[   54.829849][  T136] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.958511][  T136] device veth1_macvtap left promiscuous mode
[   54.959378][  T136] device veth0_macvtap left promiscuous mode
[   54.960230][  T136] device veth1_vlan left promiscuous mode
[   54.961101][  T136] device veth0_vlan left promiscuous mode
[   55.043658][  T136] team0 (unregistering): Port device team_slave_1 removed
[   55.047291][  T136] team0 (unregistering): Port device team_slave_0 removed
[   55.052234][  T136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   55.092219][  T136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   55.182238][  T136] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.0.49' (ED25519) to the list of known hosts.
1970/01/01 00:01:03 ignoring optional flag "type"="gce"
1970/01/01 00:01:03 parsed 1 programs
[   64.707895][ T4391] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   66.297929][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.299375][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.300883][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.306714][ T1859] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.308006][ T1859] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.311231][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   66.490860][ T4560] chnl_net:caif_netlink_parms(): no params data found
[   66.507718][ T4560] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.509141][ T4560] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.511179][ T4560] device bridge_slave_0 entered promiscuous mode
[   66.513344][ T4560] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.514562][ T4560] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.516034][ T4560] device bridge_slave_1 entered promiscuous mode
[   66.526656][ T4560] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.529610][ T4560] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.537011][ T4560] team0: Port device team_slave_0 added
[   66.539065][ T4560] team0: Port device team_slave_1 added
[   66.545845][ T4560] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.546962][ T4560] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.551641][ T4560] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.554117][ T4560] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.555258][ T4560] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.559717][ T4560] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.609430][ T4560] device hsr_slave_0 entered promiscuous mode
[   66.648667][ T4560] device hsr_slave_1 entered promiscuous mode
[   67.256632][ T4560] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   67.290353][ T4560] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   67.359850][ T4560] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   67.379485][ T4560] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   67.434540][ T4560] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.435812][ T4560] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.437201][ T4560] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.438440][ T4560] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.440911][ T1859] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.442735][ T1859] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.472074][ T4560] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.476166][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   67.477763][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.481517][ T4560] 8021q: adding VLAN 0 to HW filter on device team0
[   67.484038][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   67.485695][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   67.487187][ T1859] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.488450][ T1859] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.492998][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   67.494465][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   67.495868][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.497121][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.502526][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   67.505005][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   67.508670][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   67.511145][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   67.514830][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   67.516520][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   67.518226][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   67.523684][ T4560] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   67.525230][ T4560] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   67.527908][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   67.531059][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   67.532966][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   67.534531][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   67.549496][ T1859] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   67.612488][ T4560] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.619539][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   67.620828][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   67.622213][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   67.623947][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   67.629911][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   67.631478][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.633129][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   67.634609][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   67.637222][ T4560] device veth0_vlan entered promiscuous mode
