Warning: Permanently added '10.128.0.241' (ED25519) to the list of known hosts.
executing program
syzkaller login: [ 70.209870][ T4245] loop0: detected capacity change from 0 to 32768
[ 70.226806][ T4245]
[ 70.226806][ T4245] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 70.226806][ T4245]
[ 70.245964][ T4245] read_mapping_page failed!
[ 70.250764][ T4245] ERROR: (device loop0): txCommit:
[ 70.250764][ T4245]
[ 70.260817][ T4245] read_mapping_page failed!
[ 70.265644][ T4245] ERROR: (device loop0): txCommit:
[ 70.265644][ T4245]
[ 70.274067][ T4245] ==================================================================
[ 70.282250][ T4245] BUG: KASAN: slab-out-of-bounds in dtInsertEntry+0x10d6/0x1770
[ 70.289916][ T4245] Read of size 4 at addr ffff888071bcb70c by task syz-executor111/4245
[ 70.298158][ T4245]
[ 70.300514][ T4245] CPU: 1 PID: 4245 Comm: syz-executor111 Not tainted 6.1.134-syzkaller #0
[ 70.309022][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 70.319101][ T4245] Call Trace:
[ 70.322392][ T4245]
[ 70.325363][ T4245] dump_stack_lvl+0x1e3/0x2cb
[ 70.330073][ T4245] ? nf_tcp_handle_invalid+0x647/0x647
[ 70.335559][ T4245] ? panic+0x764/0x764
[ 70.339649][ T4245] ? _printk+0xd1/0x111
[ 70.343819][ T4245] ? __virt_addr_valid+0x17f/0x530
[ 70.349036][ T4245] ? __virt_addr_valid+0x17f/0x530
[ 70.354168][ T4245] print_report+0x15f/0x4f0
[ 70.358679][ T4245] ? __virt_addr_valid+0x17f/0x530
[ 70.363979][ T4245] ? __virt_addr_valid+0x17f/0x530
[ 70.369101][ T4245] ? __virt_addr_valid+0x45b/0x530
[ 70.374239][ T4245] ? __phys_addr+0xb6/0x170
[ 70.378751][ T4245] ? dtInsertEntry+0x10d6/0x1770
[ 70.383705][ T4245] kasan_report+0x136/0x160
[ 70.388212][ T4245] ? dtInsertEntry+0x10d6/0x1770
[ 70.393162][ T4245] dtInsertEntry+0x10d6/0x1770
[ 70.397953][ T4245] ? dtInsert+0x6d10/0x6d10
[ 70.402469][ T4245] ? release_metapage+0x760/0x9b0
[ 70.407495][ T4245] ? __get_metapage+0x9ae/0x1040
[ 70.412440][ T4245] dtSplitPage+0x2e03/0x3f40
[ 70.417061][ T4245] ? dtSplitRoot+0x18e0/0x18e0
[ 70.421829][ T4245] ? dbNextAG+0x630/0x630
[ 70.426170][ T4245] dtInsert+0x14e3/0x6d10
[ 70.430522][ T4245] ? UniStrupr+0x2c0/0x2c0
[ 70.434953][ T4245] ? txLock+0x2b1/0x21a0
[ 70.439207][ T4245] ? __lock_acquire+0x1f80/0x1f80
[ 70.444250][ T4245] ? do_raw_spin_lock+0x14a/0x370
[ 70.449285][ T4245] ? do_raw_spin_unlock+0x137/0x8a0
[ 70.454516][ T4245] jfs_create+0x7b2/0xbb0
[ 70.458881][ T4245] ? jfs_lookup+0x400/0x400
[ 70.463413][ T4245] ? jfs_get_parent+0xa0/0xa0
[ 70.468115][ T4245] ? make_kgid+0x6f0/0x6f0
[ 70.472548][ T4245] ? generic_permission+0x21c/0x4f0
[ 70.477852][ T4245] ? inode_permission+0xf7/0x450
[ 70.482801][ T4245] ? bpf_lsm_inode_create+0x5/0x10
[ 70.487919][ T4245] ? security_inode_create+0xb4/0x100
[ 70.493296][ T4245] ? jfs_lookup+0x400/0x400
[ 70.497808][ T4245] path_openat+0x12f1/0x2e60
[ 70.502419][ T4245] ? do_filp_open+0x480/0x480
[ 70.507126][ T4245] do_filp_open+0x230/0x480
[ 70.511637][ T4245] ? vfs_tmpfile+0x4a0/0x4a0
[ 70.516244][ T4245] ? _raw_spin_unlock+0x24/0x40
