./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1368755424

<...>
Warning: Permanently added '10.128.1.7' (ED25519) to the list of known hosts.
execve("./syz-executor1368755424", ["./syz-executor1368755424"], 0x7ffd06ce33f0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555949ae000
brk(0x5555949aed00)                     = 0x5555949aed00
arch_prctl(ARCH_SET_FS, 0x5555949ae380) = 0
set_tid_address(0x5555949ae650)         = 5836
set_robust_list(0x5555949ae660, 24)     = 0
rseq(0x5555949aeca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1368755424", 4096) = 28
getrandom("\xc5\xe8\x75\x77\xd3\x70\x29\xf5", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555949aed00
brk(0x5555949cfd00)                     = 0x5555949cfd00
brk(0x5555949d0000)                     = 0x5555949d0000
mprotect(0x7f4331f69000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached
 <unfinished ...>
[pid  5837] set_robust_list(0x5555949ae660, 24 <unfinished ...>
[pid  5836] <... clone resumed>, child_tidptr=0x5555949ae650) = 5837
[pid  5837] <... set_robust_list resumed>) = 0
[pid  5837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5837] getppid()                   = 0
[pid  5837] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5837] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5837] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5837] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5837] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5837] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5837] unshare(CLONE_NEWNS)        = 0
[pid  5837] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5837] unshare(CLONE_NEWIPC)       = 0
[pid  5837] unshare(CLONE_NEWCGROUP)    = 0
[pid  5837] unshare(CLONE_NEWUTS)       = 0
[pid  5837] unshare(CLONE_SYSVSEM)      = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "16777216", 8)     = 8
[pid  5837] close(3)                    = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "536870912", 9)    = 9
[pid  5837] close(3)                    = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "1024", 4)         = 4
[pid  5837] close(3)                    = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "8192", 4)         = 4
[pid  5837] close(3)                    = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "1024", 4)         = 4
[pid  5837] close(3)                    = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "1024", 4)         = 4
[pid  5837] close(3)                    = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5837] close(3)                    = 0
[pid  5837] getpid()                    = 1
[pid  5837] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5837] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5837] unshare(CLONE_NEWNET)       = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "0 65535", 7)      = 7
[pid  5837] close(3)                    = 0
[pid  5837] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "100000", 6)       = 6
[pid  5837] close(3)                    = 0
[pid  5837] mkdir("./syz-tmp", 0777)    = 0
[pid  5837] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid  5837] mkdir("./syz-tmp/newroot", 0777) = 0
[pid  5837] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid  5837] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5837] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid  5837] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid  5837] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid  5837] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5837] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5837] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid  5837] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5837] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5837] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5837] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5837] mkdir("./syz-tmp/newroot/syz-inputs", 0700) = 0
[pid  5837] mount("/syz-inputs", "./syz-tmp/newroot/syz-inputs", NULL, MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5837] mkdir("./syz-tmp/pivot", 0777) = 0
[pid  5837] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid  5837] chdir("/")                  = 0
[pid  5837] umount2("./pivot", MNT_DETACH) = 0
[pid  5837] chroot("./newroot")         = 0
[pid  5837] chdir("/")                  = 0
[pid  5837] mkdir("/dev/gadgetfs", 0777) = 0
[pid  5837] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL) = 0
[pid  5837] mkdir("/dev/binderfs", 0777) = 0
[pid  5837] mount("binder", "/dev/binderfs", "binder", 0, NULL) = -1 ENODEV (No such device)
[pid  5837] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5837] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5837] write(1, "executing program\n", 18executing program
) = 18
[pid  5837] memfd_create("syzkaller", 0) = 3
[pid  5837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4329a00000
[pid  5837] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5837] munmap(0x7f4329a00000, 138412032) = 0
[pid  5837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5837] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5837] close(3)                    = 0
[pid  5837] close(4)                    = 0
[pid  5837] mkdir("./file7", 0777)      = 0
[pid  5837] mount("/dev/loop0", "./file7", "jfs", MS_SYNCHRONOUS|MS_NODIRATIME, "") = 0
[pid  5837] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5837] chdir("./file7")            = 0
[pid  5837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5837] rename("./file1", "./file0/file0") = 0
[  112.004028][ T5837] loop0: detected capacity change from 0 to 32768
[pid  5837] write(-1, NULL, 0)          = -1 EBADF (Bad file descriptor)
[pid  5837] exit_group(1)               = ?
