Warning: Permanently added '[localhost]:43185' (ED25519) to the list of known hosts.
2026/01/22 14:15:19 parsed 1 programs
syzkaller login: [   88.952254][ T5324] cgroup: Unknown subsys name 'net'
[   89.043436][ T5324] cgroup: Unknown subsys name 'cpuset'
[   89.049388][ T5324] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   90.876654][ T5324] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   91.877644][ T1225] cfg80211: failed to load regulatory.db
[   96.061995][ T5341] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   98.299247][ T4684] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   98.303386][ T4684] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   98.306716][ T4684] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   98.313663][ T4684] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   98.317033][ T4684] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   98.754102][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.757315][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.790906][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.794324][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.560981][ T5405] chnl_net:caif_netlink_parms(): no params data found
[  102.666876][ T5405] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.671023][ T5405] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.674316][ T5405] bridge_slave_0: entered allmulticast mode
[  102.678098][ T5405] bridge_slave_0: entered promiscuous mode
[  102.684579][ T5405] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.687697][ T5405] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.691948][ T5405] bridge_slave_1: entered allmulticast mode
[  102.695659][ T5405] bridge_slave_1: entered promiscuous mode
[  102.719694][ T5405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.726191][ T5405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.751624][ T5405] team0: Port device team_slave_0 added
[  102.756209][ T5405] team0: Port device team_slave_1 added
[  102.779912][ T5405] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.782891][ T5405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.794028][ T5405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.801394][ T5405] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.804436][ T5405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.815650][ T5405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.853768][ T5405] hsr_slave_0: entered promiscuous mode
[  102.857039][ T5405] hsr_slave_1: entered promiscuous mode
[  103.009495][ T5405] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  103.018840][ T5405] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  103.025085][ T5405] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  103.032527][ T5405] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  103.072444][ T5405] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.075442][ T5405] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.078980][ T5405] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.082053][ T5405] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.190694][ T5405] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.216610][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.221844][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.234725][ T5405] 8021q: adding VLAN 0 to HW filter on device team0
[  103.257944][ T3164] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.261209][ T3164] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.273385][ T3164] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.276746][ T3164] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.447435][ T5405] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.486819][ T5405] veth0_vlan: entered promiscuous mode
[  103.494928][ T5405] veth1_vlan: entered promiscuous mode
[  103.521051][ T5405] veth0_macvtap: entered promiscuous mode
[  103.527132][ T5405] veth1_macvtap: entered promiscuous mode
[  103.542479][ T5405] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.553847][ T5405] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.565461][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.576090][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.591084][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.608029][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.760379][   T43] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.804876][   T43] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.867130][   T43] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.950385][   T43] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/01/22 14:15:37 executed programs: 0