[ 70.521096][ T4245] ? alloc_fd+0x5a0/0x640
[ 70.525432][ T4245] do_sys_openat2+0x13b/0x4f0
[ 70.530114][ T4245] ? rcu_is_watching+0x11/0xb0
[ 70.534880][ T4245] ? do_sys_open+0x220/0x220
[ 70.539487][ T4245] __x64_sys_openat+0x243/0x290
[ 70.544347][ T4245] ? __ia32_sys_open+0x270/0x270
[ 70.549289][ T4245] ? syscall_enter_from_user_mode+0x2e/0x230
[ 70.555285][ T4245] ? lockdep_hardirqs_on+0x94/0x130
[ 70.560503][ T4245] ? syscall_enter_from_user_mode+0x2e/0x230
[ 70.566496][ T4245] do_syscall_64+0x3b/0xb0
[ 70.570920][ T4245] ? clear_bhb_loop+0x45/0xa0
[ 70.575617][ T4245] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 70.581535][ T4245] RIP: 0033:0x7f6ee33ca6f9
[ 70.585966][ T4245] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 70.605585][ T4245] RSP: 002b:00007ffe0ba14f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 70.614012][ T4245] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f6ee33ca6f9
[ 70.621993][ T4245] RDX: 0000000000105042 RSI: 0000200000000200 RDI: 00000000ffffff9c
[ 70.629978][ T4245] RBP: 0000200000000240 R08: 0000000000000000 R09: 0000000000000000
[ 70.637955][ T4245] R10: 0000000000000150 R11: 0000000000000246 R12: 0000000000000001
[ 70.645933][ T4245] R13: 00007ffe0ba15108 R14: 0000000000000001 R15: 0000000000000001
[ 70.653916][ T4245]
[ 70.656948][ T4245]
[ 70.659281][ T4245] Allocated by task 4245:
[ 70.663639][ T4245] kasan_set_track+0x4b/0x70
[ 70.668240][ T4245] __kasan_slab_alloc+0x65/0x70
[ 70.673184][ T4245] slab_post_alloc_hook+0x52/0x3a0
[ 70.678307][ T4245] kmem_cache_alloc_lru+0x10c/0x2d0
[ 70.683542][ T4245] jfs_alloc_inode+0x24/0x60
[ 70.688142][ T4245] iget_locked+0x1c8/0x830
[ 70.692581][ T4245] jfs_iget+0x1e/0x3b0
[ 70.696671][ T4245] jfs_lookup+0x222/0x400
[ 70.701011][ T4245] __lookup_slow+0x27e/0x3d0
[ 70.705610][ T4245] lookup_slow+0x53/0x70
[ 70.709862][ T4245] walk_component+0x2d0/0x400
[ 70.714553][ T4245] path_lookupat+0x16f/0x450
[ 70.719153][ T4245] filename_lookup+0x251/0x600
[ 70.723926][ T4245] user_path_at_empty+0x3e/0x60
[ 70.728784][ T4245] __se_sys_chdir+0xbb/0x220
[ 70.733387][ T4245] do_syscall_64+0x3b/0xb0
[ 70.737818][ T4245] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 70.743729][ T4245]
[ 70.746055][ T4245] The buggy address belongs to the object at ffff888071bcae40
[ 70.746055][ T4245] which belongs to the cache jfs_ip of size 2240
[ 70.759770][ T4245] The buggy address is located 12 bytes to the right of
[ 70.759770][ T4245] 2240-byte region [ffff888071bcae40, ffff888071bcb700)
[ 70.773593][ T4245]
[ 70.775923][ T4245] The buggy address belongs to the physical page:
[ 70.782359][ T4245] page:ffffea0001c6f200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x71bc8
[ 70.792520][ T4245] head:ffffea0001c6f200 order:3 compound_mapcount:0 compound_pincount:0
[ 70.800856][ T4245] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 70.808859][ T4245] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888147afac80
[ 70.817476][ T4245] raw: 0000000000000000 00000000800d000d 00000001ffffffff 0000000000000000
