Warning: Permanently added '10.128.0.27' (ED25519) to the list of known hosts.
2026/03/27 09:59:27 parsed 1 programs
[ 90.707048][ T5770] cgroup: Unknown subsys name 'net'
[ 90.857158][ T5770] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 92.300460][ T786] cfg80211: failed to load regulatory.db
[ 92.615332][ T5770] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 95.388606][ T5805] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 95.396930][ T5805] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 95.405804][ T5805] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 95.415184][ T5805] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 95.423265][ T5805] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 95.431563][ T5805] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 96.434714][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.444495][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.489598][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.497686][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.792878][ T5826] chnl_net:caif_netlink_parms(): no params data found
[ 96.882876][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.891132][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.898567][ T5826] bridge_slave_0: entered allmulticast mode
[ 96.906056][ T5826] bridge_slave_0: entered promiscuous mode
[ 96.923500][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.931544][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.938973][ T5826] bridge_slave_1: entered allmulticast mode
[ 96.946618][ T5826] bridge_slave_1: entered promiscuous mode
[ 96.988703][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 97.001262][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 97.036024][ T5826] team0: Port device team_slave_0 added
[ 97.046979][ T5826] team0: Port device team_slave_1 added
[ 97.077161][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 97.084419][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.110952][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 97.125149][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 97.133898][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.160439][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 97.214286][ T5826] hsr_slave_0: entered promiscuous mode
[ 97.221719][ T5826] hsr_slave_1: entered promiscuous mode
[ 97.434456][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 97.446703][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 97.460533][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 97.481369][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 97.573899][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[ 97.606685][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[ 97.623927][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.631471][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 97.646472][ T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.654433][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 97.894988][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 97.975027][ T5826] veth0_vlan: entered promiscuous mode
[ 97.990308][ T5826] veth1_vlan: entered promiscuous mode
[ 98.060547][ T5826] veth0_macvtap: entered promiscuous mode
[ 98.072103][ T5826] veth1_macvtap: entered promiscuous mode
[ 98.095600][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 98.122905][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 98.153105][ T5826] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.163211][ T5826] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.173171][ T5826] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.182136][ T5826] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.352194][ T5826] syz-executor (5826) used greatest stack depth: 20688 bytes left
[ 98.396714][ T1099] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/03/27 09:59:40 executed programs: 0
