Warning: Permanently added '10.128.0.165' (ED25519) to the list of known hosts.
executing program
[   35.709313][ T6414] loop0: detected capacity change from 0 to 32768
[   35.720537][ T6414] 
[   35.720537][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.720537][ T6414] 
[   35.726715][ T6414] 
[   35.726715][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.726715][ T6414] 
[   35.729112][ T6414] 
[   35.729112][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.729112][ T6414] 
[   35.731670][ T6414] 
[   35.731670][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.731670][ T6414] 
[   35.733987][ T6414] 
[   35.733987][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.733987][ T6414] 
[   35.737824][  T100] 
[   35.737824][  T100]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.737824][  T100] 
[   35.740210][ T6414] ------------[ cut here ]------------
[   35.741834][ T6414] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dtree.c:2649:28
[   35.743486][ T6414] index -128 is out of range for type 'struct dtslot[128]'
[   35.745080][ T6414] CPU: 1 UID: 0 PID: 6414 Comm: syz-executor126 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0
[   35.747262][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   35.749422][ T6414] Call trace:
[   35.750119][ T6414]  show_stack+0x2c/0x3c (C)
[   35.751067][ T6414]  dump_stack_lvl+0xe4/0x150
[   35.752026][ T6414]  dump_stack+0x1c/0x28
[   35.753003][ T6414]  __ubsan_handle_out_of_bounds+0xf8/0x148
[   35.754210][ T6414]  add_missing_indices+0x6e4/0xa8c
[   35.755367][ T6414]  jfs_readdir+0x18ac/0x3030
[   35.756351][ T6414]  wrap_directory_iterator+0xa8/0xf4
[   35.757462][ T6414]  shared_jfs_readdir+0x30/0x40
[   35.758499][ T6414]  iterate_dir+0x408/0x648
[   35.759490][ T6414]  __arm64_sys_getdents64+0x1c0/0x490
[   35.760683][ T6414]  invoke_syscall+0x98/0x2b8
[   35.761681][ T6414]  el0_svc_common+0x130/0x23c
[   35.762644][ T6414]  do_el0_svc+0x48/0x58
[   35.763520][ T6414]  el0_svc+0x54/0x168
[   35.764290][ T6414]  el0t_64_sync_handler+0x84/0x108
[   35.765418][ T6414]  el0t_64_sync+0x198/0x19c
[   35.770292][ T6414] ---[ end trace ]---
[   35.771337][ T6414] ==================================================================
[   35.772994][ T6414] BUG: KASAN: slab-out-of-bounds in diWrite+0xb48/0x15cc
[   35.774557][ T6414] Read of size 32 at addr ffff0000dea84108 by task syz-executor126/6414
[   35.776270][ T6414] 
[   35.776733][ T6414] CPU: 1 UID: 0 PID: 6414 Comm: syz-executor126 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0
[   35.778904][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   35.781084][ T6414] Call trace:
[   35.781822][ T6414]  show_stack+0x2c/0x3c (C)
[   35.782808][ T6414]  dump_stack_lvl+0xe4/0x150
[   35.783812][ T6414]  print_report+0x198/0x538
[   35.784830][ T6414]  kasan_report+0xd8/0x138
[   35.785755][ T6414]  kasan_check_range+0x268/0x2a8
[   35.786808][ T6414]  __asan_memcpy+0x3c/0x84
[   35.787769][ T6414]  diWrite+0xb48/0x15cc
[   35.788673][ T6414]  txCommit+0x750/0x5504
[   35.789611][ T6414]  add_missing_indices+0x760/0xa8c
[   35.790674][ T6414]  jfs_readdir+0x18ac/0x3030
[   35.791670][ T6414]  wrap_directory_iterator+0xa8/0xf4
[   35.792858][ T6414]  shared_jfs_readdir+0x30/0x40
[   35.794018][ T6414]  iterate_dir+0x408/0x648
[   35.795053][ T6414]  __arm64_sys_getdents64+0x1c0/0x490
[   35.796231][ T6414]  invoke_syscall+0x98/0x2b8
[   35.797236][ T6414]  el0_svc_common+0x130/0x23c
[   35.798281][ T6414]  do_el0_svc+0x48/0x58
[   35.799193][ T6414]  el0_svc+0x54/0x168
[   35.800035][ T6414]  el0t_64_sync_handler+0x84/0x108
[   35.801108][ T6414]  el0t_64_sync+0x198/0x19c
[   35.802057][ T6414] 
[   35.802589][ T6414] The buggy address belongs to the object at ffff0000dea84088
[   35.802589][ T6414]  which belongs to the cache jfs_ip of size 2232
[   35.805582][ T6414] The buggy address is located 128 bytes inside of
[   35.805582][ T6414]  allocated 2232-byte region [ffff0000dea84088, ffff0000dea84940)
[   35.808708][ T6414] 
[   35.809278][ T6414] The buggy address belongs to the physical page:
[   35.810629][ T6414] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ea80
[   35.812517][ T6414] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   35.814320][ T6414] flags: 0x5ffc00000000040(head|node=0|zone=2|lastcpupid=0x7ff)
[   35.815950][ T6414] page_type: f5(slab)
[   35.816790][ T6414] raw: 05ffc00000000040 ffff0000c486ec80 dead000000000122 0000000000000000
[   35.818675][ T6414] raw: 0000000000000000 00000000800d000d 00000001f5000000 0000000000000000
[   35.820539][ T6414] head: 05ffc00000000040 ffff0000c486ec80 dead000000000122 0000000000000000
[   35.822537][ T6414] head: 0000000000000000 00000000800d000d 00000001f5000000 0000000000000000
[   35.824448][ T6414] head: 05ffc00000000003 fffffdffc37aa001 ffffffffffffffff 0000000000000000
[   35.826236][ T6414] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   35.828135][ T6414] page dumped because: kasan: bad access detected
[   35.829454][ T6414] 
[   35.830012][ T6414] Memory state around the buggy address:
[   35.831212][ T6414]  ffff0000dea84000: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.832971][ T6414]  ffff0000dea84080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.834756][ T6414] >ffff0000dea84100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.836500][ T6414]                       ^
[   35.837432][ T6414]  ffff0000dea84180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.839128][ T6414]  ffff0000dea84200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.840875][ T6414] ==================================================================
[   35.842743][ T6414] Disabling lock debugging due to kernel taint
[   35.844033][ T6414] 
[   35.844033][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.844033][ T6414] 
[   35.846368][ T6414] 
[   35.846368][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.846368][ T6414] 
[   35.848553][ T6414] 
[   35.848553][ T6414]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.848553][ T6414] 
[   35.850868][ T6414] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0
[   35.850868][ T6414] 
[   35.851071][   T99] 
[   35.851071][   T99]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   35.851071][   T99] 
[   35.853695][ T6414] ERROR: (device loop0): remounting filesystem as read-only
[   35.857134][ T6414] JFS: Invalid stbl[1] = -128 for inode 2, block = 0