Warning: Permanently added '10.128.1.196' (ED25519) to the list of known hosts.
2026/05/04 13:06:45 parsed 1 programs
[ 133.030915][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[ 133.031053][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
Setting up swapspace version 1, size = 127995904 bytes
[ 135.170617][ T6111] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 139.356717][ T4925] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 139.382370][ T4925] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 139.383144][ T4925] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 139.384099][ T4925] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 139.384922][ T4925] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 142.130099][ T6159] bridge0: port 1(bridge_slave_0) entered blocking state
[ 142.130452][ T6159] bridge0: port 1(bridge_slave_0) entered disabled state
[ 142.130708][ T6159] bridge_slave_0: entered allmulticast mode
[ 142.133530][ T6159] bridge_slave_0: entered promiscuous mode
[ 142.141194][ T6159] bridge0: port 2(bridge_slave_1) entered blocking state
[ 142.141536][ T6159] bridge0: port 2(bridge_slave_1) entered disabled state
[ 142.141752][ T6159] bridge_slave_1: entered allmulticast mode
[ 142.144909][ T6159] bridge_slave_1: entered promiscuous mode
[ 142.313271][ T6159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 142.318074][ T6159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 142.483510][ T6159] team0: Port device team_slave_0 added
[ 142.486428][ T6159] team0: Port device team_slave_1 added
[ 142.620426][ T6159] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 142.620436][ T6159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.620449][ T6159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 142.623177][ T6159] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 142.623186][ T6159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 142.623199][ T6159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 143.034068][ T6159] hsr_slave_0: entered promiscuous mode
[ 143.035167][ T6159] hsr_slave_1: entered promiscuous mode
[ 144.824273][ T6159] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 144.863455][ T6159] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 144.864721][ T6159] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 144.902508][ T6159] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 144.903735][ T6159] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 144.958266][ T6159] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 144.960101][ T6159] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 145.005083][ T6159] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 145.203017][ T6159] 8021q: adding VLAN 0 to HW filter on device bond0
[ 145.245232][ T6159] 8021q: adding VLAN 0 to HW filter on device team0
[ 145.264687][ T40] bridge0: port 1(bridge_slave_0) entered blocking state
[ 145.268379][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 145.281127][ T40] bridge0: port 2(bridge_slave_1) entered blocking state
[ 145.281360][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 145.961762][ T6159] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 146.058826][ T6159] veth0_vlan: entered promiscuous mode
[ 146.081341][ T6159] veth1_vlan: entered promiscuous mode
[ 146.146101][ T6159] veth0_macvtap: entered promiscuous mode
[ 146.164981][ T6159] veth1_macvtap: entered promiscuous mode
[ 146.210754][ T6159] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 146.239725][ T6159] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 146.272516][ T3345] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.272751][ T3345] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.272785][ T3345] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 146.272815][ T3345] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 147.137430][ T3345] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 148.034982][ T3345] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 148.176889][ T999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 148.176908][ T999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 148.252758][ T165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 148.252778][ T165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 148.946184][ T3345] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 149.366316][ T3345] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 150.278280][ T3345] bridge_slave_1: left allmulticast mode