[ 70.826152][ T4245] page dumped because: kasan: bad access detected
[ 70.832601][ T4245] page_owner tracks the page as allocated
[ 70.838328][ T4245] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 4245, tgid 4245 (syz-executor111), ts 70222488288, free_ts 22574414620
[ 70.861271][ T4245] post_alloc_hook+0x18d/0x1b0
[ 70.866133][ T4245] get_page_from_freelist+0x3731/0x38d0
[ 70.871774][ T4245] __alloc_pages+0x28d/0x770
[ 70.876375][ T4245] alloc_slab_page+0x6a/0x150
[ 70.881153][ T4245] new_slab+0x84/0x2d0
[ 70.885231][ T4245] ___slab_alloc+0xc20/0x1270
[ 70.889922][ T4245] kmem_cache_alloc_lru+0x1a5/0x2d0
[ 70.895137][ T4245] jfs_alloc_inode+0x24/0x60
[ 70.899735][ T4245] new_inode_pseudo+0x61/0x1d0
[ 70.904512][ T4245] new_inode+0x25/0x1d0
[ 70.908682][ T4245] diReadSpecial+0x4e/0x680
[ 70.913202][ T4245] jfs_mount+0x71/0x820
[ 70.917381][ T4245] jfs_fill_super+0x598/0xc40
[ 70.922067][ T4245] mount_bdev+0x2c9/0x3f0
[ 70.926408][ T4245] legacy_get_tree+0xeb/0x180
[ 70.931105][ T4245] vfs_get_tree+0x88/0x270
[ 70.935539][ T4245] page last free stack trace:
[ 70.940209][ T4245] free_unref_page_prepare+0x12a6/0x15b0
[ 70.945874][ T4245] free_unref_page+0x33/0x3e0
[ 70.950652][ T4245] free_contig_range+0x9a/0x150
[ 70.955518][ T4245] destroy_args+0xfe/0x997
[ 70.959984][ T4245] debug_vm_pgtable+0x46d/0x4c2
[ 70.964858][ T4245] do_one_initcall+0x265/0x8f0
[ 70.969636][ T4245] do_initcall_level+0x157/0x207
[ 70.974678][ T4245] do_initcalls+0x49/0x86
[ 70.979018][ T4245] kernel_init_freeable+0x45c/0x60f
[ 70.984245][ T4245] kernel_init+0x19/0x290
[ 70.988591][ T4245] ret_from_fork+0x1f/0x30
[ 70.993114][ T4245]
[ 70.995499][ T4245] Memory state around the buggy address:
[ 71.001232][ T4245] ffff888071bcb600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 71.009314][ T4245] ffff888071bcb680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 71.017391][ T4245] >ffff888071bcb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 71.025455][ T4245] ^
[ 71.029789][ T4245] ffff888071bcb780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 71.037858][ T4245] ffff888071bcb800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 71.045921][ T4245] ==================================================================
[ 71.054666][ T4245] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 71.061886][ T4245] CPU: 1 PID: 4245 Comm: syz-executor111 Not tainted 6.1.134-syzkaller #0
[ 71.070500][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 71.080570][ T4245] Call Trace:
[ 71.083872][ T4245]
[ 71.086900][ T4245] dump_stack_lvl+0x1e3/0x2cb
[ 71.091588][ T4245] ? nf_tcp_handle_invalid+0x647/0x647
[ 71.097055][ T4245] ? panic+0x764/0x764
[ 71.101150][ T4245] ? preempt_schedule_common+0xa6/0xd0
[ 71.106624][ T4245] ? vscnprintf+0x59/0x80
[ 71.110987][ T4245] panic+0x318/0x764
[ 71.114900][ T4245] ? check_panic_on_warn+0x1d/0xa0
[ 71.120028][ T4245] ? memcpy_page_flushcache+0xfc/0xfc
[ 71.125411][ T4245] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 71.131406][ T4245] ? _raw_spin_unlock+0x40/0x40
