Warning: Permanently added '10.128.10.29' (ED25519) to the list of known hosts.
1970/01/01 00:00:57 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:57 ignoring optional flag "type"="gce"
1970/01/01 00:00:58 parsed 1 programs
1970/01/01 00:00:58 executed programs: 0
[   58.273091][ T6613] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SS
[   58.309459][ T5983] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   58.311830][ T5983] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   58.314122][ T5983] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   58.317016][ T5983] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   58.318926][ T5983] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   58.320561][ T5983] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   58.395142][ T6619] chnl_net:caif_netlink_parms(): no params data found
[   58.423134][ T6619] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.424781][ T6619] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.426283][ T6619] bridge_slave_0: entered allmulticast mode
[   58.428001][ T6619] bridge_slave_0: entered promiscuous mode
[   58.430261][ T6619] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.432246][ T6619] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.433712][ T6619] bridge_slave_1: entered allmulticast mode
[   58.435377][ T6619] bridge_slave_1: entered promiscuous mode
[   58.447796][ T6619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.451157][ T6619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.462471][ T6619] team0: Port device team_slave_0 added
[   58.465422][ T6619] team0: Port device team_slave_1 added
[   58.475957][ T6619] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.477467][ T6619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.482915][ T6619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.486238][ T6619] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.487836][ T6619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.493236][ T6619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.543239][ T6619] hsr_slave_0: entered promiscuous mode
[   58.581054][ T6619] hsr_slave_1: entered promiscuous mode
[   59.476447][ T6619] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   59.483498][ T6619] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   59.486520][ T6619] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   59.489926][ T6619] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   59.537200][ T6619] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.544745][ T6619] 8021q: adding VLAN 0 to HW filter on device team0
[   59.551713][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.553242][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.556520][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.558136][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.573894][ T6619] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   59.576140][ T6619] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   59.647154][ T6619] 8021q: adding VLAN 0 to HW filter on device batadv0
[   59.669319][ T6619] veth0_vlan: entered promiscuous mode
[   59.679005][ T6619] veth1_vlan: entered promiscuous mode
[   59.689170][ T6619] veth0_macvtap: entered promiscuous mode
[   59.698588][ T6619] veth1_macvtap: entered promiscuous mode
[   59.707243][ T6619] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.711540][ T6619] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.715254][ T6619] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.717141][ T6619] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.718943][ T6619] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.722208][ T6619] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.750527][ T1764] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.753221][ T1764] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.768975][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.770644][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.830101][ T6726] loop0: detected capacity change from 0 to 2048
[   59.838463][ T6726] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   59.860229][ T6726] jffs2: notice: (6726) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   59.922069][ T6729] ==================================================================
[   59.924121][ T6729] BUG: KASAN: slab-use-after-free in __mutex_lock_common+0x170/0x28f4