[ 150.278304][ T3345] bridge_slave_1: left promiscuous mode
[ 150.278495][ T3345] bridge0: port 2(bridge_slave_1) entered disabled state
[ 150.358946][ T3345] bridge_slave_0: left allmulticast mode
[ 150.358970][ T3345] bridge_slave_0: left promiscuous mode
[ 150.359168][ T3345] bridge0: port 1(bridge_slave_0) entered disabled state
[ 150.928599][ T3345] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 151.008554][ T3345] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 151.036634][ T3345] bond0 (unregistering): Released all slaves
[ 151.409445][ T3345] hsr_slave_0: left promiscuous mode
[ 151.450579][ T3345] hsr_slave_1: left promiscuous mode
[ 151.453745][ T3345] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 151.453764][ T3345] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 151.489147][ T3345] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 151.489173][ T3345] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 151.569456][ T3345] veth1_macvtap: left promiscuous mode
[ 151.576576][ T3345] veth0_macvtap: left promiscuous mode
[ 151.576850][ T3345] veth1_vlan: left promiscuous mode
[ 151.577025][ T3345] veth0_vlan: left promiscuous mode
[ 152.158568][ T3345] team0 (unregistering): Port device team_slave_1 removed
[ 152.200091][ T3345] team0 (unregistering): Port device team_slave_0 removed
[ 152.371461][ T5270] 8021q: adding VLAN 0 to HW filter on device eth1
2026/05/04 13:07:07 executed programs: 0
[ 153.049777][ T5270] 8021q: adding VLAN 0 to HW filter on device eth2
[ 153.210129][ T60] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 153.241195][ T60] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 153.242622][ T60] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 153.244990][ T60] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 153.246412][ T60] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 154.042350][ T5270] 8021q: adding VLAN 0 to HW filter on device eth3
[ 154.753842][ T5270] 8021q: adding VLAN 0 to HW filter on device eth4
[ 154.872851][ T6424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 154.873159][ T6424] bridge0: port 1(bridge_slave_0) entered disabled state
[ 154.873389][ T6424] bridge_slave_0: entered allmulticast mode
[ 154.876112][ T6424] bridge_slave_0: entered promiscuous mode
[ 154.883538][ T6424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 154.883883][ T6424] bridge0: port 2(bridge_slave_1) entered disabled state
[ 154.884100][ T6424] bridge_slave_1: entered allmulticast mode
[ 154.887237][ T6424] bridge_slave_1: entered promiscuous mode
[ 155.358061][ T4925] Bluetooth: hci0: command tx timeout
[ 155.405031][ T6424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 155.443790][ T6424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 155.904282][ T6424] team0: Port device team_slave_0 added
[ 156.000744][ T6424] team0: Port device team_slave_1 added
[ 156.172723][ T6424] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 156.172739][ T6424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 156.172761][ T6424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 156.175636][ T6424] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 156.175649][ T6424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 156.175668][ T6424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 156.394172][ T6424] hsr_slave_0: entered promiscuous mode
[ 156.395447][ T6424] hsr_slave_1: entered promiscuous mode
[ 157.430843][ T4925] Bluetooth: hci0: command tx timeout