[   67.640748][ T4560] device veth1_vlan entered promiscuous mode
[   67.647914][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   67.650125][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   67.651568][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   67.653079][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   67.660085][ T4560] device veth0_macvtap entered promiscuous mode
[   67.662940][ T4560] device veth1_macvtap entered promiscuous mode
[   67.668044][ T4560] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.671041][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   67.672563][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   67.674098][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   67.675743][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   67.708705][ T4560] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.710011][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   67.711645][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   67.714123][ T4560] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.715634][ T4560] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.717131][ T4560] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.719043][ T4560] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
1970/01/01 00:01:07 executed programs: 0
[   67.844466][ T4694] chnl_net:caif_netlink_parms(): no params data found
[   67.862474][ T4694] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.863654][ T4694] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.866243][ T4694] device bridge_slave_0 entered promiscuous mode
[   67.868178][ T4694] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.870240][ T4694] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.871789][ T4694] device bridge_slave_1 entered promiscuous mode
[   67.881102][ T4694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.883579][ T4694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.894630][ T4694] team0: Port device team_slave_0 added
[   67.896394][ T4694] team0: Port device team_slave_1 added
[   67.903178][ T4694] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.904343][ T4694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.909066][ T4694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.912597][ T4694] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.913825][ T4694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.918188][ T4694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.951239][ T4694] device hsr_slave_0 entered promiscuous mode
[   67.988646][ T4694] device hsr_slave_1 entered promiscuous mode
[   68.018757][ T4694] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   68.019959][ T4694] Cannot create hsr debugfs directory
[   68.047140][ T4694] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.620062][ T1968] cfg80211: failed to load regulatory.db
[   69.621807][ T2063] ieee802154 phy0 wpan0: encryption failed: -22
[   69.622949][ T2063] ieee802154 phy1 wpan1: encryption failed: -22
[   69.858562][ T4168] Bluetooth: hci0: command 0x0409 tx timeout
[   70.541961][ T4694] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.948824][ T4168] Bluetooth: hci0: command 0x041b tx timeout
[   72.881281][ T4694] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.953192][ T4694] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.417641][ T4694] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   73.450177][ T4694] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   73.494400][ T4694] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   73.529851][ T4694] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   73.581620][ T4694] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.585274][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   73.586861][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   73.589613][ T4694] 8021q: adding VLAN 0 to HW filter on device team0
