Warning: Permanently added '10.128.1.149' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[   64.270070][ T5213] loop0: detected capacity change from 0 to 32768
[   64.277287][ T5217] loop4: detected capacity change from 0 to 32768
[   64.297717][ T5216] loop3: detected capacity change from 0 to 32768
[   64.310536][ T5215] loop2: detected capacity change from 0 to 32768
[   64.323797][ T5213] 
[   64.323797][ T5213]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.323797][ T5213] 
[   64.346901][ T5215] 
[   64.346901][ T5215]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.346901][ T5215] 
[   64.354322][ T5218] loop1: detected capacity change from 0 to 32768
[   64.371682][ T5213] 
[   64.371682][ T5213]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.371682][ T5213] 
[   64.374411][ T5217] 
[   64.374411][ T5217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.374411][ T5217] 
[   64.401487][ T5213] 
[   64.401487][ T5213]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.401487][ T5213] 
[   64.414335][ T5216] 
[   64.414335][ T5216]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.414335][ T5216] 
[   64.416066][ T5218] 
[   64.416066][ T5218]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.416066][ T5218] 
[   64.425791][ T5215] 
[   64.425791][ T5215]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.425791][ T5215] 
[   64.442198][ T5217] 
[   64.442198][ T5217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.442198][ T5217] 
[   64.462102][ T5215] 
[   64.462102][ T5215]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.462102][ T5215] 
[   64.481972][  T114] 
[   64.481972][  T114]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.481972][  T114] 
[   64.493553][ T5216] 
[   64.493553][ T5216]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.493553][ T5216] 
[   64.508226][ T5218] 
[   64.508226][ T5218]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.508226][ T5218] 
[   64.516088][ T5216] 
[   64.516088][ T5216]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.516088][ T5216] 
[   64.529341][ T5217] 
[   64.529341][ T5217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.529341][ T5217] 
[   64.539100][  T113] 
[   64.539100][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.539100][  T113] 
[   64.540468][   T12] 
[   64.540468][   T12]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.540468][   T12] 
[   64.561960][   T63] 
[   64.561960][   T63]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.561960][   T63] 
[   64.564144][ T5218] 
[   64.564144][ T5218]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.564144][ T5218] 
[   64.583083][  T114] 
[   64.583083][  T114]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.583083][  T114] 
[   64.594900][  T113] 
[   64.594900][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.594900][  T113] 
[   64.607424][   T63] 
[   64.607424][   T63]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.607424][   T63] 
[   64.609129][   T12] 
[   64.609129][   T12]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.609129][   T12] 
[   64.619348][ T5211] 
[   64.619348][ T5211]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.619348][ T5211] 
[   64.630141][ T2571] 
[   64.630141][ T2571]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.630141][ T2571] 
[   64.641902][  T114] 
[   64.641902][  T114]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.641902][  T114] 
[   64.653236][ T2571] 
[   64.653236][ T2571]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.653236][ T2571] 
[   64.660642][  T113] 
[   64.660642][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.660642][  T113] 
[   64.671612][   T35] 
[   64.671612][   T35]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.671612][   T35] 
[   64.684353][ T5211] 
[   64.684353][ T5211]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.684353][ T5211] 
[   64.692224][ T5209] 
[   64.692224][ T5209]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.692224][ T5209] 
[   64.702534][   T63] 
[   64.702534][   T63]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.702534][   T63] 
[   64.723224][   T35] 
[   64.723224][   T35]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.723224][   T35] 
[   64.723371][   T63] 
[   64.723371][   T63]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.723371][   T63] 
[   64.744571][ T5214] 
[   64.744571][ T5214]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.744571][ T5214] 
[   64.757756][  T114] ==================================================================
[   64.765850][  T114] BUG: KASAN: slab-use-after-free in txEnd+0x354/0x560
[   64.771139][ T5210] 
[   64.771139][ T5210]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.771139][ T5210] 
