Warning: Permanently added '10.128.0.75' (ED25519) to the list of known hosts.
2026/04/17 16:30:46 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 129.201660][ T6215] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 132.803377][ T1329] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.803490][ T1329] ieee802154 phy1 wpan1: encryption failed: -22
[ 133.198722][ T6235] chnl_net:caif_netlink_parms(): no params data found
[ 133.284680][ T6235] bridge0: port 1(bridge_slave_0) entered blocking state
[ 133.284779][ T6235] bridge0: port 1(bridge_slave_0) entered disabled state
[ 133.285052][ T6235] bridge_slave_0: entered allmulticast mode
[ 133.287586][ T6235] bridge_slave_0: entered promiscuous mode
[ 133.290428][ T6235] bridge0: port 2(bridge_slave_1) entered blocking state
[ 133.290599][ T6235] bridge0: port 2(bridge_slave_1) entered disabled state
[ 133.290741][ T6235] bridge_slave_1: entered allmulticast mode
[ 133.294304][ T6235] bridge_slave_1: entered promiscuous mode
[ 133.342118][ T6235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 133.344356][ T6235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 133.494149][ T6235] team0: Port device team_slave_0 added
[ 133.497273][ T6235] team0: Port device team_slave_1 added
[ 133.522365][ T6235] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 133.522380][ T6235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 133.522399][ T6235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 133.523591][ T6235] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 133.523602][ T6235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 133.523621][ T6235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 133.605789][ T6235] hsr_slave_0: entered promiscuous mode
[ 133.606887][ T6235] hsr_slave_1: entered promiscuous mode
[ 135.437822][ T6235] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 135.470782][ T6235] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 135.471783][ T6235] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 135.502845][ T6235] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 135.503809][ T6235] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 135.539875][ T6235] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 135.541165][ T6235] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 135.578329][ T6235] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 135.707293][ T6235] 8021q: adding VLAN 0 to HW filter on device bond0
[ 135.734585][ T6235] 8021q: adding VLAN 0 to HW filter on device team0
[ 135.750794][ T3872] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.750980][ T3872] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 135.764071][ T3872] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.764246][ T3872] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 136.083796][ T6235] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 136.155272][ T6235] veth0_vlan: entered promiscuous mode
[ 136.170315][ T6235] veth1_vlan: entered promiscuous mode
[ 136.215101][ T6235] veth0_macvtap: entered promiscuous mode
[ 136.226954][ T6235] veth1_macvtap: entered promiscuous mode
[ 136.273867][ T6235] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 136.306367][ T6235] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 136.327186][ T3285] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.327478][ T3285] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.328214][ T3285] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 136.328449][ T3285] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 137.080649][ T3872] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 137.471455][ T3872] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 137.486792][ T5122] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 137.542754][ T5122] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 137.549100][ T5122] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 137.556608][ T5122] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 137.567143][ T5122] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 138.183631][ T3872] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 139.662847][ T3872] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 140.675974][ T3872] bridge_slave_1: left allmulticast mode
