Warning: Permanently added '10.128.0.202' (ED25519) to the list of known hosts.
executing program
[   49.571186][ T5019] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5019 'syz-executor329'
[   49.696956][ T5019] loop0: detected capacity change from 0 to 32768
executing program
[   49.887692][ T5022] loop0: detected capacity change from 0 to 32768
[   50.439566][ T5023] read_mapping_page failed!
[   50.444231][ T5023] jfs_mount_rw: diMount failed!
[   50.452397][ T5017] ==================================================================
[   50.460452][ T5017] BUG: KASAN: double-free in __kmem_cache_free+0xb8/0x2f0
[   50.467552][ T5017] Free of addr ffff88807e668000 by task syz-executor329/5017
[   50.474890][ T5017] 
[   50.477188][ T5017] CPU: 0 PID: 5017 Comm: syz-executor329 Not tainted 6.5.0-rc5-syzkaller-00021-ga027b2eca0b7 #0
[   50.487672][ T5017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[   50.497699][ T5017] Call Trace:
[   50.500951][ T5017]  <TASK>
[   50.503856][ T5017]  dump_stack_lvl+0xd9/0x1b0
[   50.508430][ T5017]  print_report+0xc4/0x620
[   50.512828][ T5017]  ? __virt_addr_valid+0x5e/0x2d0
[   50.517830][ T5017]  ? __phys_addr+0xc6/0x140
[   50.522307][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   50.527310][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   50.532325][ T5017]  kasan_report_invalid_free+0xab/0xd0
[   50.537764][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   50.542761][ T5017]  ____kasan_slab_free+0x183/0x1b0
[   50.547849][ T5017]  slab_free_freelist_hook+0x10b/0x1e0
[   50.553279][ T5017]  ? diUnmount+0xf1/0x130
[   50.557591][ T5017]  __kmem_cache_free+0xb8/0x2f0
[   50.562418][ T5017]  diUnmount+0xf1/0x130
[   50.566551][ T5017]  jfs_umount+0x18a/0x430
[   50.570854][ T5017]  jfs_put_super+0x88/0x1d0
[   50.575347][ T5017]  ? jfs_quota_off+0x160/0x160
[   50.580084][ T5017]  generic_shutdown_super+0x158/0x480
[   50.585431][ T5017]  kill_block_super+0x64/0xb0
[   50.590080][ T5017]  deactivate_locked_super+0x9a/0x170
[   50.595428][ T5017]  deactivate_super+0xde/0x100
[   50.600165][ T5017]  cleanup_mnt+0x222/0x3d0
[   50.604553][ T5017]  task_work_run+0x14d/0x240
[   50.609124][ T5017]  ? task_work_cancel+0x30/0x30
[   50.613950][ T5017]  ? __x64_sys_umount+0x128/0x1a0
[   50.618946][ T5017]  exit_to_user_mode_prepare+0x210/0x240
[   50.624558][ T5017]  syscall_exit_to_user_mode+0x1d/0x50
[   50.629993][ T5017]  do_syscall_64+0x44/0xb0
[   50.634381][ T5017]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.640247][ T5017] RIP: 0033:0x7fc81d6e8df7
[   50.644650][ T5017] Code: 08 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   50.664248][ T5017] RSP: 002b:00007ffc43bfba38 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   50.672634][ T5017] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc81d6e8df7
[   50.680581][ T5017] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffc43bfbaf0
[   50.688528][ T5017] RBP: 00007ffc43bfbaf0 R08: 0000000000000000 R09: 0000000000000000
[   50.696562][ T5017] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffc43bfcbb0
[   50.704507][ T5017] R13: 0000555556f66700 R14: 431bde82d7b634db R15: 00007ffc43bfcb54
[   50.712541][ T5017]  </TASK>
[   50.715635][ T5017] 
[   50.717933][ T5017] Allocated by task 4461:
[   50.722228][ T5017]  kasan_save_stack+0x33/0x50
[   50.726884][ T5017]  kasan_set_track+0x25/0x30
[   50.731449][ T5017]  __kasan_kmalloc+0xa2/0xb0
[   50.736018][ T5017]  __kmalloc+0x5d/0x100
[   50.740150][ T5017]  tomoyo_realpath_from_path+0xb9/0x710
[   50.745689][ T5017]  tomoyo_check_open_permission+0x2aa/0x3b0
[   50.751561][ T5017]  tomoyo_file_open+0xa8/0xd0
[   50.756223][ T5017]  security_file_open+0x6a/0xe0
[   50.761049][ T5017]  do_dentry_open+0x538/0x1780