[   64.772808][  T114] Write of size 8 at addr ffff88802db5e040 by task jfsCommit/114
[   64.783654][  T113] 
[   64.783654][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.783654][  T113] 
[   64.790894][  T114] 
[   64.790922][  T114] CPU: 0 UID: 0 PID: 114 Comm: jfsCommit Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[   64.790948][  T114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   64.811079][ T5214] 
[   64.811079][ T5214]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.811079][ T5214] 
[   64.813786][  T114] Call Trace:
[   64.835772][ T5210] 
[   64.835772][ T5210]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.835772][ T5210] 
[   64.837908][  T114]  <TASK>
[   64.837919][  T114]  dump_stack_lvl+0x241/0x360
[   64.853230][  T113] 
[   64.853230][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.853230][  T113] 
[   64.856182][  T114]  ? __pfx_dump_stack_lvl+0x10/0x10
[   64.866959][ T5209] 
[   64.866959][ T5209]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.866959][ T5209] 
[   64.871953][  T114]  ? __pfx__printk+0x10/0x10
[   64.871989][  T114]  ? _printk+0xd5/0x120
[   64.872008][  T114]  ? __virt_addr_valid+0x183/0x530
[   64.897091][  T114]  ? __virt_addr_valid+0x183/0x530
[   64.902229][  T114]  print_report+0x169/0x550
[   64.906760][  T114]  ? __virt_addr_valid+0x183/0x530
[   64.908943][  T113] 
[   64.908943][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   64.908943][  T113] 
[   64.911879][  T114]  ? __virt_addr_valid+0x183/0x530
[   64.927424][  T114]  ? __virt_addr_valid+0x45f/0x530
[   64.932638][  T114]  ? __phys_addr+0xba/0x170
[   64.937936][  T114]  ? txEnd+0x354/0x560
[   64.942016][  T114]  kasan_report+0x143/0x180
[   64.946536][  T114]  ? txEnd+0x354/0x560
[   64.950729][  T114]  kasan_check_range+0x282/0x290
[   64.955685][  T114]  txEnd+0x354/0x560
[   64.959606][  T114]  jfs_lazycommit+0x634/0xb80
[   64.964306][  T114]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[   64.970219][  T114]  ? lockdep_hardirqs_on+0x99/0x150
[   64.975453][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[   64.980667][  T114]  ? __pfx_default_wake_function+0x10/0x10
[   64.986506][  T114]  ? __kthread_parkme+0x169/0x1d0
[   64.991560][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[   64.996867][  T114]  kthread+0x2f0/0x390
[   65.001045][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[   65.006252][  T114]  ? __pfx_kthread+0x10/0x10
[   65.010863][  T114]  ret_from_fork+0x4b/0x80
[   65.015309][  T114]  ? __pfx_kthread+0x10/0x10
[   65.019926][  T114]  ret_from_fork_asm+0x1a/0x30
[   65.024734][  T114]  </TASK>
[   65.027764][  T114] 
[   65.030093][  T114] Allocated by task 5215:
executing program
[   65.034426][  T114]  kasan_save_track+0x3f/0x80
[   65.039124][  T114]  __kasan_kmalloc+0x98/0xb0
[   65.043730][  T114]  __kmalloc_cache_noprof+0x19c/0x2c0
[   65.049121][  T114]  lmLogOpen+0x320/0x1040
[   65.053478][  T114]  jfs_mount_rw+0xf1/0x6a0
[   65.057920][  T114]  jfs_fill_super+0x681/0xc50
[   65.062618][  T114]  mount_bdev+0x20a/0x2d0
[   65.067041][  T114]  legacy_get_tree+0xee/0x190
[   65.071726][  T114]  vfs_get_tree+0x90/0x2a0
[   65.076146][  T114]  do_new_mount+0x2be/0xb40
[   65.080661][  T114]  __se_sys_mount+0x2d6/0x3c0
[   65.085360][  T114]  do_syscall_64+0xf3/0x230
[   65.089886][  T114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.095795][  T114] 
[   65.098124][  T114] Freed by task 5211:
[   65.102190][  T114]  kasan_save_track+0x3f/0x80
[   65.106874][  T114]  kasan_save_free_info+0x40/0x50
[   65.111919][  T114]  poison_slab_object+0xe0/0x150
[   65.116961][  T114]  __kasan_slab_free+0x37/0x60
[   65.121749][  T114]  kfree+0x149/0x360
[   65.125660][  T114]  lmLogClose+0x2a1/0x530
[   65.130016][  T114]  jfs_umount+0x2ce/0x3a0
[   65.134441][  T114]  jfs_put_super+0x8a/0x190
[   65.139035][  T114]  generic_shutdown_super+0x136/0x2d0
[   65.144416][  T114]  kill_block_super+0x44/0x90
[   65.149092][  T114]  deactivate_locked_super+0xc4/0x130
[   65.154468][  T114]  cleanup_mnt+0x41f/0x4b0
[   65.158974][  T114]  task_work_run+0x24f/0x310
[   65.163581][  T114]  syscall_exit_to_user_mode+0x168/0x370
[   65.169230][  T114]  do_syscall_64+0x100/0x230
[   65.173924][  T114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.179839][  T114] 
[   65.182161][  T114] The buggy address belongs to the object at ffff88802db5e000
[   65.182161][  T114]  which belongs to the cache kmalloc-1k of size 1024
[   65.196478][  T114] The buggy address is located 64 bytes inside of
[   65.196478][  T114]  freed 1024-byte region [ffff88802db5e000, ffff88802db5e400)
[   65.210544][  T114] 
[   65.212883][  T114] The buggy address belongs to the physical page:
[   65.219304][  T114] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2db58
