Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   71.096904][ T3547] loop0: detected capacity change from 0 to 32768
[   71.113920][ T3547] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[   71.113920][ T3547] 
[   71.126767][ T3547] ERROR: (device loop0): remounting filesystem as read-only
[   71.134193][ T3547] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 3
[   71.134193][ T3547] 
executing program
[   71.145930][ T3547] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 4
[   71.145930][ T3547] 
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   76.159470][  T133] BUG: Bad page state in process jfsCommit  pfn:245bd
[   76.166388][  T133] page:ffffea0000916f40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x245bd
[   76.178036][  T133] flags: 0xfff00000002047(locked|referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[   76.190023][  T133] raw: 00fff00000002047 dead000000000100 dead000000000122 0000000000000000
[   76.199033][  T133] raw: 000000000000001c ffff8880784539b0 00000000ffffffff 0000000000000000
[   76.207802][  T133] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   76.215355][  T133] page_owner tracks the page as allocated
[   76.221592][  T133] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40c40(GFP_NOFS|__GFP_COMP), pid 3547, tgid 3547 (syz-executor813), ts 71112326012, free_ts 34334847206
[   76.238982][  T133]  post_alloc_hook+0x18d/0x1b0
[   76.243991][  T133]  get_page_from_freelist+0x32ed/0x3480
[   76.249690][  T133]  __alloc_pages+0x28d/0x770
[   76.254572][  T133]  folio_alloc+0x1a/0x50
executing program
[   76.258985][  T133]  filemap_alloc_folio+0xda/0x4f0
[   76.264272][  T133]  do_read_cache_folio+0x2a7/0x810
[   76.269771][  T133]  do_read_cache_page+0x32/0x220
[   76.274772][  T133]  __get_metapage+0x32c/0x10e0
[   76.280000][  T133]  diRead+0x5e9/0xad0
[   76.287532][  T133]  jfs_iget+0x88/0x3b0
[   76.293808][  T133]  jfs_fill_super+0x804/0xc40
[   76.299298][  T133]  mount_bdev+0x2c9/0x3f0
[   76.303695][  T133]  legacy_get_tree+0xeb/0x180
[   76.308806][  T133]  vfs_get_tree+0x88/0x270
[   76.313276][  T133]  do_new_mount+0x28b/0xae0
[   76.318215][  T133]  __se_sys_mount+0x2d5/0x3c0
[   76.322934][  T133] page last free stack trace:
[   76.327988][  T133]  free_unref_page_prepare+0xf63/0x1120
[   76.333590][  T133]  free_unref_page+0x98/0x570
[   76.338725][  T133]  __unfreeze_partials+0x1b7/0x210
[   76.343899][  T133]  put_cpu_partial+0x116/0x180
[   76.349074][  T133]  qlist_free_all+0x22/0x60
[   76.353620][  T133]  kasan_quarantine_reduce+0x162/0x180
[   76.359497][  T133]  __kasan_slab_alloc+0x1f/0x70
[   76.364406][  T133]  slab_post_alloc_hook+0x50/0x370
[   76.369967][  T133]  __kmem_cache_alloc_node+0x137/0x260
[   76.375472][  T133]  __kmalloc+0xa1/0x230
[   76.380080][  T133]  tomoyo_supervisor+0xeda/0x12d0
[   76.385145][  T133]  tomoyo_env_perm+0x174/0x210
[   76.390285][  T133]  tomoyo_find_next_domain+0x137e/0x1cd0
[   76.395957][  T133]  tomoyo_bprm_check_security+0xdb/0x120
[   76.402043][  T133]  security_bprm_check+0x5f/0xa0
[   76.407684][  T133]  bprm_execve+0x850/0x1820
[   76.412306][  T133] Modules linked in:
[   76.416376][  T133] CPU: 1 PID: 133 Comm: jfsCommit Not tainted 6.1.35-syzkaller #0
[   76.424237][  T133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   76.434319][  T133] Call Trace:
[   76.437716][  T133]  <TASK>
[   76.440676][  T133]  dump_stack_lvl+0x1e3/0x2cb
[   76.445429][  T133]  ? nf_tcp_handle_invalid+0x642/0x642
[   76.450927][  T133]  ? is_module_text_address+0x160/0x160
[   76.456526][  T133]  bad_page+0x14b/0x170
