Warning: Permanently added '10.128.0.215' (ED25519) to the list of known hosts.
1970/01/01 00:01:05 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:01:05 ignoring optional flag "type"="gce"
1970/01/01 00:01:05 parsed 1 programs
[   66.870201][ T4440] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   69.598791][ T2063] ieee802154 phy0 wpan0: encryption failed: -22
[   69.599850][ T2063] ieee802154 phy1 wpan1: encryption failed: -22
[   69.608031][   T25] cfg80211: failed to load regulatory.db
[   69.854305][  T586] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.855542][  T586] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.857620][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.858900][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.860760][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   69.862288][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   70.246057][ T4501] chnl_net:caif_netlink_parms(): no params data found
[   70.268875][ T4501] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.270095][ T4501] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.271562][ T4501] device bridge_slave_0 entered promiscuous mode
[   70.273691][ T4501] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.274760][ T4501] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.276220][ T4501] device bridge_slave_1 entered promiscuous mode
[   70.284533][ T4501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.287157][ T4501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.298324][ T4501] team0: Port device team_slave_0 added
[   70.300624][ T4501] team0: Port device team_slave_1 added
[   70.307862][ T4501] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.309066][ T4501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.313100][ T4501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.315513][ T4501] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.316475][ T4501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.320547][ T4501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.378938][ T4501] device hsr_slave_0 entered promiscuous mode
[   70.417579][ T4501] device hsr_slave_1 entered promiscuous mode
[   71.097720][ T4501] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   71.138905][ T4501] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   71.178867][ T4501] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   71.210486][ T4501] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   71.307206][ T4501] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.312233][ T4501] 8021q: adding VLAN 0 to HW filter on device team0
[   71.317519][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   71.318860][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   71.320269][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   71.321756][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   71.323225][  T586] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.324285][  T586] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.325594][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   71.327193][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   71.329998][  T586] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.331050][  T586] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.332318][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   71.338158][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   71.340155][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   71.346778][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   71.350916][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   71.352449][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   71.354180][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   71.355633][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   71.357091][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   71.364200][ T4501] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   71.365918][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   71.373525][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   71.375167][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   71.376647][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   71.427205][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   71.429109][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   71.450837][ T4501] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.458820][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   71.460435][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   71.472576][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   71.474165][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   71.475915][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   71.479628][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   71.482473][ T4501] device veth0_vlan entered promiscuous mode