[ 140.676000][ T3872] bridge_slave_1: left promiscuous mode
[ 140.676180][ T3872] bridge0: port 2(bridge_slave_1) entered disabled state
[ 140.736599][ T3872] bridge_slave_0: left allmulticast mode
[ 140.736619][ T3872] bridge_slave_0: left promiscuous mode
[ 140.736778][ T3872] bridge0: port 1(bridge_slave_0) entered disabled state
[ 141.346275][ T3872] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 141.426226][ T3872] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 141.447563][ T3872] bond0 (unregistering): Released all slaves
[ 141.805806][ T3872] hsr_slave_0: left promiscuous mode
[ 141.846310][ T3872] hsr_slave_1: left promiscuous mode
[ 141.847313][ T3872] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 141.847335][ T3872] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 141.906753][ T3872] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 141.906778][ T3872] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 142.006754][ T3872] veth1_macvtap: left promiscuous mode
[ 142.006813][ T3872] veth0_macvtap: left promiscuous mode
[ 142.006939][ T3872] veth1_vlan: left promiscuous mode
[ 142.007036][ T3872] veth0_vlan: left promiscuous mode
[ 142.656231][ T3872] team0 (unregistering): Port device team_slave_1 removed
[ 142.696244][ T3872] team0 (unregistering): Port device team_slave_0 removed
[ 142.860625][ T5467] 8021q: adding VLAN 0 to HW filter on device eth1
[ 143.854612][ T5467] 8021q: adding VLAN 0 to HW filter on device eth2
[ 144.411554][ T5467] 8021q: adding VLAN 0 to HW filter on device eth3
[ 145.601157][ T5467] 8021q: adding VLAN 0 to HW filter on device eth4
[ 145.603071][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 145.603103][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 145.708965][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 145.708984][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/17 16:31:07 executed programs: 0
[ 146.510278][ T5122] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 146.525877][ T5122] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 146.536851][ T5122] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 146.538342][ T5122] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 146.539049][ T5122] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 146.835470][ T6544] chnl_net:caif_netlink_parms(): no params data found
[ 146.946190][ T6544] bridge0: port 1(bridge_slave_0) entered blocking state
[ 146.946303][ T6544] bridge0: port 1(bridge_slave_0) entered disabled state
[ 146.946397][ T6544] bridge_slave_0: entered allmulticast mode
[ 146.947763][ T6544] bridge_slave_0: entered promiscuous mode
[ 146.949653][ T6544] bridge0: port 2(bridge_slave_1) entered blocking state
[ 146.949791][ T6544] bridge0: port 2(bridge_slave_1) entered disabled state
[ 146.949876][ T6544] bridge_slave_1: entered allmulticast mode
[ 146.951197][ T6544] bridge_slave_1: entered promiscuous mode
[ 146.998261][ T6544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 147.001773][ T6544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 147.052299][ T6544] team0: Port device team_slave_0 added
[ 147.054166][ T6544] team0: Port device team_slave_1 added
[ 147.081426][ T6544] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 147.081437][ T6544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 147.081449][ T6544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 147.082621][ T6544] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 147.082628][ T6544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 147.082643][ T6544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 147.150040][ T6544] hsr_slave_0: entered promiscuous mode
[ 147.151163][ T6544] hsr_slave_1: entered promiscuous mode
[ 148.558367][ T5122] Bluetooth: hci0: command tx timeout