[  104.429121][   T46] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.433101][   T46] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  104.436287][   T46] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  104.439990][   T46] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.443319][   T46] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  104.601136][ T5437] chnl_net:caif_netlink_parms(): no params data found
[  104.691720][ T5437] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.694922][ T5437] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.698116][ T5437] bridge_slave_0: entered allmulticast mode
[  104.702241][ T5437] bridge_slave_0: entered promiscuous mode
[  104.706927][ T5437] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.710337][ T5437] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.713410][ T5437] bridge_slave_1: entered allmulticast mode
[  104.717109][ T5437] bridge_slave_1: entered promiscuous mode
[  104.754958][ T5437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.762128][ T5437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.787025][ T5437] team0: Port device team_slave_0 added
[  104.792520][ T5437] team0: Port device team_slave_1 added
[  104.818602][ T5437] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.821749][ T5437] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.833385][ T5437] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.840169][ T5437] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.843176][ T5437] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.854335][ T5437] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.930749][ T5437] hsr_slave_0: entered promiscuous mode
[  104.933835][ T5437] hsr_slave_1: entered promiscuous mode
[  104.937125][ T5437] debugfs: 'hsr0' already exists in 'hsr'
[  104.953495][ T5437] Cannot create hsr debugfs directory
[  106.107584][   T43] bridge_slave_1: left allmulticast mode
[  106.121776][   T43] bridge_slave_1: left promiscuous mode
[  106.124790][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.144775][   T43] bridge_slave_0: left allmulticast mode
[  106.147297][   T43] bridge_slave_0: left promiscuous mode
[  106.158446][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.480570][   T46] Bluetooth: hci0: command tx timeout
[  106.552745][   T43] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.560518][   T43] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.565319][   T43] bond0 (unregistering): Released all slaves
[  106.702750][   T43] hsr_slave_0: left promiscuous mode
[  106.714739][   T43] hsr_slave_1: left promiscuous mode
[  106.728546][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.731855][   T43] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.736304][   T43] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.746873][   T43] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.767443][   T43] veth1_macvtap: left promiscuous mode
[  106.778792][   T43] veth0_macvtap: left promiscuous mode
[  106.781535][   T43] veth1_vlan: left promiscuous mode
[  106.783859][   T43] veth0_vlan: left promiscuous mode
[  107.218188][   T43] team0 (unregistering): Port device team_slave_1 removed
[  107.244080][   T43] team0 (unregistering): Port device team_slave_0 removed
[  107.676259][ T5437] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.710480][ T5437] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  107.726351][ T5437] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  107.744381][ T5437] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.091946][ T5437] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.135650][ T5437] 8021q: adding VLAN 0 to HW filter on device team0
[  108.172094][ T3395] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.174919][ T3395] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.194267][ T3395] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.197411][ T3395] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.480414][ T5437] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.515404][ T5437] veth0_vlan: entered promiscuous mode
