Warning: Permanently added '10.128.0.66' (ED25519) to the list of known hosts.
executing program
[ 71.812084][ T4249] loop0: detected capacity change from 0 to 32768
[ 71.834930][ T4249]
[ 71.834930][ T4249] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 71.834930][ T4249]
[ 71.863434][ T51]
[ 71.863434][ T51] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 71.863434][ T51]
[ 71.874336][ T51]
[ 71.874336][ T51] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 71.874336][ T51]
[ 71.888078][ T108]
[ 71.888078][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 71.888078][ T108]
[ 71.899740][ T4247]
[ 71.899740][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 71.899740][ T4247]
executing program
[ 71.913032][ T4247]
[ 71.913032][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 71.913032][ T4247]
[ 72.167669][ T4252] loop0: detected capacity change from 0 to 32768
[ 72.187132][ T4252]
[ 72.187132][ T4252] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.187132][ T4252]
[ 72.209661][ T11]
[ 72.209661][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
executing program
[ 72.209661][ T11]
[ 72.220566][ T11]
[ 72.220566][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.220566][ T11]
[ 72.231884][ T4247]
[ 72.231884][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.231884][ T4247]
[ 72.243982][ T108]
[ 72.243982][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.243982][ T108]
[ 72.256314][ T4247]
[ 72.256314][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.256314][ T4247]
[ 72.500532][ T4253] loop0: detected capacity change from 0 to 32768
[ 72.518354][ T4253]
[ 72.518354][ T4253] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.518354][ T4253]
[ 72.544909][ T51]
[ 72.544909][ T51] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.544909][ T51]
[ 72.555735][ T51]
[ 72.555735][ T51] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.555735][ T51]
[ 72.566989][ T108]
[ 72.566989][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.566989][ T108]
[ 72.577640][ T4247]
[ 72.577640][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.577640][ T4247]
[ 72.595129][ T4247]
executing program
[ 72.595129][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.595129][ T4247]
[ 72.840892][ T4254] loop0: detected capacity change from 0 to 32768
[ 72.856243][ T4254]
[ 72.856243][ T4254] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.856243][ T4254]
[ 72.875068][ T51]
[ 72.875068][ T51] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.875068][ T51]
[ 72.885906][ T51]
executing program
[ 72.885906][ T51] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.885906][ T51]
[ 72.896924][ T4247]
[ 72.896924][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.896924][ T4247]
[ 72.908673][ T108]
[ 72.908673][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.908673][ T108]
[ 72.919847][ T4247]
[ 72.919847][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 72.919847][ T4247]
[ 73.173386][ T4255] loop0: detected capacity change from 0 to 32768
[ 73.188008][ T4255]
[ 73.188008][ T4255] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.188008][ T4255]
[ 73.209969][ T11]
[ 73.209969][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.209969][ T11]
[ 73.220812][ T11]
executing program
[ 73.220812][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.220812][ T11]
[ 73.231701][ T107]
[ 73.231701][ T107] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.231701][ T107]