[   71.486920][ T4501] device veth1_vlan entered promiscuous mode
[   71.506846][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   71.508475][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   71.509875][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   71.511317][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   71.513914][ T4501] device veth0_macvtap entered promiscuous mode
[   71.516270][ T4501] device veth1_macvtap entered promiscuous mode
[   71.523618][ T4501] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.524786][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   71.526449][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   71.528611][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   71.530185][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.533161][ T4501] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.535493][ T4501] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.536936][ T4501] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.539573][ T4501] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.540970][ T4501] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.543396][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   71.544993][  T586] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
1970/01/01 00:01:11 executed programs: 0
[   71.842784][ T4665] chnl_net:caif_netlink_parms(): no params data found
[   71.875827][ T4665] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.877103][ T4665] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.880131][ T4665] device bridge_slave_0 entered promiscuous mode
[   71.882713][ T4665] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.883924][ T4665] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.885261][ T4665] device bridge_slave_1 entered promiscuous mode
[   71.895045][ T4665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.898972][ T4665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.909078][ T4665] team0: Port device team_slave_0 added
[   71.911287][ T4665] team0: Port device team_slave_1 added
[   71.918719][ T4665] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.919778][ T4665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.923485][ T4665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.926288][ T4665] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.927924][ T4665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.931606][ T4665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.998637][ T4665] device hsr_slave_0 entered promiscuous mode
[   72.027830][ T4665] device hsr_slave_1 entered promiscuous mode
[   72.067483][ T4665] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.068724][ T4665] Cannot create hsr debugfs directory
[   72.099930][ T4665] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.837367][    T7] Bluetooth: hci0: command 0x0409 tx timeout
[   74.331102][ T4665] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.917475][    T7] Bluetooth: hci0: command 0x041b tx timeout
[   77.000674][ T4665] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.053120][ T4665] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.262007][ T4665] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   77.289618][ T4665] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   77.318509][ T4665] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   77.376754][ T4665] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   77.462476][ T4665] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.466380][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.468056][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.470809][ T4665] 8021q: adding VLAN 0 to HW filter on device team0
[   77.473280][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.474885][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.476378][ T4174] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.477586][ T4174] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.480982][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.483793][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.485372][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.486894][ T4174] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.488066][ T4174] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.490800][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.493625][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.496398][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.500124][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.501735][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.505417][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   