[  108.523805][ T5437] veth1_vlan: entered promiscuous mode
[  108.549856][ T5437] veth0_macvtap: entered promiscuous mode
[  108.555760][ T5437] veth1_macvtap: entered promiscuous mode
[  108.559735][   T46] Bluetooth: hci0: command tx timeout
[  108.577106][ T5437] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.586606][ T5437] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.597055][ T3943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.605925][ T3943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.612692][ T3943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.616705][ T3943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.681902][ T3395] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.685386][ T3395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.714838][ T3395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.718197][ T3395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.993833][ T5480] loop0: detected capacity change from 0 to 32768
[  109.055208][  T103] BUG: spinlock bad magic on CPU#0, jfsCommit/103
[  109.058096][  T103] ==================================================================
[  109.061758][  T103] BUG: KASAN: slab-out-of-bounds in string+0x231/0x2b0
[  109.064993][  T103] Read of size 1 at addr ffff8880372ac9d0 by task jfsCommit/103
[  109.068286][  T103] 
[  109.069451][  T103] CPU: 0 UID: 0 PID: 103 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  109.069466][  T103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  109.069478][  T103] Call Trace:
[  109.069485][  T103]  <TASK>
[  109.069496][  T103]  dump_stack_lvl+0xe8/0x150
[  109.069521][  T103]  print_report+0xba/0x230
[  109.069533][  T103]  ? string+0x231/0x2b0
[  109.069540][  T103]  kasan_report+0x117/0x150
[  109.069549][  T103]  ? number+0x51/0xf80
[  109.069557][  T103]  ? string+0x231/0x2b0
[  109.069565][  T103]  string+0x231/0x2b0
[  109.069573][  T103]  vsnprintf+0x739/0xee0
[  109.069583][  T103]  vprintk_store+0x371/0xd50
[  109.069595][  T103]  ? __pfx_vprintk_store+0x10/0x10
[  109.069605][  T103]  ? __irq_work_queue_local+0x1f2/0x540
[  109.069617][  T103]  ? __pfx___irq_work_queue_local+0x10/0x10
[  109.069628][  T103]  ? console_unlock+0x150/0x1c0
[  109.069641][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  109.069656][  T103]  ? is_printk_cpu_sync_owner+0x32/0x40
[  109.069672][  T103]  vprintk_emit+0x192/0x560
[  109.069685][  T103]  ? is_module_address+0x17/0xf0
[  109.069694][  T103]  ? __pfx_vprintk_emit+0x10/0x10
[  109.069707][  T103]  ? is_dynamic_key+0x1ac/0x1c0
[  109.069718][  T103]  _printk+0xdd/0x130
[  109.069739][  T103]  ? __pfx__printk+0x10/0x10
[  109.069758][  T103]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  109.069772][  T103]  spin_dump+0x101/0x1a0
[  109.069792][  T103]  do_raw_spin_lock+0x1e5/0x2f0
[  109.069803][  T103]  ? __wake_up_common_lock+0x2f/0x1f0
[  109.069815][  T103]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  109.069827][  T103]  _raw_spin_lock_irqsave+0x4c/0x60
[  109.069841][  T103]  __wake_up_common_lock+0x2f/0x1f0
[  109.069857][  T103]  release_metapage+0x13c/0xac0
[  109.069868][  T103]  ? txFreeMap+0xb19/0xde0
[  109.069881][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  109.069893][  T103]  xtTruncate+0xecd/0x2f20
[  109.069910][  T103]  ? __pfx_xtTruncate+0x10/0x10
[  109.069921][  T103]  ? __mark_inode_dirty+0x6a8/0x1320
[  109.069935][  T103]  ? __asan_memset+0x22/0x50
[  109.069947][  T103]  ? __dquot_initialize+0x21b/0xd30
[  109.069960][  T103]  jfs_free_zero_link+0x35b/0x4c0
[  109.069975][  T103]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  109.069988][  T103]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  109.070001][  T103]  ? do_raw_spin_lock+0x12b/0x2f0
[  109.070014][  T103]  jfs_evict_inode+0x363/0x440
[  109.070026][  T103]  ? evict+0x612/0xb10
[  109.070038][  T103]  ? __pfx_jfs_evict_inode+0x10/0x10
[  109.070050][  T103]  evict+0x61e/0xb10
[  109.070063][  T103]  ? __pfx_evict+0x10/0x10
[  109.070074][  T103]  ? _raw_spin_unlock+0x28/0x50
[  109.070085][  T103]  ? iput+0xcc2/0x1020
[  109.070099][  T103]  jfs_lazycommit+0x43d/0xaa0
[  109.070112][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.070131][  T103]  ? __pfx_default_wake_function+0x10/0x10
[  109.070143][  T103]  ? __kthread_parkme+0x7a/0x1f0