[ 149.972300][ T6544] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 150.013043][ T6544] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 150.017105][ T6544] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 150.059933][ T6544] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 150.060696][ T6544] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 150.091742][ T6544] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 150.092525][ T6544] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 150.129048][ T6544] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 150.287915][ T6544] 8021q: adding VLAN 0 to HW filter on device bond0
[ 150.330492][ T6544] 8021q: adding VLAN 0 to HW filter on device team0
[ 150.351721][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 150.351913][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 150.364942][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 150.365127][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 150.631457][ T6544] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 150.638085][ T5122] Bluetooth: hci0: command tx timeout
[ 150.720840][ T6544] veth0_vlan: entered promiscuous mode
[ 150.737021][ T6544] veth1_vlan: entered promiscuous mode
[ 150.784992][ T6544] veth0_macvtap: entered promiscuous mode
[ 150.796713][ T6544] veth1_macvtap: entered promiscuous mode
[ 150.820171][ T6544] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 150.850640][ T6544] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 150.876225][ T3872] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.877033][ T3872] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.877386][ T3872] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.877423][ T3872] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.316976][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.316996][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 151.418010][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.418030][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/17 16:31:12 executed programs: 2
[ 151.881593][ T6679] loop0: detected capacity change from 0 to 32768
[ 152.454969][ T6685] loop0: detected capacity change from 0 to 32768
[ 152.715677][ T5122] Bluetooth: hci0: command tx timeout
[ 152.854903][ T6687] loop0: detected capacity change from 0 to 32768
[ 153.278415][ T6689] loop0: detected capacity change from 0 to 32768
[ 153.650086][ T6691] loop0: detected capacity change from 0 to 32768
[ 153.981029][ T6693] loop0: detected capacity change from 0 to 32768
[ 154.328097][ T6695] loop0: detected capacity change from 0 to 32768
[ 154.662036][ T6697] loop0: detected capacity change from 0 to 32768
[ 154.795967][ T5122] Bluetooth: hci0: command tx timeout
[ 155.002894][ T6699] loop0: detected capacity change from 0 to 32768
[ 155.336434][ T6701] loop0: detected capacity change from 0 to 32768
2026/04/17 16:31:18 executed programs: 16
[ 157.040318][ T6711] set_capacity_and_notify: 4 callbacks suppressed
[ 157.040335][ T6711] loop0: detected capacity change from 0 to 32768
[ 157.403413][ T6713] loop0: detected capacity change from 0 to 32768
[ 157.745073][ T6715] loop0: detected capacity change from 0 to 32768
[ 158.130117][ T6717] loop0: detected capacity change from 0 to 32768
[ 158.463756][ T6719] loop0: detected capacity change from 0 to 32768
[ 158.801301][ T6721] loop0: detected capacity change from 0 to 32768
[ 159.113356][ T6723] loop0: detected capacity change from 0 to 32768
[ 159.466555][ T6725] loop0: detected capacity change from 0 to 32768
[ 159.821693][ T6727] loop0: detected capacity change from 0 to 32768
[ 160.171573][ T6729] loop0: detected capacity change from 0 to 32768
2026/04/17 16:31:23 executed programs: 31
[ 162.122777][ T6741] set_capacity_and_notify: 5 callbacks suppressed
[ 162.122789][ T6741] loop0: detected capacity change from 0 to 32768
[ 162.420428][ T6743] loop0: detected capacity change from 0 to 32768
[ 162.739256][ T6745] loop0: detected capacity change from 0 to 32768
[ 163.042740][ T6747] loop0: detected capacity change from 0 to 32768
[ 163.355535][ T6749] loop0: detected capacity change from 0 to 32768
[ 163.689289][ T6751] loop0: detected capacity change from 0 to 32768
[ 164.042936][ T6753] loop0: detected capacity change from 0 to 32768
[ 164.377417][ T6755] loop0: detected capacity change from 0 to 32768
