Warning: Permanently added '10.128.1.10' (ED25519) to the list of known hosts.
1970/01/01 00:01:22 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:22 ignoring optional flag "type"="gce"
1970/01/01 00:01:23 parsed 1 programs
[   85.729172][ T4464] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   92.985376][ T4497] chnl_net:caif_netlink_parms(): no params data found
[   93.023239][ T4497] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.025377][ T4497] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.027936][ T4497] device bridge_slave_0 entered promiscuous mode
[   93.032171][ T4497] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.034161][ T4497] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.036765][ T4497] device bridge_slave_1 entered promiscuous mode
[   93.052249][ T4497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.058952][ T4497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.075336][ T4497] team0: Port device team_slave_0 added
[   93.078571][ T4497] team0: Port device team_slave_1 added
[   93.091738][ T4497] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.093650][ T4497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.102078][ T4497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.108165][ T4497] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.110451][ T4497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.117374][ T4497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.181971][ T4497] device hsr_slave_0 entered promiscuous mode
[   93.240372][ T4497] device hsr_slave_1 entered promiscuous mode
[   94.001208][ T4497] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.037029][ T4497] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.081740][ T4497] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.111860][ T4497] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.232725][ T4497] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.251489][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   94.254151][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   94.258510][ T4497] 8021q: adding VLAN 0 to HW filter on device team0
[   94.263400][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.266138][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   94.270566][  T148] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.272493][  T148] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.282589][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   94.292562][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   94.295297][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   94.298870][  T148] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.300854][  T148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.323245][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   94.326208][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   94.329006][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   94.334438][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   94.337195][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   94.340387][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   94.344023][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   94.348050][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   94.352368][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   94.360814][ T4497] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   94.364138][ T4497] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   94.369822][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   94.375515][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   94.504513][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   94.506626][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   94.518031][ T4497] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.531828][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   94.534684][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.547543][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   94.551046][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   94.553821][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   94.556207][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   94.560418][ T4497] device veth0_vlan entered promiscuous mode
[   94.566029][ T4497] device veth1_vlan entered promiscuous mode
[   94.597213][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   94.599803][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   94.603379][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   94.611642][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.624103][ T4497] device veth0_macvtap entered promiscuous mode
[   94.628275][ T4497] device veth1_macvtap entered promiscuous mode
[   94.649288][ T4497] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.651499][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   94.654090][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   94.656584][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   94.671309][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.676408][ T4497] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.678442][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   94.681676][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.691328][ T4497] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.693724][ T4497] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.696034][ T4497] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.698372][ T4497] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.886560][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.888906][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.901612][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   94.904307][  T340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.906712][  T340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.909639][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:35 executed programs: 0
[   95.878427][ T4662] chnl_net:caif_netlink_parms(): no params data found