[  109.070155][  T103]  ? __kthread_parkme+0x19c/0x1f0
[  109.070168][  T103]  kthread+0x726/0x8b0
[  109.070183][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.070195][  T103]  ? __pfx_kthread+0x10/0x10
[  109.070209][  T103]  ? _raw_spin_unlock_irq+0x23/0x50
[  109.070221][  T103]  ? __pfx_kthread+0x10/0x10
[  109.070234][  T103]  ret_from_fork+0x51b/0xa40
[  109.070247][  T103]  ? __pfx_ret_from_fork+0x10/0x10
[  109.070258][  T103]  ? __switch_to+0xc82/0x1410
[  109.070274][  T103]  ? __pfx_kthread+0x10/0x10
[  109.070288][  T103]  ret_from_fork_asm+0x1a/0x30
[  109.070307][  T103]  </TASK>
[  109.070311][  T103] 
[  109.214553][  T103] The buggy address belongs to the object at ffff8880372ac940
[  109.214553][  T103]  which belongs to the cache jfs_ip of size 2216
[  109.220455][  T103] The buggy address is located 144 bytes inside of
[  109.220455][  T103]  allocated 2216-byte region [ffff8880372ac940, ffff8880372ad1e8)
[  109.226635][  T103] 
[  109.227694][  T103] The buggy address belongs to the physical page:
[  109.230593][  T103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x372a8
[  109.234403][  T103] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  109.238020][  T103] memcg:ffff888044797401
[  109.239971][  T103] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  109.243349][  T103] page_type: f5(slab)
[  109.245101][  T103] raw: 04fff00000000040 ffff888000a6cb40 dead000000000122 0000000000000000
[  109.248808][  T103] raw: 0000000000000000 00000000800d000d 00000000f5000000 ffff888044797401
[  109.252419][  T103] head: 04fff00000000040 ffff888000a6cb40 dead000000000122 0000000000000000
[  109.256137][  T103] head: 0000000000000000 00000000800d000d 00000000f5000000 ffff888044797401
[  109.259796][  T103] head: 04fff00000000003 ffffea0000dcaa01 00000000ffffffff 00000000ffffffff
[  109.263517][  T103] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  109.267298][  T103] page dumped because: kasan: bad access detected
[  109.270130][  T103] page_owner tracks the page as allocated
[  109.272641][  T103] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5480, tgid 5480 (syz.0.17), ts 109011225324, free_ts 107486588245
[  109.281918][  T103]  post_alloc_hook+0x228/0x280
[  109.284001][  T103]  get_page_from_freelist+0x24dc/0x2580
[  109.286470][  T103]  __alloc_frozen_pages_noprof+0x18d/0x380
[  109.289038][  T103]  alloc_pages_mpol+0x232/0x4a0
[  109.291244][  T103]  allocate_slab+0x86/0x3a0
[  109.293289][  T103]  ___slab_alloc+0xd82/0x1760
[  109.295347][  T103]  __slab_alloc+0x65/0x100
[  109.297333][  T103]  kmem_cache_alloc_lru_noprof+0x3ed/0x6c0
[  109.300025][  T103]  jfs_alloc_inode+0x28/0x70
[  109.302090][  T103]  alloc_inode+0x6a/0x1b0
[  109.304017][  T103]  new_inode+0x22/0x170
[  109.305886][  T103]  jfs_fill_super+0x569/0xd80
[  109.307956][  T103]  get_tree_bdev_flags+0x431/0x4f0
[  109.310258][  T103]  vfs_get_tree+0x92/0x2a0
[  109.312199][  T103]  do_new_mount+0x329/0xa50
[  109.314191][  T103]  __se_sys_mount+0x31d/0x420
[  109.316249][  T103] page last free pid 5029 tgid 5029 stack trace:
[  109.319017][  T103]  __free_frozen_pages+0xbb0/0xd10
[  109.321293][  T103]  __put_partials+0x146/0x170
[  109.323361][  T103]  __slab_free+0x294/0x320
[  109.325378][  T103]  qlist_free_all+0x97/0x100
[  109.327556][  T103]  kasan_quarantine_reduce+0x148/0x160
[  109.330129][  T103]  __kasan_slab_alloc+0x22/0x80
[  109.332355][  T103]  __kmalloc_node_track_caller_noprof+0x511/0x7f0
[  109.335144][  T103]  kmalloc_reserve+0x136/0x290
[  109.337283][  T103]  __alloc_skb+0x204/0x390
[  109.339338][  T103]  alloc_skb_with_frags+0xca/0x890
[  109.341633][  T103]  sock_alloc_send_pskb+0x878/0x990
[  109.343908][  T103]  unix_dgram_sendmsg+0x4fb/0x1820
[  109.346165][  T103]  __sock_sendmsg+0x21c/0x270
[  109.348206][  T103]  sock_write_iter+0x29e/0x3a0
[  109.350367][  T103]  do_iter_readv_writev+0x619/0x8c0
[  109.352658][  T103]  vfs_writev+0x33c/0x990
[  109.354533][  T103] 
[  109.355540][  T103] Memory state around the buggy address:
[  109.357891][  T103]  ffff8880372ac880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  109.361327][  T103]  ffff8880372ac900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.364713][  T103] >ffff8880372ac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.368098][  T103]                                                  ^