[ 164.696098][ T6757] loop0: detected capacity change from 0 to 32768
[ 165.025995][ T6759] loop0: detected capacity change from 0 to 32768
2026/04/17 16:31:28 executed programs: 47
[ 167.350825][ T6773] set_capacity_and_notify: 6 callbacks suppressed
[ 167.350853][ T6773] loop0: detected capacity change from 0 to 32768
[ 167.676767][ T6775] loop0: detected capacity change from 0 to 32768
[ 168.023456][ T6777] loop0: detected capacity change from 0 to 32768
[ 168.342457][ T6779] loop0: detected capacity change from 0 to 32768
[ 168.664024][ T6781] loop0: detected capacity change from 0 to 32768
[ 169.001445][ T6783] loop0: detected capacity change from 0 to 32768
[ 169.311605][ T6785] loop0: detected capacity change from 0 to 32768
[ 169.630440][ T6787] loop0: detected capacity change from 0 to 32768
[ 169.968535][ T6789] loop0: detected capacity change from 0 to 32768
[ 170.306098][ T6791] loop0: detected capacity change from 0 to 32768
[ 172.360321][ C1] ==================================================================
[ 172.360339][ C1] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x40/0x60
[ 172.360392][ C1] Read of size 1 at addr ffff888029ea23a8 by task syz-execprog/6206
[ 172.360411][ C1]
[ 172.360427][ C1] CPU: 1 UID: 0 PID: 6206 Comm: syz-execprog Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 172.360450][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 172.360468][ C1] Call Trace:
[ 172.360479][ C1]
[ 172.360487][ C1] dump_stack_lvl+0xe8/0x150
[ 172.360519][ C1] print_address_description+0x55/0x1e0
[ 172.360550][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.360579][ C1] print_report+0x58/0x70
[ 172.360607][ C1] kasan_report+0x117/0x150
[ 172.360636][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.360669][ C1] ? rt_spin_lock+0x157/0x400
[ 172.360693][ C1] __kasan_check_byte+0x2a/0x40
[ 172.360720][ C1] lock_acquire+0x84/0x350
[ 172.360745][ C1] ? rcu_is_watching+0x15/0xb0
[ 172.360772][ C1] _raw_spin_lock_irqsave+0x40/0x60
[ 172.360802][ C1] ? rt_spin_lock+0x157/0x400
[ 172.360824][ C1] rt_spin_lock+0x157/0x400
[ 172.360850][ C1] ? __pfx_rt_spin_lock+0x10/0x10
[ 172.360878][ C1] __wake_up_common_lock+0x2f/0x1e0
[ 172.360900][ C1] blk_update_request+0x57e/0xe60
[ 172.360929][ C1] blk_mq_end_request+0x3e/0x70
[ 172.360951][ C1] blk_done_softirq+0x10a/0x160
[ 172.360973][ C1] handle_softirqs+0x1de/0x6d0
[ 172.361006][ C1] __local_bh_enable_ip+0x170/0x2b0
[ 172.361037][ C1] tcp_recvmsg+0xdb/0x530
[ 172.361070][ C1] ? __pfx_tcp_recvmsg+0x10/0x10
[ 172.361101][ C1] ? inet6_recvmsg+0xb4/0x490
[ 172.361120][ C1] ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 172.361155][ C1] ? security_socket_recvmsg+0x7e/0x2c0
[ 172.361180][ C1] ? __pfx_inet6_recvmsg+0x10/0x10
[ 172.361202][ C1] sock_recvmsg+0xfa/0x1b0
[ 172.361224][ C1] sock_read_iter+0x25a/0x330
[ 172.361256][ C1] ? __pfx_sock_read_iter+0x10/0x10
[ 172.361293][ C1] vfs_read+0x58b/0xa80
[ 172.361323][ C1] ? __pfx_vfs_read+0x10/0x10
[ 172.361351][ C1] ? __fget_files+0x2a/0x420
[ 172.361377][ C1] ksys_read+0x156/0x270
[ 172.361404][ C1] ? __pfx_ksys_read+0x10/0x10
[ 172.361433][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.361454][ C1] do_syscall_64+0x15f/0xf80
[ 172.361474][ C1] ? clear_bhb_loop+0x40/0x90
[ 172.361496][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.361515][ C1] RIP: 0033:0x40d3ce
[ 172.361538][ C1] Code: ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 89 f2 48 89 fa 48 89 ce 48 89 df 0f 05 <48> 3d 01 f0 ff ff 76 15 48 f7 d8 48 89 c1 48 c7 c0 ff ff ff ff 48
[ 172.361555][ C1] RSP: 002b:00002b0cf6eef3d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[ 172.361585][ C1] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000040d3ce
[ 172.361600][ C1] RDX: 0000000001e71274 RSI: 00002b0cf7180000 RDI: 0000000000000006
[ 172.361614][ C1] RBP: 00002b0cf6eef418 R08: 0000000000000000 R09: 0000000000000000
[ 172.361627][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffed587ed60
[ 172.361641][ C1] R13: 0000000000000001 R14: 00002b0cf6d672c0 R15: 0000000000000001
[ 172.361662][ C1]
[ 172.361669][ C1]
[ 172.361678][ C1] Allocated by task 6803:
[ 172.361687][ C1] kasan_save_track+0x3e/0x80
[ 172.361711][ C1] __kasan_kmalloc+0x93/0xb0
[ 172.361735][ C1] __kmalloc_cache_noprof+0x3a6/0x690
[ 172.361761][ C1] lmLogOpen+0x2d1/0xfa0
[ 172.361786][ C1] jfs_mount_rw+0xee/0x670
[ 172.361809][ C1] jfs_fill_super+0x754/0xd80
[ 172.361827][ C1] get_tree_bdev_flags+0x431/0x4f0
[ 172.361854][ C1] vfs_get_tree+0x92/0x2a0
[ 172.361879][ C1] do_new_mount+0x341/0xd30
[ 172.361897][ C1] __se_sys_mount+0x31d/0x420
[ 172.361914][ C1] do_syscall_64+0x15f/0xf80
[ 172.361927][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.361945][ C1]
[ 172.361949][ C1] Freed by task 6544:
[ 172.361958][ C1] kasan_save_track+0x3e/0x80
[ 172.361980][ C1] kasan_save_free_info+0x46/0x50
[ 172.361999][ C1] __kasan_slab_free+0x5c/0x80
[ 172.362023][ C1] kfree+0x1c5/0x6c0
[ 172.362045][ C1] lmLogClose+0x297/0x520
[ 172.362071][ C1] jfs_umount+0x2fb/0x3d0
[ 172.362095][ C1] jfs_put_super+0x8c/0x190
[ 172.362113][ C1] generic_shutdown_super+0x13d/0x2d0
[ 172.362150][ C1] kill_block_super+0x44/0x90
[ 172.362175][ C1] deactivate_locked_super+0xbc/0x130
[ 172.362197][ C1] cleanup_mnt+0x437/0x4d0
[ 172.362221][ C1] task_work_run+0x1d9/0x270
[ 172.362243][ C1] exit_to_user_mode_loop+0xed/0x480
[ 172.362261][ C1] do_syscall_64+0x33e/0xf80
[ 172.362278][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.362296][ C1]
[ 172.362301][ C1] The buggy address belongs to the object at ffff888029ea2000
[ 172.362301][ C1] which belongs to the cache kmalloc-2k of size 2048
[ 172.362318][ C1] The buggy address is located 936 bytes inside of
[ 172.362318][ C1] freed 2048-byte region [ffff888029ea2000, ffff888029ea2800)
[ 172.362339][ C1]
[ 172.362343][ C1] The buggy address belongs to the physical page:
[ 172.362361][ C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888029ea1000 pfn:0x29ea0
[ 172.362382][ C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 172.362399][ C1] flags: 0x80000000000240(workingset|head|node=0|zone=1)
[ 172.362421][ C1] page_type: f5(slab)
[ 172.362440][ C1] raw: 0080000000000240 ffff88801a01f000 ffffea0000e8dc10 ffffea0000cb5810
[ 172.362459][ C1] raw: ffff888029ea1000 0000000800080006 00000000f5000000 0000000000000000
[ 172.362477][ C1] head: 0080000000000240 ffff88801a01f000 ffffea0000e8dc10 ffffea0000cb5810
[ 172.362495][ C1] head: ffff888029ea1000 0000000800080006 00000000f5000000 0000000000000000
[ 172.362513][ C1] head: 0080000000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[ 172.362529][ C1] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 172.362540][ C1] page dumped because: kasan: bad access detected
[ 172.362553][ C1] page_owner tracks the page as allocated
[ 172.362560][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3872, tgid 3872 (kworker/u8:15), ts 89329858437, free_ts 89297441219
[ 172.362599][ C1] post_alloc_hook+0x231/0x280
[ 172.362627][ C1] get_page_from_freelist+0x27c8/0x2840
[ 172.362644][ C1] __alloc_frozen_pages_noprof+0x18d/0x380
[ 172.362662][ C1] allocate_slab+0x77/0x660
[ 172.362682][ C1] refill_objects+0x33c/0x3d0
[ 172.362699][ C1] __pcs_replace_empty_main+0x373/0x720
[ 172.362720][ C1] __kmalloc_node_track_caller_noprof+0x60b/0x7e0
[ 172.362747][ C1] pskb_expand_head+0x230/0x1390
[ 172.362775][ C1] netlink_trim+0x1b3/0x2c0
[ 172.362793][ C1] netlink_broadcast_filtered+0x80/0xea0
[ 172.362813][ C1] nlmsg_notify+0xf0/0x1a0
[ 172.362834][ C1] netif_state_change+0x297/0x3a0
[ 172.362854][ C1] __linkwatch_run_queue+0x575/0x850
[ 172.362880][ C1] linkwatch_event+0x4c/0x60
[ 172.362904][ C1] process_scheduled_works+0xb5d/0x1860
[ 172.362930][ C1] worker_thread+0xa53/0xfc0
[ 172.362957][ C1] page last free pid 5861 tgid 5861 stack trace:
[ 172.362968][ C1] __free_frozen_pages+0xfa6/0x10f0
[ 172.362994][ C1] __slab_free+0x252/0x2a0
[ 172.363020][ C1] qlist_free_all+0x99/0x100
[ 172.363042][ C1] kasan_quarantine_reduce+0x148/0x160
[ 172.363065][ C1] __kasan_slab_alloc+0x22/0x80
[ 172.363088][ C1] kmem_cache_alloc_lru_noprof+0x33c/0x680
[ 172.363113][ C1] sock_alloc_inode+0x2c/0x190
[ 172.363131][ C1] alloc_inode+0x6a/0x1b0
[ 172.363155][ C1] __sock_create+0x12d/0x9d0