[   73.592064][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   73.593707][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   73.595275][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.596406][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.597923][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   73.600778][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   73.602315][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   73.603821][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.604915][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.607299][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   73.613309][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   73.616367][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   73.618167][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   73.620157][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   73.622756][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   73.624297][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   73.626889][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   73.629463][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   73.632241][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   73.633757][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   73.636087][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   73.673401][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   73.674819][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   73.677835][ T4694] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.686371][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   73.688167][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.696545][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   73.698157][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.699921][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.701440][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.703699][ T4694] device veth0_vlan entered promiscuous mode
[   73.706952][ T4694] device veth1_vlan entered promiscuous mode
[   73.714534][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   73.715972][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   73.717704][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   73.721055][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.723509][ T4694] device veth0_macvtap entered promiscuous mode
[   73.725708][ T4694] device veth1_macvtap entered promiscuous mode
[   73.733655][ T4694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.735465][ T4694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.737619][ T4694] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.739871][ T4694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.741534][ T4694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.743706][ T4694] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.745000][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   73.746578][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   73.747976][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   73.749630][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   73.751286][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   73.752855][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   73.755467][ T4694] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.756840][ T4694] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.758973][ T4694] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.760406][ T4694] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.784868][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.786157][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.787533][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   73.794475][  T367] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.795725][  T367] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.797064][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:13 executed programs: 2
[   73.913250][ T4930] loop0: detected capacity change from 0 to 32768
[   73.980971][ T4930] ERROR: (device loop0): dbAlloc: the hint is outside the map
[   73.980971][ T4930] 
[   73.983035][ T4930] ERROR: (device loop0): remounting filesystem as read-only
[   73.984648][ T4930] BUG: Bad page state in process syz.0.15  pfn:111b3c
[   73.985925][ T4930] page:000000000d307409 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2f pfn:0x111b3c
[   73.987592][ T4930] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   73.989577][ T4930] raw: 05ffc00000002006 fffffc0003a74d08 ffff80001f6e7720 0000000000000000
[   73.990876][ T4930] raw: 000000000000002f ffff0000d6a03e88 00000000ffffffff 0000000000000000
[   73.992243][ T4930] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   73.993765][ T4930] Modules linked in:
[   73.994672][ T4930] CPU: 0 PID: 4930 Comm: syz.0.15 Not tainted syzkaller #0
[   73.995829][ T4930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   73.997503][ T4930] Call trace:
[   73.998048][ T4930]  dump_backtrace+0x0/0x458
[   73.998816][ T4930]  show_stack+0x2c/0x3c
[   73.999519][ T4930]  __dump_stack+0x30/0x40
[   74.000228][ T4930]  dump_stack_lvl+0xf4/0x15c
[   74.000986][ T4930]  dump_stack+0x1c/0x5c
[   74.001686][ T4930]  bad_page+0x188/0x1a8
[   74.002334][ T4930]  check_free_page_bad+0xf4/0x16c
[   74.003158][ T4930]  free_unref_page_prepare+0x738/0xa84
[   74.004081][ T4930]  free_unref_page_list+0xdc/0x730
[   74.004902][ T4930]  release_pages+0x13bc/0x16dc
[   74.005708][ T4930]  __pagevec_release+0x84/0xf8