[  112.098940][  T118] BUG: spinlock bad magic on CPU#0, jfsCommit/118
[  112.107325][  T118] ==================================================================
[  112.117054][  T118] BUG: KASAN: slab-out-of-bounds in string+0x227/0x2b0
[  112.125927][  T118] Read of size 1 at addr ffff888078b0d338 by task jfsCommit/118
[  112.142347][  T118] 
[  112.144712][  T118] CPU: 0 UID: 0 PID: 118 Comm: jfsCommit Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  112.144737][  T118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  112.144755][  T118] Call Trace:
[  112.144763][  T118]  <TASK>
[  112.144771][  T118]  dump_stack_lvl+0x241/0x360
[  112.144797][  T118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.144817][  T118]  ? rcu_is_watching+0x15/0xb0
[  112.144831][  T118]  ? __virt_addr_valid+0x183/0x530
[  112.144848][  T118]  ? lock_release+0x4e/0x3e0
[  112.144869][  T118]  ? __virt_addr_valid+0x183/0x530
[  112.144895][  T118]  ? __virt_addr_valid+0x183/0x530
[  112.144912][  T118]  print_report+0x16e/0x5b0
[  112.144934][  T118]  ? __virt_addr_valid+0x183/0x530
[  112.144950][  T118]  ? __virt_addr_valid+0x183/0x530
[  112.144966][  T118]  ? __virt_addr_valid+0x45f/0x530
[  112.144982][  T118]  ? __phys_addr+0xba/0x170
[  112.144998][  T118]  ? string+0x227/0x2b0
[  112.145017][  T118]  kasan_report+0x143/0x180
[  112.145034][  T118]  ? string+0x227/0x2b0
[  112.145054][  T118]  string+0x227/0x2b0
[  112.145075][  T118]  vsnprintf+0x8b6/0x1230
[  112.145093][  T118]  ? this_cpu_in_panic+0x4f/0x80
[  112.145118][  T118]  ? __pfx_vsnprintf+0x10/0x10
[  112.145142][  T118]  vprintk_store+0x484/0x1240
[  112.145159][  T118]  ? __pfx_console_flush_all+0x10/0x10
[  112.145174][  T118]  ? __pfx_vprintk_store+0x10/0x10
[  112.145187][  T118]  ? prb_read_valid+0xab/0xf0
[  112.145208][  T118]  ? __pfx___console_unlock+0x10/0x10
[  112.145228][  T118]  ? console_unlock+0x2fe/0x3b0
[  112.145243][  T118]  ? __irq_work_queue_local+0x137/0x410
[  112.145265][  T118]  ? is_printk_cpu_sync_owner+0x32/0x40
[  112.145284][  T118]  vprintk_emit+0x298/0xa40
[  112.145366][  T118]  ? __pfx_vprintk_emit+0x10/0x10
[  112.145396][  T118]  ? rcu_is_watching+0x15/0xb0
[  112.145415][  T118]  _printk+0xd5/0x120
[  112.145437][  T118]  ? __pfx__printk+0x10/0x10
[  112.145458][  T118]  ? is_dynamic_key+0x1ac/0x1c0
[  112.145481][  T118]  spin_bug+0x13b/0x1d0
[  112.145501][  T118]  do_raw_spin_lock+0x20d/0x370
[  112.145520][  T118]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  112.145541][  T118]  _raw_spin_lock_irqsave+0xe4/0x130
[  112.145624][  T118]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  112.145649][  T118]  ? __pfx___might_resched+0x10/0x10
[  112.145675][  T118]  __wake_up_common_lock+0x25/0x1e0
[  112.145696][  T118]  release_metapage+0x158/0xa90
[  112.145716][  T118]  xtTruncate+0x1026/0x32a0
[  112.145744][  T118]  ? __pfx_xtTruncate+0x10/0x10
[  112.145774][  T118]  jfs_free_zero_link+0x47f/0x700
[  112.145789][  T118]  ? inode_wait_for_writeback+0x115/0x2c0
[  112.145809][  T118]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  112.145828][  T118]  jfs_evict_inode+0x362/0x440
[  112.145841][  T118]  ? __pfx_jfs_evict_inode+0x10/0x10
