Warning: Permanently added '10.128.0.42' (ED25519) to the list of known hosts.
2026/04/17 17:14:38 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 129.095344][ T6140] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 132.885368][ T1327] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.885458][ T1327] ieee802154 phy1 wpan1: encryption failed: -22
[ 133.819150][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 133.848495][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 133.851269][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 133.882911][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 133.886293][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 135.117292][ T6187] chnl_net:caif_netlink_parms(): no params data found
[ 135.415903][ T6187] bridge0: port 1(bridge_slave_0) entered blocking state
[ 135.416035][ T6187] bridge0: port 1(bridge_slave_0) entered disabled state
[ 135.416160][ T6187] bridge_slave_0: entered allmulticast mode
[ 135.417512][ T6187] bridge_slave_0: entered promiscuous mode
[ 135.419610][ T6187] bridge0: port 2(bridge_slave_1) entered blocking state
[ 135.419723][ T6187] bridge0: port 2(bridge_slave_1) entered disabled state
[ 135.419811][ T6187] bridge_slave_1: entered allmulticast mode
[ 135.421243][ T6187] bridge_slave_1: entered promiscuous mode
[ 135.607085][ T6187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 135.609443][ T6187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 135.786123][ T6187] team0: Port device team_slave_0 added
[ 135.788814][ T6187] team0: Port device team_slave_1 added
[ 136.215181][ T6187] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 136.215195][ T6187] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 136.215210][ T6187] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 136.292615][ T6187] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 136.292632][ T6187] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 136.292656][ T6187] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 136.529270][ T6187] hsr_slave_0: entered promiscuous mode
[ 136.530259][ T6187] hsr_slave_1: entered promiscuous mode
[ 138.264843][ T6187] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 138.305394][ T6187] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 138.306221][ T6187] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 138.350444][ T6187] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 138.351314][ T6187] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 138.387324][ T6187] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 138.388381][ T6187] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 138.429727][ T6187] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 138.607442][ T6187] 8021q: adding VLAN 0 to HW filter on device bond0
[ 138.644836][ T6187] 8021q: adding VLAN 0 to HW filter on device team0
[ 138.676351][ T1511] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.676551][ T1511] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 138.709959][ T1511] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.720618][ T1511] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 139.078059][ T6187] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 139.169550][ T6187] veth0_vlan: entered promiscuous mode
[ 139.185531][ T6187] veth1_vlan: entered promiscuous mode
[ 139.248758][ T6187] veth0_macvtap: entered promiscuous mode
[ 139.263218][ T6187] veth1_macvtap: entered promiscuous mode
