Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts.
2026/05/01 10:19:40 ignoring optional flag "type"="gce"
2026/05/01 10:19:41 parsed 1 programs
[ 97.440917][ T5836] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2026/05/01 10:19:43 executed programs: 0
[ 97.555773][ T4929] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 97.558452][ T4929] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 97.559185][ T4929] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 97.560190][ T4929] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 97.561109][ T4929] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 98.232695][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.232981][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.233121][ T5843] bridge_slave_0: entered allmulticast mode
[ 98.234872][ T5843] bridge_slave_0: entered promiscuous mode
[ 98.243500][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.243831][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.244058][ T5843] bridge_slave_1: entered allmulticast mode
[ 98.246997][ T5843] bridge_slave_1: entered promiscuous mode
[ 98.417179][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.420724][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.575361][ T5843] team0: Port device team_slave_0 added
[ 98.578583][ T5843] team0: Port device team_slave_1 added
[ 98.735875][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 98.735887][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 98.735900][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 98.737715][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 98.737723][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 98.737736][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 98.907835][ T5843] hsr_slave_0: entered promiscuous mode
[ 98.909189][ T5843] hsr_slave_1: entered promiscuous mode
[ 99.612277][ T4929] Bluetooth: hci0: command tx timeout
[ 100.764767][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.817234][ T5843] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 100.818569][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.849481][ T5843] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 100.850671][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 100.888196][ T5843] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 100.892112][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 100.925382][ T5843] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 101.142029][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.210952][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.242584][ T1311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.243618][ T1311] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.276246][ T45] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.276454][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.692148][ T4929] Bluetooth: hci0: command tx timeout
[ 101.920428][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 102.039112][ T5843] veth0_vlan: entered promiscuous mode
[ 102.057896][ T5843] veth1_vlan: entered promiscuous mode
[ 102.168354][ T5843] veth0_macvtap: entered promiscuous mode
[ 102.188598][ T5843] veth1_macvtap: entered promiscuous mode
[ 102.233493][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.278993][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.314016][ T67] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.314557][ T67] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.314595][ T67] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.314626][ T67] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.235225][ T5968] loop0: detected capacity change from 0 to 32768
[ 103.418709][ T5968] duplicate index6 in slot in dtroot
[ 103.418709][ T5968]
