Warning: Permanently added '10.128.0.197' (ED25519) to the list of known hosts. executing program [ 38.295437][ T4297] loop0: detected capacity change from 0 to 32768 [ 38.318657][ T94] BUG: spinlock bad magic on CPU#0, jfsCommit/94 [ 38.320003][ T94] ================================================================== [ 38.321557][ T94] BUG: KASAN: slab-out-of-bounds in string+0x1dc/0x264 [ 38.322883][ T94] Read of size 1 at addr ffff0000e1b29ba0 by task jfsCommit/94 [ 38.324407][ T94] [ 38.324906][ T94] CPU: 0 PID: 94 Comm: jfsCommit Not tainted 6.1.119-syzkaller #0 [ 38.326556][ T94] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 38.328640][ T94] Call trace: [ 38.329306][ T94] dump_backtrace+0x1c8/0x1f4 [ 38.330242][ T94] show_stack+0x2c/0x3c [ 38.331076][ T94] dump_stack_lvl+0x108/0x170 [ 38.332012][ T94] print_report+0x174/0x4c0 [ 38.332947][ T94] kasan_report+0xd4/0x130 [ 38.333842][ T94] __asan_report_load1_noabort+0x2c/0x38 [ 38.334966][ T94] string+0x1dc/0x264 [ 38.335770][ T94] vsnprintf+0xe9c/0x1a8c [ 38.336649][ T94] vprintk_store+0x3c4/0xdc8 [ 38.337589][ T94] vprintk_emit+0x110/0x2e8 [ 38.338502][ T94] vprintk_default+0xa0/0xe4 [ 38.339458][ T94] vprintk+0x200/0x2d4 [ 38.340253][ T94] _printk+0xdc/0x128 [ 38.341058][ T94] spin_bug+0x120/0x240 [ 38.341917][ T94] do_raw_spin_lock+0x1fc/0x358 [ 38.342892][ T94] _raw_spin_lock_irqsave+0x74/0xb4 [ 38.343931][ T94] __wake_up+0xec/0x1a8 [ 38.344777][ T94] release_metapage+0x19c/0xc84 [ 38.345740][ T94] xtTruncate+0xc78/0x2a08 [ 38.346658][ T94] jfs_free_zero_link+0x374/0x598 [ 38.347722][ T94] jfs_evict_inode+0x300/0x3f4 [ 38.348675][ T94] evict+0x418/0x894 [ 38.349439][ T94] iput+0x7c0/0x8a4 [ 38.350181][ T94] txUpdateMap+0x73c/0x8e4 [ 38.351071][ T94] jfs_lazycommit+0x3a0/0x988 [ 38.352003][ T94] kthread+0x250/0x2d8 [ 38.352816][ T94] ret_from_fork+0x10/0x20 [ 38.353711][ T94] [ 38.354198][ T94] Allocated by task 4296: [ 38.355047][ T94] kasan_set_track+0x4c/0x80 [ 38.355954][ T94] kasan_save_alloc_info+0x24/0x30 [ 38.357019][ T94] __kasan_slab_alloc+0x74/0x8c [ 38.358003][ T94] slab_post_alloc_hook+0x74/0x458 [ 38.359045][ T94] kmem_cache_alloc_lru+0x1ac/0x2f8 [ 38.360116][ T94] jfs_alloc_inode+0x2c/0x68 [ 38.361055][ T94] iget_locked+0x170/0x708 [ 38.361946][ T94] jfs_iget+0x30/0x364 [ 38.362777][ T94] jfs_lookup+0x1e8/0x39c [ 38.363725][ T94] __lookup_slow+0x250/0x374 [ 38.364778][ T94] lookup_slow+0x60/0x84 [ 38.365704][ T94] walk_component+0x280/0x36c [ 38.366684][ T94] path_lookupat+0x13c/0x3d0 [ 38.367614][ T94] filename_lookup+0x1d4/0x4e0 [ 38.368584][ T94] user_path_at_empty+0x5c/0x84 [ 38.369582][ T94] __arm64_sys_umount+0xf8/0x17c [ 38.370582][ T94] invoke_syscall+0x98/0x2bc [ 38.371552][ T94] el0_svc_common+0x138/0x258 [ 38.372496][ T94] do_el0_svc+0x58/0x13c [ 38.373459][ T94] el0_svc+0x58/0x168 [ 38.374226][ T94] el0t_64_sync_handler+0x84/0xf0 [ 38.375327][ T94] el0t_64_sync+0x18c/0x190 [ 38.376277][ T94] [ 38.376742][ T94] The buggy address belongs to the object at ffff0000e1b29280 [ 38.376742][ T94] which belongs to the cache jfs_ip of size 2240 [ 38.379554][ T94] The buggy address is located 96 bytes to the right of [ 38.379554][ T94] 2240-byte region [ffff0000e1b29280, ffff0000e1b29b40) [ 38.382373][ T94] [ 38.382826][ T94] The buggy address belongs to the physical page: [ 38.384278][ T94] page:000000001286ea81 