[ 139.292766][ T6187] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 139.317327][ T6187] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 139.395080][ T1511] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.395130][ T1511] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.395164][ T1511] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.395197][ T1511] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 140.209979][ T988] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 140.549167][ T988] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 140.754104][ T3534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 140.754123][ T3534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 140.864627][ T1511] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 140.864648][ T1511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 141.153742][ T988] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 142.356538][ T988] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 143.576145][ T988] bridge_slave_1: left allmulticast mode
[ 143.576173][ T988] bridge_slave_1: left promiscuous mode
[ 143.576453][ T988] bridge0: port 2(bridge_slave_1) entered disabled state
[ 143.664452][ T988] bridge_slave_0: left allmulticast mode
[ 143.666882][ T988] bridge_slave_0: left promiscuous mode
[ 143.667124][ T988] bridge0: port 1(bridge_slave_0) entered disabled state
[ 144.422369][ T988] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 144.502242][ T988] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 144.523422][ T988] bond0 (unregistering): Released all slaves
[ 144.914418][ T988] hsr_slave_0: left promiscuous mode
[ 144.951600][ T988] hsr_slave_1: left promiscuous mode
[ 144.952601][ T988] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 144.952624][ T988] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 145.002676][ T988] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 145.002702][ T988] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 145.092926][ T988] veth1_macvtap: left promiscuous mode
[ 145.096086][ T988] veth0_macvtap: left promiscuous mode
[ 145.096323][ T988] veth1_vlan: left promiscuous mode
[ 145.097101][ T988] veth0_vlan: left promiscuous mode
[ 145.692019][ T988] team0 (unregistering): Port device team_slave_1 removed
[ 145.732290][ T988] team0 (unregistering): Port device team_slave_0 removed
[ 145.893938][ T5462] 8021q: adding VLAN 0 to HW filter on device eth1
[ 146.568947][ T5462] 8021q: adding VLAN 0 to HW filter on device eth2
2026/04/17 17:15:00 executed programs: 0
[ 146.986667][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 147.014193][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 147.015875][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 147.018056][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 147.019295][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 147.674919][ T5462] 8021q: adding VLAN 0 to HW filter on device eth3
[ 147.872124][ T6442] chnl_net:caif_netlink_parms(): no params data found
[ 148.315922][ T6442] bridge0: port 1(bridge_slave_0) entered blocking state
[ 148.316046][ T6442] bridge0: port 1(bridge_slave_0) entered disabled state
[ 148.316198][ T6442] bridge_slave_0: entered allmulticast mode
[ 148.318857][ T6442] bridge_slave_0: entered promiscuous mode
[ 148.329080][ T6442] bridge0: port 2(bridge_slave_1) entered blocking state
[ 148.329277][ T6442] bridge0: port 2(bridge_slave_1) entered disabled state
[ 148.329436][ T6442] bridge_slave_1: entered allmulticast mode
[ 148.333763][ T6442] bridge_slave_1: entered promiscuous mode
[ 148.435319][ T5462] 8021q: adding VLAN 0 to HW filter on device eth4
[ 148.531085][ T6442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 148.536585][ T6442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 149.091524][ T5116] Bluetooth: hci0: command tx timeout
[ 149.128440][ T6442] team0: Port device team_slave_0 added
[ 149.141885][ T6442] team0: Port device team_slave_1 added
[ 149.574183][ T6442] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 149.574221][ T6442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 149.574245][ T6442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 149.579710][ T6442] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 149.579725][ T6442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 149.579749][ T6442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 149.946048][ T6442] hsr_slave_0: entered promiscuous mode
[ 149.946767][ T6442] hsr_slave_1: entered promiscuous mode