[   65.228173][  T114] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   65.236764][  T114] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   65.244763][  T114] page_type: 0xfdffffff(slab)
[   65.249538][  T114] raw: 00fff00000000040 ffff888015441dc0 0000000000000000 dead000000000001
[   65.258229][  T114] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[   65.266871][  T114] head: 00fff00000000040 ffff888015441dc0 0000000000000000 dead000000000001
[   65.275759][  T114] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[   65.284618][  T114] head: 00fff00000000003 ffffea0000b6d601 ffffffffffffffff 0000000000000000
[   65.293306][  T114] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   65.302078][  T114] page dumped because: kasan: bad access detected
[   65.308515][  T114] page_owner tracks the page as allocated
[   65.314497][  T114] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 14004616852, free_ts 0
[   65.334221][  T114]  post_alloc_hook+0x1f3/0x230
[   65.339098][  T114]  get_page_from_freelist+0x2e4c/0x2f10
[   65.344657][  T114]  __alloc_pages_noprof+0x256/0x6c0
[   65.349876][  T114]  alloc_slab_page+0x5f/0x120
[   65.354576][  T114]  allocate_slab+0x5a/0x2f0
[   65.359426][  T114]  ___slab_alloc+0xcd1/0x14b0
[   65.364106][  T114]  __slab_alloc+0x58/0xa0
[   65.368441][  T114]  __kmalloc_node_track_caller_noprof+0x281/0x440
[   65.374862][  T114]  krealloc_noprof+0x7d/0x120
[   65.379564][  T114]  add_sysfs_param+0xca/0x7f0
[   65.384248][  T114]  kernel_add_sysfs_param+0xb4/0x130
[   65.389625][  T114]  param_sysfs_builtin+0x16e/0x1f0
[   65.394758][  T114]  param_sysfs_builtin_init+0x31/0x40
[   65.400511][  T114]  do_one_initcall+0x248/0x880
[   65.405465][  T114]  do_initcall_level+0x157/0x210
[   65.410416][  T114]  do_initcalls+0x3f/0x80
[   65.414777][  T114] page_owner free stack trace missing
[   65.420152][  T114] 
[   65.422483][  T114] Memory state around the buggy address:
[   65.428107][  T114]  ffff88802db5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
executing program
[   65.436345][  T114]  ffff88802db5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   65.444419][  T114] >ffff88802db5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.452670][  T114]                                            ^
[   65.458834][  T114]  ffff88802db5e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.466905][  T114]  ffff88802db5e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.474980][  T114] ==================================================================
[   65.491302][  T113] 
[   65.491302][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   65.491302][  T113] 
[   65.538902][ T5212] 
[   65.538902][ T5212]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   65.538902][ T5212] 
[   65.546305][  T114] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   65.546322][  T114] CPU: 1 UID: 0 PID: 114 Comm: jfsCommit Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[   65.546344][  T114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   65.546354][  T114] Call Trace:
[   65.546361][  T114]  <TASK>
[   65.546368][  T114]  dump_stack_lvl+0x241/0x360
[   65.546395][  T114]  ? __pfx_dump_stack_lvl+0x10/0x10
[   65.546415][  T114]  ? __pfx__printk+0x10/0x10
[   65.546435][  T114]  ? preempt_schedule+0xe1/0xf0
[   65.546454][  T114]  ? vscnprintf+0x5d/0x90
[   65.546469][  T114]  panic+0x349/0x860
[   65.546487][  T114]  ? check_panic_on_warn+0x21/0xb0
[   65.546504][  T114]  ? __pfx_panic+0x10/0x10
[   65.546524][  T114]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   65.546542][  T114]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   65.546558][  T114]  ? print_report+0x502/0x550
[   65.546579][  T114]  check_panic_on_warn+0x86/0xb0
[   65.546595][  T114]  ? txEnd+0x354/0x560
[   65.546609][  T114]  end_report+0x77/0x160
[   65.546627][  T114]  kasan_report+0x154/0x180
[   65.546646][  T114]  ? txEnd+0x354/0x560
[   65.546663][  T114]  kasan_check_range+0x282/0x290
[   65.546682][  T114]  txEnd+0x354/0x560
[   65.546698][  T114]  jfs_lazycommit+0x634/0xb80
[   65.546714][  T114]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[   65.546730][  T114]  ? lockdep_hardirqs_on+0x99/0x150
[   65.546751][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[   65.546767][  T114]  ? __pfx_default_wake_function+0x10/0x10
[   65.546786][  T114]  ? __kthread_parkme+0x169/0x1d0
[   65.546809][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[   65.546824][  T114]  kthread+0x2f0/0x390
[   65.546838][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[   65.546853][  T114]  ? __pfx_kthread+0x10/0x10
[   65.546868][  T114]  ret_from_fork+0x4b/0x80
[   65.546889][  T114]  ? __pfx_kthread+0x10/0x10
[   65.546903][  T114]  ret_from_fork_asm+0x1a/0x30
[   65.546930][  T114]  </TASK>
[   65.549561][  T114] Kernel Offset: disabled