77.507087][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.511102][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   77.512708][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   77.515462][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   77.516946][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.523378][ T4665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   77.564708][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   77.566112][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   77.570833][ T4665] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.579018][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   77.581320][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   77.586218][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   77.588210][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   77.590082][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   77.591483][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   77.602544][ T4665] device veth0_vlan entered promiscuous mode
[   77.606167][ T4665] device veth1_vlan entered promiscuous mode
[   77.614537][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   77.616218][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   77.618015][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   77.619474][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   77.621968][ T4665] device veth0_macvtap entered promiscuous mode
[   77.624419][ T4665] device veth1_macvtap entered promiscuous mode
[   77.634429][ T4665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.636009][ T4665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.639628][ T4665] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.640847][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   77.642436][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   77.643925][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   77.645546][ T4174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   77.648530][ T4665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.650202][ T4665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.652378][ T4665] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.653713][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   77.656090][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   77.659163][ T4665] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.660471][ T4665] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.661885][ T4665] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.663167][ T4665] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.690867][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.695143][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.696994][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.700986][ T4174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.702364][ T4174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.704185][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:17 executed programs: 2
[   77.822813][ T4895] loop0: detected capacity change from 0 to 32768
[   77.876114][ T4895] ERROR: (device loop0): dbAlloc: the hint is outside the map
[   77.876114][ T4895] 
[   77.878554][ T4895] ERROR: (device loop0): remounting filesystem as read-only
[   77.880027][ T4895] BUG: Bad page state in process syz.0.15  pfn:10aff8
[   77.881054][ T4895] page:000000007a015b63 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2f pfn:0x10aff8
[   77.882698][ T4895] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   77.884143][ T4895] raw: 05ffc00000002006 fffffc00033712c8 ffff80001f9b7720 0000000000000000
[   77.885534][ T4895] raw: 000000000000002f ffff0000da582e88 00000000ffffffff 0000000000000000
[   77.886982][ T4895] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   77.889002][ T4895] Modules linked in:
[   77.889596][ T4895] CPU: 1 PID: 4895 Comm: syz.0.15 Not tainted syzkaller #0
[   77.890623][ T4895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[   77.892213][ T4895] Call trace:
[   77.892674][ T4895]  dump_backtrace+0x0/0x43c
[   77.893305][ T4895]  show_stack+0x2c/0x3c
[   77.894012][ T4895]  __dump_stack+0x30/0x40
[   77.894642][ T4895]  dump_stack_lvl+0xf8/0x160
[   77.895370][ T4895]  dump_stack+0x1c/0x5c
[   77.896037][ T4895]  bad_page+0x188/0x1a8
[   77.896654][ T4895]  check_free_page_bad+0xf4/0x16c
[   77.897417][ T4895]  free_unref_page_prepare+0x744/0xaa0
[   77.898277][ T4895]  free_unref_page_list+0xdc/0x754
[   77.899002][ T4895]  release_pages+0x13c8/0x16e0
[   77.899693][ T4895]  __pagevec_release+0x84/0xf8
[   77.900500][ T4895]  truncate_inode_pages_range+0x29c/0x9b8
[   77.901481][ T4895]  truncate_inode_pages+0x2c/0x3c
[   77.902315][ T4895]  jfs_remount+0x280/0x484
[   77.902995][ T4895]  legacy_reconfigure+0xf8/0x110
[   77.903781][ T4895]  reconfigure_super+0x1d4/0x6f4
