Warning: Permanently added '10.128.0.109' (ED25519) to the list of known hosts.
1970/01/01 00:01:24 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:24 ignoring optional flag "type"="gce"
1970/01/01 00:01:24 parsed 1 programs
[   87.191422][ T4435] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[  100.255555][ T4486] chnl_net:caif_netlink_parms(): no params data found
[  100.291030][ T4486] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.293077][ T4486] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.295333][ T4486] device bridge_slave_0 entered promiscuous mode
[  100.298743][ T4486] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.300385][ T4486] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.302883][ T4486] device bridge_slave_1 entered promiscuous mode
[  100.319142][ T4486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.323255][ T4486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.338616][ T4486] team0: Port device team_slave_0 added
[  100.341787][ T4486] team0: Port device team_slave_1 added
[  100.361715][ T4486] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.363436][ T4486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.368913][ T4486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.374531][ T4486] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.376018][ T4486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.381824][ T4486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.436595][ T4486] device hsr_slave_0 entered promiscuous mode
[  100.474488][ T4486] device hsr_slave_1 entered promiscuous mode
[  101.263733][ T4486] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  101.305360][ T4486] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  101.334843][ T4486] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  101.367729][ T4486] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.485057][ T4486] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.492107][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  101.494814][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.499950][ T4486] 8021q: adding VLAN 0 to HW filter on device team0
[  101.504933][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  101.506991][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.509025][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.510666][  T294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.520788][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  101.523827][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  101.528066][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.530391][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.531917][  T294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.546568][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.549486][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.551916][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.555434][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.570344][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.572454][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.578670][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.581414][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.585247][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.587593][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  101.589848][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.599460][ T4486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  101.683973][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.685722][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.692190][ T4486] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.707832][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  101.710390][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.724269][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  101.726346][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.728638][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.730740][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.737557][ T4486] device veth0_vlan entered promiscuous mode
[  101.745019][ T4486] device veth1_vlan entered promiscuous mode
[  101.762974][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  101.765281][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  101.767549][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  101.770249][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  101.779507][ T4486] device veth0_macvtap entered promiscuous mode
[  101.784419][ T4486] device veth1_macvtap entered promiscuous mode
[  101.804544][ T4486] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.806425][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  101.808664][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  101.810822][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  101.815615][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  101.820975][ T4486] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.826794][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  101.829141][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  101.834093][ T4486] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.836060][ T4486] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.837899][ T4486] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.839857][ T4486] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.111799][  T294] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.113753][  T294] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.116326][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  102.140578][  T294] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.142312][  T294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.147137][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:42 executed programs: 0
[  102.823647][ T4622] chnl_net:caif_netlink_parms(): no params data found
[  102.870202][ T4622] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.871737][ T4622] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.875647][ T4622] device bridge_slave_0 entered promiscuous mode