[ 73.242341][ T4247]
[ 73.242341][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.242341][ T4247]
[ 73.254549][ T4247]
[ 73.254549][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.254549][ T4247]
[ 73.502284][ T4256] loop0: detected capacity change from 0 to 32768
[ 73.517693][ T4256]
[ 73.517693][ T4256] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.517693][ T4256]
[ 73.538181][ T11]
[ 73.538181][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.538181][ T11]
[ 73.549370][ T11]
executing program
[ 73.549370][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.549370][ T11]
[ 73.560772][ T107]
[ 73.560772][ T107] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.560772][ T107]
[ 73.571392][ T4247]
[ 73.571392][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.571392][ T4247]
[ 73.582829][ T4247]
[ 73.582829][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.582829][ T4247]
[ 73.833357][ T4257] loop0: detected capacity change from 0 to 32768
[ 73.848195][ T4257]
[ 73.848195][ T4257] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.848195][ T4257]
[ 73.867244][ T11]
[ 73.867244][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.867244][ T11]
[ 73.878075][ T11]
executing program
[ 73.878075][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.878075][ T11]
[ 73.889532][ T107]
[ 73.889532][ T107] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.889532][ T107]
[ 73.900354][ T4247]
[ 73.900354][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.900354][ T4247]
[ 73.911746][ T4247]
[ 73.911746][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 73.911746][ T4247]
[ 74.162431][ T4258] loop0: detected capacity change from 0 to 32768
[ 74.181608][ T4258]
[ 74.181608][ T4258] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 74.181608][ T4258]
[ 74.203547][ T11]
[ 74.203547][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 74.203547][ T11]
[ 74.214453][ T11]
[ 74.214453][ T11] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 74.214453][ T11]
[ 74.225755][ T4247]
[ 74.225755][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 74.225755][ T4247]
[ 74.236728][ T4247]
[ 74.236728][ T4247] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 74.236728][ T4247]
[ 74.247295][ T108]
[ 74.247295][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 74.247295][ T108]
executing program
[ 74.266195][ T108] ==================================================================
[ 74.274408][ T108] BUG: KASAN: use-after-free in txEnd+0x329/0x520
[ 74.280890][ T108] Write of size 8 at addr ffff888074e0e040 by task jfsCommit/108
[ 74.288722][ T108]
[ 74.291093][ T108] CPU: 0 PID: 108 Comm: jfsCommit Not tainted 6.1.138-syzkaller #0
[ 74.299100][ T108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 74.309190][ T108] Call Trace:
[ 74.312563][ T108]
[ 74.315563][ T108] dump_stack_lvl+0x168/0x22e
[ 74.320362][ T108] ? __lock_acquire+0x7c50/0x7c50
[ 74.325393][ T108] ? show_regs_print_info+0x12/0x12
[ 74.330608][ T108] ? load_image+0x3b0/0x3b0
[ 74.335142][ T108] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 74.340527][ T108] ? __virt_addr_valid+0x188/0x540
[ 74.345663][ T108] ? __virt_addr_valid+0x465/0x540
[ 74.350806][ T108] ? txEnd+0x329/0x520
[ 74.354884][ T108] print_report+0xa8/0x220
[ 74.359307][ T108] kasan_report+0x10b/0x140
[ 74.363823][ T108] ? txEnd+0x329/0x520
[ 74.367904][ T108] kasan_check_range+0x27b/0x290
[ 74.372870][ T108] txEnd+0x329/0x520
[ 74.376799][ T108] jfs_lazycommit+0x5a2/0xa50
