Warning: Permanently added '10.128.10.44' (ED25519) to the list of known hosts.
1970/01/01 00:01:03 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:03 ignoring optional flag "type"="gce"
1970/01/01 00:01:04 parsed 1 programs
[   64.153779][ T6736] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SS
1970/01/01 00:01:04 executed programs: 0
[   64.186694][ T6095] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   64.189359][ T6095] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   64.191520][ T6095] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   64.194698][ T6095] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   64.196744][ T6095] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   64.287374][ T6742] chnl_net:caif_netlink_parms(): no params data found
[   64.331807][ T6742] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.334000][ T6742] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.337123][ T6742] bridge_slave_0: entered allmulticast mode
[   64.340220][ T6742] bridge_slave_0: entered promiscuous mode
[   64.344137][ T6742] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.346922][ T6742] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.349343][ T6742] bridge_slave_1: entered allmulticast mode
[   64.352233][ T6742] bridge_slave_1: entered promiscuous mode
[   64.370288][ T6742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.371897][ T6742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.394522][ T6742] team0: Port device team_slave_0 added
[   64.398080][ T6742] team0: Port device team_slave_1 added
[   64.414216][ T6742] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.418375][ T6742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.418452][ T6742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.419582][ T6742] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.419608][ T6742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.419636][ T6742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.456104][ T6742] hsr_slave_0: entered promiscuous mode
[   64.456607][ T6742] hsr_slave_1: entered promiscuous mode
[   64.497569][ T2401] ieee802154 phy0 wpan0: encryption failed: -22
[   64.497684][ T2401] ieee802154 phy1 wpan1: encryption failed: -22
[   65.261891][ T6742] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.266300][ T6742] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.270605][ T6742] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.275815][ T6742] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.293555][ T6742] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.293636][ T6742] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.293795][ T6742] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.293858][ T6742] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.300969][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.302895][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.343620][ T6742] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.354149][ T6742] 8021q: adding VLAN 0 to HW filter on device team0
[   65.357594][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.357678][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.361801][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.361895][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.392137][ T6742] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   65.392227][ T6742] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.492872][ T6742] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.515201][ T6742] veth0_vlan: entered promiscuous mode
[   65.520249][ T6742] veth1_vlan: entered promiscuous mode
[   65.534170][ T6742] veth0_macvtap: entered promiscuous mode
[   65.538011][ T6742] veth1_macvtap: entered promiscuous mode
[   65.552569][ T6742] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.559247][ T6742] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.564413][ T6742] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.564495][ T6742] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.564526][ T6742] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.564557][ T6742] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.623160][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.623238][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.645058][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.645127][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.696585][ T6845] jffs2: notice: (6845) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   65.730546][ T6851] jffs2: notice: (6851) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   65.765805][ T6848] ==================================================================