[   50.765783][ T5017]  path_openat+0x19af/0x29c0
[   50.770347][ T5017]  do_filp_open+0x1de/0x430
[   50.774819][ T5017]  do_sys_openat2+0x176/0x1e0
[   50.779469][ T5017]  __x64_sys_openat+0x175/0x210
[   50.784295][ T5017]  do_syscall_64+0x38/0xb0
[   50.788683][ T5017]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.794548][ T5017] 
[   50.796843][ T5017] Freed by task 4461:
[   50.800790][ T5017]  kasan_save_stack+0x33/0x50
[   50.805442][ T5017]  kasan_set_track+0x25/0x30
[   50.810007][ T5017]  kasan_save_free_info+0x2b/0x40
[   50.815015][ T5017]  ____kasan_slab_free+0x15e/0x1b0
[   50.820100][ T5017]  slab_free_freelist_hook+0x10b/0x1e0
[   50.825532][ T5017]  __kmem_cache_free+0xb8/0x2f0
[   50.830360][ T5017]  tomoyo_realpath_from_path+0x1a6/0x710
[   50.835984][ T5017]  tomoyo_check_open_permission+0x2aa/0x3b0
[   50.841852][ T5017]  tomoyo_file_open+0xa8/0xd0
[   50.846499][ T5017]  security_file_open+0x6a/0xe0
[   50.851327][ T5017]  do_dentry_open+0x538/0x1780
[   50.856071][ T5017]  path_openat+0x19af/0x29c0
[   50.860639][ T5017]  do_filp_open+0x1de/0x430
[   50.865115][ T5017]  do_sys_openat2+0x176/0x1e0
[   50.869767][ T5017]  __x64_sys_openat+0x175/0x210
[   50.874593][ T5017]  do_syscall_64+0x38/0xb0
[   50.878981][ T5017]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.884846][ T5017] 
[   50.887141][ T5017] The buggy address belongs to the object at ffff88807e668000
[   50.887141][ T5017]  which belongs to the cache kmalloc-4k of size 4096
[   50.901165][ T5017] The buggy address is located 0 bytes inside of
[   50.901165][ T5017]  4096-byte region [ffff88807e668000, ffff88807e669000)
[   50.914326][ T5017] 
[   50.916623][ T5017] The buggy address belongs to the physical page:
[   50.923002][ T5017] page:ffffea0001f99a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e668
[   50.933123][ T5017] head:ffffea0001f99a00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   50.942027][ T5017] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   50.950008][ T5017] page_type: 0xffffffff()
[   50.954312][ T5017] raw: 00fff00000010200 ffff888012842140 dead000000000122 0000000000000000
[   50.962872][ T5017] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[   50.971423][ T5017] page dumped because: kasan: bad access detected
[   50.977804][ T5017] page_owner tracks the page as allocated
[   50.983487][ T5017] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4461, tgid 4461 (syslogd), ts 50449459117, free_ts 50444213775
[   51.003689][ T5017]  post_alloc_hook+0x2d2/0x350
[   51.008451][ T5017]  get_page_from_freelist+0x10a9/0x31e0
[   51.013972][ T5017]  __alloc_pages+0x1d0/0x4a0
[   51.018536][ T5017]  alloc_pages+0x1a9/0x270
[   51.022945][ T5017]  allocate_slab+0x24e/0x380
[   51.027511][ T5017]  ___slab_alloc+0x8bc/0x1570
[   51.032159][ T5017]  __slab_alloc.constprop.0+0x56/0xa0
[   51.037504][ T5017]  __kmem_cache_alloc_node+0x137/0x350
[   51.042933][ T5017]  __kmalloc+0x4c/0x100
[   51.047065][ T5017]  tomoyo_realpath_from_path+0xb9/0x710
[   51.052588][ T5017]  tomoyo_check_open_permission+0x2aa/0x3b0
[   51.058456][ T5017]  tomoyo_file_open+0xa8/0xd0
[   51.063103][ T5017]  security_file_open+0x6a/0xe0
[   51.067932][ T5017]  do_dentry_open+0x538/0x1780
[   51.072669][ T5017]  path_openat+0x19af/0x29c0
[   51.077233][ T5017]  do_filp_open+0x1de/0x430
[   51.081725][ T5017] page last free stack trace:
[   51.086368][ T5017]  free_unref_page_prepare+0x508/0xb90
[   51.091800][ T5017]  free_unref_page+0x33/0x3b0
[   51.096465][ T5017]  diMount+0x806/0x8d0
[   51.100509][ T5017]  jfs_mount_rw+0x238/0x6f0
[   51.105014][ T5017]  jfs_remount+0x51b/0x650
[   51.109410][ T5017]  legacy_reconfigure+0x119/0x180
[   51.114424][ T5017]  reconfigure_super+0x44b/0xb10