[ 100.366602][ T5083] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 100.377118][ T5083] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 100.387455][ T5083] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 100.397225][ T5083] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 100.406500][ T5083] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 100.414229][ T5083] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.570842][ T5875] chnl_net:caif_netlink_parms(): no params data found
[ 100.645354][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.652804][ T5875] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.660424][ T5875] bridge_slave_0: entered allmulticast mode
[ 100.667592][ T5875] bridge_slave_0: entered promiscuous mode
[ 100.676853][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.684213][ T5875] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.693432][ T5875] bridge_slave_1: entered allmulticast mode
[ 100.700786][ T5875] bridge_slave_1: entered promiscuous mode
[ 100.731909][ T5875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.744233][ T5875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.776367][ T5875] team0: Port device team_slave_0 added
[ 100.785459][ T5875] team0: Port device team_slave_1 added
[ 100.813639][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.820748][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.847355][ T5875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.860792][ T5875] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.867777][ T5875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.894036][ T5875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.915545][ T1099] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.964552][ T5875] hsr_slave_0: entered promiscuous mode
[ 100.971350][ T5875] hsr_slave_1: entered promiscuous mode
[ 100.977617][ T5875] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 100.986525][ T5875] Cannot create hsr debugfs directory
[ 102.448745][ T5083] Bluetooth: hci0: command tx timeout
[ 103.201797][ T1099] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 103.274692][ T1099] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.203686][ T5875] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 104.233139][ T5875] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 104.244186][ T5875] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 104.260855][ T5875] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 104.290501][ T1099] hsr_slave_0: left promiscuous mode
[ 104.297073][ T1099] hsr_slave_1: left promiscuous mode
[ 104.304135][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 104.313460][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 104.322845][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 104.332297][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 104.342471][ T1099] bridge_slave_1: left allmulticast mode
[ 104.349744][ T1099] bridge_slave_1: left promiscuous mode
[ 104.356782][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.375303][ T1099] bridge_slave_0: left allmulticast mode
[ 104.381270][ T1099] bridge_slave_0: left promiscuous mode
[ 104.387205][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.420392][ T1099] veth1_macvtap: left promiscuous mode
[ 104.426592][ T1099] veth0_macvtap: left promiscuous mode
[ 104.435285][ T1099] veth1_vlan: left promiscuous mode
[ 104.441835][ T1099] veth0_vlan: left promiscuous mode
[ 104.529129][ T5083] Bluetooth: hci0: command tx timeout
[ 104.973990][ T1099] team0 (unregistering): Port device team_slave_1 removed
[ 105.025592][ T1099] team0 (unregistering): Port device team_slave_0 removed
[ 105.089086][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 105.133859][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 105.502425][ T1099] bond0 (unregistering): Released all slaves