[ 158.321893][ T6424] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 158.376160][ T6424] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 158.377521][ T6424] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 158.429143][ T6424] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 158.438198][ T6424] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 158.483370][ T6424] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 158.486768][ T6424] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 158.525371][ T6424] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 158.733982][ T6424] 8021q: adding VLAN 0 to HW filter on device bond0
[ 158.766097][ T6424] 8021q: adding VLAN 0 to HW filter on device team0
[ 158.783911][ T3345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 158.784154][ T3345] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 158.803983][ T3345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 158.804203][ T3345] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 159.442945][ T6424] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 159.507967][ T4925] Bluetooth: hci0: command tx timeout
[ 159.576243][ T6424] veth0_vlan: entered promiscuous mode
[ 159.596060][ T6424] veth1_vlan: entered promiscuous mode
[ 159.655676][ T6424] veth0_macvtap: entered promiscuous mode
[ 159.667125][ T6424] veth1_macvtap: entered promiscuous mode
[ 159.720636][ T6424] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 159.746054][ T6424] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 159.774619][ T999] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 159.775266][ T999] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 159.784934][ T999] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 159.787106][ T999] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 160.291575][ T999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 160.291593][ T999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 160.386843][ T1735] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 160.386862][ T1735] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/04 13:07:14 executed programs: 2
[ 161.005178][ T6595] loop0: detected capacity change from 0 to 32768
[ 161.260737][ T6595] Bad index:0 in slot in dtroot
[ 161.260737][ T6595]
[ 161.260758][ T6595] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 161.260758][ T6595]
[ 161.262438][ T6595] ERROR: (device loop0): remounting filesystem as read-only
[ 161.598060][ T4925] Bluetooth: hci0: command tx timeout
[ 161.684161][ T6612] loop0: detected capacity change from 0 to 32768
[ 161.704354][ T6612] Bad index:0 in slot in dtroot
[ 161.704354][ T6612]
[ 161.704368][ T6612] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 161.704368][ T6612]
[ 161.705175][ T6612] ERROR: (device loop0): remounting filesystem as read-only
[ 162.069542][ T6614] loop0: detected capacity change from 0 to 32768
[ 162.095509][ T6614] Bad index:0 in slot in dtroot
[ 162.095509][ T6614]
[ 162.095524][ T6614] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 162.095524][ T6614]
[ 162.095777][ T6614] ERROR: (device loop0): remounting filesystem as read-only
[ 162.432864][ T6616] loop0: detected capacity change from 0 to 32768
[ 162.464062][ T6616] Bad index:0 in slot in dtroot
[ 162.464062][ T6616]
[ 162.464078][ T6616] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 162.464078][ T6616]
[ 162.464382][ T6616] ERROR: (device loop0): remounting filesystem as read-only
[ 162.794785][ T6618] loop0: detected capacity change from 0 to 32768
[ 162.819574][ T6618] Bad index:0 in slot in dtroot
[ 162.819574][ T6618]
[ 162.819588][ T6618] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 162.819588][ T6618]
[ 162.819791][ T6618] ERROR: (device loop0): remounting filesystem as read-only
[ 163.152679][ T6620] loop0: detected capacity change from 0 to 32768
[ 163.166635][ T6620] Bad index:0 in slot in dtroot
[ 163.166635][ T6620]
[ 163.166650][ T6620] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 163.166650][ T6620]