[   65.765841][ T6848] BUG: KASAN: slab-use-after-free in __mutex_lock_common+0x144/0x2190
[   65.765868][ T6848] Read of size 8 at addr ffff0000c76c8130 by task jffs2_gcd_mtd0/6848
[   65.765885][ T6848] 
[   65.765896][ T6848] CPU: 1 UID: 0 PID: 6848 Comm: jffs2_gcd_mtd0 Not tainted 6.16.0-rc7-syzkaller-g82af5ea7c611 #0 PREEMPT 
[   65.765909][ T6848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   65.765917][ T6848] Call trace:
[   65.765921][ T6848]  show_stack+0x2c/0x3c (C)
[   65.765934][ T6848]  __dump_stack+0x30/0x40
[   65.765949][ T6848]  dump_stack_lvl+0xd8/0x12c
[   65.765963][ T6848]  print_address_description+0xa8/0x220
[   65.765977][ T6848]  print_report+0x68/0x84
[   65.765989][ T6848]  kasan_report+0xb0/0x110
[   65.766000][ T6848]  __asan_report_load8_noabort+0x20/0x2c
[   65.766012][ T6848]  __mutex_lock_common+0x144/0x2190
[   65.766026][ T6848]  mutex_lock_interruptible_nested+0x2c/0x38
[   65.766041][ T6848]  jffs2_garbage_collect_pass+0xa0/0x19c0
[   65.766055][ T6848]  jffs2_garbage_collect_thread+0x3c0/0x430
[   65.766069][ T6848]  kthread+0x5fc/0x75c
[   65.766082][ T6848]  ret_from_fork+0x10/0x20
[   65.766093][ T6848] 
[   65.766173][ T6848] Allocated by task 6845:
[   65.766195][ T6848]  kasan_save_track+0x40/0x78
[   65.766215][ T6848]  kasan_save_alloc_info+0x44/0x54
[   65.766230][ T6848]  __kasan_kmalloc+0x9c/0xb4
[   65.766244][ T6848]  __kmalloc_cache_noprof+0x2a4/0x3fc
[   65.766260][ T6848]  jffs2_init_fs_context+0x58/0xc0
[   65.766290][ T6848]  alloc_fs_context+0x538/0x76c
[   65.766308][ T6848]  fs_context_for_mount+0x34/0x44
[   65.766324][ T6848]  do_new_mount+0xfc/0x814
[   65.766339][ T6848]  path_mount+0x5b4/0xde0
[   65.766354][ T6848]  __arm64_sys_mount+0x3e8/0x468
[   65.766369][ T6848]  invoke_syscall+0x98/0x2b8
[   65.766384][ T6848]  el0_svc_common+0x130/0x23c
[   65.766398][ T6848]  do_el0_svc+0x48/0x58
[   65.766412][ T6848]  el0_svc+0x58/0x180
[   65.766427][ T6848]  el0t_64_sync_handler+0x84/0x12c
[   65.766442][ T6848]  el0t_64_sync+0x198/0x19c
[   65.766457][ T6848] 
[   65.766466][ T6848] Freed by task 6742:
[   65.766477][ T6848]  kasan_save_track+0x40/0x78
[   65.766495][ T6848]  kasan_save_free_info+0x58/0x70
[   65.766510][ T6848]  __kasan_slab_free+0x68/0x88
[   65.766524][ T6848]  kfree+0x17c/0x474
[   65.766538][ T6848]  jffs2_kill_sb+0x9c/0xb0
[   65.766554][ T6848]  deactivate_locked_super+0xc4/0x12c
[   65.766570][ T6848] 
** replaying previous printk message **
[   65.766570][ T6848]  deactivate_super+0xe0/0x100
[   65.766585][ T6848]  cleanup_mnt+0x31c/0x3ac
[   65.766600][ T6848]  __cleanup_mnt+0x20/0x30
[   65.766615][ T6848]  task_work_run+0x1dc/0x260
[   65.766630][ T6848]  do_notify_resume+0x174/0x1f4
[   65.766647][ T6848]  el0_svc+0xb8/0x180
[   65.766661][ T6848]  el0t_64_sync_handler+0x84/0x12c
[   65.766676][ T6848]  el0t_64_sync+0x198/0x19c
[   65.766691][ T6848] 
[   65.766700][ T6848] The buggy address belongs to the object at ffff0000c76c8000
[   65.766700][ T6848]  which belongs to the cache kmalloc-4k of size 4096
[   65.766716][ T6848] The buggy address is located 304 bytes inside of
[   65.766716][ T6848]  freed 4096-byte region [ffff0000c76c8000, ffff0000c76c9000)
[   65.766734][ T6848] 
[   65.766743][ T6848] The buggy address belongs to the physical page:
[   65.766754][ T6848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c8
[   65.766770][ T6848] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   65.766785][ T6848] flags: 0x5ffc00000000040(head|node=0|zone=2|lastcpupid=0x7ff)
[   65.766802][ T6848] page_type: f5(slab)
[   65.766818][ T6848] raw: 05ffc00000000040 ffff0000c0002140 dead000000000122 0000000000000000
[   65.766837][ T6848] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[   65.766854][ T6848] head: 05ffc00000000040 ffff0000c0002140 dead000000000122 0000000000000000
[   65.766869][ T6848] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[   65.766886][ T6848] head: 05ffc00000000003 fffffdffc31db201 00000000ffffffff 00000000ffffffff
[   65.766902][ T6848] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[   65.766914][ T6848] page dumped because: kasan: bad access detected
[   65.766924][ T6848] 
[   65.766933][ T6848] Memory state around the buggy address:
[   65.766945][ T6848]  ffff0000c76c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.766959][ T6848]  ffff0000c76c8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.766972][ T6848] >ffff0000c76c8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.766984][ T6848]                                      ^
[   65.766984][ T6856] jffs2: notice: (6856) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   65.766996][ T6848]  ffff0000c76c8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.767015][ T6848]  ffff0000c76c8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.767026][ T6848] ==================================================================
[   65.830502][ T6859] jffs2: notice: (6859) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   65.841976][ T6852] jffs2: Erase at 0x0001e000 failed immediately: errno -524
[   65.842060][ T6852] jffs2: Erase at 0x0001d000 failed immediately: errno -524
[   65.842093][ T6852] jffs2: Erase at 0x0001c000 failed immediately: errno -524
[   65.842124][ T6852] jffs2: Erase at 0x0001b000 failed immediately: errno -524
[   65.842155][ T6852] jffs2: Erase at 0x0001a000 failed immediately: errno -524
[   65.842198][ T6852] jffs2: Erase at 0x00019000 failed immediately: errno -524
[   65.842229][ T6852] jffs2: Erase at 0x00018000 failed immediately: errno -524
[   65.842260][ T6852] jffs2: Erase at 0x00017000 failed immediately: errno -524
[   65.842296][ T6852] jffs2: Erase at 0x00016000 failed immediately: errno -524
[   65.842330][ T6852] jffs2: Erase at 0x00015000 failed immediately: errno -524
[   65.842360][ T6852] jffs2: Erase at 0x00014000 failed immediately: errno -524
[   65.842390][ T6852] jffs2: Erase at 0x00013000 failed immediately: errno -524
[   65.842420][ T6852] jffs2: Erase at 0x00012000 failed immediately: errno -524
[   65.842450][ T6852] jffs2: Erase at 0x00011000 failed immediately: errno -524
[   65.842480][ T6852] jffs2: Erase at 0x00010000 failed immediately: errno -524
[   65.842511][ T6852] jffs2: Erase at 0x0000f000 failed immediately: errno -524
[   65.842541][ T6852] jffs2: Erase at 0x0000e000 failed immediately: errno -524
[   65.842571][ T6852] jffs2: Erase at 0x0000d000 failed immediately: errno -524
[   65.842601][ T6852] jffs2: Erase at 0x0000c000 failed immediately: errno -524
[   65.842631][ T6852] jffs2: Erase at 0x0000b000 failed immediately: errno -524
[   65.842661][ T6852] jffs2: Erase at 0x0000a000 failed immediately: errno -524
[   65.842691][ T6852] jffs2: Erase at 0x00009000 failed immediately: errno -524
[   65.842721][ T6852] jffs2: Erase at 0x00008000 failed immediately: errno -524
[   65.842751][ T6852] jffs2: Erase at 0x00007000 failed immediately: errno -524
[   65.842781][ T6852] jffs2: Erase at 0x00006000 failed immediately: errno -524
[   65.842811][ T6852] jffs2: Erase at 0x00005000 failed immediately: errno -524
[   65.842841][ T6852] jffs2: Erase at 0x00004000 failed immediately: errno -524
[   65.842871][ T6852] jffs2: Erase at 0x00003000 failed immediately: errno -524
[   65.842901][ T6852] jffs2: Erase at 0x00002000 failed immediately: errno -524
[   65.842926][ T6852]  slab kmalloc-4k start ffff0000c75fe000 pointer offset 0 size 4096
[   65.843005][ T6852] list_del corruption. next->prev should be ffff0000c75fe048, but was 022c03cc00001a56. (next=ffff0000c75fe000)
[   65.843383][ T6852] ------------[ cut here ]------------
[   65.843398][ T6852] kernel BUG at lib/list_debug.c:67!
[   65.843462][ T6852] Internal error: Oops - BUG: 00000000f2000800 [#1]  SMP
[   65.983404][ T6852] Modules linked in:
[   65.984461][ T6852] CPU: 0 UID: 0 PID: 6852 Comm: jffs2_gcd_mtd0 Not tainted 6.16.0-rc7-syzkaller-g82af5ea7c611 #0 PREEMPT 
[   65.987524][ T6852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
** replaying previous printk message **
[   65.987589][ T6848] jffs2: Erase at 0x0001e000 failed immediately: errno -524
[   65.993299][ T6848] jffs2: Erase at 0x0001d000 failed immediately: errno -524
[   65.993297][ T6852] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   65.997468][ T6848] jffs2: Erase at 0x0001c000 failed immediately: errno -524
[   65.997463][ T6852] pc : __list_del_entry_valid_or_report+0x1b0/0x1b4
[   66.001225][ T6848] jffs2: Erase at 0x0001b000 failed immediately: errno -524
[   66.001226][ T6852] lr : __list_del_entry_valid_or_report+0x1b0/0x1b4
[   66.005054][ T6848] jffs2: Erase at 0x0001a000 failed immediately: errno -524
[   66.005056][ T6852] sp : ffff8000a3917880