[  112.145856][  T118]  evict+0x4f9/0x9b0
[  112.145880][  T118]  ? __pfx_evict+0x10/0x10
[  112.145903][  T118]  ? iput+0x713/0xa50
[  112.145922][  T118]  txUpdateMap+0x948/0xb20
[  112.145943][  T118]  ? __pfx_txUpdateMap+0x10/0x10
[  112.145968][  T118]  ? schedule+0x90/0x360
[  112.145992][  T118]  jfs_lazycommit+0x49c/0xba0
[  112.146010][  T118]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  112.146031][  T118]  ? lockdep_hardirqs_on+0x9d/0x150
[  112.146047][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  112.146065][  T118]  ? __pfx_default_wake_function+0x10/0x10
[  112.146086][  T118]  ? __kthread_parkme+0x1a8/0x200
[  112.146109][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  112.146129][  T118]  kthread+0x7b7/0x940
[  112.146145][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  112.146165][  T118]  ? __pfx_kthread+0x10/0x10
[  112.146181][  T118]  ? __pfx_kthread+0x10/0x10
[  112.146196][  T118]  ? __pfx_kthread+0x10/0x10
[  112.146212][  T118]  ? __pfx_kthread+0x10/0x10
[  112.146226][  T118]  ? _raw_spin_unlock_irq+0x23/0x50
[  112.146246][  T118]  ? lockdep_hardirqs_on+0x9d/0x150
[  112.146259][  T118]  ? __pfx_kthread+0x10/0x10
[  112.146274][  T118]  ret_from_fork+0x4b/0x80
[  112.146287][  T118]  ? __pfx_kthread+0x10/0x10
[  112.146302][  T118]  ret_from_fork_asm+0x1a/0x30
[  112.146332][  T118]  </TASK>
[  112.146338][  T118] 
[  112.720311][  T118] The buggy address belongs to the object at ffff888078b0d2f8
[  112.720311][  T118]  which belongs to the cache jfs_ip of size 2232
[  112.743035][  T118] The buggy address is located 64 bytes inside of
[  112.743035][  T118]  allocated 2232-byte region [ffff888078b0d2f8, ffff888078b0dbb0)
[  112.766238][  T118] 
[  112.771560][  T118] The buggy address belongs to the physical page:
[  112.781714][  T118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78b08
[  112.796325][  T118] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  112.806117][  T118] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  112.815898][  T118] page_type: f5(slab)
[  112.821134][  T118] raw: 00fff00000000040 ffff888148285780 dead000000000122 0000000000000000
[  112.839531][  T118] raw: 0000000000000000 00000000800d000d 00000000f5000000 0000000000000000
[  112.857732][  T118] head: 00fff00000000040 ffff888148285780 dead000000000122 0000000000000000
[  112.873593][  T118] head: 0000000000000000 00000000800d000d 00000000f5000000 0000000000000000
[  112.891022][  T118] head: 00fff00000000003 ffffea0001e2c201 00000000ffffffff 00000000ffffffff
[  112.904460][  T118] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  112.922070][  T118] page dumped because: kasan: bad access detected
[  112.933901][  T118] page_owner tracks the page as allocated
[  112.941248][  T118] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5837, tgid 5837 (syz-executor136), ts 112031705393, free_ts 38111334302
[  112.974556][  T118]  post_alloc_hook+0x1f4/0x240
[  112.981245][  T118]  get_page_from_freelist+0x360d/0x37b0
[  112.988230][  T118]  __alloc_frozen_pages_noprof+0x211/0x5b0
[  112.996463][  T118]  alloc_pages_mpol+0x339/0x690