[ 163.166854][ T6620] ERROR: (device loop0): remounting filesystem as read-only
[ 163.507082][ T6622] loop0: detected capacity change from 0 to 32768
[ 163.522040][ T6622] Bad index:0 in slot in dtroot
[ 163.522040][ T6622]
[ 163.522054][ T6622] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 163.522054][ T6622]
[ 163.522351][ T6622] ERROR: (device loop0): remounting filesystem as read-only
[ 163.843984][ T6624] loop0: detected capacity change from 0 to 32768
[ 163.866779][ T6624] Bad index:0 in slot in dtroot
[ 163.866779][ T6624]
[ 163.866793][ T6624] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 163.866793][ T6624]
[ 163.867101][ T6624] ERROR: (device loop0): remounting filesystem as read-only
[ 164.216850][ T6626] loop0: detected capacity change from 0 to 32768
[ 164.246525][ T6626] Bad index:0 in slot in dtroot
[ 164.246525][ T6626]
[ 164.246539][ T6626] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 164.246539][ T6626]
[ 164.265254][ T6626] ERROR: (device loop0): remounting filesystem as read-only
[ 164.588337][ T6628] loop0: detected capacity change from 0 to 32768
[ 164.606388][ T6628] Bad index:0 in slot in dtroot
[ 164.606388][ T6628]
[ 164.606403][ T6628] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 164.606403][ T6628]
[ 164.606656][ T6628] ERROR: (device loop0): remounting filesystem as read-only
[ 164.976139][ T6630] Bad index:0 in slot in dtroot
[ 164.976139][ T6630]
[ 164.976152][ T6630] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 164.976152][ T6630]
[ 164.976379][ T6630] ERROR: (device loop0): remounting filesystem as read-only
[ 165.374650][ T6632] Bad index:0 in slot in dtroot
[ 165.374650][ T6632]
[ 165.374665][ T6632] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 165.374665][ T6632]
[ 165.374856][ T6632] ERROR: (device loop0): remounting filesystem as read-only
[ 165.737551][ T6634] Bad index:0 in slot in dtroot
[ 165.737551][ T6634]
[ 165.737565][ T6634] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 165.737565][ T6634]
[ 165.738349][ T6634] ERROR: (device loop0): remounting filesystem as read-only
2026/05/04 13:07:20 executed programs: 15
[ 166.107709][ T6636] set_capacity_and_notify: 3 callbacks suppressed
[ 166.107722][ T6636] loop0: detected capacity change from 0 to 32768
[ 166.136967][ T6636] Bad index:0 in slot in dtroot
[ 166.136967][ T6636]
[ 166.136981][ T6636] ERROR: (device loop0): copy_from_dinode: Corrupt dtroot
[ 166.136981][ T6636]
[ 166.137160][ T6636] ERROR: (device loop0): remounting filesystem as read-only
[ 166.171103][ T4081] ==================================================================
[ 166.171119][ T4081] BUG: KASAN: use-after-free in copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.171147][ T4081] Read of size 4096 at addr ffff88802b266000 by task kworker/u8:14/4081
[ 166.171162][ T4081]
[ 166.171190][ T4081] CPU: 0 UID: 0 PID: 4081 Comm: kworker/u8:14 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 166.171244][ T4081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 166.171254][ T4081] Workqueue: loop0 loop_workfn
[ 166.171290][ T4081] Call Trace:
[ 166.171297][ T4081]
[ 166.171303][ T4081] dump_stack_lvl+0xe8/0x150
[ 166.171325][ T4081] print_address_description+0x55/0x1e0
[ 166.171346][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.171363][ T4081] print_report+0x58/0x70
[ 166.171381][ T4081] kasan_report+0x117/0x150
[ 166.171403][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.171425][ T4081] kasan_check_range+0x264/0x2c0
[ 166.171445][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.171464][ T4081] __asan_memcpy+0x29/0x70
[ 166.171479][ T4081] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.171506][ T4081] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 166.171525][ T4081] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[ 166.171551][ T4081] ? shmem_write_begin+0x1ce/0x320
[ 166.171574][ T4081] generic_perform_write+0x5b1/0x8b0