[ 74.381484][ T108] ? txFreelock+0x5a0/0x5a0
[ 74.385996][ T108] ? _raw_spin_unlock_irqrestore+0x82/0x100
[ 74.391905][ T108] ? do_task_dead+0xd0/0xd0
[ 74.396419][ T108] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 74.402323][ T108] ? __kthread_parkme+0x162/0x1c0
[ 74.407360][ T108] kthread+0x29d/0x330
[ 74.411433][ T108] ? txFreelock+0x5a0/0x5a0
[ 74.415941][ T108] ? kthread_blkcg+0xd0/0xd0
[ 74.420541][ T108] ret_from_fork+0x1f/0x30
[ 74.424972][ T108]
[ 74.427992][ T108]
[ 74.430311][ T108] Allocated by task 4258:
[ 74.434636][ T108] kasan_set_track+0x4b/0x70
[ 74.439237][ T108] __kasan_kmalloc+0x8e/0xa0
[ 74.443834][ T108] lmLogOpen+0x2c0/0xf90
[ 74.448082][ T108] jfs_mount_rw+0xf2/0x5c0
[ 74.452513][ T108] jfs_fill_super+0x58e/0xac0
[ 74.457205][ T108] mount_bdev+0x287/0x3c0
[ 74.461549][ T108] legacy_get_tree+0xe6/0x180
[ 74.466236][ T108] vfs_get_tree+0x88/0x270
[ 74.470657][ T108] do_new_mount+0x24a/0xa40
[ 74.475163][ T108] __se_sys_mount+0x2d6/0x3c0
[ 74.479846][ T108] do_syscall_64+0x4c/0xa0
[ 74.484269][ T108] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 74.490176][ T108]
[ 74.492503][ T108] Freed by task 4247:
[ 74.496500][ T108] kasan_set_track+0x4b/0x70
[ 74.501138][ T108] kasan_save_free_info+0x2d/0x50
[ 74.506164][ T108] ____kasan_slab_free+0x126/0x1e0
[ 74.511295][ T108] slab_free_freelist_hook+0x131/0x1a0
[ 74.516763][ T108] __kmem_cache_free+0xb6/0x1f0
[ 74.521626][ T108] lmLogClose+0x293/0x520
[ 74.525958][ T108] jfs_umount+0x28f/0x360
[ 74.530299][ T108] jfs_put_super+0x88/0x190
[ 74.534809][ T108] generic_shutdown_super+0x130/0x340
[ 74.540182][ T108] kill_block_super+0x7c/0xe0
[ 74.544859][ T108] deactivate_locked_super+0x93/0xf0
[ 74.550146][ T108] cleanup_mnt+0x463/0x4f0
[ 74.554568][ T108] task_work_run+0x1ca/0x250
[ 74.559165][ T108] exit_to_user_mode_loop+0xe6/0x110
[ 74.564454][ T108] exit_to_user_mode_prepare+0xb1/0x140
[ 74.570005][ T108] syscall_exit_to_user_mode+0x16/0x40
[ 74.575462][ T108] do_syscall_64+0x58/0xa0
[ 74.579889][ T108] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 74.585794][ T108]
[ 74.588126][ T108] The buggy address belongs to the object at ffff888074e0e000
[ 74.588126][ T108] which belongs to the cache kmalloc-1k of size 1024
[ 74.602195][ T108] The buggy address is located 64 bytes inside of
[ 74.602195][ T108] 1024-byte region [ffff888074e0e000, ffff888074e0e400)
[ 74.615484][ T108]
[ 74.617805][ T108] The buggy address belongs to the physical page:
[ 74.624222][ T108] page:ffffea0001d38200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x74e08
[ 74.634374][ T108] head:ffffea0001d38200 order:3 compound_mapcount:0 compound_pincount:0
[ 74.642699][ T108] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 74.650696][ T108] raw: 00fff00000010200 ffffea00009b3800 dead000000000002 ffff888017441dc0
[ 74.659306][ T108] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 74.667891][ T108] page dumped because: kasan: bad access detected
[ 74.674308][ T108] page_owner tracks the page as allocated
[ 74.680018][ T108] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3996, tgid 3996 (start-stop-daem), ts 48438642708, free_ts 48354170962
[ 74.701731][ T108] post_alloc_hook+0x173/0x1a0
[ 74.706509][ T108] get_page_from_freelist+0x1a26/0x1ac0
[ 74.712088][ T108] __alloc_pages+0x1df/0x4e0
[ 74.716700][ T108] alloc_slab_page+0x5d/0x160
[ 74.721382][ T108] new_slab+0x87/0x2c0
[ 74.725543][ T108] ___slab_alloc+0xbc6/0x1220