[   74.006535][ T4930]  truncate_inode_pages_range+0x2c8/0xa04
[   74.007511][ T4930]  truncate_inode_pages+0x2c/0x3c
[   74.008385][ T4930]  jfs_remount+0x284/0x490
[   74.009171][ T4930]  legacy_reconfigure+0xf8/0x110
[   74.010010][ T4930]  reconfigure_super+0x1d4/0x6f4
[   74.010841][ T4930]  vfs_fsconfig_locked+0x164/0x374
[   74.011699][ T4930]  __arm64_sys_fsconfig+0x634/0x784
[   74.012577][ T4930]  invoke_syscall+0x98/0x2b0
[   74.013316][ T4930]  el0_svc_common+0x138/0x258
[   74.014038][ T4930]  do_el0_svc+0x58/0x13c
[   74.014716][ T4930]  el0_svc+0x78/0x1d0
[   74.015378][ T4930]  el0t_64_sync_handler+0xcc/0xe4
[   74.016239][ T4930]  el0t_64_sync+0x1a0/0x1a4
[   74.017453][ T4930] Disabling lock debugging due to kernel taint
[   74.018600][ T4930] BUG: Bad page state in process syz.0.15  pfn:129d34
[   74.018610][ T4171] Bluetooth: hci0: command 0x040f tx timeout
[   74.019708][ T4930] page:000000003041d583 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2e pfn:0x129d34
[   74.022332][ T4930] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   74.023928][ T4930] raw: 05ffc00000002006 fffffc0003398208 ffff80001f6e7720 0000000000000000
[   74.025418][ T4930] raw: 000000000000002e ffff0000d6a03d90 00000000ffffffff 0000000000000000
[   74.026941][ T4930] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   74.028274][ T4930] Modules linked in:
[   74.030040][ T4930] CPU: 0 PID: 4930 Comm: syz.0.15 Tainted: G    B             syzkaller #0
[   74.031487][ T4930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   74.033208][ T4930] Call trace:
[   74.033757][ T4930]  dump_backtrace+0x0/0x458
[   74.034444][ T4930]  show_stack+0x2c/0x3c
[   74.035170][ T4930]  __dump_stack+0x30/0x40
[   74.035938][ T4930]  dump_stack_lvl+0xf4/0x15c
[   74.036777][ T4930]  dump_stack+0x1c/0x5c
[   74.037483][ T4930]  bad_page+0x188/0x1a8
[   74.038172][ T4930]  check_free_page_bad+0xf4/0x16c
[   74.038990][ T4930]  free_unref_page_prepare+0x738/0xa84
[   74.039876][ T4930]  free_unref_page_list+0xdc/0x730
[   74.040679][ T4930]  release_pages+0x13bc/0x16dc
[   74.041528][ T4930]  __pagevec_release+0x84/0xf8
[   74.042383][ T4930]  truncate_inode_pages_range+0x2c8/0xa04
[   74.043427][ T4930]  truncate_inode_pages+0x2c/0x3c
[   74.044298][ T4930]  jfs_remount+0x284/0x490
[   74.045062][ T4930]  legacy_reconfigure+0xf8/0x110
[   74.045917][ T4930]  reconfigure_super+0x1d4/0x6f4
[   74.046773][ T4930]  vfs_fsconfig_locked+0x164/0x374
[   74.047656][ T4930]  __arm64_sys_fsconfig+0x634/0x784
[   74.048529][ T4930]  invoke_syscall+0x98/0x2b0
[   74.049307][ T4930]  el0_svc_common+0x138/0x258
[   74.050176][ T4930]  do_el0_svc+0x58/0x13c
[   74.050904][ T4930]  el0_svc+0x78/0x1d0
[   74.051585][ T4930]  el0t_64_sync_handler+0xcc/0xe4
[   74.052443][ T4930]  el0t_64_sync+0x1a0/0x1a4
[   74.054435][ T4930] BUG: Bad page state in process syz.0.15  pfn:10e608
[   74.055624][ T4930] page:000000005fd19f1e refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x10e608
[   74.057463][ T4930] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   74.059132][ T4930] raw: 05ffc00000002006 fffffc0003328388 ffff80001f6e7720 0000000000000000
[   74.060485][ T4930] raw: 000000000000002d ffff0000d6a03c98 00000000ffffffff 0000000000000000
[   74.061820][ T4930] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   74.063034][ T4930] Modules linked in:
[   74.063659][ T4930] CPU: 0 PID: 4930 Comm: syz.0.15 Tainted: G    B             syzkaller #0
[   74.065059][ T4930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   74.066764][ T4930] Call trace:
[   74.067298][ T4930]  dump_backtrace+0x0/0x458
[   74.068062][ T4930]  show_stack+0x2c/0x3c
[   74.068760][ T4930]  __dump_stack+0x30/0x40
[   74.069497][ T4930]  dump_stack_lvl+0xf4/0x15c
[   74.070258][ T4930]  dump_stack+0x1c/0x5c
[   74.070957][ T4930]  bad_page+0x188/0x1a8
[   74.071678][ T4930]  check_free_page_bad+0xf4/0x16c
[   74.072508][ T4930]  free_unref_page_prepare+0x738/0xa84
[   74.073430][ T4930]  free_unref_page_list+0xdc/0x730
[   74.074278][ T4930]  release_pages+0x13bc/0x16dc
[   74.075043][ T4930]  __pagevec_release+0x84/0xf8
[   74.075860][ T4930]  truncate_inode_pages_range+0x2c8/0xa04
[   74.076828][ T4930]  truncate_inode_pages+0x2c/0x3c
[   74.077629][ T4930]  jfs_remount+0x284/0x490
[   74.078418][ T4930]  legacy_reconfigure+0xf8/0x110
[   74.079266][ T4930]  reconfigure_super+0x1d4/0x6f4
[   74.080085][ T4930]  vfs_fsconfig_locked+0x164/0x374
[   74.080962][ T4930]  __arm64_sys_fsconfig+0x634/0x784
[   74.081848][ T4930]  invoke_syscall+0x98/0x2b0
[   74.082643][ T4930]  el0_svc_common+0x138/0x258
[   74.083411][ T4930]  do_el0_svc+0x58/0x13c
[   74.084081][ T4930]  el0_svc+0x78/0x1d0
[   74.084703][ T4930]  el0t_64_sync_handler+0xcc/0xe4
[   74.085497][ T4930]  el0t_64_sync+0x1a0/0x1a4
[   74.089377][  T136] read_mapping_page failed!
[   74.090107][  T136] ERROR: (device loop0): txAbort: 
[   74.090107][  T136] 
[   74.091334][  T136] ERROR: (device loop0): remounting filesystem as read-only
[   74.092541][  T136] jfs_write_inode: jfs_commit_inode failed!