[  102.878870][ T4622] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.880277][ T4622] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.882340][ T4622] device bridge_slave_1 entered promiscuous mode
[  102.915697][ T4622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.919740][ T4622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.937352][ T4622] team0: Port device team_slave_0 added
[  102.940453][ T4622] team0: Port device team_slave_1 added
[  102.959127][ T4622] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.960561][ T4622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.968280][ T4622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.971992][ T4622] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.975631][ T4622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.981122][ T4622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.055157][ T4622] device hsr_slave_0 entered promiscuous mode
[  103.067494][ T4622] device hsr_slave_1 entered promiscuous mode
[  103.123980][ T4622] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  103.125683][ T4622] Cannot create hsr debugfs directory
[  103.199534][ T4622] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.673400][ T4116] Bluetooth: hci0: command 0x0409 tx timeout
[  106.252303][ T4622] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.742857][ T4119] Bluetooth: hci0: command 0x041b tx timeout
[  107.809720][ T4622] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.872466][ T4622] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.041013][ T4622] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.084718][ T4622] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.125423][ T4622] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.174840][ T4622] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.282558][ T4622] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.290301][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  108.292549][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  108.299344][ T4622] 8021q: adding VLAN 0 to HW filter on device team0
[  108.303858][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  108.306251][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  108.308512][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.310040][  T294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.311950][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  108.322869][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  108.325281][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  108.327611][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.329152][  T294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.333876][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  108.339143][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  108.346147][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  108.349379][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  108.351789][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  108.357519][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  108.360086][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  108.365623][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  108.367962][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  108.372555][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  108.375318][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  108.380691][ T4622] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  108.478211][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  108.479916][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  108.486286][ T4622] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.497875][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  108.500297][ T1694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  108.511474][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  108.517141][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  108.519521][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  108.521545][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  108.526052][ T4622] device veth0_vlan entered promiscuous mode
[  108.539503][ T4622] device veth1_vlan entered promiscuous mode
[  108.553246][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  108.556771][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  108.558961][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  108.561174][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  108.568455][ T4622] device veth0_macvtap entered promiscuous mode
[  108.572528][ T4622] device veth1_macvtap entered promiscuous mode
[  108.604845][ T4622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.606980][ T4622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.609959][ T4622] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.611685][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  108.614588][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  108.617006][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  108.619275][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  108.625311][ T4622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.627650][ T4622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.630635][ T4622] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.632323][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  108.636831][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  108.641611][ T4622] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.644196][ T4622] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.646046][ T4622] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.647824][ T4622] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.688461][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.696126][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.698809][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  108.706900][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.708659][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.711397][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:48 executed programs: 2
[  108.832752][ T4049] Bluetooth: hci0: command 0x040f tx timeout