[ 151.171578][ T5116] Bluetooth: hci0: command tx timeout
[ 151.829274][ T6442] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 151.867092][ T6442] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 151.867924][ T6442] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 151.908552][ T6442] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 151.909386][ T6442] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 151.948751][ T6442] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 151.949858][ T6442] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 151.985353][ T6442] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 152.115797][ T6442] 8021q: adding VLAN 0 to HW filter on device bond0
[ 152.148624][ T6442] 8021q: adding VLAN 0 to HW filter on device team0
[ 152.166701][ T988] bridge0: port 1(bridge_slave_0) entered blocking state
[ 152.166914][ T988] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 152.196231][ T1178] bridge0: port 2(bridge_slave_1) entered blocking state
[ 152.196305][ T1178] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 152.573772][ T6442] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 152.658979][ T6442] veth0_vlan: entered promiscuous mode
[ 152.676169][ T6442] veth1_vlan: entered promiscuous mode
[ 152.730239][ T6442] veth0_macvtap: entered promiscuous mode
[ 152.737099][ T6442] veth1_macvtap: entered promiscuous mode
[ 152.769714][ T6442] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 152.782517][ T6442] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 152.797172][ T988] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 152.797216][ T988] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 152.797249][ T988] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 152.797281][ T988] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 153.090206][ T998] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 153.090227][ T998] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 153.185344][ T998] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 153.185364][ T998] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/17 17:15:06 executed programs: 2
[ 153.263832][ T5116] Bluetooth: hci0: command tx timeout
[ 153.805126][ T6557] loop0: detected capacity change from 0 to 32768
[ 154.233158][ T6557] dmapctl: invalid height 1797 (max 5)
[ 154.233183][ T6557] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 154.233183][ T6557]
[ 154.261938][ T6557] ERROR: (device loop0): remounting filesystem as read-only
[ 154.261995][ T6557] ERROR: (device loop0): dbDiscardAG: -EIO
[ 154.261995][ T6557]
[ 155.124168][ T6597] loop0: detected capacity change from 0 to 32768
[ 155.159924][ T6597] dmapctl: invalid height 1797 (max 5)
[ 155.159945][ T6597] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 155.159945][ T6597]
[ 155.160931][ T6597] ERROR: (device loop0): remounting filesystem as read-only
[ 155.160974][ T6597] ERROR: (device loop0): dbDiscardAG: -EIO
[ 155.160974][ T6597]
[ 155.331546][ T5116] Bluetooth: hci0: command tx timeout
[ 155.597034][ T6600] loop0: detected capacity change from 0 to 32768
[ 155.636641][ T6600] dmapctl: invalid height 1797 (max 5)
[ 155.636661][ T6600] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 155.636661][ T6600]
[ 155.637874][ T6600] ERROR: (device loop0): remounting filesystem as read-only
[ 155.637919][ T6600] ERROR: (device loop0): dbDiscardAG: -EIO
[ 155.637919][ T6600]
[ 156.014053][ T6603] loop0: detected capacity change from 0 to 32768
[ 156.047975][ T6603] dmapctl: invalid height 1797 (max 5)
[ 156.047994][ T6603] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 156.047994][ T6603]
[ 156.049155][ T6603] ERROR: (device loop0): remounting filesystem as read-only
[ 156.049193][ T6603] ERROR: (device loop0): dbDiscardAG: -EIO
[ 156.049193][ T6603]
[ 156.434302][ T6606] loop0: detected capacity change from 0 to 32768
[ 156.457262][ T6606] dmapctl: invalid height 1797 (max 5)