[  113.003373][  T118]  allocate_slab+0x8f/0x3b0
[  113.009091][  T118]  ___slab_alloc+0xc3b/0x1500
[  113.019147][  T118]  __slab_alloc+0x58/0xa0
[  113.025959][  T118]  kmem_cache_alloc_lru_noprof+0x274/0x390
[  113.032700][  T118]  jfs_alloc_inode+0x28/0x70
[  113.039861][  T118]  alloc_inode+0x69/0x1b0
[  113.048222][  T118]  new_inode+0x22/0x180
[  113.053054][  T118]  jfs_fill_super+0x570/0xd90
[  113.065767][  T118]  get_tree_bdev_flags+0x490/0x5c0
[  113.072624][  T118]  vfs_get_tree+0x90/0x2b0
[  113.081225][  T118]  do_new_mount+0x2cf/0xb70
[  113.086559][  T118]  __se_sys_mount+0x38c/0x400
[  113.092666][  T118] page last free pid 1 tgid 1 stack trace:
[  113.101084][  T118]  __free_frozen_pages+0xddf/0x10a0
[  113.109432][  T118]  free_contig_range+0x154/0x430
[  113.121482][  T118]  destroy_args+0x94/0x4b0
[  113.133179][  T118]  debug_vm_pgtable+0x555/0x590
[  113.140104][  T118]  do_one_initcall+0x24a/0x940
[  113.149373][  T118]  do_initcall_level+0x157/0x210
[  113.157437][  T118]  do_initcalls+0x71/0xd0
[  113.163846][  T118]  kernel_init_freeable+0x432/0x5d0
[  113.171746][  T118]  kernel_init+0x1d/0x2b0
[  113.177644][  T118]  ret_from_fork+0x4b/0x80
[  113.183874][  T118]  ret_from_fork_asm+0x1a/0x30
[  113.192962][  T118] 
[  113.196779][  T118] Memory state around the buggy address:
[  113.206854][  T118]  ffff888078b0d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[  113.219939][  T118]  ffff888078b0d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  113.232185][  T118] >ffff888078b0d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  113.244200][  T118]                                         ^
[  113.250616][  T118]  ffff888078b0d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  113.261216][  T118]  ffff888078b0d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  113.272358][  T118] ==================================================================
[  113.285130][  T118] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  113.294410][  T118] CPU: 0 UID: 0 PID: 118 Comm: jfsCommit Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
[  113.311477][  T118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  113.340266][  T118] Call Trace:
[  113.346095][  T118]  <TASK>
[  113.349328][  T118]  dump_stack_lvl+0x241/0x360
[  113.355999][  T118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.363094][  T118]  ? __pfx__printk+0x10/0x10
[  113.370763][  T118]  ? vscnprintf+0x5d/0x90
[  113.378178][  T118]  panic+0x349/0x880
[  113.384519][  T118]  ? check_panic_on_warn+0x21/0xb0
[  113.394566][  T118]  ? __pfx_panic+0x10/0x10
[  113.402716][  T118]  ? do_raw_spin_unlock+0x13c/0x8b0
[  113.409471][  T118]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  113.418233][  T118]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  113.426904][  T118]  ? print_report+0x519/0x5b0
[  113.433135][  T118]  check_panic_on_warn+0x86/0xb0
[  113.440433][  T118]  ? string+0x227/0x2b0
[  113.444670][  T118]  end_report+0x77/0x160
[  113.454156][  T118]  kasan_report+0x154/0x180
[  113.459689][  T118]  ? string+0x227/0x2b0
[  113.466237][  T118]  string+0x227/0x2b0
[  113.471243][  T118]  vsnprintf+0x8b6/0x1230