[  108.965415][ T4869] loop0: detected capacity change from 0 to 32768
[  109.083323][ T4869] ERROR: (device loop0): dbAlloc: the hint is outside the map
[  109.083323][ T4869] 
[  109.086386][ T4869] ERROR: (device loop0): remounting filesystem as read-only
[  109.088817][ T4869] BUG: Bad page state in process syz.0.15  pfn:10e62e
[  109.090228][ T4869] page:00000000a24f8e58 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2f pfn:0x10e62e
[  109.092339][ T4869] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[  109.095508][ T4869] raw: 05ffc00000002006 fffffc00031e90c8 ffff80001fad7700 0000000000000000
[  109.097250][ T4869] raw: 000000000000002f ffff0000d39754d8 00000000ffffffff 0000000000000000
[  109.099036][ T4869] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  109.100573][ T4869] Modules linked in:
[  109.101418][ T4869] CPU: 1 PID: 4869 Comm: syz.0.15 Not tainted 5.15.170-syzkaller #0
[  109.102966][ T4869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.105192][ T4869] Call trace:
[  109.105908][ T4869]  dump_backtrace+0x0/0x530
[  109.106869][ T4869]  show_stack+0x2c/0x3c
[  109.107765][ T4869]  dump_stack_lvl+0x108/0x170
[  109.108722][ T4869]  dump_stack+0x1c/0x58
[  109.109617][ T4869]  bad_page+0x1a4/0x1c4
[  109.110410][ T4869]  free_unref_page_prepare+0x4ec/0xe30
[  109.111597][ T4869]  free_unref_page_list+0xe4/0x7a8
[  109.112763][ T4869]  release_pages+0x1770/0x1a88
[  109.113799][ T4869]  __pagevec_release+0x94/0x10c
[  109.114854][ T4869]  truncate_inode_pages_range+0x3ac/0xbe0
[  109.116046][ T4869]  truncate_inode_pages+0x2c/0x3c
[  109.117045][ T4869]  jfs_remount+0x2dc/0x594
[  109.117992][ T4869]  legacy_reconfigure+0xfc/0x114
[  109.119034][ T4869]  reconfigure_super+0x1d0/0x6ec
[  109.120209][ T4869]  __arm64_sys_fsconfig+0xa1c/0xd18
[  109.121462][ T4869]  invoke_syscall+0x98/0x2b8
[  109.122476][ T4869]  el0_svc_common+0x138/0x258
[  109.123454][ T4869]  do_el0_svc+0x58/0x14c
[  109.124403][ T4869]  el0_svc+0x7c/0x1f0
[  109.125238][ T4869]  el0t_64_sync_handler+0x84/0xe4
[  109.126264][ T4869]  el0t_64_sync+0x1a0/0x1a4
[  109.128830][ T4869] Disabling lock debugging due to kernel taint
[  109.130116][ T4869] BUG: Bad page state in process syz.0.15  pfn:107a43
[  109.131568][ T4869] page:000000003c69235d refcount:0 mapcount:0 mapping:0000000000000000 index:0x2e pfn:0x107a43
[  109.133886][ T4869] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[  109.135944][ T4869] raw: 05ffc00000002006 fffffc0003a61208 ffff80001fad7700 0000000000000000
[  109.137724][ T4869] raw: 000000000000002e ffff0000d39753e0 00000000ffffffff 0000000000000000
[  109.139470][ T4869] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  109.140969][ T4869] Modules linked in:
[  109.141732][ T4869] CPU: 1 PID: 4869 Comm: syz.0.15 Tainted: G    B             5.15.170-syzkaller #0
[  109.143781][ T4869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.146007][ T4869] Call trace:
[  109.146704][ T4869]  dump_backtrace+0x0/0x530
[  109.147657][ T4869]  show_stack+0x2c/0x3c
[  109.148554][ T4869]  dump_stack_lvl+0x108/0x170
[  109.149639][ T4869]  dump_stack+0x1c/0x58
[  109.150566][ T4869]  bad_page+0x1a4/0x1c4
[  109.151458][ T4869]  free_unref_page_prepare+0x4ec/0xe30
[  109.152642][ T4869]  free_unref_page_list+0xe4/0x7a8
[  109.153688][ T4869]  release_pages+0x1770/0x1a88
[  109.154646][ T4869]  __pagevec_release+0x94/0x10c
[  109.155678][ T4869]  truncate_inode_pages_range+0x3ac/0xbe0
[  109.156851][ T4869]  truncate_inode_pages+0x2c/0x3c
[  109.157971][ T4869]  jfs_remount+0x2dc/0x594
[  109.159005][ T4869]  legacy_reconfigure+0xfc/0x114
[  109.160015][ T4869]  reconfigure_super+0x1d0/0x6ec
[  109.161156][ T4869]  __arm64_sys_fsconfig+0xa1c/0xd18
[  109.162278][ T4869]  invoke_syscall+0x98/0x2b8
[  109.163243][ T4869]  el0_svc_common+0x138/0x258
[  109.164244][ T4869]  do_el0_svc+0x58/0x14c
[  109.165128][ T4869]  el0_svc+0x7c/0x1f0
[  109.165931][ T4869]  el0t_64_sync_handler+0x84/0xe4
[  109.167069][ T4869]  el0t_64_sync+0x1a0/0x1a4
[  109.169955][ T4869] BUG: Bad page state in process syz.0.15  pfn:129848
[  109.171375][ T4869] page:00000000402585fe refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x129848
[  109.175463][ T4869] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[  109.177548][ T4869] raw: 05ffc00000002006 fffffc00033b0008 ffff80001fad7700 0000000000000000
[  109.179241][ T4869] raw: 000000000000002d ffff0000d39752e8 00000000ffffffff 0000000000000000
[  109.181019][ T4869] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  109.183064][ T4869] Modules linked in:
[  109.183940][ T4869] CPU: 1 PID: 4869 Comm: syz.0.15 Tainted: G    B             5.15.170-syzkaller #0
[  109.185762][ T4869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.187813][ T4869] Call trace:
[  109.188478][ T4869]  dump_backtrace+0x0/0x530
[  109.189468][ T4869]  show_stack+0x2c/0x3c
[  109.190404][ T4869]  dump_stack_lvl+0x108/0x170
[  109.191282][ T4869]  dump_stack+0x1c/0x58
[  109.192166][ T4869]  bad_page+0x1a4/0x1c4
[  109.193040][ T4869]  free_unref_page_prepare+0x4ec/0xe30
[  109.194159][ T4869]  free_unref_page_list+0xe4/0x7a8
[  109.195261][ T4869]  release_pages+0x1770/0x1a88
[  109.196293][ T4869]  __pagevec_release+0x94/0x10c
[  109.197250][ T4869]  truncate_inode_pages_range+0x3ac/0xbe0
[  109.198558][ T4869]  truncate_inode_pages+0x2c/0x3c
[  109.199746][ T4869]  jfs_remount+0x2dc/0x594
[  109.200728][ T4869]  legacy_reconfigure+0xfc/0x114
[  109.201677][ T4869]  reconfigure_super+0x1d0/0x6ec
[  109.202659][ T4869]  __arm64_sys_fsconfig+0xa1c/0xd18
[  109.203760][ T4869]  invoke_syscall+0x98/0x2b8
[  109.204754][ T4869]  el0_svc_common+0x138/0x258
[  109.205763][ T4869]  do_el0_svc+0x58/0x14c
[  109.206652][ T4869]  el0_svc+0x7c/0x1f0
[  109.207460][ T4869]  el0t_64_sync_handler+0x84/0xe4
[  109.208604][ T4869]  el0t_64_sync+0x1a0/0x1a4
[  109.215554][    T9] read_mapping_page failed!
[  109.216463][    T9] ERROR: (device loop0): txAbort: 
[  109.216463][    T9] 
[  109.218038][    T9] ERROR: (device loop0): remounting filesystem as read-only
[  109.219590][    T9] jfs_write_inode: jfs_commit_inode failed!