[   77.904464][ T4895]  vfs_fsconfig_locked+0x164/0x374
[   77.905252][ T4895]  __arm64_sys_fsconfig+0x634/0x77c
[   77.906136][ T4895]  invoke_syscall+0x98/0x2b8
[   77.906884][ T4895]  el0_svc_common+0x138/0x258
[   77.907679][ T4895]  do_el0_svc+0x58/0x14c
[   77.908391][ T4895]  el0_svc+0x78/0x1e0
[   77.909024][ T4895]  el0t_64_sync_handler+0xcc/0xe4
[   77.909900][ T4895]  el0t_64_sync+0x1a0/0x1a4
[   77.911142][ T4895] Disabling lock debugging due to kernel taint
[   77.912012][ T4895] BUG: Bad page state in process syz.0.15  pfn:10dc4b
[   77.913125][ T4895] page:00000000b0983a2a refcount:0 mapcount:0 mapping:0000000000000000 index:0x2e pfn:0x10dc4b
[   77.914743][ T4895] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   77.916357][ T4895] raw: 05ffc00000002006 fffffc0003286d48 ffff80001f9b7720 0000000000000000
[   77.917811][ T4895] raw: 000000000000002e ffff0000da582d90 00000000ffffffff 0000000000000000
[   77.919165][ T4895] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   77.920186][ T4895] Modules linked in:
[   77.920789][ T4895] CPU: 1 PID: 4895 Comm: syz.0.15 Tainted: G    B             syzkaller #0
[   77.922143][ T4895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[   77.923726][ T4895] Call trace:
[   77.924232][ T4895]  dump_backtrace+0x0/0x43c
[   77.924889][ T4895]  show_stack+0x2c/0x3c
[   77.925515][ T4895]  __dump_stack+0x30/0x40
[   77.926144][ T4895]  dump_stack_lvl+0xf8/0x160
[   77.926900][ T4895]  dump_stack+0x1c/0x5c
[   77.927577][ T4895]  bad_page+0x188/0x1a8
[   77.928268][ T4895]  check_free_page_bad+0xf4/0x16c
[   77.929049][ T4895]  free_unref_page_prepare+0x744/0xaa0
[   77.929915][ T4895]  free_unref_page_list+0xdc/0x754
[   77.930748][ T4895]  release_pages+0x13c8/0x16e0
[   77.931514][ T4895]  __pagevec_release+0x84/0xf8
[   77.932247][ T4895]  truncate_inode_pages_range+0x29c/0x9b8
[   77.933093][ T4895]  truncate_inode_pages+0x2c/0x3c
[   77.933898][ T4895]  jfs_remount+0x280/0x484
[   77.934568][ T4895]  legacy_reconfigure+0xf8/0x110
[   77.935314][ T4895]  reconfigure_super+0x1d4/0x6f4
[   77.936032][ T4895]  vfs_fsconfig_locked+0x164/0x374
[   77.936798][ T4895]  __arm64_sys_fsconfig+0x634/0x77c
[   77.937550][ T4895]  invoke_syscall+0x98/0x2b8
[   77.938178][ T4895]  el0_svc_common+0x138/0x258
[   77.938875][ T4895]  do_el0_svc+0x58/0x14c
[   77.939493][ T4895]  el0_svc+0x78/0x1e0
[   77.940058][ T4895]  el0t_64_sync_handler+0xcc/0xe4
[   77.940882][ T4895]  el0t_64_sync+0x1a0/0x1a4
[   77.942197][ T4895] BUG: Bad page state in process syz.0.15  pfn:10a1b5
[   77.943214][ T4895] page:0000000071f018e7 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x10a1b5
[   77.944790][ T4895] flags: 0x5ffc00000002006(referenced|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   77.946312][ T4895] raw: 05ffc00000002006 fffffc000337cb48 ffff80001f9b7720 0000000000000000
[   77.947707][ T4895] raw: 000000000000002d ffff0000da582c98 00000000ffffffff 0000000000000000
[   77.949014][ T4895] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   77.950154][ T4895] Modules linked in:
[   77.950705][ T4895] CPU: 1 PID: 4895 Comm: syz.0.15 Tainted: G    B             syzkaller #0
[   77.951877][ T4895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[   77.953516][ T4895] Call trace:
[   77.954023][ T4895]  dump_backtrace+0x0/0x43c
[   77.954770][ T4895]  show_stack+0x2c/0x3c
[   77.955446][ T4895]  __dump_stack+0x30/0x40
[   77.956096][ T4895]  dump_stack_lvl+0xf8/0x160
[   77.956905][ T4895]  dump_stack+0x1c/0x5c
[   77.957625][ T4895]  bad_page+0x188/0x1a8
[   77.958351][ T4895]  check_free_page_bad+0xf4/0x16c
[   77.959222][ T4895]  free_unref_page_prepare+0x744/0xaa0
[   77.960160][ T4895]  free_unref_page_list+0xdc/0x754
[   77.961037][ T4895]  release_pages+0x13c8/0x16e0
[   77.961844][ T4895]  __pagevec_release+0x84/0xf8
[   77.962658][ T4895]  truncate_inode_pages_range+0x29c/0x9b8
[   77.963584][ T4895]  truncate_inode_pages+0x2c/0x3c
[   77.964413][ T4895]  jfs_remount+0x280/0x484
[   77.965103][ T4895]  legacy_reconfigure+0xf8/0x110
[   77.965860][ T4895]  reconfigure_super+0x1d4/0x6f4
[   77.966677][ T4895]  vfs_fsconfig_locked+0x164/0x374
[   77.967525][ T4895]  __arm64_sys_fsconfig+0x634/0x77c
[   77.968352][ T4895]  invoke_syscall+0x98/0x2b8
[   77.969064][ T4895]  el0_svc_common+0x138/0x258
[   77.969787][ T4895]  do_el0_svc+0x58/0x14c
[   77.970544][ T4895]  el0_svc+0x78/0x1e0
[   77.971168][ T4895]  el0t_64_sync_handler+0xcc/0xe4
[   77.972011][ T4895]  el0t_64_sync+0x1a0/0x1a4
[   77.976312][  T136] read_mapping_page failed!
[   77.977099][  T136] ERROR: (device loop0): txAbort: 
[   77.977099][  T136] 
[   77.978695][  T136] ERROR: (device loop0): remounting filesystem as read-only
[   77.979873][  T136] jfs_write_inode: jfs_commit_inode failed!