[ 105.657076][ T5875] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.689947][ T5875] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.720820][ T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.728078][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.737671][ T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.744921][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.981210][ T5875] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 106.065555][ T5875] veth0_vlan: entered promiscuous mode
[ 106.081391][ T5875] veth1_vlan: entered promiscuous mode
[ 106.136689][ T5875] veth0_macvtap: entered promiscuous mode
[ 106.152783][ T5875] veth1_macvtap: entered promiscuous mode
[ 106.191166][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 106.207815][ T5875] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 106.224883][ T5875] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.234852][ T5875] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.243729][ T5875] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.253682][ T5875] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.320292][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.330073][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.359215][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.367391][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/03/27 09:59:46 executed programs: 2
[ 106.435820][ T5914] syz.0.17[5914]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[ 106.608064][ T5083] Bluetooth: hci0: command tx timeout
[ 106.735921][ T5914] loop0: detected capacity change from 0 to 32768
[ 106.778974][ T5914] syz.0.17: attempt to access beyond end of device
[ 106.778974][ T5914] loop0: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[ 106.799166][ T5914] metapage_write_end_io: I/O error
[ 106.814180][ T5914] blkno = 8ed2c, nblocks = 1
[ 106.820086][ T5914] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map
[ 106.820086][ T5914]
[ 106.839182][ T5914] ERROR: (device loop0): remounting filesystem as read-only
[ 106.863706][ T5914] UFO tlock:0xffffc9000287a090
[ 106.881281][ T5914] BUG: Bad page state in process syz.0.17 pfn:7af77
[ 106.908241][ T5914] page:ffffea0001ebddc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x8ed2f pfn:0x7af77
[ 106.927016][ T5914] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 106.941356][ T5914] page_type: 0xffffffff()
[ 106.945788][ T5914] raw: 00fff0000000800c ffffea00009b6f88 ffffc900032f7940 0000000000000000
[ 106.955259][ T5914] raw: 000000000008ed2f ffff8880311fcaa8 00000000ffffffff 0000000000000000
[ 106.965572][ T5914] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 106.983794][ T5914] page_owner tracks the page as allocated
[ 107.010235][ T5914] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5914, tgid 5914 (syz.0.17), ts 106862318075, free_ts 106601841842
[ 107.041817][ T5914] post_alloc_hook+0x1c1/0x200
[ 107.046709][ T5914] get_page_from_freelist+0x1951/0x19e0
[ 107.052472][ T5914] __alloc_pages+0x1f0/0x460
[ 107.057317][ T5914] folio_alloc+0x1e/0x30
[ 107.061842][ T5914] filemap_alloc_folio+0xdf/0x490
[ 107.067093][ T5914] __filemap_get_folio+0x3ea/0xbb0
[ 107.072411][ T5914] pagecache_get_page+0x2a/0x250
[ 107.077570][ T5914] __get_metapage+0x2a8/0xfa0
[ 107.082818][ T5914] diNewExt+0xa82/0x3120
[ 107.087145][ T5914] diAllocAG+0xea5/0x1da0
[ 107.094204][ T5914] diAlloc+0x1d5/0x1660
[ 107.098509][ T5914] ialloc+0x8c/0x950
[ 107.102699][ T5914] jfs_mkdir+0x1df/0xac0
[ 107.107018][ T5914] vfs_mkdir+0x296/0x440
[ 107.114131][ T5914] do_mkdirat+0x1dc/0x450
[ 107.119914][ T5914] __x64_sys_mkdirat+0x89/0xa0
[ 107.124781][ T5914] page last free stack trace:
[ 107.131374][ T5914] free_unref_page_prepare+0x7b2/0x8c0
[ 107.137006][ T5914] free_unref_page+0x32/0x2e0
[ 107.142388][ T5914] __unfreeze_partials+0x1cf/0x210
[ 107.147568][ T5914] put_cpu_partial+0x17c/0x250
[ 107.152842][ T5914] __slab_free+0x319/0x400
[ 107.157338][ T5914] qlist_free_all+0x75/0xd0
[ 107.162054][ T5914] kasan_quarantine_reduce+0x143/0x160
[ 107.168070][ T5914] __kasan_slab_alloc+0x22/0x80
[ 107.172965][ T5914] slab_post_alloc_hook+0x6e/0x4b0
[ 107.178334][ T5914] kmem_cache_alloc_node+0x14c/0x320
[ 107.183789][ T5914] __alloc_skb+0x103/0x2c0
