I added func:line to the three identical prints out of the assertions (one later in the code); this is the else case in _assert_sbuf_integrity. The code in questions comes out of debugfs but it makes me question if there can be a simply create and delete combination as a reproducer? I haven't dug in yet. panic: _assert_sbuf_integrity:122: wrote past end of sbuf (0 >= 0) cpuid = 3 time = 1666385636 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe008a3047b0 vpanic() at vpanic+0x151/frame 0xfffffe008a304800 panic() at panic+0x43/frame 0xfffffe008a304860 sbuf_setpos() at sbuf_setpos/frame 0xfffffe008a304870 sbuf_delete() at sbuf_delete+0x18/frame 0xfffffe008a304890 ..