[   77.980964][  T248] BUG: Bad page state in process jfsCommit  pfn:11b54e
[   77.981938][  T248] page:000000007cf0ede3 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2c pfn:0x11b54e
[   77.983453][  T248] flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   77.984767][  T248] raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
[   77.985988][  T248] raw: 000000000000002c ffff0000da582ba0 00000000ffffffff 0000000000000000
[   77.987234][  T248] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   77.988716][  T248] Modules linked in:
[   77.989305][  T248] CPU: 0 PID: 248 Comm: jfsCommit Tainted: G    B             syzkaller #0
[   77.990545][  T248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[   77.992032][  T248] Call trace:
[   77.992538][  T248]  dump_backtrace+0x0/0x43c
[   77.993131][  T248]  show_stack+0x2c/0x3c
[   77.993728][  T248]  __dump_stack+0x30/0x40
[   77.994313][  T248]  dump_stack_lvl+0xf8/0x160
[   77.995008][  T248]  dump_stack+0x1c/0x5c
[   77.995695][  T248]  bad_page+0x188/0x1a8
[   77.996394][  T248]  check_free_page_bad+0xf4/0x16c
[   77.997227][  T248]  free_unref_page_prepare+0x744/0xaa0
[   77.998210][  T248]  free_unref_page+0x78/0x1fc
[   77.999006][  T248]  __put_page+0xf8/0x134
[   77.999723][  T248]  _metapage_homeok+0x138/0x288
[   78.000520][  T248]  txUnlock+0x220/0xb78
[   78.001198][  T248]  jfs_lazycommit+0x470/0x9bc
[   78.001937][  T248]  kthread+0x374/0x454
[   78.002577][  T248]  ret_from_fork+0x10/0x20
[   78.003395][    T7] Bluetooth: hci0: command 0x040f tx timeout
[   78.004096][  T248] page:000000007cf0ede3 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2c pfn:0x11b54e
[   78.006057][  T248] flags: 0x5ffc00000002005(locked|uptodate|private|node=0|zone=2|lastcpupid=0x7ff)
[   78.007871][  T248] raw: 05ffc00000002005 dead000000000100 dead000000000122 0000000000000000
[   78.009215][  T248] raw: 000000000000002c ffff0000da582ba0 00000000ffffffff 0000000000000000
[   78.010556][  T248] page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u <= 127u))
[   78.012266][  T248] ------------[ cut here ]------------
[   78.013058][  T248] kernel BUG at include/linux/mm.h:1213!
[   78.013903][  T248] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
[   78.015049][  T248] Modules linked in:
[   78.015624][  T248] CPU: 1 PID: 248 Comm: jfsCommit Tainted: G    B             syzkaller #0
[   78.016938][  T248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[   78.018598][  T248] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[   78.019728][  T248] pc : put_metapage+0x280/0x2e4
[   78.020465][  T248] lr : put_metapage+0x280/0x2e4
[   78.021230][  T248] sp : ffff80001ef67bc0
[   78.021862][  T248] x29: ffff80001ef67bc0 x28: ffff80001af0bbf8 x27: 1fffe0001b4b0579
[   78.023140][  T248] x26: 1fffe0001b4b0586 x25: dfff800000000000 x24: 000000000000007f
[   78.024485][  T248] x23: fffffc00036d53b4 x22: fffffc00036d5380 x21: ffff0000da582bc8
[   78.025726][  T248] x20: ffff0000da582c30 x19: ffff0000da582ba0 x18: 0000000000000001
[   78.027165][  T248] x17: 0000000000000000 x16: ffff8000111bc6d8 x15: 00000000ffffffff
[   78.028464][  T248] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100
[   78.029803][  T248] x11: 0000000000000000 x10: 0000000000000000 x9 : 7378131380e7f300
[   78.031056][  T248] x8 : 7378131380e7f300 x7 : 0000000000000001 x6 : 0000000000000001
[   78.032400][  T248] x5 : ffff80001ef671d8 x4 : ffff80001424f3e0 x3 : ffff800008504278
[   78.033776][  T248] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000059
[   78.035136][  T248] Call trace:
[   78.035665][  T248]  put_metapage+0x280/0x2e4
[   78.036406][  T248]  txUnlock+0x398/0xb78
[   78.037029][  T248]  jfs_lazycommit+0x470/0x9bc
[   78.037765][  T248]  kthread+0x374/0x454
[   78.038374][  T248]  ret_from_fork+0x10/0x20
[   78.039095][  T248] Code: 9003f561 91348021 aa1603e0 97bdcea2 (d4210000) 
[   78.040098][  T248] ---[ end trace 87ae99689a1ca4ab ]---
[   78.259359][  T248] Kernel panic - not syncing: Oops - BUG: Fatal exception
[   78.260462][  T248] SMP: stopping secondary CPUs
[   78.261310][  T248] Kernel Offset: disabled
[   78.262063][  T248] CPU features: 0x8,000003c1,7d33ffd9
[   78.262946][  T248] Memory Limit: none
[   78.465877][  T248] Rebooting in 86400 seconds..