[ 71.136261][ T4245] ? print_report+0x4a3/0x4f0
[ 71.140977][ T4245] check_panic_on_warn+0x7e/0xa0
[ 71.145939][ T4245] ? dtInsertEntry+0x10d6/0x1770
[ 71.150921][ T4245] end_report+0x66/0x110
[ 71.155178][ T4245] kasan_report+0x143/0x160
[ 71.159692][ T4245] ? dtInsertEntry+0x10d6/0x1770
[ 71.164654][ T4245] dtInsertEntry+0x10d6/0x1770
[ 71.169457][ T4245] ? dtInsert+0x6d10/0x6d10
[ 71.173981][ T4245] ? release_metapage+0x760/0x9b0
[ 71.179016][ T4245] ? __get_metapage+0x9ae/0x1040
[ 71.183979][ T4245] dtSplitPage+0x2e03/0x3f40
[ 71.188605][ T4245] ? dtSplitRoot+0x18e0/0x18e0
[ 71.193383][ T4245] ? dbNextAG+0x630/0x630
[ 71.197732][ T4245] dtInsert+0x14e3/0x6d10
[ 71.202091][ T4245] ? UniStrupr+0x2c0/0x2c0
[ 71.206526][ T4245] ? txLock+0x2b1/0x21a0
[ 71.210776][ T4245] ? __lock_acquire+0x1f80/0x1f80
[ 71.215818][ T4245] ? do_raw_spin_lock+0x14a/0x370
[ 71.220868][ T4245] ? do_raw_spin_unlock+0x137/0x8a0
[ 71.226091][ T4245] jfs_create+0x7b2/0xbb0
[ 71.230441][ T4245] ? jfs_lookup+0x400/0x400
[ 71.234961][ T4245] ? jfs_get_parent+0xa0/0xa0
[ 71.239667][ T4245] ? make_kgid+0x6f0/0x6f0
[ 71.244106][ T4245] ? generic_permission+0x21c/0x4f0
[ 71.249317][ T4245] ? inode_permission+0xf7/0x450
[ 71.254270][ T4245] ? bpf_lsm_inode_create+0x5/0x10
[ 71.259396][ T4245] ? security_inode_create+0xb4/0x100
[ 71.264780][ T4245] ? jfs_lookup+0x400/0x400
[ 71.269300][ T4245] path_openat+0x12f1/0x2e60
[ 71.273923][ T4245] ? do_filp_open+0x480/0x480
[ 71.278625][ T4245] do_filp_open+0x230/0x480
[ 71.283145][ T4245] ? vfs_tmpfile+0x4a0/0x4a0
[ 71.287757][ T4245] ? _raw_spin_unlock+0x24/0x40
[ 71.292667][ T4245] ? alloc_fd+0x5a0/0x640
[ 71.297017][ T4245] do_sys_openat2+0x13b/0x4f0
[ 71.301703][ T4245] ? rcu_is_watching+0x11/0xb0
[ 71.306481][ T4245] ? do_sys_open+0x220/0x220
[ 71.311101][ T4245] __x64_sys_openat+0x243/0x290
[ 71.315994][ T4245] ? __ia32_sys_open+0x270/0x270
[ 71.320946][ T4245] ? syscall_enter_from_user_mode+0x2e/0x230
[ 71.326950][ T4245] ? lockdep_hardirqs_on+0x94/0x130
[ 71.332166][ T4245] ? syscall_enter_from_user_mode+0x2e/0x230
[ 71.338163][ T4245] do_syscall_64+0x3b/0xb0
[ 71.342598][ T4245] ? clear_bhb_loop+0x45/0xa0
[ 71.347297][ T4245] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 71.353208][ T4245] RIP: 0033:0x7f6ee33ca6f9
[ 71.357631][ T4245] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 71.377342][ T4245] RSP: 002b:00007ffe0ba14f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 71.385767][ T4245] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f6ee33ca6f9
[ 71.393758][ T4245] RDX: 0000000000105042 RSI: 0000200000000200 RDI: 00000000ffffff9c
[ 71.401764][ T4245] RBP: 0000200000000240 R08: 0000000000000000 R09: 0000000000000000
[ 71.409850][ T4245] R10: 0000000000000150 R11: 0000000000000246 R12: 0000000000000001
[ 71.417850][ T4245] R13: 00007ffe0ba15108 R14: 0000000000000001 R15: 0000000000000001
[ 71.425893][ T4245]
[ 71.429061][ T4245] Kernel Offset: disabled
[ 71.433417][ T4245] Rebooting in 86400 seconds..