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x121b28 [ 38.386361][ T94] head:000000001286ea81 order:3 compound_mapcount:0 compound_pincount:0 [ 38.388048][ T94] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 38.389677][ T94] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c6ee5e00 [ 38.391408][ T94] raw: 0000000000000000 00000000800d000d 00000001ffffffff 0000000000000000 [ 38.393259][ T94] page dumped because: kasan: bad access detected [ 38.394622][ T94] [ 38.395093][ T94] Memory state around the buggy address: [ 38.396231][ T94] ffff0000e1b29a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.397830][ T94] ffff0000e1b29b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 38.399450][ T94] >ffff0000e1b29b80: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 38.401077][ T94] ^ [ 38.402294][ T94] ffff0000e1b29c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.403911][ T94] ffff0000e1b29c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.405595][ T94] ================================================================== [ 38.319996][ T94] lock: 0xffff0000e1b29328, .magic: ffff8000, .owner: /0, .owner_cpu: 512 [ 38.408962][ T94] CPU: 0 PID: 94 Comm: jfsCommit Tainted: G B 6.1.119-syzkaller #0 [ 38.410938][ T94] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 38.412946][ T94] Call trace: [ 38.413610][ T94] dump_backtrace+0x1c8/0x1f4 [ 38.414599][ T94] show_stack+0x2c/0x3c [ 38.415439][ T94] dump_stack_lvl+0x108/0x170 [ 38.416381][ T94] dump_stack+0x1c/0x58 [ 38.417210][ T94] spin_bug+0x124/0x240 [ 38.418046][ T94] do_raw_spin_lock+0x1fc/0x358 [ 38.419061][ T94] _raw_spin_lock_irqsave+0x74/0xb4 [ 38.420184][ T94] __wake_up+0xec/0x1a8 [ 38.421131][ T94] release_metapage+0x19c/0xc84 [ 38.422079][ T94] xtTruncate+0xc78/0x2a08 [ 38.422957][ T94] jfs_free_zero_link+0x374/0x598 [ 38.423982][ T94] jfs_evict_inode+0x300/0x3f4 [ 38.424951][ T94] evict+0x418/0x894 [ 38.425736][ T94] iput+0x7c0/0x8a4 [ 38.426491][ T94] txUpdateMap+0x73c/0x8e4 [ 38.427368][ T94] jfs_lazycommit+0x3a0/0x988 [ 38.428281][ T94] kthread+0x250/0x2d8 [ 38.429083][ T94] ret_from_fork+0x10/0x20 [ 38.430101][ T94] ================================================================================ [ 38.432062][ T94] UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:131:9 [ 38.433706][ T94] index 1182 is out of range for type 'unsigned long[8]' [ 38.435088][ T94] CPU: 0 PID: 94 Comm: jfsCommit Tainted: G B 6.1.119-syzkaller #0 [ 38.436932][ T94] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 38.439250][ T94] Call trace: [ 38.439948][ T94] dump_backtrace+0x1c8/0x1f4 [ 38.440883][ T94] show_stack+0x2c/0x3c [ 38.441735][ T94] dump_stack_lvl+0x108/0x170 [ 38.442688][ T94] dump_stack+0x1c/0x58 [ 38.443516][ T94] __ubsan_handle_out_of_bounds+0xfc/0x148 [ 38.444670][ T94] queued_spin_lock_slowpath+0x9fc/0xe48 [ 38.445865][ T94] do_raw_spin_lock+0x330/0x358 [ 38.446894][ T94] _raw_spin_lock_irqsave+0x74/0xb4 [ 38.447925][ T94] __wake_up+0xec/0x1a8 [ 38.448814][ T94] release_metapage+0x19c/0xc84 [ 38.449784][ T94] xtTruncate+0xc78/0x2a08 [ 38.450674][ T94] jfs_free_zero_link+0x374/0x598 [ 38.451685][ T94] jfs_evict_inode+0x300/0x3f4 [ 38.452661][ T94] evict+0x418/0x894 [ 38.453456][ T94] iput+0x7c0/0x8a4 [ 38.454215][ T94] txUpdateMap+0x73c/0x8e4 [ 38.455224][ T94] jfs_lazycommit+0x3a0/0x988 [ 38.456235][ T94] kthread+0x250/0x2d8 [ 38.457049][ T94] ret_from_fork+0x10/0x20 [ 38.457964][ T94] ================================================================================ [ 38.459826][ T94] Unable to handle kernel paging request at virtual address ffff8000159e7f60 [ 38.461565][ T94] KASAN: probably user-memory-access in range [0x00000000acf3fb00-0x00000000acf3fb07] [ 38.463464][ T94] Mem abort info: [ 38.464258][ T94] ESR = 0x0000000096000047 [ 38.465303][ T94] EC = 0x25: DABT (current EL), IL = 32 bits [ 38.466622][ T94] SET = 0, FnV = 0 [ 38.467405][ T94] EA = 0, S1PTW = 0 [ 38.468202][ T94] FSC = 0x07: level 3 translation fault [ 38.469340][ T94] Data abort info: [ 38.470074][ T94] ISV = 0, ISS = 0x00000047 [ 38.471005][ T94] CM = 0, WnR = 1 [ 38.471779][ T94] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000001ab212000 [ 38.473414][ T94] [ffff8000159e7f60] pgd=100000023ffff003, p4d=100000023ffff003, pud=100000023fffe003, pmd=100000023fffa003, pte=0000000000000000 [ 38.476172][ T94] Internal error: Oops: 0000000096000047 [#1] PREEMPT SMP [ 38.477640][ T94] Modules linked in: [ 38.478362][ T94] CPU: 0 PID: 94 Comm: jfsCommit Tainted: G B 6.1.119-syzkaller #0 [ 38.479844][ T94] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 38.481513][ T94] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 38.483196][ T94] pc : queued_spin_lock_slowpath+0x3f4/0xe48 [ 38.484490][ T94] lr : queued_spin_lock_slowpath+0x9fc/0xe48 [ 38.485657][ T94] sp : ffff80001de47200 [ 38.486486][ T94] x29: ffff80001de472a0 x28: 000000000000127e x27: 1ffff00003bc8e4c [ 38.488138][ T94] x26: dfff800000000000 x25: 1fffe0001c365265 x24: 0000000000040000 [ 38.489739][ T94] x23: ffff0001b3cf5f48 x22: ffff8000159e7f60 x21: ffff0001b3cf5f40 [ 38.491489][ T94] x20: 1fffe0003679ebe8 x19: ffff0000e1b29328 x18: ffff80001de47860 [ 38.493194][ T94] x17: 3d3d3d3d3d3d3d3d x16: ffff800012325074 x15: 0000000000000000 [ 38.494871][ T94] x14: 00000000ffffffff x13: 0000000000000001 x12: ffff7000030c3ab0 [ 38.496482][ T94] x11: 0000000000ff0100 x10: ffff8000159e7f40 x9 : 0000000000000002 [ 38.498154][ T94] x8 : 0000000000000000 x7 : 0000000000000001 x6 : 0000000000000001 [ 38.499732][ T94] x5 : ffff80001de46ab8 x4 : ffff800015b630e0 x3 : ffff8000081a7abc [ 38.501426][ T94] x2 : 0000000000000001 x1 : 0000000000000004 x0 : ffff0001b3cf5f48 [ 38.503027][ T94] Call trace: [ 38.503692][ T94] queued_spin_lock_slowpath+0x3f4/0xe48 [ 38.504826][ T94] do_raw_spin_lock+0x330/0x358 [ 38.505804][ T94] _raw_spin_lock_irqsave+0x74/0xb4 [ 38.506864][ T94] __wake_up+0xec/0x1a8 [ 38.507699][ T94] release_metapage+0x19c/0xc84 [ 38.508750][ T94] xtTruncate+0xc78/0x2a08 [ 38.509674][ T94] jfs_free_zero_link+0x374/0x598 [ 38.510675][ T94] jfs_evict_inode+0x300/0x3f4 [ 38.511838][ T94] evict+0x418/0x894 [ 38.512628][ T94] iput+0x7c0/0x8a4 [ 38.513384][ T94] txUpdateMap+0x73c/0x8e4 [ 38.514284][ T94] jfs_lazycommit+0x3a0/0x988 [ 38.515215][ T94] kthread+0x250/0x2d8 [ 38.516018][ T94] ret_from_fork+0x10/0x20 [ 38.516912][ T94] Code: aa1603e0 976c7a11 aa1703e0 52800081 (f90002d5) [ 38.518321][ T94] ---[ end trace 0000000000000000 ]--- [ 38.875452][ T94] Kernel panic - not syncing: Oops: Fatal exception [ 38.876897][ T94] SMP: stopping secondary CPUs [ 38.877920][ T94] Kernel Offset: disabled [ 38.878816][ T94] CPU features: 0x080000,02070084,26017203 [ 38.879969][ T94] Memory Limit: none [ 39.185246][ T94] Rebooting in 86400 seconds..