[   95.917491][ T4662] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.919465][ T4662] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.925355][ T4662] device bridge_slave_0 entered promiscuous mode
[   95.928999][ T4662] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.931265][ T4662] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.933849][ T4662] device bridge_slave_1 entered promiscuous mode
[   95.953271][ T4662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.959505][ T4662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.980737][ T4662] team0: Port device team_slave_0 added
[   95.984115][ T4662] team0: Port device team_slave_1 added
[   95.997578][ T4662] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.999537][ T4662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.009574][ T4662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.025215][ T4662] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.027133][ T4662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.034808][ T4662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.092088][ T4662] device hsr_slave_0 entered promiscuous mode
[   96.140494][ T4662] device hsr_slave_1 entered promiscuous mode
[   96.181086][ T4662] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   96.183250][ T4662] Cannot create hsr debugfs directory
[   96.256237][ T4662] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.860078][   T13] Bluetooth: hci0: command 0x0409 tx timeout
[   98.787767][ T4662] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.726560][ T4662] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.825373][ T4662] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.940392][   T13] Bluetooth: hci0: command 0x041b tx timeout
[   99.977098][ T4662] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  100.023068][ T4662] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  100.062494][ T4662] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  100.112338][ T4662] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  100.251874][ T4662] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.259508][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.262910][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.268561][ T4662] 8021q: adding VLAN 0 to HW filter on device team0
[  100.275291][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.278066][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.281912][  T539] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.283813][  T539] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.286137][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  100.304150][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  100.307134][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.310187][  T148] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.312147][  T148] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.314464][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  100.319148][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  100.326802][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  100.329696][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  100.335548][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  100.341584][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  100.344500][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  100.376797][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  100.379540][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.385754][ T4662] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  100.389010][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  100.394305][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  100.397095][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.467933][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  100.470281][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  100.477149][ T4662] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.491568][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  100.494408][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  100.505948][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  100.508608][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  100.511812][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  100.514305][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  100.518358][ T4662] device veth0_vlan entered promiscuous mode
[  100.532774][ T4662] device veth1_vlan entered promiscuous mode
[  100.548058][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  100.551253][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  100.553781][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  100.556386][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  100.560938][ T4662] device veth0_macvtap entered promiscuous mode
[  100.565164][ T4662] device veth1_macvtap entered promiscuous mode
[  100.575495][ T4662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.578697][ T4662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.583006][ T4662] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.585082][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  100.587741][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  100.594273][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  100.596953][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  100.607451][ T4662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.611046][ T4662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.614760][ T4662] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.616851][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  100.619696][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  100.624937][ T4662] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.627320][ T4662] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.629683][ T4662] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.634568][ T4662] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.673923][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.677323][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
1970/01/01 00:01:40 executed programs: 2