[   74.093691][  T248] BUG: Bad page state in process jfsCommit  pfn:10257d
[   74.094780][  T248] page:000000007797599f refcount:0 mapcount:0 mapping:0000000000000000 index:0x2c pfn:0x10257d
[   74.096526][  T248] flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   74.098080][  T248] raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
[   74.099798][  T248] raw: 000000000000002c ffff0000d6a03ba0 00000000ffffffff 0000000000000000
[   74.101287][  T248] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   74.102431][  T248] Modules linked in:
[   74.103100][  T248] CPU: 0 PID: 248 Comm: jfsCommit Tainted: G    B             syzkaller #0
[   74.104518][  T248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   74.106197][  T248] Call trace:
[   74.106753][  T248]  dump_backtrace+0x0/0x458
[   74.107538][  T248]  show_stack+0x2c/0x3c
[   74.108230][  T248]  __dump_stack+0x30/0x40
[   74.108986][  T248]  dump_stack_lvl+0xf4/0x15c
[   74.109758][  T248]  dump_stack+0x1c/0x5c
[   74.110477][  T248]  bad_page+0x188/0x1a8
[   74.111140][  T248]  check_free_page_bad+0xf4/0x16c
[   74.112015][  T248]  free_unref_page_prepare+0x738/0xa84
[   74.112867][  T248]  free_unref_page+0x78/0x1f8
[   74.113591][  T248]  __put_page+0xf8/0x130
[   74.114283][  T248]  _metapage_homeok+0x138/0x27c
[   74.115123][  T248]  txUnlock+0x220/0xb78
[   74.115871][  T248]  jfs_lazycommit+0x44c/0x9b0
[   74.116680][  T248]  kthread+0x374/0x454
[   74.117367][  T248]  ret_from_fork+0x10/0x20
[   74.118169][  T248] page:000000007797599f refcount:0 mapcount:0 mapping:0000000000000000 index:0x2c pfn:0x10257d
[   74.119924][  T248] flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   74.121404][  T248] raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
[   74.122858][  T248] raw: 000000000000002c ffff0000d6a03ba0 00000000ffffffff 0000000000000000
[   74.124239][  T248] page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u <= 127u))
[   74.125916][  T248] ------------[ cut here ]------------
[   74.126772][  T248] kernel BUG at include/linux/mm.h:1224!
[   74.127729][  T248] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
[   74.129053][  T248] Modules linked in:
[   74.129734][  T248] CPU: 0 PID: 248 Comm: jfsCommit Tainted: G    B             syzkaller #0
[   74.131209][  T248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   74.132899][  T248] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[   74.134268][  T248] pc : put_metapage+0x280/0x2d4
[   74.135072][  T248] lr : put_metapage+0x280/0x2d4
[   74.135892][  T248] sp : ffff80001f087bc0
[   74.136604][  T248] x29: ffff80001f087bc0 x28: ffff80001b03acb8 x27: 1fffe0001ad40779
[   74.137919][  T248] x26: 1fffe0001ad40786 x25: dfff800000000000 x24: 000000000000007f
[   74.139292][  T248] x23: fffffc0003095f74 x22: fffffc0003095f40 x21: ffff0000d6a03bc8
[   74.140726][  T248] x20: ffff0000d6a03c30 x19: ffff0000d6a03ba0 x18: 0000000000000001
[   74.142130][  T248] x17: 0000000000000000 x16: ffff80001125f77c x15: 00000000ffffffff
[   74.143522][  T248] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100
[   74.144896][  T248] x11: 0000000000000000 x10: 0000000000000000 x9 : 7b9ad08399a00b00
[   74.146249][  T248] x8 : 7b9ad08399a00b00 x7 : 0000000000000000 x6 : 0000000000000001
[   74.147499][  T248] x5 : ffff80001f0871f8 x4 : 000000000000000c x3 : 0000000000000030
[   74.148854][  T248] x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff700003e10f24
[   74.150238][  T248] Call trace:
[   74.150792][  T248]  put_metapage+0x280/0x2d4
[   74.151607][  T248]  txUnlock+0x398/0xb78
[   74.152305][  T248]  jfs_lazycommit+0x44c/0x9b0
[   74.153054][  T248]  kthread+0x374/0x454
[   74.153752][  T248]  ret_from_fork+0x10/0x20
[   74.154536][  T248] Code: 9003f981 91328021 aa1603e0 97bd7118 (d4210000) 
[   74.155740][  T248] ---[ end trace 4a2764cee247caaa ]---
[   74.380820][  T248] Kernel panic - not syncing: Oops - BUG: Fatal exception
[   74.381907][  T248] SMP: stopping secondary CPUs
[   74.382626][  T248] Kernel Offset: disabled
[   74.383294][  T248] CPU features: 0x8,000003c1,7d33ffd9
[   74.384081][  T248] Memory Limit: none
[   74.604308][  T248] Rebooting in 86400 seconds..