[ 107.188850][ T5914] rtmsg_ifinfo_build_skb+0x8c/0x260
[ 107.194224][ T5914] rtmsg_ifinfo+0x8c/0x1a0
[ 107.198746][ T5914] netdev_state_change+0xfe/0x170
[ 107.203885][ T5914] linkwatch_do_dev+0x10d/0x160
[ 107.208848][ T5914] __linkwatch_run_queue+0x417/0x670
[ 107.214670][ T5914] Modules linked in:
[ 107.221163][ T5914] CPU: 0 PID: 5914 Comm: syz.0.17 Not tainted syzkaller #0
[ 107.228429][ T5914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 107.238556][ T5914] Call Trace:
[ 107.241882][ T5914]
[ 107.244893][ T5914] dump_stack_lvl+0x18c/0x250
[ 107.249648][ T5914] ? show_regs_print_info+0x20/0x20
[ 107.254911][ T5914] ? swiotlb_print_info+0x70/0x70
[ 107.260009][ T5914] ? dump_page+0xba3/0x14a0
[ 107.264580][ T5914] bad_page+0x14b/0x170
[ 107.268788][ T5914] free_unref_page_prepare+0x85f/0x8c0
[ 107.274317][ T5914] free_unref_page_list+0xbe/0x860
[ 107.279507][ T5914] ? __folio_memcg+0x63/0x160
[ 107.284298][ T5914] ? folio_memcg+0x127/0x480
[ 107.288953][ T5914] release_pages+0x1f7a/0x2200
[ 107.293825][ T5914] ? lru_cache_disable+0x30/0x30
[ 107.298822][ T5914] ? mlock_drain_local+0x79/0x490
[ 107.304167][ T5914] ? mlock_drain_local+0x79/0x490
[ 107.309255][ T5914] ? mlock_drain_local+0x28d/0x490
[ 107.314418][ T5914] __folio_batch_release+0x71/0xe0
[ 107.319581][ T5914] truncate_inode_pages_range+0x3b9/0xfb0
[ 107.325368][ T5914] ? mapping_evict_folio+0x510/0x510
[ 107.330738][ T5914] ? __static_call_return0+0x9/0x10
[ 107.336006][ T5914] ? shrink_dentry_list+0x685/0x6a0
[ 107.341275][ T5914] ? sync_filesystem+0x107/0x220
[ 107.346292][ T5914] jfs_remount+0x341/0x5b0
[ 107.350798][ T5914] ? jfs_statfs+0x550/0x550
[ 107.355328][ T5914] reconfigure_super+0x21e/0x8a0
[ 107.360295][ T5914] path_mount+0xd2f/0xff0
[ 107.364684][ T5914] __se_sys_mount+0x2e7/0x3d0
[ 107.369488][ T5914] ? __x64_sys_mount+0xc0/0xc0
[ 107.374552][ T5914] ? lockdep_hardirqs_on+0x98/0x150
[ 107.379805][ T5914] ? __x64_sys_mount+0x20/0xc0
[ 107.384604][ T5914] do_syscall_64+0x55/0xa0
[ 107.389186][ T5914] ? clear_bhb_loop+0x40/0x90
[ 107.393940][ T5914] ? clear_bhb_loop+0x40/0x90
[ 107.398690][ T5914] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 107.404653][ T5914] RIP: 0033:0x7faff4b9c799
[ 107.409134][ T5914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 107.428875][ T5914] RSP: 002b:00007fff4e22b0a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 107.437345][ T5914] RAX: ffffffffffffffda RBX: 00007faff4e15fa0 RCX: 00007faff4b9c799
[ 107.445361][ T5914] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 107.453383][ T5914] RBP: 00007faff4c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 107.461397][ T5914] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 107.469419][ T5914] R13: 00007faff4e15fac R14: 00007faff4e15fa0 R15: 00007faff4e15fa0
[ 107.477441][ T5914]
[ 107.496664][ T5914] Disabling lock debugging due to kernel taint
[ 107.502975][ T5914] BUG: Bad page state in process syz.0.17 pfn:26dbe
[ 107.511074][ T5914] page:ffffea00009b6f80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x8ed2e pfn:0x26dbe
[ 107.522271][ T5914] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 107.532848][ T5914] page_type: 0xffffffff()
[ 107.537261][ T5914] raw: 00fff0000000800c ffffea0000afc408 ffffc900032f7940 0000000000000000
[ 107.546322][ T5914] raw: 000000000008ed2e ffff8880311fc9b0 00000000ffffffff 0000000000000000
[ 107.555496][ T5914] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 107.563244][ T5914] page_owner tracks the page as allocated
[ 107.569610][ T5914] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5914, tgid 5914 (syz.0.17), ts 106862257384, free_ts 106601858603
[ 107.588994][ T5914] post_alloc_hook+0x1c1/0x200
[ 107.593822][ T5914] get_page_from_freelist+0x1951/0x19e0
[ 107.599954][ T5914] __alloc_pages+0x1f0/0x460
[ 107.604603][ T5914] folio_alloc+0x1e/0x30
[ 107.608989][ T5914] filemap_alloc_folio+0xdf/0x490
[ 107.614058][ T5914] __filemap_get_folio+0x3ea/0xbb0
[ 107.619402][ T5914] pagecache_get_page+0x2a/0x250