[  109.221241][  T239] BUG: Bad page state in process jfsCommit  pfn:116869
[  109.222759][  T239] page:0000000024647a37 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2c pfn:0x116869
[  109.224926][  T239] flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[  109.226917][  T239] raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
[  109.228865][  T239] raw: 000000000000002c ffff0000d39751f0 00000000ffffffff 0000000000000000
[  109.230626][  T239] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  109.232167][  T239] Modules linked in:
[  109.234100][  T239] CPU: 1 PID: 239 Comm: jfsCommit Tainted: G    B             5.15.170-syzkaller #0
[  109.236293][  T239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.238372][  T239] Call trace:
[  109.238983][  T239]  dump_backtrace+0x0/0x530
[  109.239919][  T239]  show_stack+0x2c/0x3c
[  109.240711][  T239]  dump_stack_lvl+0x108/0x170
[  109.241700][  T239]  dump_stack+0x1c/0x58
[  109.242577][  T239]  bad_page+0x1a4/0x1c4
[  109.243430][  T239]  free_unref_page_prepare+0x4ec/0xe30
[  109.244625][  T239]  free_unref_page+0x78/0x204
[  109.245630][  T239]  __put_page+0xf8/0x134
[  109.246479][  T239]  _metapage_homeok+0x138/0x288
[  109.247483][  T239]  txUnlock+0x264/0xbb0
[  109.248445][  T239]  jfs_lazycommit+0x4a0/0xa40
[  109.249413][  T239]  kthread+0x37c/0x45c
[  109.250292][  T239]  ret_from_fork+0x10/0x20
[  109.251466][  T239] page:0000000024647a37 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2c pfn:0x116869
[  109.253862][  T239] flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[  109.255782][  T239] raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
[  109.257469][  T239] raw: 000000000000002c ffff0000d39751f0 00000000ffffffff 0000000000000000
[  109.259236][  T239] page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u <= 127u))
[  109.261516][  T239] ------------[ cut here ]------------
[  109.262701][  T239] kernel BUG at include/linux/mm.h:1213!
[  109.263795][  T239] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
[  109.265420][  T239] Modules linked in:
[  109.266325][  T239] CPU: 1 PID: 239 Comm: jfsCommit Tainted: G    B             5.15.170-syzkaller #0
[  109.268217][  T239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.270371][  T239] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  109.272082][  T239] pc : put_metapage+0x280/0x2e4
[  109.273173][  T239] lr : put_metapage+0x280/0x2e4
[  109.274130][  T239] sp : ffff80001f8e7b80
[  109.274937][  T239] x29: ffff80001f8e7b80 x28: dfff800000000000 x27: 1fffe0001a72ea43
[  109.276624][  T239] x26: 1fffe0001a72ea50 x25: dfff800000000000 x24: 000000000000007f
[  109.278338][  T239] x23: fffffc00035a1a74 x22: fffffc00035a1a40 x21: ffff0000d3975218
[  109.279991][  T239] x20: ffff0000d3975280 x19: ffff0000d39751f0 x18: 0000000000000001
[  109.281712][  T239] x17: 0000000000000000 x16: ffff800011aba618 x15: 00000000ffffffff
[  109.283518][  T239] x14: ffff0000c69951c0 x13: 0000000000000001 x12: 0000000000000001
[  109.285231][  T239] x11: 0000000000000000 x10: 0000000000000000 x9 : ec7d21f6af6fbf00
[  109.286855][  T239] x8 : ec7d21f6af6fbf00 x7 : 0000000000000001 x6 : 0000000000000001
[  109.288758][  T239] x5 : ffff80001f8e6ff8 x4 : ffff800014ba05e0 x3 : ffff800008555e80
[  109.290557][  T239] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000059
[  109.292228][  T239] Call trace:
[  109.292896][  T239]  put_metapage+0x280/0x2e4
[  109.293859][  T239]  txUnlock+0x3e4/0xbb0
[  109.294727][  T239]  jfs_lazycommit+0x4a0/0xa40
[  109.295741][  T239]  kthread+0x37c/0x45c
[  109.296603][  T239]  ret_from_fork+0x10/0x20
[  109.297538][  T239] Code: f0043321 91158021 aa1603e0 97bb23a1 (d4210000) 
[  109.298948][  T239] ---[ end trace de0481b9784aee9c ]---
[  109.771789][  T239] Kernel panic - not syncing: Oops - BUG: Fatal exception
[  109.773340][  T239] SMP: stopping secondary CPUs
[  109.774393][  T239] Kernel Offset: disabled
[  109.775361][  T239] CPU features: 0x8,000081c1,21302e40
[  109.776561][  T239] Memory Limit: none
[  110.190767][  T239] Rebooting in 86400 seconds..