[   66.008311][ T6848] jffs2: Erase at 0x00019000 failed immediately: errno -524
[   66.008311][ T6852] x29: ffff8000a3917880 x28: ffff0000c75fe048
[   66.010457][ T6848] jffs2: Erase at 0x00018000 failed immediately: errno -524
[   66.014196][ T6848] jffs2: Erase at 0x00017000 failed immediately: errno -524
[   66.014200][ T6852]  x27: ffff0000c75fa238
** replaying previous printk message **
[   66.016414][ T6848] jffs2: Erase at 0x00016000 failed immediately: errno -524
[   66.020421][ T6852] x26: ffff0000c75fa208 x25: ffff0000c75fa228
[   66.020431][ T6848] jffs2: Erase at 0x00015000 failed immediately: errno -524
[   66.024176][ T6848] jffs2: Erase at 0x00014000 failed immediately: errno -524
[   66.024178][ T6852]  x24: dfff800000000000
[   66.026245][ T6848] jffs2: Erase at 0x00013000 failed immediately: errno -524
[   66.029423][ T6848] jffs2: Erase at 0x00012000 failed immediately: errno -524
[   66.029428][ T6852] x23: 1fffe00018ebfc01
[   66.031528][ T6848] jffs2: Erase at 0x00011000 failed immediately: errno -524
[   66.031529][ T6852]  x22: dfff800000000000 x21: ffff0000c75fe008
[   66.034624][ T6848] jffs2: Erase at 0x00010000 failed immediately: errno -524
[   66.038435][ T6852] 
[   66.038435][ T6848] jffs2: Erase at 0x0000f000 failed immediately: errno -524
[   66.041253][ T6848] jffs2: Erase at 0x0000e000 failed immediately: errno -524
[   66.041259][ T6852] x20: ffff0000c75fe000 x19: ffff0000c75fe048 x18: 00000000ffffffff
[   66.043320][ T6848] jffs2: Erase at 0x0000d000 failed immediately: errno -524
[   66.043323][ T6852] 
[   66.048299][ T6852] x17: 20747562202c3834 x16: ffff80008af01c68
[   66.048314][ T6848] jffs2: Erase at 0x0000c000 failed immediately: errno -524
[   66.048329][ T6852]  x15: 0000000000000001
** replaying previous printk message **
[   66.052132][ T6848] jffs2: Erase at 0x0000b000 failed immediately: errno -524
[   66.056341][ T6852] x14: 1fffe000337d1ce2 x13: 0000000000000000 x12: 0000000000000000
[   66.056364][ T6848] jffs2: Erase at 0x0000a000 failed immediately: errno -524
[   66.060593][ T6848] jffs2: Erase at 0x00009000 failed immediately: errno -524
[   66.060598][ T6852] 
[   66.063256][ T6848] jffs2: Erase at 0x00008000 failed immediately: errno -524
[   66.063261][ T6852] x11: ffff6000337d1ce3 x10: 0000000000ff0100 x9 : b673620b902ae400
** replaying previous printk message **
[   66.065323][ T6848] jffs2: Erase at 0x00007000 failed immediately: errno -524
[   66.070498][ T6848] jffs2: Erase at 0x00006000 failed immediately: errno -524
[   66.070501][ T6852] x8 : b673620b902ae400
[   66.072590][ T6848] jffs2: Erase at 0x00005000 failed immediately: errno -524
[   66.072590][ T6852]  x7 : 0000000000000001
[   66.075877][ T6848] jffs2: Erase at 0x00004000 failed immediately: errno -524
[   66.075881][ T6852]  x6 : 0000000000000001
** replaying previous printk message **
[   66.079047][ T6848] jffs2: Erase at 0x00003000 failed immediately: errno -524
[   66.083306][ T6848] jffs2: Erase at 0x00002000 failed immediately: errno -524
[   66.083307][ T6852] x5 : ffff8000a3917218 x4 : ffff80008f776bc0 x3 : ffff8000807bba4c
[   66.085383][ T6848]  slab kmalloc-4k start ffff0000c76cc000 pointer offset 0 size 4096
[   66.085463][ T6848] list_del corruption. next->prev should be ffff0000c76cc048, but was 022c03cc00001a56. (next=ffff0000c76cc000)
[   66.085828][ T6848] ------------[ cut here ]------------
[   66.085841][ T6848] kernel BUG at lib/list_debug.c:67!
[   66.096399][ T6852] 
[   66.097029][ T6852] x2 : 0000000000000001 x1 : 0000000100000001 x0 : 000000000000006d
[   66.099266][ T6852] Call trace:
[   66.100226][ T6852]  __list_del_entry_valid_or_report+0x1b0/0x1b4 (P)
[   66.102251][ T6852]  jffs2_erase_pending_blocks+0x2e0/0x1cd4
[   66.103986][ T6852]  jffs2_garbage_collect_pass+0x524/0x19c0
[   66.105649][ T6852]  jffs2_garbage_collect_thread+0x3c0/0x430
[   66.107337][ T6852]  kthread+0x5fc/0x75c
[   66.108516][ T6852]  ret_from_fork+0x10/0x20
[   66.109812][ T6852] Code: 910f8000 aa1303e1 aa1403e3 9741c5ff (d4210000) 
[   66.111940][ T6852] ---[ end trace 0000000000000000 ]---
[   66.471345][ T6852] Kernel panic - not syncing: Oops - BUG: Fatal exception
[   66.473120][ T6852] SMP: stopping secondary CPUs
[   67.538880][ T6852] SMP: failed to stop secondary CPUs 1
[   67.540643][ T6852] Kernel Offset: disabled
[   67.541798][ T6852] CPU features: 0x10000,00040e00,040008a1,04017203
[   67.543654][ T6852] Memory Limit: none
[   67.888940][ T6852] Rebooting in 86400 seconds..