[ 107.624380][ T5914] __get_metapage+0x2a8/0xfa0
[ 107.629133][ T5914] diNewExt+0xa82/0x3120
[ 107.633421][ T5914] diAllocAG+0xea5/0x1da0
[ 107.637789][ T5914] diAlloc+0x1d5/0x1660
[ 107.642096][ T5914] ialloc+0x8c/0x950
[ 107.646023][ T5914] jfs_mkdir+0x1df/0xac0
[ 107.650468][ T5914] vfs_mkdir+0x296/0x440
[ 107.654779][ T5914] do_mkdirat+0x1dc/0x450
[ 107.659211][ T5914] __x64_sys_mkdirat+0x89/0xa0
[ 107.664023][ T5914] page last free stack trace:
[ 107.668818][ T5914] free_unref_page_prepare+0x7b2/0x8c0
[ 107.674347][ T5914] free_unref_page+0x32/0x2e0
[ 107.679242][ T5914] __unfreeze_partials+0x1cf/0x210
[ 107.684417][ T5914] put_cpu_partial+0x17c/0x250
[ 107.689268][ T5914] __slab_free+0x319/0x400
[ 107.693824][ T5914] qlist_free_all+0x75/0xd0
[ 107.699091][ T5914] kasan_quarantine_reduce+0x143/0x160
[ 107.704613][ T5914] __kasan_slab_alloc+0x22/0x80
[ 107.709683][ T5914] slab_post_alloc_hook+0x6e/0x4b0
[ 107.714856][ T5914] kmem_cache_alloc_node+0x14c/0x320
[ 107.720248][ T5914] __alloc_skb+0x103/0x2c0
[ 107.724716][ T5914] rtmsg_ifinfo_build_skb+0x8c/0x260
[ 107.730432][ T5914] rtmsg_ifinfo+0x8c/0x1a0
[ 107.734902][ T5914] netdev_state_change+0xfe/0x170
[ 107.740092][ T5914] linkwatch_do_dev+0x10d/0x160
[ 107.745116][ T5914] __linkwatch_run_queue+0x417/0x670
[ 107.750525][ T5914] Modules linked in:
[ 107.757946][ T5914] CPU: 0 PID: 5914 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 107.766692][ T5914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 107.776777][ T5914] Call Trace:
[ 107.780079][ T5914]
[ 107.783051][ T5914] dump_stack_lvl+0x18c/0x250
[ 107.787779][ T5914] ? show_regs_print_info+0x20/0x20
[ 107.793025][ T5914] ? swiotlb_print_info+0x70/0x70
[ 107.798078][ T5914] ? dump_page+0xba3/0x14a0
[ 107.802613][ T5914] bad_page+0x14b/0x170
[ 107.806792][ T5914] free_unref_page_prepare+0x85f/0x8c0
[ 107.812295][ T5914] free_unref_page_list+0xbe/0x860
[ 107.817462][ T5914] ? __folio_memcg+0x63/0x160
[ 107.822202][ T5914] ? folio_memcg+0x127/0x480
[ 107.826873][ T5914] release_pages+0x1f7a/0x2200
[ 107.831666][ T5914] ? lru_cache_disable+0x30/0x30
[ 107.836613][ T5914] ? mlock_drain_local+0x79/0x490
[ 107.841653][ T5914] ? mlock_drain_local+0x79/0x490
[ 107.846692][ T5914] ? mlock_drain_local+0x28d/0x490
[ 107.851815][ T5914] __folio_batch_release+0x71/0xe0
[ 107.857123][ T5914] truncate_inode_pages_range+0x3b9/0xfb0
[ 107.862883][ T5914] ? mapping_evict_folio+0x510/0x510
[ 107.868216][ T5914] ? __static_call_return0+0x9/0x10
[ 107.873442][ T5914] ? shrink_dentry_list+0x685/0x6a0
[ 107.878677][ T5914] ? sync_filesystem+0x107/0x220
[ 107.883728][ T5914] jfs_remount+0x341/0x5b0
[ 107.888190][ T5914] ? jfs_statfs+0x550/0x550
[ 107.892735][ T5914] reconfigure_super+0x21e/0x8a0
[ 107.897721][ T5914] path_mount+0xd2f/0xff0
[ 107.902080][ T5914] __se_sys_mount+0x2e7/0x3d0
[ 107.906901][ T5914] ? __x64_sys_mount+0xc0/0xc0
[ 107.911997][ T5914] ? lockdep_hardirqs_on+0x98/0x150
[ 107.917330][ T5914] ? __x64_sys_mount+0x20/0xc0
[ 107.922151][ T5914] do_syscall_64+0x55/0xa0
[ 107.926618][ T5914] ? clear_bhb_loop+0x40/0x90
[ 107.931329][ T5914] ? clear_bhb_loop+0x40/0x90
[ 107.936054][ T5914] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 107.941985][ T5914] RIP: 0033:0x7faff4b9c799
[ 107.946433][ T5914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 107.966119][ T5914] RSP: 002b:00007fff4e22b0a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 107.974567][ T5914] RAX: ffffffffffffffda RBX: 00007faff4e15fa0 RCX: 00007faff4b9c799
[ 107.982594][ T5914] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 107.990616][ T5914] RBP: 00007faff4c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 107.998621][ T5914] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 108.006616][ T5914] R13: 00007faff4e15fac R14: 00007faff4e15fa0 R15: 00007faff4e15fa0
[ 108.014670][ T5914]
[ 108.021898][ T5914] BUG: Bad page state in process syz.0.17 pfn:2bf10
[ 108.029003][ T5914] page:ffffea0000afc400 refcount:0 mapcount:0 mapping:0000000000000000 index:0x8ed2d pfn:0x2bf10