[   59.925805][ T6729] Read of size 8 at addr ffff0000c480a130 by task jffs2_gcd_mtd0/6729
[   59.927364][ T6729] 
[   59.927866][ T6729] CPU: 0 UID: 0 PID: 6729 Comm: jffs2_gcd_mtd0 Not tainted 6.13.0-rc2-syzkaller-00031-g2e7aff49b5da #0
[   59.930150][ T6729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.932249][ T6729] Call trace:
[   59.932940][ T6729]  show_stack+0x2c/0x3c (C)
[   59.933940][ T6729]  dump_stack_lvl+0xe4/0x150
[   59.934952][ T6729]  print_report+0x198/0x538
[   59.935909][ T6729]  kasan_report+0xd8/0x138
[   59.936264][ T6733] loop0: detected capacity change from 0 to 2048
[   59.936825][ T6729]  __asan_report_load8_noabort+0x20/0x2c
[   59.939256][ T6729]  __mutex_lock_common+0x170/0x28f4
[   59.940470][ T6729]  mutex_lock_interruptible_nested+0x2c/0x38
[   59.941309][ T6733] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   59.941727][ T6729]  jffs2_garbage_collect_pass+0xa4/0x1a50
[   59.945156][ T6729]  jffs2_garbage_collect_thread+0x410/0x488
[   59.946473][ T6729]  kthread+0x288/0x310
[   59.947401][ T6729]  ret_from_fork+0x10/0x20
[   59.948503][ T6729] 
[   59.948962][ T6729] Allocated by task 6726:
[   59.949936][ T6729]  kasan_save_track+0x40/0x78
[   59.950432][ T6733] jffs2: notice: (6733) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   59.950907][ T6729]  kasan_save_alloc_info+0x40/0x50
[   59.950926][ T6729]  __kasan_kmalloc+0xac/0xc4
[   59.950937][ T6729]  __kmalloc_cache_noprof+0x2cc/0x428
[   59.950951][ T6729]  jffs2_init_fs_context+0x58/0xc8
[   59.950963][ T6729]  alloc_fs_context+0x514/0x7a4
[   59.950974][ T6729]  fs_context_for_mount+0x34/0x44
[   59.950984][ T6729]  do_new_mount+0x14c/0x900
[   59.962232][ T6729]  path_mount+0x590/0xe04
[   59.963245][ T6729]  __arm64_sys_mount+0x4d4/0x5ac
[   59.964239][ T6729]  invoke_syscall+0x98/0x2b8
[   59.965227][ T6729]  el0_svc_common+0x130/0x23c
[   59.966255][ T6729]  do_el0_svc+0x48/0x58
[   59.967181][ T6729]  el0_svc+0x54/0x168
[   59.968059][ T6729]  el0t_64_sync_handler+0x84/0x108
[   59.969147][ T6729]  el0t_64_sync+0x198/0x19c
[   59.970253][ T6729] 
[   59.970781][ T6729] Freed by task 6619:
[   59.971666][ T6729]  kasan_save_track+0x40/0x78
[   59.972630][ T6729]  kasan_save_free_info+0x54/0x6c
[   59.973712][ T6729]  __kasan_slab_free+0x64/0x8c
[   59.974777][ T6729]  kfree+0x180/0x478
[   59.975612][ T6729]  jffs2_kill_sb+0x9c/0xb0
[   59.976587][ T6729]  deactivate_locked_super+0xc4/0x12c
[   59.977770][ T6729]  deactivate_super+0xe0/0x100
[   59.978787][ T6729]  cleanup_mnt+0x34c/0x3dc
[   59.979718][ T6729]  __cleanup_mnt+0x20/0x30
[   59.980681][ T6729]  task_work_run+0x230/0x2e0
[   59.981662][ T6729]  do_notify_resume+0x178/0x1f4
[   59.982692][ T6729]  el0_svc+0xac/0x168
[   59.983712][ T6729]  el0t_64_sync_handler+0x84/0x108
[   59.984817][ T6729]  el0t_64_sync+0x198/0x19c
[   59.985756][ T6729] 
[   59.986278][ T6729] The buggy address belongs to the object at ffff0000c480a000
[   59.986278][ T6729]  which belongs to the cache kmalloc-4k of size 4096
[   59.989302][ T6729] The buggy address is located 304 bytes inside of
[   59.989302][ T6729]  freed 4096-byte region [ffff0000c480a000, ffff0000c480b000)
[   59.992223][ T6729] 
[   59.992722][ T6729] The buggy address belongs to the physical page:
[   59.994067][ T6729] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104808
[   59.996027][ T6729] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   59.997834][ T6729] flags: 0x5ffc00000000040(head|node=0|zone=2|lastcpupid=0x7ff)
[   59.999473][ T6729] page_type: f5(slab)
[   60.000383][ T6729] raw: 05ffc00000000040 ffff0000c0002140 dead000000000100 dead000000000122
[   60.002115][ T6729] raw: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[   60.003965][ T6729] head: 05ffc00000000040 ffff0000c0002140 dead000000000100 dead000000000122
[   60.006006][ T6729] head: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[   60.007831][ T6729] head: 05ffc00000000003 fffffdffc3120201 ffffffffffffffff 0000000000000000
[   60.009800][ T6729] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   60.011701][ T6729] page dumped because: kasan: bad access detected
[   60.013047][ T6729] 
[   60.013556][ T6729] Memory state around the buggy address:
[   60.014788][ T6729]  ffff0000c480a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.016484][ T6729]  ffff0000c480a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.018368][ T6729] >ffff0000c480a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.020095][ T6729]                                      ^