[   76.460718][  T133]  free_unref_page_prepare+0x56b/0x1120
[   76.466319][  T133]  free_unref_page+0x98/0x570
[   76.471426][  T133]  ? mem_cgroup_swapin_uncharge_swap+0x20/0x20
[   76.477627][  T133]  ? mark_free_pages+0x420/0x420
[   76.482629][  T133]  ? do_raw_spin_unlock+0x137/0x8a0
[   76.487899][  T133]  txUnlock+0x282/0xca0
[   76.492123][  T133]  ? lockdep_hardirqs_on+0x94/0x130
[   76.497386][  T133]  jfs_lazycommit+0x5d0/0xb60
[   76.502136][  T133]  ? txFreelock+0x580/0x580
[   76.506690][  T133]  ? do_task_dead+0xc0/0xc0
[   76.511243][  T133]  ? _raw_spin_unlock+0x40/0x40
[   76.516219][  T133]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   76.522257][  T133]  ? __kthread_parkme+0x15c/0x1c0
[   76.527337][  T133]  kthread+0x26e/0x300
[   76.531452][  T133]  ? txFreelock+0x580/0x580
[   76.536016][  T133]  ? kthread_blkcg+0xd0/0xd0
[   76.540653][  T133]  ret_from_fork+0x1f/0x30
[   76.545131][  T133]  </TASK>
[   76.558034][  T133] Disabling lock debugging due to kernel taint
[   76.564242][  T133] page:ffffea0000916f40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x245bd
[   76.587265][  T133] flags: 0xfff00000002047(locked|referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[   76.617219][  T133] raw: 00fff00000002047 dead000000000100 dead000000000122 0000000000000000
[   76.625861][  T133] raw: 000000000000001c ffff8880784539b0 00000000ffffffff 0000000000000000
[   76.647206][  T133] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[   76.667207][  T133] page_owner tracks the page as allocated
[   76.672970][  T133] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40c40(GFP_NOFS|__GFP_COMP), pid 3547, tgid 3547 (syz-executor813), ts 71112326012, free_ts 34334847206
[   76.690651][  T133]  post_alloc_hook+0x18d/0x1b0
[   76.695485][  T133]  get_page_from_freelist+0x32ed/0x3480
[   76.701436][  T133]  __alloc_pages+0x28d/0x770
[   76.706075][  T133]  folio_alloc+0x1a/0x50
[   76.710667][  T133]  filemap_alloc_folio+0xda/0x4f0
[   76.715743][  T133]  do_read_cache_folio+0x2a7/0x810
[   76.728236][  T133]  do_read_cache_page+0x32/0x220
[   76.733281][  T133]  __get_metapage+0x32c/0x10e0
[   76.738590][  T133]  diRead+0x5e9/0xad0
[   76.742742][  T133]  jfs_iget+0x88/0x3b0
[   76.746835][  T133]  jfs_fill_super+0x804/0xc40
[   76.751935][  T133]  mount_bdev+0x2c9/0x3f0
[   76.756317][  T133]  legacy_get_tree+0xeb/0x180
[   76.761320][  T133]  vfs_get_tree+0x88/0x270
executing program
[   76.765776][  T133]  do_new_mount+0x28b/0xae0
[   76.770830][  T133]  __se_sys_mount+0x2d5/0x3c0
[   76.775548][  T133] page last free stack trace:
[   76.780813][  T133]  free_unref_page_prepare+0xf63/0x1120
[   76.800207][  T133]  free_unref_page+0x98/0x570
[   76.804963][  T133]  __unfreeze_partials+0x1b7/0x210
[   76.811094][  T133]  put_cpu_partial+0x116/0x180
[   76.815928][  T133]  qlist_free_all+0x22/0x60
[   76.820789][  T133]  kasan_quarantine_reduce+0x162/0x180
[   76.826288][  T133]  __kasan_slab_alloc+0x1f/0x70
[   76.832050][  T133]  slab_post_alloc_hook+0x50/0x370
[   76.837432][  T133]  __kmem_cache_alloc_node+0x137/0x260
[   76.842934][  T133]  __kmalloc+0xa1/0x230
[   76.847134][  T133]  tomoyo_supervisor+0xeda/0x12d0
[   76.852532][  T133]  tomoyo_env_perm+0x174/0x210
[   76.857530][  T133]  tomoyo_find_next_domain+0x137e/0x1cd0
[   76.863203][  T133]  tomoyo_bprm_check_security+0xdb/0x120
[   76.869144][  T133]  security_bprm_check+0x5f/0xa0
[   76.874115][  T133]  bprm_execve+0x850/0x1820
[   76.879369][  T133] ------------[ cut here ]------------
[   76.884855][  T133] kernel BUG at include/linux/mm.h:1129!