[ 172.363173][ C1] __sys_socket+0xd6/0x1b0
[ 172.363192][ C1] __x64_sys_socket+0x7a/0x90
[ 172.363211][ C1] do_syscall_64+0x15f/0xf80
[ 172.363227][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.363245][ C1]
[ 172.363249][ C1] Memory state around the buggy address:
[ 172.363260][ C1] ffff888029ea2280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 172.363273][ C1] ffff888029ea2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 172.363286][ C1] >ffff888029ea2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 172.363296][ C1] ^
[ 172.363306][ C1] ffff888029ea2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 172.363320][ C1] ffff888029ea2480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 172.363331][ C1] ==================================================================
[ 172.363350][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 172.363366][ C1] CPU: 1 UID: 0 PID: 6206 Comm: syz-execprog Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 172.363390][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 172.363402][ C1] Call Trace:
[ 172.363409][ C1]
[ 172.363417][ C1] vpanic+0x56c/0xa60
[ 172.363438][ C1] ? __pfx_vpanic+0x10/0x10
[ 172.363461][ C1] panic+0xc5/0xd0
[ 172.363479][ C1] ? __pfx_panic+0x10/0x10
[ 172.363499][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.363529][ C1] ? rcu_is_watching+0x15/0xb0
[ 172.363556][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.363587][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.363617][ C1] check_panic_on_warn+0x89/0xb0
[ 172.363641][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.363671][ C1] end_report+0x73/0x170
[ 172.363698][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.363727][ C1] kasan_report+0x128/0x150
[ 172.363755][ C1] ? _raw_spin_lock_irqsave+0x40/0x60
[ 172.363789][ C1] ? rt_spin_lock+0x157/0x400
[ 172.363813][ C1] __kasan_check_byte+0x2a/0x40
[ 172.363842][ C1] lock_acquire+0x84/0x350
[ 172.363867][ C1] ? rcu_is_watching+0x15/0xb0
[ 172.363890][ C1] _raw_spin_lock_irqsave+0x40/0x60
[ 172.363920][ C1] ? rt_spin_lock+0x157/0x400
[ 172.363944][ C1] rt_spin_lock+0x157/0x400
[ 172.363970][ C1] ? __pfx_rt_spin_lock+0x10/0x10
[ 172.364000][ C1] __wake_up_common_lock+0x2f/0x1e0
[ 172.364024][ C1] blk_update_request+0x57e/0xe60
[ 172.364054][ C1] blk_mq_end_request+0x3e/0x70
[ 172.364077][ C1] blk_done_softirq+0x10a/0x160
[ 172.364099][ C1] handle_softirqs+0x1de/0x6d0
[ 172.364131][ C1] __local_bh_enable_ip+0x170/0x2b0
[ 172.364167][ C1] tcp_recvmsg+0xdb/0x530
[ 172.364199][ C1] ? __pfx_tcp_recvmsg+0x10/0x10
[ 172.364230][ C1] ? inet6_recvmsg+0xb4/0x490
[ 172.364251][ C1] ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 172.364278][ C1] ? security_socket_recvmsg+0x7e/0x2c0
[ 172.364303][ C1] ? __pfx_inet6_recvmsg+0x10/0x10
[ 172.364320][ C1] sock_recvmsg+0xfa/0x1b0
[ 172.364342][ C1] sock_read_iter+0x25a/0x330
[ 172.364374][ C1] ? __pfx_sock_read_iter+0x10/0x10
[ 172.364414][ C1] vfs_read+0x58b/0xa80
[ 172.364444][ C1] ? __pfx_vfs_read+0x10/0x10
[ 172.364474][ C1] ? __fget_files+0x2a/0x420
[ 172.364500][ C1] ksys_read+0x156/0x270
[ 172.364526][ C1] ? __pfx_ksys_read+0x10/0x10
[ 172.364556][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.364576][ C1] do_syscall_64+0x15f/0xf80
[ 172.364595][ C1] ? clear_bhb_loop+0x40/0x90
[ 172.364619][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.364638][ C1] RIP: 0033:0x40d3ce
[ 172.364655][ C1] Code: ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 89 f2 48 89 fa 48 89 ce 48 89 df 0f 05 <48> 3d 01 f0 ff ff 76 15 48 f7 d8 48 89 c1 48 c7 c0 ff ff ff ff 48
[ 172.364672][ C1] RSP: 002b:00002b0cf6eef3d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[ 172.364692][ C1] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000040d3ce
[ 172.364706][ C1] RDX: 0000000001e71274 RSI: 00002b0cf7180000 RDI: 0000000000000006
[ 172.364719][ C1] RBP: 00002b0cf6eef418 R08: 0000000000000000 R09: 0000000000000000
[ 172.364731][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffed587ed60
[ 172.364745][ C1] R13: 0000000000000001 R14: 00002b0cf6d672c0 R15: 0000000000000001
[ 172.364765][ C1]
[ 172.365232][ C1] Kernel Offset: disabled