[   60.021351][ T6729]  ffff0000c480a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.023279][ T6729]  ffff0000c480a200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.024945][ T6729] ==================================================================
[   60.067470][ T6729] Disabling lock debugging due to kernel taint
[   60.068926][ T6729] jffs2: Erase at 0x0001e000 failed immediately: errno -524
[   60.070403][ T6729] jffs2: Erase at 0x0001d000 failed immediately: errno -524
[   60.083586][ T6729] jffs2: Erase at 0x0001c000 failed immediately: errno -524
[   60.085165][ T6729] jffs2: Erase at 0x0001b000 failed immediately: errno -524
[   60.089493][ T6746] loop0: detected capacity change from 0 to 2048
[   60.097580][ T6729] jffs2: Erase at 0x0001a000 failed immediately: errno -524
[   60.099231][ T6746] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   60.105510][ T6746] jffs2: notice: (6746) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   60.111817][ T6729] jffs2: Erase at 0x00019000 failed immediately: errno -524
[   60.112431][ T6742] Unable to handle kernel paging request at virtual address dfff8000000000c8
[   60.113511][ T6729] jffs2: Erase at 0x00018000 failed immediately: errno -524
[   60.115253][ T6742] KASAN: null-ptr-deref in range [0x0000000000000640-0x0000000000000647]
[   60.115268][ T6742] Mem abort info:
[   60.116770][ T6729] jffs2: Erase at 0x00017000 failed immediately: errno -524
[   60.118403][ T6742]   ESR = 0x0000000096000005
[   60.118416][ T6742]   EC = 0x25: DABT (current EL), IL = 32 bits
[   60.118425][ T6742]   SET = 0, FnV = 0
[   60.119283][ T6729] jffs2: Erase at 0x00016000 failed immediately: errno -524
[   60.126019][ T6729] jffs2: Erase at 0x00015000 failed immediately: errno -524
[   60.129514][ T6742]   EA = 0, S1PTW = 0
[   60.130472][ T6742]   FSC = 0x05: level 1 translation fault
[   60.133122][ T6742] Data abort info:
[   60.133974][ T6742]   ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
[   60.135239][ T6742]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[   60.136532][ T6742]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[   60.147022][ T6729] jffs2: Erase at 0x00014000 failed immediately: errno -524
[   60.148707][ T6729] jffs2: Erase at 0x00013000 failed immediately: errno -524
[   60.150242][ T6729] jffs2: Erase at 0x00012000 failed immediately: errno -524
[   60.161056][ T6753] loop0: detected capacity change from 0 to 2048
[   60.169023][ T6753] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   60.172921][ T6742] [dfff8000000000c8] address between user and kernel address ranges
[   60.175586][ T6729] jffs2: Erase at 0x00011000 failed immediately: errno -524
[   60.177257][ T6729] jffs2: Erase at 0x00010000 failed immediately: errno -524
[   60.177349][ T6753] jffs2: notice: (6753) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   60.178815][ T6729] jffs2: Erase at 0x0000f000 failed immediately: errno -524
[   60.178834][ T6729] jffs2: Erase at 0x0000e000 failed immediately: errno -524
[   60.178848][ T6729] jffs2: Erase at 0x0000d000 failed immediately: errno -524
[   60.187071][ T6749] jffs2: Erase at 0x0001e000 failed immediately: errno -524
[   60.189521][ T6749] jffs2: Erase at 0x0001d000 failed immediately: errno -524
[   60.191265][ T6749] jffs2: Erase at 0x0001c000 failed immediately: errno -524
[   60.192239][ T6742] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
[   60.192835][ T6749] jffs2: Erase at 0x0001b000 failed immediately: errno -524
[   60.194373][ T6742] Modules linked in:
[   60.195906][ T6749] jffs2: Erase at 0x0001a000 failed immediately: errno -524
[   60.196692][ T6742] 
[   60.198253][ T6749] jffs2: Erase at 0x00019000 failed immediately: errno -524
[   60.198717][ T6742] CPU: 1 UID: 0 PID: 6742 Comm: jffs2_gcd_mtd0 Tainted: G    B              6.13.0-rc2-syzkaller-00031-g2e7aff49b5da #0
[   60.200192][ T6749] jffs2: Erase at 0x00018000 failed immediately: errno -524
[   60.202751][ T6742] Tainted: [B]=BAD_PAGE
[   60.202760][ T6742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   60.202776][ T6742] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   60.202793][ T6742] pc : mtd_erase+0x98/0x5cc
[   60.202811][ T6742] lr : mtd_erase+0xb4/0x5cc
[   60.202822][ T6742] sp : ffff8000a3d77740
[   60.202833][ T6742] x29: ffff8000a3d77840 x28: dfff800000000000 x27: ffff7000147aeef8
