109.285206][  T112]  kfree+0x1c0/0x660
[  109.289099][  T112]  lmLogClose+0x297/0x520
[  109.293416][  T112]  jfs_umount+0x2ef/0x3c0
[  109.297733][  T112]  jfs_put_super+0x8c/0x190
[  109.302231][  T112]  generic_shutdown_super+0x135/0x2c0
[  109.307596][  T112]  kill_block_super+0x44/0x90
[  109.312257][  T112]  deactivate_locked_super+0xbc/0x130
[  109.317625][  T112]  cleanup_mnt+0x425/0x4c0
[  109.322036][  T112]  task_work_run+0x1d4/0x260
[  109.326632][  T112]  exit_to_user_mode_loop+0xff/0x4f0
[  109.331914][  T112]  do_syscall_64+0x2d0/0xf80
[  109.336496][  T112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.342374][  T112] 
[  109.344679][  T112] The buggy address belongs to the object at ffff888026be6800
[  109.344679][  T112]  which belongs to the cache kmalloc-1k of size 1024
[  109.358718][  T112] The buggy address is located 216 bytes inside of
[  109.358718][  T112]  freed 1024-byte region [ffff888026be6800, ffff888026be6c00)
[  109.372595][  T112] 
[  109.374908][  T112] The buggy address belongs to the physical page:
[  109.381301][  T112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26be0
[  109.390046][  T112] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  109.398532][  T112] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  109.406501][  T112] page_type: f5(slab)
[  109.410477][  T112] raw: 00fff00000000040 ffff88813ffa6dc0 0000000000000000 dead000000000001
[  109.419052][  T112] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  109.427635][  T112] head: 00fff00000000040 ffff88813ffa6dc0 0000000000000000 dead000000000001
[  109.436304][  T112] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  109.444967][  T112] head: 00fff00000000003 ffffea00009af801 00000000ffffffff 00000000ffffffff
[  109.453626][  T112] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  109.462277][  T112] page dumped because: kasan: bad access detected
[  109.468669][  T112] page_owner tracks the page as allocated
[  109.474364][  T112] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 50, tgid 50 (kworker/u8:3), ts 10431866263, free_ts 0
[  109.492676][  T112]  post_alloc_hook+0x234/0x290
[  109.497436][  T112]  get_page_from_freelist+0x2365/0x2440
[  109.502975][  T112]  __alloc_frozen_pages_noprof+0x181/0x370
[  109.508773][  T112]  allocate_slab+0x7a/0x3b0
[  109.513269][  T112]  ___slab_alloc+0xf2b/0x1960
[  109.517941][  T112]  __slab_alloc+0x65/0x100
[  109.522345][  T112]  __kmalloc_cache_node_noprof+0x4b3/0x700
[  109.528140][  T112]  blk_mq_alloc_and_init_hctx+0x17e/0xc50
[  109.533868][  T112]  __blk_mq_realloc_hw_ctxs+0x293/0x640
[  109.539420][  T112]  blk_mq_init_allocated_queue+0x356/0x1350
[  109.545315][  T112]  blk_mq_alloc_queue+0x191/0x280
[  109.550344][  T112]  scsi_alloc_sdev+0x770/0xb90
[  109.555119][  T112]  scsi_probe_and_add_lun+0x1cf/0x45f0
[  109.560581][  T112]  __scsi_scan_target+0x1dd/0xd10
[  109.565600][  T112]  scsi_scan_host_selected+0x372/0x690
[  109.571059][  T112]  do_scan_async+0x124/0x760
[  109.575651][  T112] page_owner free stack trace missing
[  109.580998][  T112] 
[  109.583303][  T112] Memory state around the buggy address:
[  109.588915][  T112]  ffff888026be6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.596961][  T112]  ffff888026be6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  109.605008][  T112] >ffff888026be6880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  109.613054][  T112]                                                     ^
[  109.619977][  T112]  ffff888026be6900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  109.628029][  T112]  ffff888026be6980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  109.636076][  T112] ==================================================================
[  109.644129][  T112] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  109.651315][  T112] CPU: 1 UID: 0 PID: 112 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  109.660416][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  109.670467][  T112] Call Trace:
[  109.673743][  T112]  <TASK>
[  109.676662][  T112]  dump_stack_lvl+0x99/0x250
[  109.681249][  T112]  ? __asan_memcpy+0x40/0x70
[  109.685829][  T112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.691022][  T112]  ? __pfx__printk+0x10/0x10
[  109.695619][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.701246][  T112]  vpanic+0x237/0x6d0
[  109.705225][  T112]  ? __pfx_vpanic+0x10/0x10
[  109.709729][  T112]  panic+0xb9/0xc0
[  109.713447][  T112]  ? __pfx_panic+0x10/0x10
[  109.717860][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.723493][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.729120][  T112]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  109.735030][  T112]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  109.740407][  T112]  check_panic_on_warn+0x89/0xb0
[  109.745347][  T112]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  109.750721][  T112]  end_report+0x6f/0x140
[  109.754959][  T112]  kasan_report+0x129/0x150
[  109.759465][  T112]  ? _raw_spin_lock_irqsave+0xa7/0xf0
[  109.764863][  T112]  ? __mutex_lock+0x3d1/0x1350
[  109.769624][  T112]  __kasan_check_byte+0x2a/0x40
[  109.774472][  T112]  lock_acquire+0x84/0x340
[  109.779055][  T112]  ? __pfx___schedule+0x10/0x10
[  109.783913][  T112]  _raw_spin_lock_irqsave+0xa7/0xf0
[  109.789114][  T112]  ? __mutex_lock+0x3d1/0x1350
[  109.793870][  T112]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  109.799765][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.805391][  T112]  ? schedule+0x16f/0x360
[  109.809713][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.815345][  T112]  ? __mutex_lock+0x37a/0x1350
[  109.820101][  T112]  __mutex_lock+0x3d1/0x1350
[  109.824682][  T112]  ? do_raw_spin_lock+0x121/0x290
[  109.829711][  T112]  ? jfs_syncpt+0x25/0x90
[  109.834032][  T112]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  109.839929][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.845556][  T112]  ? __pfx___mutex_lock+0x10/0x10
[  109.850573][  T112]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  109.856472][  T112]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  109.862817][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.868453][  T112]  jfs_syncpt+0x25/0x90
[  109.872612][  T112]  txEnd+0x2e5/0x530
[  109.876509][  T112]  jfs_lazycommit+0x5ba/0xa90
[  109.881187][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.886383][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  109.892184][  T112]  ? __kthread_parkme+0x7b/0x200
[  109.897122][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.902749][  T112]  ? __kthread_parkme+0x1a1/0x200
[  109.907769][  T112]  kthread+0x711/0x8a0
[  109.911840][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.917039][  T112]  ? __pfx_kthread+0x10/0x10
[  109.921631][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.927258][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  109.932462][  T112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  109.938095][  T112]  ? lockdep_hardirqs_on+0x98/0x140
[  109.943287][  T112]  ? __pfx_kthread+0x10/0x10
[  109.947883][  T112]  ret_from_fork+0x599/0xb30
[  109.952480][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  109.957594][  T112]  ? __switch_to_asm+0x39/0x70
[  109.962359][  T112]  ? __switch_to_asm+0x33/0x70
[  109.967129][  T112]  ? __pfx_kthread+0x10/0x10
[  109.971720][  T112]  ret_from_fork_asm+0x1a/0x30
[  109.976495][  T112]  </TASK>
[  109.980006][  T112] Kernel Offset: disabled
[  109.984324][  T112] Rebooting in 86400 seconds..