[   76.891728][  T133] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   76.897829][  T133] CPU: 1 PID: 133 Comm: jfsCommit Tainted: G    B              6.1.35-syzkaller #0
[   76.907155][  T133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   76.917245][  T133] RIP: 0010:put_metapage+0x298/0x340
[   76.922584][  T133] Code: 2c 24 49 81 e5 ff 0f 00 00 74 21 e8 42 01 84 fe e9 a0 00 00 00 e8 38 01 84 fe 48 8b 3c 24 48 c7 c6 20 5f 24 8b e8 68 dc c2 fe <0f> 0b 48 8b 1c 24 48 89 df be 08 00 00 00 e8 a5 4b da fe 48 c1 eb
[   76.942230][  T133] RSP: 0018:ffffc90002cffcb8 EFLAGS: 00010246
[   76.948325][  T133] RAX: 8605592055614000 RBX: 000000000000007f RCX: ffffffff8169f927
[   76.956305][  T133] RDX: 0000000000000000 RSI: ffffffff8b3ccb40 RDI: ffffffff8b3ccb00
[   76.964285][  T133] RBP: ffff8880784539b0 R08: dffffc0000000000 R09: fffffbfff1ca654e
[   76.972265][  T133] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   76.980245][  T133] R13: ffffea0000916f74 R14: 1ffff1100f08a73b R15: ffff8880784539d8
[   76.988223][  T133] FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   76.997161][  T133] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.003754][  T133] CR2: 00007f2f670647c8 CR3: 000000007ed5b000 CR4: 00000000003506e0
[   77.011740][  T133] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   77.019778][  T133] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   77.027772][  T133] Call Trace:
[   77.031068][  T133]  <TASK>
[   77.034035][  T133]  ? __die_body+0x5e/0xa0
[   77.038392][  T133]  ? die+0x83/0xb0
[   77.042133][  T133]  ? do_trap+0x11e/0x350
[   77.046491][  T133]  ? put_metapage+0x298/0x340
[   77.051207][  T133]  ? put_metapage+0x298/0x340
[   77.055946][  T133]  ? do_error_trap+0x13d/0x1e0
[   77.060726][  T133]  ? put_metapage+0x298/0x340
[   77.065421][  T133]  ? do_int3+0x30/0x30
[   77.069534][  T133]  ? rcu_is_watching+0x11/0xb0
[   77.074381][  T133]  ? handle_invalid_op+0x2c/0x40
[   77.079362][  T133]  ? put_metapage+0x298/0x340
[   77.084072][  T133]  ? exc_invalid_op+0x2f/0x40
[   77.088775][  T133]  ? asm_exc_invalid_op+0x16/0x20
[   77.093816][  T133]  ? lock_release+0xc7/0xa20
[   77.098434][  T133]  ? put_metapage+0x298/0x340
[   77.103148][  T133]  ? put_metapage+0x298/0x340
[   77.107854][  T133]  txUnlock+0x42f/0xca0
[   77.112055][  T133]  jfs_lazycommit+0x5d0/0xb60
[   77.116777][  T133]  ? txFreelock+0x580/0x580
[   77.121307][  T133]  ? do_task_dead+0xc0/0xc0
[   77.125872][  T133]  ? _raw_spin_unlock+0x40/0x40
[   77.130742][  T133]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   77.136740][  T133]  ? __kthread_parkme+0x15c/0x1c0
[   77.141774][  T133]  kthread+0x26e/0x300
[   77.145850][  T133]  ? txFreelock+0x580/0x580
[   77.150373][  T133]  ? kthread_blkcg+0xd0/0xd0
[   77.154972][  T133]  ret_from_fork+0x1f/0x30
[   77.159426][  T133]  </TASK>
[   77.162482][  T133] Modules linked in:
[   77.172079][  T133] ---[ end trace 0000000000000000 ]---
[   77.177596][  T133] RIP: 0010:put_metapage+0x298/0x340
[   77.182948][  T133] Code: 2c 24 49 81 e5 ff 0f 00 00 74 21 e8 42 01 84 fe e9 a0 00 00 00 e8 38 01 84 fe 48 8b 3c 24 48 c7 c6 20 5f 24 8b e8 68 dc c2 fe <0f> 0b 48 8b 1c 24 48 89 df be 08 00 00 00 e8 a5 4b da fe 48 c1 eb
[   77.203009][  T133] RSP: 0018:ffffc90002cffcb8 EFLAGS: 00010246
[   77.209409][  T133] RAX: 8605592055614000 RBX: 000000000000007f RCX: ffffffff8169f927
[   77.217736][  T133] RDX: 0000000000000000 RSI: ffffffff8b3ccb40 RDI: ffffffff8b3ccb00
[   77.239364][  T133] RBP: ffff8880784539b0 R08: dffffc0000000000 R09: fffffbfff1ca654e
[   77.248328][  T133] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   77.256347][  T133] R13: ffffea0000916f74 R14: 1ffff1100f08a73b R15: ffff8880784539d8
[   77.264730][  T133] FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   77.274090][  T133] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.281365][  T133] CR2: 0000555da15de0c8 CR3: 000000007ed5b000 CR4: 00000000003506e0
[   77.289599][  T133] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   77.297851][  T133] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   77.305868][  T133] Kernel panic - not syncing: Fatal exception
[   77.312187][  T133] Kernel Offset: disabled
[   77.316527][  T133] Rebooting in 86400 seconds..