blkno = 5002c, nblocks = 1
ERROR: (device loop0): dbUpdatePMap: blocks are outside the map
ERROR: (device loop0): remounting filesystem as read-only
BUG: Bad page state in process jfsCommit pfn:108011
page:00000000a95b3a3e refcount:0 mapcount:0 mapping:0000000000000000 index:0x24 pfn:0x108011
flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
raw: 0000000000000024 ffff0000c192bd90 00000000ffffffff 0000000000000000
page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
Modules linked in:
CPU: 0 PID: 239 Comm: jfsCommit Not tainted 5.15.173-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
Call trace:
dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
dump_stack+0x1c/0x58 lib/dump_stack.c:113
bad_page+0x1a4/0x1c4 mm/page_alloc.c:652
check_free_page_bad mm/page_alloc.c:1199 [inline]
check_free_page mm/page_alloc.c:1209 [inline]
free_pages_prepare mm/page_alloc.c:1334 [inline]
free_pcp_prepare mm/page_alloc.c:1391 [inline]
free_unref_page_prepare+0x4ec/0xe30 mm/page_alloc.c:3317
free_unref_page+0x78/0x204 mm/page_alloc.c:3396
__put_single_page mm/swap.c:98 [inline]
__put_page+0xf8/0x134 mm/swap.c:129
put_page include/linux/mm.h:1247 [inline]
_metapage_homeok+0x138/0x288 fs/jfs/jfs_metapage.h:119
txUnlock+0x264/0xbb0 fs/jfs/jfs_txnmgr.c:932
txLazyCommit fs/jfs/jfs_txnmgr.c:2716 [inline]
jfs_lazycommit+0x4a0/0xa40 fs/jfs/jfs_txnmgr.c:2766
kthread+0x37c/0x45c kernel/kthread.c:334
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
page:00000000a95b3a3e refcount:0 mapcount:0 mapping:0000000000000000 index:0x24 pfn:0x108011
flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
raw: 0000000000000024 ffff0000c192bd90 00000000ffffffff 0000000000000000
page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u <= 127u))
------------[ cut here ]------------
kernel BUG at include/linux/mm.h:1213!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 239 Comm: jfsCommit Tainted: G B 5.15.173-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : get_page include/linux/mm.h:1213 [inline]
pc : put_metapage+0x280/0x2e4 fs/jfs/jfs_metapage.c:722
lr : get_page include/linux/mm.h:1213 [inline]
lr : put_metapage+0x280/0x2e4 fs/jfs/jfs_metapage.c:722
sp : ffff80001dfe7b80
x29: ffff80001dfe7b80 x28: dfff800000000000 x27: 1fffe000183257b7
x26: 1fffe000183257c4 x25: dfff800000000000 x24: 000000000000007f
x23: fffffc0003200474 x22: fffffc0003200440 x21: ffff0000c192bdb8
x20: ffff0000c192be20 x19: ffff0000c192bd90 x18: 1fffe00036831b8e
x17: 1fffe00036831b8e x16: ffff800011ab8a34 x15: ffff800014b5fa40
x14: ffff0001b418dc80 x13: ffff0001b418dc7c x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : 7f2e7b95c1e9dc00
x8 : 7f2e7b95c1e9dc00 x7 : 0000000000000000 x6 : ffff80000826abc8
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800008555e80
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000059
Call trace:
get_page include/linux/mm.h:1213 [inline]
put_metapage+0x280/0x2e4 fs/jfs/jfs_metapage.c:722
txUnlock+0x3e4/0xbb0 fs/jfs/jfs_txnmgr.c:947
txLazyCommit fs/jfs/jfs_txnmgr.c:2716 [inline]
jfs_lazycommit+0x4a0/0xa40 fs/jfs/jfs_txnmgr.c:2766
kthread+0x37c/0x45c kernel/kthread.c:334
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
Code: f0043321 91168021 aa1603e0 97bb220d (d4210000)
---[ end trace d1547dbd77fdef5d ]---