[ 74.730225][ T108] __kmem_cache_alloc_node+0x1a0/0x260
[ 74.735698][ T108] __kmalloc+0xa0/0x240
[ 74.739880][ T108] load_elf_binary+0x279/0x2850
[ 74.744736][ T108] bprm_execve+0xb10/0x18a0
[ 74.749260][ T108] do_execveat_common+0x51b/0x6c0
[ 74.754295][ T108] __x64_sys_execve+0x8e/0xa0
[ 74.758980][ T108] do_syscall_64+0x4c/0xa0
[ 74.763401][ T108] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 74.769304][ T108] page last free stack trace:
[ 74.773971][ T108] free_unref_page_prepare+0x8b4/0x9a0
[ 74.779457][ T108] free_unref_page+0x2e/0x3f0
[ 74.784141][ T108] __unfreeze_partials+0x1a5/0x200
[ 74.789255][ T108] put_cpu_partial+0x17c/0x250
[ 74.794021][ T108] qlist_free_all+0x76/0xe0
[ 74.798612][ T108] kasan_quarantine_reduce+0x144/0x160
[ 74.804073][ T108] __kasan_slab_alloc+0x1e/0x80
[ 74.808931][ T108] slab_post_alloc_hook+0x4b/0x480
[ 74.814046][ T108] kmem_cache_alloc_node+0x14d/0x320
[ 74.819333][ T108] __alloc_skb+0xfc/0x7e0
[ 74.823668][ T108] alloc_skb_with_frags+0xa7/0x710
[ 74.828807][ T108] sock_alloc_send_pskb+0x853/0x980
[ 74.834017][ T108] unix_dgram_sendmsg+0x57e/0x18d0
[ 74.839181][ T108] sock_write_iter+0x2b5/0x3a0
[ 74.843961][ T108] do_iter_write+0x62d/0xaf0
[ 74.848564][ T108] do_writev+0x24e/0x410
[ 74.852828][ T108]
[ 74.855150][ T108] Memory state around the buggy address:
[ 74.860775][ T108] ffff888074e0df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 74.868837][ T108] ffff888074e0df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 74.876922][ T108] >ffff888074e0e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 74.884984][ T108] ^
[ 74.891135][ T108] ffff888074e0e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 74.899194][ T108] ffff888074e0e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 74.907282][ T108] ==================================================================
[ 75.028134][ T108] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 75.035392][ T108] CPU: 1 PID: 108 Comm: jfsCommit Not tainted 6.1.138-syzkaller #0
[ 75.043314][ T108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 75.053403][ T108] Call Trace:
[ 75.056708][ T108]
[ 75.059668][ T108] dump_stack_lvl+0x168/0x22e
[ 75.064375][ T108] ? memcpy+0x3c/0x60
[ 75.068386][ T108] ? show_regs_print_info+0x12/0x12
[ 75.073619][ T108] ? load_image+0x3b0/0x3b0
[ 75.078166][ T108] panic+0x2c9/0x710
[ 75.082095][ T108] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 75.088277][ T108] ? bpf_jit_dump+0xd0/0xd0
[ 75.092819][ T108] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 75.098747][ T108] ? _raw_spin_unlock+0x40/0x40
[ 75.103634][ T108] check_panic_on_warn+0x80/0xa0
[ 75.108606][ T108] ? txEnd+0x329/0x520
[ 75.112723][ T108] end_report+0x66/0x110
[ 75.117000][ T108] kasan_report+0x118/0x140
[ 75.121536][ T108] ? txEnd+0x329/0x520
[ 75.125632][ T108] kasan_check_range+0x27b/0x290
[ 75.130607][ T108] txEnd+0x329/0x520
[ 75.134534][ T108] jfs_lazycommit+0x5a2/0xa50
[ 75.139267][ T108] ? txFreelock+0x5a0/0x5a0
[ 75.143777][ T108] ? _raw_spin_unlock_irqrestore+0x82/0x100
[ 75.149682][ T108] ? do_task_dead+0xd0/0xd0
[ 75.154190][ T108] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 75.160105][ T108] ? __kthread_parkme+0x162/0x1c0
[ 75.165135][ T108] kthread+0x29d/0x330
[ 75.169209][ T108] ? txFreelock+0x5a0/0x5a0
[ 75.173719][ T108] ? kthread_blkcg+0xd0/0xd0
[ 75.178329][ T108] ret_from_fork+0x1f/0x30
[ 75.182756][ T108]
[ 75.186064][ T108] Kernel Offset: disabled
[ 75.190392][ T108] Rebooting in 86400 seconds..