[  109.370974][  T103]  ffff8880372aca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.374771][  T103]  ffff8880372aca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  109.378141][  T103] ==================================================================
[  109.381633][  T103] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  109.384877][  T103] CPU: 0 UID: 0 PID: 103 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  109.388945][  T103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  109.393266][  T103] Call Trace:
[  109.394811][  T103]  <TASK>
[  109.396123][  T103]  vpanic+0x1e0/0x670
[  109.397879][  T103]  panic+0xc5/0xd0
[  109.399640][  T103]  ? __pfx_panic+0x10/0x10
[  109.401734][  T103]  ? string+0x231/0x2b0
[  109.403630][  T103]  ? rcu_is_watching+0x15/0xb0
[  109.405789][  T103]  ? string+0x231/0x2b0
[  109.407577][  T103]  ? string+0x231/0x2b0
[  109.409461][  T103]  check_panic_on_warn+0x89/0xb0
[  109.411633][  T103]  ? string+0x231/0x2b0
[  109.413551][  T103]  end_report+0x6f/0x140
[  109.415334][  T103]  kasan_report+0x128/0x150
[  109.417436][  T103]  ? number+0x51/0xf80
[  109.419243][  T103]  ? string+0x231/0x2b0
[  109.421153][  T103]  string+0x231/0x2b0
[  109.422998][  T103]  vsnprintf+0x739/0xee0
[  109.424911][  T103]  vprintk_store+0x371/0xd50
[  109.426945][  T103]  ? __pfx_vprintk_store+0x10/0x10
[  109.429227][  T103]  ? __irq_work_queue_local+0x1f2/0x540
[  109.431656][  T103]  ? __pfx___irq_work_queue_local+0x10/0x10
[  109.434203][  T103]  ? console_unlock+0x150/0x1c0
[  109.436356][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  109.438663][  T103]  ? is_printk_cpu_sync_owner+0x32/0x40
[  109.441178][  T103]  vprintk_emit+0x192/0x560
[  109.443238][  T103]  ? is_module_address+0x17/0xf0
[  109.445504][  T103]  ? __pfx_vprintk_emit+0x10/0x10
[  109.447798][  T103]  ? is_dynamic_key+0x1ac/0x1c0
[  109.450044][  T103]  _printk+0xdd/0x130
[  109.451817][  T103]  ? __pfx__printk+0x10/0x10
[  109.454030][  T103]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  109.456917][  T103]  spin_dump+0x101/0x1a0
[  109.459020][  T103]  do_raw_spin_lock+0x1e5/0x2f0
[  109.461215][  T103]  ? __wake_up_common_lock+0x2f/0x1f0
[  109.463585][  T103]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  109.465990][  T103]  _raw_spin_lock_irqsave+0x4c/0x60
[  109.468249][  T103]  __wake_up_common_lock+0x2f/0x1f0
[  109.470579][  T103]  release_metapage+0x13c/0xac0
[  109.472826][  T103]  ? txFreeMap+0xb19/0xde0
[  109.474854][  T103]  ? do_raw_spin_unlock+0x4d/0x210
[  109.477136][  T103]  xtTruncate+0xecd/0x2f20
[  109.479100][  T103]  ? __pfx_xtTruncate+0x10/0x10
[  109.481215][  T103]  ? __mark_inode_dirty+0x6a8/0x1320
[  109.483552][  T103]  ? __asan_memset+0x22/0x50
[  109.485646][  T103]  ? __dquot_initialize+0x21b/0xd30
[  109.488003][  T103]  jfs_free_zero_link+0x35b/0x4c0
[  109.490294][  T103]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  109.492805][  T103]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  109.495445][  T103]  ? do_raw_spin_lock+0x12b/0x2f0
[  109.497758][  T103]  jfs_evict_inode+0x363/0x440
[  109.499931][  T103]  ? evict+0x612/0xb10
[  109.501706][  T103]  ? __pfx_jfs_evict_inode+0x10/0x10
[  109.504058][  T103]  evict+0x61e/0xb10
[  109.506672][  T103]  ? __pfx_evict+0x10/0x10
[  109.508834][  T103]  ? _raw_spin_unlock+0x28/0x50
[  109.511173][  T103]  ? iput+0xcc2/0x1020
[  109.513091][  T103]  jfs_lazycommit+0x43d/0xaa0
[  109.515258][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.517628][  T103]  ? __pfx_default_wake_function+0x10/0x10
[  109.520257][  T103]  ? __kthread_parkme+0x7a/0x1f0
[  109.522452][  T103]  ? __kthread_parkme+0x19c/0x1f0
[  109.524769][  T103]  kthread+0x726/0x8b0
[  109.526620][  T103]  ? __pfx_jfs_lazycommit+0x10/0x10
[  109.528949][  T103]  ? __pfx_kthread+0x10/0x10
[  109.531117][  T103]  ? _raw_spin_unlock_irq+0x23/0x50
[  109.533431][  T103]  ? __pfx_kthread+0x10/0x10
[  109.535461][  T103]  ret_from_fork+0x51b/0xa40
[  109.537530][  T103]  ? __pfx_ret_from_fork+0x10/0x10
[  109.539836][  T103]  ? __switch_to+0xc82/0x1410
[  109.541926][  T103]  ? __pfx_kthread+0x10/0x10
[  109.544031][  T103]  ret_from_fork_asm+0x1a/0x30
[  109.546194][  T103]  </TASK>
[  109.547896][  T103] Kernel Offset: disabled
[  109.549890][  T103] Rebooting in 86400 seconds..