[   51.119336][ T5017]  __do_sys_fsconfig+0xb1b/0xda0
[   51.124249][ T5017]  do_syscall_64+0x38/0xb0
[   51.128641][ T5017]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.134504][ T5017] 
[   51.136800][ T5017] Memory state around the buggy address:
[   51.142487][ T5017]  ffff88807e667f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.150517][ T5017]  ffff88807e667f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.158549][ T5017] >ffff88807e668000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   51.166664][ T5017]                    ^
[   51.170697][ T5017]  ffff88807e668080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   51.178731][ T5017]  ffff88807e668100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   51.186760][ T5017] ==================================================================
[   51.194951][ T5017] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   51.202132][ T5017] CPU: 0 PID: 5017 Comm: syz-executor329 Not tainted 6.5.0-rc5-syzkaller-00021-ga027b2eca0b7 #0
[   51.212523][ T5017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[   51.222646][ T5017] Call Trace:
[   51.225908][ T5017]  <TASK>
[   51.228822][ T5017]  dump_stack_lvl+0xd9/0x1b0
[   51.233397][ T5017]  panic+0x6a4/0x750
[   51.237276][ T5017]  ? panic_smp_self_stop+0xa0/0xa0
[   51.242378][ T5017]  ? preempt_schedule_thunk+0x1a/0x30
[   51.247741][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   51.252753][ T5017]  ? preempt_schedule_common+0x45/0xc0
[   51.258198][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   51.263207][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   51.268220][ T5017]  check_panic_on_warn+0xab/0xb0
[   51.273145][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   51.278158][ T5017]  end_report+0x108/0x150
[   51.282473][ T5017]  kasan_report_invalid_free+0xbb/0xd0
[   51.287920][ T5017]  ? __kmem_cache_free+0xb8/0x2f0
[   51.292933][ T5017]  ____kasan_slab_free+0x183/0x1b0
[   51.298035][ T5017]  slab_free_freelist_hook+0x10b/0x1e0
[   51.303481][ T5017]  ? diUnmount+0xf1/0x130
[   51.307883][ T5017]  __kmem_cache_free+0xb8/0x2f0
[   51.312720][ T5017]  diUnmount+0xf1/0x130
[   51.316867][ T5017]  jfs_umount+0x18a/0x430
[   51.321271][ T5017]  jfs_put_super+0x88/0x1d0
[   51.325759][ T5017]  ? jfs_quota_off+0x160/0x160
[   51.330509][ T5017]  generic_shutdown_super+0x158/0x480
[   51.335867][ T5017]  kill_block_super+0x64/0xb0
[   51.340533][ T5017]  deactivate_locked_super+0x9a/0x170
[   51.345887][ T5017]  deactivate_super+0xde/0x100
[   51.350645][ T5017]  cleanup_mnt+0x222/0x3d0
[   51.355042][ T5017]  task_work_run+0x14d/0x240
[   51.359626][ T5017]  ? task_work_cancel+0x30/0x30
[   51.364466][ T5017]  ? __x64_sys_umount+0x128/0x1a0
[   51.369473][ T5017]  exit_to_user_mode_prepare+0x210/0x240
[   51.375098][ T5017]  syscall_exit_to_user_mode+0x1d/0x50
[   51.380545][ T5017]  do_syscall_64+0x44/0xb0
[   51.384954][ T5017]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.390837][ T5017] RIP: 0033:0x7fc81d6e8df7
[   51.395234][ T5017] Code: 08 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   51.414917][ T5017] RSP: 002b:00007ffc43bfba38 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   51.423319][ T5017] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc81d6e8df7
[   51.431275][ T5017] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffc43bfbaf0
[   51.439227][ T5017] RBP: 00007ffc43bfbaf0 R08: 0000000000000000 R09: 0000000000000000
[   51.447268][ T5017] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffc43bfcbb0
[   51.455225][ T5017] R13: 0000555556f66700 R14: 431bde82d7b634db R15: 00007ffc43bfcb54
[   51.463187][ T5017]  </TASK>
[   51.467260][ T5017] Kernel Offset: disabled
[   51.471565][ T5017] Rebooting in 86400 seconds..