[ 103.418729][ T5968] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 103.418729][ T5968]
[ 103.419612][ T5968] ERROR: (device loop0): remounting filesystem as read-only
2026/05/01 10:19:49 executed programs: 1
[ 103.771824][ T4929] Bluetooth: hci0: command tx timeout
[ 104.317082][ T5995] loop0: detected capacity change from 0 to 32768
[ 104.374723][ T5995] duplicate index6 in slot in dtroot
[ 104.374723][ T5995]
[ 104.374739][ T5995] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 104.374739][ T5995]
[ 104.375042][ T5995] ERROR: (device loop0): remounting filesystem as read-only
[ 105.043811][ T6013] loop0: detected capacity change from 0 to 32768
[ 105.075525][ T6013] duplicate index6 in slot in dtroot
[ 105.075525][ T6013]
[ 105.075540][ T6013] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 105.075540][ T6013]
[ 105.075773][ T6013] ERROR: (device loop0): remounting filesystem as read-only
[ 105.702090][ T6032] loop0: detected capacity change from 0 to 32768
[ 105.787007][ T6032] duplicate index6 in slot in dtroot
[ 105.787007][ T6032]
[ 105.787031][ T6032] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 105.787031][ T6032]
[ 105.787268][ T6032] ERROR: (device loop0): remounting filesystem as read-only
[ 105.853102][ T4929] Bluetooth: hci0: command tx timeout
[ 106.312715][ T6049] loop0: detected capacity change from 0 to 32768
[ 106.327094][ T6049] duplicate index6 in slot in dtroot
[ 106.327094][ T6049]
[ 106.327108][ T6049] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 106.327108][ T6049]
[ 106.327357][ T6049] ERROR: (device loop0): remounting filesystem as read-only
[ 106.668587][ T6057] loop0: detected capacity change from 0 to 32768
[ 106.683643][ T6057] duplicate index6 in slot in dtroot
[ 106.683643][ T6057]
[ 106.683658][ T6057] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 106.683658][ T6057]
[ 106.683885][ T6057] ERROR: (device loop0): remounting filesystem as read-only
[ 107.030988][ T6059] loop0: detected capacity change from 0 to 32768
[ 107.063716][ T6059] duplicate index6 in slot in dtroot
[ 107.063716][ T6059]
[ 107.063730][ T6059] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 107.063730][ T6059]
[ 107.064541][ T6059] ERROR: (device loop0): remounting filesystem as read-only
[ 107.413654][ T6061] loop0: detected capacity change from 0 to 32768
[ 107.432787][ T6061] duplicate index6 in slot in dtroot
[ 107.432787][ T6061]
[ 107.432801][ T6061] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 107.432801][ T6061]
[ 107.433052][ T6061] ERROR: (device loop0): remounting filesystem as read-only
[ 107.790735][ T6063] loop0: detected capacity change from 0 to 32768
[ 107.814482][ T6063] duplicate index6 in slot in dtroot
[ 107.814482][ T6063]
[ 107.814498][ T6063] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 107.814498][ T6063]
[ 107.814756][ T6063] ERROR: (device loop0): remounting filesystem as read-only
[ 107.861976][ C1] ==================================================================
[ 107.861993][ C1] BUG: KASAN: slab-use-after-free in lbmIODone+0x1312/0x16c0
[ 107.862022][ C1] Read of size 4 at addr ffff88802b061e08 by task rcuc/1/29
[ 107.862038][ C1]
[ 107.862060][ C1] CPU: 1 UID: 0 PID: 29 Comm: rcuc/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 107.862086][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 107.862104][ C1] Call Trace:
[ 107.862111][ C1]
[ 107.862119][ C1] dump_stack_lvl+0xe8/0x150
[ 107.862145][ C1] print_address_description+0x55/0x1e0
[ 107.862169][ C1] ? lbmIODone+0x1312/0x16c0
[ 107.862187][ C1] print_report+0x58/0x70
[ 107.862207][ C1] kasan_report+0x117/0x150
[ 107.862232][ C1] ? lbmIODone+0x1312/0x16c0
[ 107.862254][ C1] lbmIODone+0x1312/0x16c0
[ 107.862272][ C1] ? blkg_put+0x22/0x240