[   60.202855][ T6742] x26: ffff8000a3d777e0 x25: dfff800000000000 x24: ffff0000d8936800
[   60.202874][ T6742] x23: ffff0000d4ddfe00 x22: 1fffe0001b25e510 x21: 0000000000000641
[   60.202893][ T6742] x20: 0000000000000001 x19: 0000000000000001 x18: 1fffe000366c167e
[   60.204612][ T6729] jffs2: Erase at 0x0000c000 failed immediately: errno -524
[   60.205496][ T6742] 
[   60.205502][ T6742] x17: ffff80008f97d000
[   60.207624][ T6729] jffs2: Erase at 0x0000b000 failed immediately: errno -524
[   60.209367][ T6742]  x16: ffff80008b688274
[   60.210308][ T6729] jffs2: Erase at 0x0000a000 failed immediately: errno -524
[   60.211219][ T6742]  x15: 0000000000000001
[   60.211234][ T6742] x14: 00000000ffff8000 x13: 00000000b215c03c x12: ffff8000853fb038
[   60.211253][ T6742] x11: ffff80008f0ed6d2 x10: 0000000000ff0100 x9 : 0000000000000000
[   60.211271][ T6742] x8 : 00000000000000c8 x7 : 0000000000000000 x6 : 000000000000003f
[   60.211288][ T6742] x5 : 0000000000000040 x4 : 0000000000000001 x3 : ffff8000853fb0e0
[   60.211305][ T6742] x2 : 0000000000000000 x1 : 0000000000000008 x0 : 0000000000000000
[   60.211322][ T6742] Call trace:
[   60.211327][ T6742]  mtd_erase+0x98/0x5cc (P)
[   60.212214][ T6729] jffs2: Erase at 0x00009000 failed immediately: errno -524
[   60.213961][ T6742]  mtd_erase+0xb4/0x5cc (L)
[   60.215681][ T6729] jffs2: Erase at 0x00008000 failed immediately: errno -524
[   60.217310][ T6742]  jffs2_erase_pending_blocks+0xa94/0x1fd4
[   60.219009][ T6729] jffs2: Erase at 0x00007000 failed immediately: errno -524
[   60.220508][ T6742]  jffs2_garbage_collect_pass+0x554/0x1a50
[   60.221117][ T6749] jffs2: Erase at 0x00017000 failed immediately: errno -524
[   60.221951][ T6742]  jffs2_garbage_collect_thread+0x410/0x488
[   60.223393][ T6749] jffs2: Erase at 0x00016000 failed immediately: errno -524
[   60.224287][ T6742]  kthread+0x288/0x310
[   60.225801][ T6749] jffs2: Erase at 0x00015000 failed immediately: errno -524
[   60.226688][ T6742]  ret_from_fork+0x10/0x20
[   60.228410][ T6749] jffs2: Erase at 0x00014000 failed immediately: errno -524
[   60.230191][ T6742] Code: 96ca78b4 aa1703f3 91190275 d343fea8 (387c6908) 
[   60.232081][ T6729] jffs2: Erase at 0x00006000 failed immediately: errno -524
[   60.233679][ T6742] ---[ end trace 0000000000000000 ]---
[   60.235450][ T6729] jffs2: Erase at 0x00005000 failed immediately: errno -524
[   60.262028][ T6749] jffs2: Erase at 0x00013000 failed immediately: errno -524
[   60.263676][ T6749] jffs2: Erase at 0x00012000 failed immediately: errno -524
[   60.265250][ T6749] jffs2: Erase at 0x00011000 failed immediately: errno -524
[   60.266815][ T6749] jffs2: Erase at 0x00010000 failed immediately: errno -524
[   60.268339][ T6749] jffs2: Erase at 0x0000f000 failed immediately: errno -524
[   60.269882][ T6749] jffs2: Erase at 0x0000e000 failed immediately: errno -524
[   60.271600][ T6749] jffs2: Erase at 0x0000d000 failed immediately: errno -524
[   60.273287][ T6749] jffs2: Erase at 0x0000c000 failed immediately: errno -524
[   60.274927][ T6749] jffs2: Erase at 0x0000b000 failed immediately: errno -524
[   60.276418][ T6749] jffs2: Erase at 0x0000a000 failed immediately: errno -524
[   60.278105][ T6749] jffs2: Erase at 0x00009000 failed immediately: errno -524
[   60.279829][ T6749] jffs2: Erase at 0x00008000 failed immediately: errno -524
[   60.281451][ T6749] jffs2: Erase at 0x00007000 failed immediately: errno -524
[   60.282975][ T6749] jffs2: Erase at 0x00006000 failed immediately: errno -524
[   60.284773][ T6749] jffs2: Erase at 0x00005000 failed immediately: errno -524
[   60.286295][ T6749] jffs2: Erase at 0x00004000 failed immediately: errno -524
[   60.287747][ T6749] jffs2: Erase at 0x00003000 failed immediately: errno -524
[   60.289066][ T6749] jffs2: Erase at 0x00002000 failed immediately: errno -524
[   60.290631][ T6749] list_del corruption. next->prev should be ffff0000c674a048, but was 02b8036f000019db. (next=ffff0000c674a000)
[   60.293513][ T6749] ------------[ cut here ]------------
[   60.294700][ T6749] kernel BUG at lib/list_debug.c:67!
[   60.603509][ T6742] Kernel panic - not syncing: Oops: Fatal exception
[   60.604986][ T6742] SMP: stopping secondary CPUs
[   61.684833][ T6742] SMP: failed to stop secondary CPUs 0
[   61.686134][ T6742] Kernel Offset: disabled
[   61.687063][ T6742] CPU features: 0x100,00002070,00800250,82017203
[   61.688492][ T6742] Memory Limit: none
[   62.046532][ T6742] Rebooting in 86400 seconds..