[  100.693149][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  100.696930][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.699121][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.703611][  T539] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  100.935110][ T4899] loop0: detected capacity change from 0 to 32768
[  100.960441][  T241] BUG: spinlock bad magic on CPU#0, jfsCommit/241
[  100.962260][  T241]  lock: 0xffff0000e27cc168, .magic: ffff8000, .owner: @É|â/0, .owner_cpu: 512
[  100.964590][  T241] CPU: 0 PID: 241 Comm: jfsCommit Not tainted 5.15.184-syzkaller #0
[  100.966675][  T241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.969277][  T241] Call trace:
[  100.970134][  T241]  dump_backtrace+0x0/0x43c
[  100.971349][  T241]  show_stack+0x2c/0x3c
[  100.972482][  T241]  __dump_stack+0x30/0x40
[  100.973657][  T241]  dump_stack_lvl+0xf8/0x160
[  100.974896][  T241]  dump_stack+0x1c/0x5c
[  100.976016][  T241]  spin_dump+0x110/0x208
[  100.977149][  T241]  do_raw_spin_lock+0x1e0/0x2f0
[  100.978446][  T241]  _raw_spin_lock_irqsave+0xcc/0x14c
[  100.979916][  T241]  __wake_up+0xe0/0x16c
[  100.981065][  T241]  release_metapage+0x17c/0x920
[  100.982398][  T241]  xtTruncate+0xb70/0x2698
[  100.983631][  T241]  jfs_free_zero_link+0x2a4/0x410
[  100.985007][  T241]  jfs_evict_inode+0x2fc/0x3fc
[  100.986284][  T241]  evict+0x3c8/0x810
[  100.987338][  T241]  iput+0x6c4/0x77c
[  100.988364][  T241]  txUpdateMap+0x6ac/0x7cc
[  100.989554][  T241]  jfs_lazycommit+0x384/0x9bc
[  100.990830][  T241]  kthread+0x374/0x454
[  100.991949][  T241]  ret_from_fork+0x10/0x20
[  100.993158][  T241] ================================================================================
[  100.995715][  T241] UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:130:9
[  100.998006][  T241] index 1112 is out of range for type 'unsigned long[8]'
[  100.999931][  T241] CPU: 0 PID: 241 Comm: jfsCommit Not tainted 5.15.184-syzkaller #0
[  101.002104][  T241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.004843][  T241] Call trace:
[  101.005726][  T241]  dump_backtrace+0x0/0x43c
[  101.006948][  T241]  show_stack+0x2c/0x3c
[  101.008091][  T241]  __dump_stack+0x30/0x40
[  101.009324][  T241]  dump_stack_lvl+0xf8/0x160
[  101.010561][  T241]  dump_stack+0x1c/0x5c
[  101.011713][  T241]  ubsan_epilogue+0x14/0x48
[  101.012923][  T241]  __ubsan_handle_out_of_bounds+0xd4/0x108
[  101.014513][  T241]  queued_spin_lock_slowpath+0x724/0x798
[  101.016153][  T241]  do_raw_spin_lock+0x2ec/0x2f0
[  101.017558][  T241]  _raw_spin_lock_irqsave+0xcc/0x14c
[  101.019099][  T241]  __wake_up+0xe0/0x16c
[  101.020259][  T241]  release_metapage+0x17c/0x920
[  101.021583][  T241]  xtTruncate+0xb70/0x2698
[  101.022788][  T241]  jfs_free_zero_link+0x2a4/0x410
[  101.024172][  T241]  jfs_evict_inode+0x2fc/0x3fc
[  101.025518][  T241]  evict+0x3c8/0x810
[  101.026626][  T241]  iput+0x6c4/0x77c
[  101.027669][  T241]  txUpdateMap+0x6ac/0x7cc
[  101.028916][  T241]  jfs_lazycommit+0x384/0x9bc
[  101.030191][  T241]  kthread+0x374/0x454
[  101.031293][  T241]  ret_from_fork+0x10/0x20
[  101.032525][  T241] ================================================================================
[  101.035152][  T241] ==================================================================
[  101.037324][  T241] BUG: KASAN: use-after-free in queued_spin_lock_slowpath+0x57c/0x798
[  101.039554][  T241] Write of size 8 at addr ffff00002158482c by task jfsCommit/241
[  101.041647][  T241] 
[  101.042262][  T241] CPU: 0 PID: 241 Comm: jfsCommit Not tainted 5.15.184-syzkaller #0
[  101.044446][  T241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.047193][  T241] Call trace:
[  101.048110][  T241]  dump_backtrace+0x0/0x43c
[  101.049341][  T241]  show_stack+0x2c/0x3c
[  101.050530][  T241]  __dump_stack+0x30/0x40
[  101.051747][  T241]  dump_stack_lvl+0xf8/0x160
[  101.053013][  T241]  print_address_description+0x78/0x30c
[  101.054528][  T241]  kasan_report+0xec/0x15c
[  101.055774][  T241]  __asan_report_store8_noabort+0x44/0x50
[  101.057343][  T241]  queued_spin_lock_slowpath+0x57c/0x798
[  101.058881][  T241]  do_raw_spin_lock+0x2ec/0x2f0
[  101.060199][  T241]  _raw_spin_lock_irqsave+0xcc/0x14c
[  101.061671][  T241]  __wake_up+0xe0/0x16c
[  101.062826][  T241]  release_metapage+0x17c/0x920
[  101.064221][  T241]  xtTruncate+0xb70/0x2698
[  101.065451][  T241]  jfs_free_zero_link+0x2a4/0x410
[  101.066892][  T241]  jfs_evict_inode+0x2fc/0x3fc
[  101.068229][  T241]  evict+0x3c8/0x810
[  101.069333][  T241]  iput+0x6c4/0x77c
[  101.070386][  T241]  txUpdateMap+0x6ac/0x7cc
[  101.071609][  T241]  jfs_lazycommit+0x384/0x9bc
[  101.072909][  T241]  kthread+0x374/0x454
[  101.074026][  T241]  ret_from_fork+0x10/0x20
[  101.075236][  T241] 
[  101.075867][  T241] The buggy address belongs to the page:
[  101.077398][  T241] page:0000000048e4224b refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61584
[  101.080191][  T241] flags: 0x1ffc00000000000(node=0|zone=0|lastcpupid=0x7ff)
[  101.082313][  T241] raw: 01ffc00000000000 fffffc0000856108 fffffc0000856108 0000000000000000
[  101.084789][  T241] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  101.087213][  T241] page dumped because: kasan: bad access detected
[  101.088960][  T241] 
[  101.089583][  T241] Memory state around the buggy address:
[  101.091144][  T241]  ffff000021584700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  101.093425][  T241]  ffff000021584780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  101.095647][  T241] >ffff000021584800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  101.097894][  T241]                                   ^
[  101.099400][  T241]  ffff000021584880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  101.101606][  T241]  ffff000021584900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  101.103971][  T241] ==================================================================
[  102.060901][ T4590] Bluetooth: hci0: command 0x040f tx timeout
[  104.110690][ T4590] Bluetooth: hci0: command 0x0419 tx timeout