[ 166.171604][ T4081] ? __pfx_generic_perform_write+0x10/0x10
[ 166.171630][ T4081] ? file_update_time_flags+0x3b9/0x4b0
[ 166.171652][ T4081] shmem_file_write_iter+0xfb/0x120
[ 166.171676][ T4081] lo_rw_aio+0xd76/0x1190
[ 166.171702][ T4081] ? __pfx_lo_rw_aio+0x10/0x10
[ 166.171725][ T4081] ? kthread_associate_blkcg+0x490/0x600
[ 166.171750][ T4081] ? rt_spin_unlock+0x160/0x200
[ 166.171770][ T4081] loop_process_work+0x647/0x1560
[ 166.171798][ T4081] ? pick_next_task_fair+0x1a68/0x1ab0
[ 166.171820][ T4081] ? __pfx_loop_process_work+0x10/0x10
[ 166.171842][ T4081] ? look_up_lock_class+0x57/0x110
[ 166.171865][ T4081] ? register_lock_class+0x31/0x2e0
[ 166.171890][ T4081] ? __lock_acquire+0x6b5/0x2d10
[ 166.171917][ T4081] ? do_raw_spin_lock+0x12b/0x2f0
[ 166.171938][ T4081] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 166.171965][ T4081] ? process_one_work+0x8b7/0x1710
[ 166.171985][ T4081] ? process_one_work+0x8b7/0x1710
[ 166.172008][ T4081] ? process_one_work+0x8b7/0x1710
[ 166.172025][ T4081] process_one_work+0x9a3/0x1710
[ 166.172052][ T4081] ? __pfx_process_one_work+0x10/0x10
[ 166.172070][ T4081] ? do_raw_spin_lock+0x12b/0x2f0
[ 166.172096][ T4081] worker_thread+0xba8/0x11e0
[ 166.172119][ T4081] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 166.172142][ T4081] ? __kthread_parkme+0x7a/0x1f0
[ 166.172162][ T4081] ? __kthread_parkme+0x19c/0x1f0
[ 166.172185][ T4081] kthread+0x388/0x470
[ 166.172208][ T4081] ? __pfx_worker_thread+0x10/0x10
[ 166.172226][ T4081] ? __pfx_kthread+0x10/0x10
[ 166.172248][ T4081] ret_from_fork+0x514/0xb70
[ 166.172270][ T4081] ? __pfx_ret_from_fork+0x10/0x10
[ 166.172287][ T4081] ? __switch_to+0xc79/0x1410
[ 166.172305][ T4081] ? __pfx_kthread+0x10/0x10
[ 166.172327][ T4081] ret_from_fork_asm+0x1a/0x30
[ 166.172361][ T4081]
[ 166.172367][ T4081]
[ 166.172372][ T4081] The buggy address belongs to the physical page:
[ 166.172385][ T4081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x15 pfn:0x2b266
[ 166.172405][ T4081] flags: 0x80000000000000(node=0|zone=1)
[ 166.172428][ T4081] raw: 0080000000000000 ffffea0001030dc8 ffffea0000c52688 0000000000000000
[ 166.172441][ T4081] raw: 0000000000000015 0000000000000000 00000000ffffffff 0000000000000000
[ 166.172449][ T4081] page dumped because: kasan: bad access detected
[ 166.172462][ T4081] page_owner tracks the page as freed
[ 166.172468][ T4081] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xdc0(GFP_KERNEL|__GFP_ZERO), pid 6636, tgid 6635 (syz.0.30), ts 166134022743, free_ts 166169500515
[ 166.172494][ T4081] post_alloc_hook+0x1f9/0x250
[ 166.172512][ T4081] get_page_from_freelist+0x27d6/0x2850
[ 166.172533][ T4081] __alloc_frozen_pages_noprof+0x18d/0x380
[ 166.172552][ T4081] alloc_pages_mpol+0xd1/0x380
[ 166.172571][ T4081] alloc_pages_noprof+0xd2/0x2f0
[ 166.172589][ T4081] lmLogInit+0x357/0x1a00
[ 166.172603][ T4081] lmLogOpen+0x4e1/0xfa0
[ 166.172616][ T4081] jfs_mount_rw+0xee/0x670
[ 166.172629][ T4081] jfs_fill_super+0x754/0xd80
[ 166.172646][ T4081] get_tree_bdev_flags+0x431/0x4f0
[ 166.172666][ T4081] vfs_get_tree+0x92/0x2a0
[ 166.172683][ T4081] do_new_mount+0x341/0xd30
[ 166.172697][ T4081] __se_sys_mount+0x31d/0x420
[ 166.172711][ T4081] do_syscall_64+0x15f/0xf80
[ 166.172731][ T4081] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 166.172747][ T4081] page last free pid 6636 tgid 6635 stack trace:
[ 166.172756][ T4081] __free_frozen_pages+0x1075/0x11b0
[ 166.172774][ T4081] lmLogShutdown+0x44e/0x850
[ 166.172788][ T4081] lmLogClose+0x28a/0x520
[ 166.172802][ T4081] jfs_umount+0x2fb/0x3d0
[ 166.172815][ T4081] jfs_fill_super+0x9c5/0xd80
[ 166.172832][ T4081] get_tree_bdev_flags+0x431/0x4f0
[ 166.172850][ T4081] vfs_get_tree+0x92/0x2a0
[ 166.172867][ T4081] do_new_mount+0x341/0xd30
[ 166.172881][ T4081] __se_sys_mount+0x31d/0x420
[ 166.172895][ T4081] do_syscall_64+0x15f/0xf80
[ 166.172915][ T4081] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 166.172930][ T4081]
[ 166.172934][ T4081] Memory state around the buggy address:
[ 166.172943][ T4081] ffff88802b265f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 166.172960][ T4081] ffff88802b265f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 166.172970][ T4081] >ffff88802b266000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 166.172978][ T4081] ^
[ 166.172986][ T4081] ffff88802b266080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 166.172996][ T4081] ffff88802b266100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 166.173004][ T4081] ==================================================================
[ 166.175190][ T4081] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 166.175213][ T4081] CPU: 0 UID: 0 PID: 4081 Comm: kworker/u8:14 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 166.175234][ T4081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 166.175243][ T4081] Workqueue: loop0 loop_workfn
[ 166.175269][ T4081] Call Trace:
[ 166.175276][ T4081]
[ 166.175283][ T4081] vpanic+0x56c/0xa60
[ 166.175308][ T4081] ? __pfx_vpanic+0x10/0x10
[ 166.175333][ T4081] panic+0xc5/0xd0
[ 166.175353][ T4081] ? __pfx_panic+0x10/0x10
[ 166.175374][ T4081] ? preempt_schedule_thunk+0x16/0x30
[ 166.175393][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.175411][ T4081] ? preempt_schedule_thunk+0x16/0x30
[ 166.175429][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.175446][ T4081] check_panic_on_warn+0x89/0xb0
[ 166.175471][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.175489][ T4081] end_report+0x73/0x170
[ 166.175510][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.175528][ T4081] kasan_report+0x128/0x150
[ 166.175549][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.175570][ T4081] kasan_check_range+0x264/0x2c0
[ 166.175590][ T4081] ? copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.175609][ T4081] __asan_memcpy+0x29/0x70
[ 166.175626][ T4081] copy_folio_from_iter_atomic+0xbb5/0x1ad0
[ 166.175652][ T4081] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 166.175672][ T4081] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0
[ 166.175697][ T4081] ? shmem_write_begin+0x1ce/0x320
[ 166.175719][ T4081] generic_perform_write+0x5b1/0x8b0
[ 166.175749][ T4081] ? __pfx_generic_perform_write+0x10/0x10
[ 166.175776][ T4081] ? file_update_time_flags+0x3b9/0x4b0
[ 166.175798][ T4081] shmem_file_write_iter+0xfb/0x120
[ 166.175822][ T4081] lo_rw_aio+0xd76/0x1190
[ 166.175850][ T4081] ? __pfx_lo_rw_aio+0x10/0x10
[ 166.175874][ T4081] ? kthread_associate_blkcg+0x490/0x600
[ 166.175898][ T4081] ? rt_spin_unlock+0x160/0x200
[ 166.175919][ T4081] loop_process_work+0x647/0x1560
[ 166.175954][ T4081] ? pick_next_task_fair+0x1a68/0x1ab0
[ 166.175976][ T4081] ? __pfx_loop_process_work+0x10/0x10
[ 166.175998][ T4081] ? look_up_lock_class+0x57/0x110
[ 166.176021][ T4081] ? register_lock_class+0x31/0x2e0
[ 166.176045][ T4081] ? __lock_acquire+0x6b5/0x2d10
[ 166.176072][ T4081] ? do_raw_spin_lock+0x12b/0x2f0
[ 166.176094][ T4081] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 166.176115][ T4081] ? process_one_work+0x8b7/0x1710
[ 166.176135][ T4081] ? process_one_work+0x8b7/0x1710
[ 166.176158][ T4081] ? process_one_work+0x8b7/0x1710
[ 166.176176][ T4081] process_one_work+0x9a3/0x1710
[ 166.176202][ T4081] ? __pfx_process_one_work+0x10/0x10
[ 166.176220][ T4081] ? do_raw_spin_lock+0x12b/0x2f0
[ 166.176246][ T4081] worker_thread+0xba8/0x11e0
[ 166.176270][ T4081] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 166.176293][ T4081] ? __kthread_parkme+0x7a/0x1f0
[ 166.176313][ T4081] ? __kthread_parkme+0x19c/0x1f0
[ 166.176336][ T4081] kthread+0x388/0x470
[ 166.176358][ T4081] ? __pfx_worker_thread+0x10/0x10
[ 166.176377][ T4081] ? __pfx_kthread+0x10/0x10
[ 166.176398][ T4081] ret_from_fork+0x514/0xb70
[ 166.176420][ T4081] ? __pfx_ret_from_fork+0x10/0x10
[ 166.176439][ T4081] ? __switch_to+0xc79/0x1410
[ 166.176457][ T4081] ? __pfx_kthread+0x10/0x10
[ 166.176480][ T4081] ret_from_fork_asm+0x1a/0x30
[ 166.176509][ T4081]
[ 166.177164][ T4081] Kernel Offset: disabled