[ 107.862291][ C1] ? blkg_put+0x22/0x240
[ 107.862310][ C1] ? blkg_put+0x18d/0x240
[ 107.862329][ C1] ? bio_endio+0x989/0x9d0
[ 107.862350][ C1] blk_update_request+0x57e/0xe60
[ 107.862387][ C1] blk_mq_end_request+0x3e/0x70
[ 107.862418][ C1] blk_done_softirq+0x10a/0x160
[ 107.862439][ C1] handle_softirqs+0x1de/0x6d0
[ 107.862464][ C1] __local_bh_enable_ip+0x170/0x2b0
[ 107.862485][ C1] ? rcu_cpu_kthread+0x205/0x1470
[ 107.862511][ C1] rcu_cpu_kthread+0x9e8/0x1470
[ 107.862540][ C1] ? rcu_cpu_kthread+0x205/0x1470
[ 107.862566][ C1] ? __pfx_rcu_cpu_kthread+0x10/0x10
[ 107.862590][ C1] ? schedule+0x90/0x360
[ 107.862615][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 107.862638][ C1] smpboot_thread_fn+0x541/0xa50
[ 107.862658][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 107.862690][ C1] kthread+0x388/0x470
[ 107.862714][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 107.862736][ C1] ? __pfx_kthread+0x10/0x10
[ 107.862760][ C1] ret_from_fork+0x514/0xb70
[ 107.862781][ C1] ? __pfx_ret_from_fork+0x10/0x10
[ 107.862800][ C1] ? __switch_to+0xc79/0x1410
[ 107.862819][ C1] ? __pfx_kthread+0x10/0x10
[ 107.862843][ C1] ret_from_fork_asm+0x1a/0x30
[ 107.862871][ C1]
[ 107.862878][ C1]
[ 107.862882][ C1] Allocated by task 6063:
[ 107.862891][ C1] kasan_save_track+0x3e/0x80
[ 107.862908][ C1] __kasan_kmalloc+0x93/0xb0
[ 107.862924][ C1] __kmalloc_cache_noprof+0x3a6/0x690
[ 107.862944][ C1] lmLogInit+0x3e5/0x1a00
[ 107.862958][ C1] lmLogOpen+0x4e1/0xfa0
[ 107.862972][ C1] jfs_mount_rw+0xee/0x670
[ 107.862985][ C1] jfs_fill_super+0x754/0xd80
[ 107.863003][ C1] get_tree_bdev_flags+0x431/0x4f0
[ 107.863023][ C1] vfs_get_tree+0x92/0x2a0
[ 107.863042][ C1] do_new_mount+0x341/0xd30
[ 107.863054][ C1] __se_sys_mount+0x31d/0x420
[ 107.863067][ C1] do_syscall_64+0x15f/0xf80
[ 107.863098][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.863115][ C1]
[ 107.863120][ C1] Freed by task 6063:
[ 107.863127][ C1] kasan_save_track+0x3e/0x80
[ 107.863142][ C1] kasan_save_free_info+0x46/0x50
[ 107.863165][ C1] __kasan_slab_free+0x5c/0x80
[ 107.863181][ C1] kfree+0x1c5/0x6c0
[ 107.863196][ C1] lmLogShutdown+0x456/0x850
[ 107.863209][ C1] lmLogClose+0x28a/0x520
[ 107.863223][ C1] jfs_umount+0x2fb/0x3d0
[ 107.863237][ C1] jfs_fill_super+0x9c5/0xd80
[ 107.863255][ C1] get_tree_bdev_flags+0x431/0x4f0
[ 107.863275][ C1] vfs_get_tree+0x92/0x2a0
[ 107.863295][ C1] do_new_mount+0x341/0xd30
[ 107.863307][ C1] __se_sys_mount+0x31d/0x420
[ 107.863321][ C1] do_syscall_64+0x15f/0xf80
[ 107.863341][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.863356][ C1]
[ 107.863360][ C1] The buggy address belongs to the object at ffff88802b061e00
[ 107.863360][ C1] which belongs to the cache kmalloc-256 of size 256
[ 107.863376][ C1] The buggy address is located 8 bytes inside of
[ 107.863376][ C1] freed 256-byte region [ffff88802b061e00, ffff88802b061f00)
[ 107.863395][ C1]
[ 107.863399][ C1] The buggy address belongs to the physical page:
[ 107.863421][ C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b060
[ 107.863446][ C1] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 107.863460][ C1] flags: 0x80000000000040(head|node=0|zone=1)
[ 107.863479][ C1] page_type: f5(slab)
[ 107.863494][ C1] raw: 0080000000000040 ffff88813fe15b40 dead000000000100 dead000000000122
[ 107.863508][ C1] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 107.863521][ C1] head: 0080000000000040 ffff88813fe15b40 dead000000000100 dead000000000122
[ 107.863534][ C1] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 107.863549][ C1] head: 0080000000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[ 107.863562][ C1] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000002
[ 107.863569][ C1] page dumped because: kasan: bad access detected