[  113.477094][  T118]  ? this_cpu_in_panic+0x4f/0x80
[  113.484438][  T118]  ? __pfx_vsnprintf+0x10/0x10
[  113.491360][  T118]  vprintk_store+0x484/0x1240
[  113.496900][  T118]  ? __pfx_console_flush_all+0x10/0x10
[  113.502870][  T118]  ? __pfx_vprintk_store+0x10/0x10
[  113.508137][  T118]  ? prb_read_valid+0xab/0xf0
[  113.523605][  T118]  ? __pfx___console_unlock+0x10/0x10
[  113.533520][  T118]  ? console_unlock+0x2fe/0x3b0
[  113.541158][  T118]  ? __irq_work_queue_local+0x137/0x410
[  113.549264][  T118]  ? is_printk_cpu_sync_owner+0x32/0x40
[  113.555692][  T118]  vprintk_emit+0x298/0xa40
[  113.561862][  T118]  ? __pfx_vprintk_emit+0x10/0x10
[  113.570028][  T118]  ? rcu_is_watching+0x15/0xb0
[  113.577230][  T118]  _printk+0xd5/0x120
[  113.581573][  T118]  ? __pfx__printk+0x10/0x10
[  113.587877][  T118]  ? is_dynamic_key+0x1ac/0x1c0
[  113.594129][  T118]  spin_bug+0x13b/0x1d0
[  113.598868][  T118]  do_raw_spin_lock+0x20d/0x370
[  113.606423][  T118]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  113.615190][  T118]  _raw_spin_lock_irqsave+0xe4/0x130
[  113.622451][  T118]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  113.632087][  T118]  ? __pfx___might_resched+0x10/0x10
[  113.643836][  T118]  __wake_up_common_lock+0x25/0x1e0
[  113.651723][  T118]  release_metapage+0x158/0xa90
[  113.659003][  T118]  xtTruncate+0x1026/0x32a0
[  113.665351][  T118]  ? __pfx_xtTruncate+0x10/0x10
[  113.672348][  T118]  jfs_free_zero_link+0x47f/0x700
[  113.679711][  T118]  ? inode_wait_for_writeback+0x115/0x2c0
[  113.686597][  T118]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  113.694547][  T118]  jfs_evict_inode+0x362/0x440
[  113.705279][  T118]  ? __pfx_jfs_evict_inode+0x10/0x10
[  113.713432][  T118]  evict+0x4f9/0x9b0
[  113.719234][  T118]  ? __pfx_evict+0x10/0x10
[  113.724598][  T118]  ? iput+0x713/0xa50
[  113.731253][  T118]  txUpdateMap+0x948/0xb20
[  113.739283][  T118]  ? __pfx_txUpdateMap+0x10/0x10
[  113.746884][  T118]  ? schedule+0x90/0x360
[  113.753153][  T118]  jfs_lazycommit+0x49c/0xba0
[  113.764219][  T118]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  113.771783][  T118]  ? lockdep_hardirqs_on+0x9d/0x150
[  113.779060][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  113.790254][  T118]  ? __pfx_default_wake_function+0x10/0x10
[  113.797299][  T118]  ? __kthread_parkme+0x1a8/0x200
[  113.803822][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  113.810994][  T118]  kthread+0x7b7/0x940
[  113.816065][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  113.821828][  T118]  ? __pfx_kthread+0x10/0x10
[  113.832997][  T118]  ? __pfx_kthread+0x10/0x10
[  113.841065][  T118]  ? __pfx_kthread+0x10/0x10
[  113.845945][  T118]  ? __pfx_kthread+0x10/0x10
[  113.854242][  T118]  ? _raw_spin_unlock_irq+0x23/0x50
[  113.862257][  T118]  ? lockdep_hardirqs_on+0x9d/0x150
[  113.869755][  T118]  ? __pfx_kthread+0x10/0x10
[  113.875020][  T118]  ret_from_fork+0x4b/0x80
[  113.879886][  T118]  ? __pfx_kthread+0x10/0x10
[  113.885033][  T118]  ret_from_fork_asm+0x1a/0x30
[  113.891860][  T118]  </TASK>
[  113.896210][  T118] Kernel Offset: disabled
[  113.901206][  T118] Rebooting in 86400 seconds..