[ 156.457281][ T6606] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 156.457281][ T6606]
[ 156.457595][ T6606] ERROR: (device loop0): remounting filesystem as read-only
[ 156.457634][ T6606] ERROR: (device loop0): dbDiscardAG: -EIO
[ 156.457634][ T6606]
[ 156.810062][ T6608] loop0: detected capacity change from 0 to 32768
[ 156.842027][ T6608] dmapctl: invalid height 1797 (max 5)
[ 156.842046][ T6608] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 156.842046][ T6608]
[ 156.843734][ T6608] ERROR: (device loop0): remounting filesystem as read-only
[ 156.843780][ T6608] ERROR: (device loop0): dbDiscardAG: -EIO
[ 156.843780][ T6608]
[ 157.193873][ T6610] loop0: detected capacity change from 0 to 32768
[ 157.225312][ T6610] dmapctl: invalid height 1797 (max 5)
[ 157.225331][ T6610] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 157.225331][ T6610]
[ 157.227013][ T6610] ERROR: (device loop0): remounting filesystem as read-only
[ 157.227060][ T6610] ERROR: (device loop0): dbDiscardAG: -EIO
[ 157.227060][ T6610]
[ 157.577155][ T6612] loop0: detected capacity change from 0 to 32768
[ 157.604802][ T6612] dmapctl: invalid height 1797 (max 5)
[ 157.604821][ T6612] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 157.604821][ T6612]
[ 157.605089][ T6612] ERROR: (device loop0): remounting filesystem as read-only
[ 157.605130][ T6612] ERROR: (device loop0): dbDiscardAG: -EIO
[ 157.605130][ T6612]
[ 157.960153][ T6614] loop0: detected capacity change from 0 to 32768
[ 157.981266][ T6614] dmapctl: invalid height 1797 (max 5)
[ 157.981283][ T6614] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 157.981283][ T6614]
[ 157.997569][ T6614] ERROR: (device loop0): remounting filesystem as read-only
[ 157.997633][ T6614] ERROR: (device loop0): dbDiscardAG: -EIO
[ 157.997633][ T6614]
[ 158.376459][ T6617] loop0: detected capacity change from 0 to 32768
[ 158.393223][ T6617] dmapctl: invalid height 1797 (max 5)
[ 158.393240][ T6617] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 158.393240][ T6617]
[ 158.393543][ T6617] ERROR: (device loop0): remounting filesystem as read-only
[ 158.393581][ T6617] ERROR: (device loop0): dbDiscardAG: -EIO
[ 158.393581][ T6617]
2026/04/17 17:15:12 executed programs: 12
[ 158.805399][ T6619] dmapctl: invalid height 1797 (max 5)
[ 158.805418][ T6619] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 158.805418][ T6619]
[ 158.805762][ T6619] ERROR: (device loop0): remounting filesystem as read-only
[ 158.805801][ T6619] ERROR: (device loop0): dbDiscardAG: -EIO
[ 158.805801][ T6619]
[ 159.166650][ T6621] set_capacity_and_notify: 1 callbacks suppressed
[ 159.166661][ T6621] loop0: detected capacity change from 0 to 32768
[ 159.194603][ T6621] dmapctl: invalid height 1797 (max 5)
[ 159.194621][ T6621] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 159.194621][ T6621]
[ 159.194879][ T6621] ERROR: (device loop0): remounting filesystem as read-only
[ 159.194919][ T6621] ERROR: (device loop0): dbDiscardAG: -EIO
[ 159.194919][ T6621]
[ 159.589913][ T6624] loop0: detected capacity change from 0 to 32768
[ 159.608574][ T6624] dmapctl: invalid height 1797 (max 5)
[ 159.608591][ T6624] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 159.608591][ T6624]
[ 159.608893][ T6624] ERROR: (device loop0): remounting filesystem as read-only
[ 159.608932][ T6624] ERROR: (device loop0): dbDiscardAG: -EIO
[ 159.608932][ T6624]
[ 159.955750][ T6626] loop0: detected capacity change from 0 to 32768
[ 159.968392][ T6626] dmapctl: invalid height 1797 (max 5)
[ 159.968409][ T6626] ERROR: (device loop0): dbAdjCtl: Corrupt dmapctl page
[ 159.968409][ T6626]
[ 159.968641][ T6626] ERROR: (device loop0): remounting filesystem as read-only
[ 159.968680][ T6626] ERROR: (device loop0): dbDiscardAG: -EIO
[ 159.968680][ T6626]
[ 160.047073][ C0] ==================================================================
[ 160.047088][ C0] BUG: KASAN: slab-use-after-free in lbmIODone+0x1312/0x16c0
[ 160.047123][ C0] Read of size 4 at addr ffff88803d611008 by task ksoftirqd/0/15