[ 107.863582][ C1] page_owner tracks the page as allocated
[ 107.863588][ C1] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 11837449461, free_ts 0
[ 107.863618][ C1] post_alloc_hook+0x1f9/0x250
[ 107.863637][ C1] get_page_from_freelist+0x27d6/0x2850
[ 107.863658][ C1] __alloc_frozen_pages_noprof+0x18d/0x380
[ 107.863679][ C1] allocate_slab+0x74/0x5e0
[ 107.863692][ C1] refill_objects+0x33c/0x3d0
[ 107.863716][ C1] __pcs_replace_empty_main+0x373/0x720
[ 107.863730][ C1] __kmalloc_noprof+0x530/0x7b0
[ 107.863746][ C1] usb_hcd_submit_urb+0x786/0x1b50
[ 107.863769][ C1] usb_start_wait_urb+0x13f/0x5b0
[ 107.863787][ C1] usb_control_msg+0x234/0x3e0
[ 107.863803][ C1] usb_get_string+0xa1/0x3c0
[ 107.863823][ C1] usb_string_sub+0x76/0x420
[ 107.863840][ C1] usb_string+0x38f/0x7d0
[ 107.863854][ C1] usb_cache_string+0x7d/0xf0
[ 107.863871][ C1] usb_new_device+0x2ed/0x16e0
[ 107.863885][ C1] register_root_hub+0x270/0x5f0
[ 107.863914][ C1] page_owner free stack trace missing
[ 107.863920][ C1]
[ 107.863924][ C1] Memory state around the buggy address:
[ 107.863934][ C1] ffff88802b061d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 107.863946][ C1] ffff88802b061d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 107.863956][ C1] >ffff88802b061e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.863964][ C1] ^
[ 107.863972][ C1] ffff88802b061e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 107.863983][ C1] ffff88802b061f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 107.863992][ C1] ==================================================================
[ 107.864004][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 107.864023][ C1] CPU: 1 UID: 0 PID: 29 Comm: rcuc/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 107.864044][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 107.864054][ C1] Call Trace:
[ 107.864061][ C1]
[ 107.864068][ C1] vpanic+0x56c/0xa60
[ 107.864095][ C1] ? __pfx_vpanic+0x10/0x10
[ 107.864121][ C1] panic+0xc5/0xd0
[ 107.864141][ C1] ? __pfx_panic+0x10/0x10
[ 107.864165][ C1] ? lbmIODone+0x1312/0x16c0
[ 107.864183][ C1] ? rcu_is_watching+0x15/0xb0
[ 107.864203][ C1] ? lbmIODone+0x1312/0x16c0
[ 107.864220][ C1] check_panic_on_warn+0x89/0xb0
[ 107.864247][ C1] ? lbmIODone+0x1312/0x16c0
[ 107.864264][ C1] end_report+0x73/0x170
[ 107.864285][ C1] ? lbmIODone+0x1312/0x16c0
[ 107.864301][ C1] kasan_report+0x128/0x150
[ 107.864324][ C1] ? lbmIODone+0x1312/0x16c0
[ 107.864345][ C1] lbmIODone+0x1312/0x16c0
[ 107.864362][ C1] ? blkg_put+0x22/0x240
[ 107.864380][ C1] ? blkg_put+0x22/0x240
[ 107.864399][ C1] ? blkg_put+0x18d/0x240
[ 107.864427][ C1] ? bio_endio+0x989/0x9d0
[ 107.864448][ C1] blk_update_request+0x57e/0xe60
[ 107.864474][ C1] blk_mq_end_request+0x3e/0x70
[ 107.864496][ C1] blk_done_softirq+0x10a/0x160
[ 107.864516][ C1] handle_softirqs+0x1de/0x6d0
[ 107.864541][ C1] __local_bh_enable_ip+0x170/0x2b0
[ 107.864562][ C1] ? rcu_cpu_kthread+0x205/0x1470
[ 107.864586][ C1] rcu_cpu_kthread+0x9e8/0x1470
[ 107.864621][ C1] ? rcu_cpu_kthread+0x205/0x1470
[ 107.864649][ C1] ? __pfx_rcu_cpu_kthread+0x10/0x10
[ 107.864674][ C1] ? schedule+0x90/0x360
[ 107.864700][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 107.864723][ C1] smpboot_thread_fn+0x541/0xa50
[ 107.864745][ C1] ? smpboot_thread_fn+0x4d/0xa50
[ 107.864769][ C1] kthread+0x388/0x470
[ 107.864792][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 107.864813][ C1] ? __pfx_kthread+0x10/0x10
[ 107.864836][ C1] ret_from_fork+0x514/0xb70
[ 107.864858][ C1] ? __pfx_ret_from_fork+0x10/0x10
[ 107.864878][ C1] ? __switch_to+0xc79/0x1410
[ 107.864896][ C1] ? __pfx_kthread+0x10/0x10
[ 107.864921][ C1] ret_from_fork_asm+0x1a/0x30
[ 107.864953][ C1]
[ 107.865371][ C1] Kernel Offset: disabled