[ 160.047141][ C0]
[ 160.047164][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 160.047187][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 160.047213][ C0] Call Trace:
[ 160.047221][ C0]
[ 160.047230][ C0] dump_stack_lvl+0xe8/0x150
[ 160.047261][ C0] print_address_description+0x55/0x1e0
[ 160.047292][ C0] ? lbmIODone+0x1312/0x16c0
[ 160.047316][ C0] print_report+0x58/0x70
[ 160.047343][ C0] kasan_report+0x117/0x150
[ 160.047374][ C0] ? lbmIODone+0x1312/0x16c0
[ 160.047402][ C0] lbmIODone+0x1312/0x16c0
[ 160.047426][ C0] ? blkg_put+0x22/0x240
[ 160.047452][ C0] ? blkg_put+0x22/0x240
[ 160.047478][ C0] ? blkg_put+0x18d/0x240
[ 160.047504][ C0] ? bio_endio+0x989/0x9d0
[ 160.047525][ C0] blk_update_request+0x57e/0xe60
[ 160.047552][ C0] blk_mq_end_request+0x3e/0x70
[ 160.047572][ C0] blk_done_softirq+0x10a/0x160
[ 160.047592][ C0] handle_softirqs+0x1de/0x6d0
[ 160.047615][ C0] ? smpboot_thread_fn+0x4d/0xa50
[ 160.047636][ C0] run_ksoftirqd+0x52/0x180
[ 160.047656][ C0] smpboot_thread_fn+0x541/0xa50
[ 160.047677][ C0] ? smpboot_thread_fn+0x4d/0xa50
[ 160.047702][ C0] kthread+0x388/0x470
[ 160.047726][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 160.047747][ C0] ? __pfx_kthread+0x10/0x10
[ 160.047771][ C0] ret_from_fork+0x514/0xb70
[ 160.047791][ C0] ? __pfx_ret_from_fork+0x10/0x10
[ 160.047808][ C0] ? __switch_to+0xc79/0x1410
[ 160.047835][ C0] ? __pfx_kthread+0x10/0x10
[ 160.047858][ C0] ret_from_fork_asm+0x1a/0x30
[ 160.047885][ C0]
[ 160.047892][ C0]
[ 160.047896][ C0] Allocated by task 6626:
[ 160.047905][ C0] kasan_save_track+0x3e/0x80
[ 160.047929][ C0] __kasan_kmalloc+0x93/0xb0
[ 160.047952][ C0] __kmalloc_cache_noprof+0x3a6/0x690
[ 160.047976][ C0] lmLogInit+0x3e5/0x1a00
[ 160.047997][ C0] lmLogOpen+0x4e1/0xfa0
[ 160.048017][ C0] jfs_mount_rw+0xee/0x670
[ 160.048037][ C0] jfs_fill_super+0x754/0xd80
[ 160.048052][ C0] get_tree_bdev_flags+0x431/0x4f0
[ 160.048077][ C0] vfs_get_tree+0x92/0x2a0
[ 160.048100][ C0] do_new_mount+0x341/0xd30
[ 160.048120][ C0] __se_sys_mount+0x31d/0x420
[ 160.048139][ C0] do_syscall_64+0x15f/0xf80
[ 160.048157][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 160.048174][ C0]
[ 160.048179][ C0] Freed by task 6442:
[ 160.048188][ C0] kasan_save_track+0x3e/0x80
[ 160.048216][ C0] kasan_save_free_info+0x46/0x50
[ 160.048234][ C0] __kasan_slab_free+0x5c/0x80
[ 160.048257][ C0] kfree+0x1c5/0x6c0
[ 160.048275][ C0] lmLogShutdown+0x456/0x850
[ 160.048296][ C0] lmLogClose+0x28a/0x520
[ 160.048316][ C0] jfs_umount+0x2fb/0x3d0
[ 160.048335][ C0] jfs_put_super+0x8c/0x190
[ 160.048354][ C0] generic_shutdown_super+0x13d/0x2d0
[ 160.048376][ C0] kill_block_super+0x44/0x90
[ 160.048400][ C0] deactivate_locked_super+0xbc/0x130
[ 160.048421][ C0] cleanup_mnt+0x437/0x4d0
[ 160.048444][ C0] task_work_run+0x1d9/0x270
[ 160.048467][ C0] exit_to_user_mode_loop+0xed/0x480
[ 160.048488][ C0] do_syscall_64+0x33e/0xf80
[ 160.048504][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 160.048520][ C0]
[ 160.048525][ C0] The buggy address belongs to the object at ffff88803d611000
[ 160.048525][ C0] which belongs to the cache kmalloc-256 of size 256
[ 160.048540][ C0] The buggy address is located 8 bytes inside of
[ 160.048540][ C0] freed 256-byte region [ffff88803d611000, ffff88803d611100)
[ 160.048558][ C0]
[ 160.048563][ C0] The buggy address belongs to the physical page:
[ 160.048581][ C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3d610
[ 160.048599][ C0] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 160.048614][ C0] flags: 0x80000000000040(head|node=0|zone=1)
[ 160.048634][ C0] page_type: f5(slab)
[ 160.048651][ C0] raw: 0080000000000040 ffff88813fe00b40 dead000000000100 dead000000000122
[ 160.048667][ C0] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 160.048684][ C0] head: 0080000000000040 ffff88813fe00b40 dead000000000100 dead000000000122
[ 160.048699][ C0] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 160.048715][ C0] head: 0080000000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[ 160.048730][ C0] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000002
[ 160.048739][ C0] page dumped because: kasan: bad access detected
[ 160.048752][ C0] page_owner tracks the page as allocated
[ 160.048759][ C0] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5167, tgid 5167 (udevd), ts 159645364282, free_ts 159404774644
[ 160.048790][ C0] post_alloc_hook+0x231/0x280
[ 160.048814][ C0] get_page_from_freelist+0x27c8/0x2840
[ 160.048831][ C0] __alloc_frozen_pages_noprof+0x18d/0x380
[ 160.048857][ C0] allocate_slab+0x77/0x660
[ 160.048875][ C0] refill_objects+0x33c/0x3d0
[ 160.048891][ C0] __pcs_replace_empty_main+0x373/0x720
[ 160.048910][ C0] __kmalloc_cache_noprof+0x44e/0x690
[ 160.048932][ C0] smk_fetch+0x95/0x140
[ 160.048950][ C0] smack_d_instantiate+0x757/0x990
[ 160.048975][ C0] security_d_instantiate+0x106/0x1d0
[ 160.048994][ C0] d_splice_alias_ops+0x71/0x370
[ 160.049010][ C0] __lookup_slow+0x2d2/0x440
[ 160.049031][ C0] lookup_slow+0x53/0x70
[ 160.049051][ C0] path_lookupat+0x3f5/0x8c0
[ 160.049071][ C0] filename_lookup+0x256/0x5d0
[ 160.049091][ C0] do_readlinkat+0xe3/0x510
[ 160.049110][ C0] page last free pid 20 tgid 20 stack trace:
[ 160.049119][ C0] __free_frozen_pages+0xf48/0x1080
[ 160.049141][ C0] rcu_cpu_kthread+0x99e/0x1470
[ 160.049163][ C0] smpboot_thread_fn+0x541/0xa50
[ 160.049181][ C0] kthread+0x388/0x470
[ 160.049207][ C0] ret_from_fork+0x514/0xb70
[ 160.049222][ C0] ret_from_fork_asm+0x1a/0x30
[ 160.049239][ C0]
[ 160.049244][ C0] Memory state around the buggy address:
[ 160.049254][ C0] ffff88803d610f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 160.049266][ C0] ffff88803d610f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 160.049277][ C0] >ffff88803d611000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 160.049287][ C0] ^
[ 160.049296][ C0] ffff88803d611080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 160.049308][ C0] ffff88803d611100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 160.049317][ C0] ==================================================================
[ 160.050859][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 160.050878][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 160.050900][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 160.050912][ C0] Call Trace:
[ 160.050920][ C0]
[ 160.050928][ C0] vpanic+0x56c/0xa60
[ 160.050950][ C0] ? __pfx_vpanic+0x10/0x10
[ 160.050969][ C0] ? __pfx___schedule+0x10/0x10
[ 160.051001][ C0] panic+0xc5/0xd0
[ 160.051019][ C0] ? __pfx_panic+0x10/0x10
[ 160.051038][ C0] ? preempt_schedule_thunk+0x16/0x30
[ 160.051066][ C0] ? lbmIODone+0x1312/0x16c0
[ 160.051091][ C0] check_panic_on_warn+0x89/0xb0
[ 160.051116][ C0] ? lbmIODone+0x1312/0x16c0
[ 160.051139][ C0] end_report+0x73/0x170
[ 160.051166][ C0] ? lbmIODone+0x1312/0x16c0
[ 160.051187][ C0] kasan_report+0x128/0x150
[ 160.051281][ C0] ? lbmIODone+0x1312/0x16c0
[ 160.051308][ C0] lbmIODone+0x1312/0x16c0
[ 160.051332][ C0] ? blkg_put+0x22/0x240
[ 160.051362][ C0] ? blkg_put+0x22/0x240
[ 160.051389][ C0] ? blkg_put+0x18d/0x240
[ 160.051412][ C0] ? bio_endio+0x989/0x9d0
[ 160.051429][ C0] blk_update_request+0x57e/0xe60
[ 160.051452][ C0] blk_mq_end_request+0x3e/0x70
[ 160.051470][ C0] blk_done_softirq+0x10a/0x160
[ 160.051488][ C0] handle_softirqs+0x1de/0x6d0
[ 160.051510][ C0] ? smpboot_thread_fn+0x4d/0xa50
[ 160.051530][ C0] run_ksoftirqd+0x52/0x180
[ 160.051551][ C0] smpboot_thread_fn+0x541/0xa50
[ 160.051572][ C0] ? smpboot_thread_fn+0x4d/0xa50
[ 160.051597][ C0] kthread+0x388/0x470
[ 160.051619][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 160.051639][ C0] ? __pfx_kthread+0x10/0x10
[ 160.051662][ C0] ret_from_fork+0x514/0xb70
[ 160.051682][ C0] ? __pfx_ret_from_fork+0x10/0x10
[ 160.051699][ C0] ? __switch_to+0xc79/0x1410
[ 160.051725][ C0] ? __pfx_kthread+0x10/0x10
[ 160.051749][ C0] ret_from_fork_asm+0x1a/0x30
[ 160.051775][ C0]
[ 160.052330][ C0] Kernel Offset: disabled