[ 108.041497][ T5914] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 108.054134][ T5914] page_type: 0xffffffff()
[ 108.059222][ T5914] raw: 00fff0000000800c ffffea0000b18b48 ffffc900032f7940 0000000000000000
[ 108.068232][ T5914] raw: 000000000008ed2d ffff8880311fc8b8 00000000ffffffff 0000000000000000
[ 108.076869][ T5914] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 108.085153][ T5914] page_owner tracks the page as allocated
[ 108.090996][ T5914] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5914, tgid 5914 (syz.0.17), ts 106862193785, free_ts 106601875165
[ 108.109708][ T5914] post_alloc_hook+0x1c1/0x200
[ 108.114539][ T5914] get_page_from_freelist+0x1951/0x19e0
[ 108.120442][ T5914] __alloc_pages+0x1f0/0x460
[ 108.125087][ T5914] folio_alloc+0x1e/0x30
[ 108.129783][ T5914] filemap_alloc_folio+0xdf/0x490
[ 108.134869][ T5914] __filemap_get_folio+0x3ea/0xbb0
[ 108.140495][ T5914] pagecache_get_page+0x2a/0x250
[ 108.145472][ T5914] __get_metapage+0x2a8/0xfa0
[ 108.150257][ T5914] diNewExt+0xa82/0x3120
[ 108.154580][ T5914] diAllocAG+0xea5/0x1da0
[ 108.159106][ T5914] diAlloc+0x1d5/0x1660
[ 108.163309][ T5914] ialloc+0x8c/0x950
[ 108.167220][ T5914] jfs_mkdir+0x1df/0xac0
[ 108.171615][ T5914] vfs_mkdir+0x296/0x440
[ 108.175930][ T5914] do_mkdirat+0x1dc/0x450
[ 108.180624][ T5914] __x64_sys_mkdirat+0x89/0xa0
[ 108.185448][ T5914] page last free stack trace:
[ 108.190210][ T5914] free_unref_page_prepare+0x7b2/0x8c0
[ 108.195730][ T5914] free_unref_page+0x32/0x2e0
[ 108.200575][ T5914] __unfreeze_partials+0x1cf/0x210
[ 108.205730][ T5914] put_cpu_partial+0x17c/0x250
[ 108.210844][ T5914] __slab_free+0x319/0x400
[ 108.215425][ T5914] qlist_free_all+0x75/0xd0
[ 108.220039][ T5914] kasan_quarantine_reduce+0x143/0x160
[ 108.225650][ T5914] __kasan_slab_alloc+0x22/0x80
[ 108.230685][ T5914] slab_post_alloc_hook+0x6e/0x4b0
[ 108.235887][ T5914] kmem_cache_alloc_node+0x14c/0x320
[ 108.241388][ T5914] __alloc_skb+0x103/0x2c0
[ 108.245873][ T5914] rtmsg_ifinfo_build_skb+0x8c/0x260
[ 108.251246][ T5914] rtmsg_ifinfo+0x8c/0x1a0
[ 108.255704][ T5914] netdev_state_change+0xfe/0x170
[ 108.260934][ T5914] linkwatch_do_dev+0x10d/0x160
[ 108.265852][ T5914] __linkwatch_run_queue+0x417/0x670
[ 108.271388][ T5914] Modules linked in:
[ 108.275365][ T5914] CPU: 0 PID: 5914 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 108.284062][ T5914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 108.294162][ T5914] Call Trace:
[ 108.297477][ T5914]
[ 108.300414][ T5914] dump_stack_lvl+0x18c/0x250
[ 108.305144][ T5914] ? show_regs_print_info+0x20/0x20
[ 108.310377][ T5914] ? swiotlb_print_info+0x70/0x70
[ 108.315429][ T5914] ? dump_page+0xba3/0x14a0
[ 108.319956][ T5914] bad_page+0x14b/0x170
[ 108.324136][ T5914] free_unref_page_prepare+0x85f/0x8c0
[ 108.329643][ T5914] free_unref_page_list+0xbe/0x860
[ 108.334818][ T5914] ? __folio_memcg+0x63/0x160
[ 108.339545][ T5914] ? folio_memcg+0x127/0x480
[ 108.344185][ T5914] release_pages+0x1f7a/0x2200
[ 108.348997][ T5914] ? lru_cache_disable+0x30/0x30
[ 108.353948][ T5914] ? mlock_drain_local+0x79/0x490
[ 108.359022][ T5914] ? mlock_drain_local+0x79/0x490
[ 108.364072][ T5914] ? mlock_drain_local+0x28d/0x490
[ 108.369209][ T5914] __folio_batch_release+0x71/0xe0
[ 108.374340][ T5914] truncate_inode_pages_range+0x3b9/0xfb0
[ 108.380193][ T5914] ? mapping_evict_folio+0x510/0x510
[ 108.385552][ T5914] ? __static_call_return0+0x9/0x10
[ 108.390851][ T5914] ? shrink_dentry_list+0x685/0x6a0
[ 108.396205][ T5914] ? sync_filesystem+0x107/0x220
[ 108.401183][ T5914] jfs_remount+0x341/0x5b0
[ 108.405639][ T5914] ? jfs_statfs+0x550/0x550
[ 108.410174][ T5914] reconfigure_super+0x21e/0x8a0
[ 108.415153][ T5914] path_mount+0xd2f/0xff0
[ 108.419515][ T5914] __se_sys_mount+0x2e7/0x3d0
[ 108.424222][ T5914] ? __x64_sys_mount+0xc0/0xc0
[ 108.429020][ T5914] ? lockdep_hardirqs_on+0x98/0x150
[ 108.434250][ T5914] ? __x64_sys_mount+0x20/0xc0
[ 108.439047][ T5914] do_syscall_64+0x55/0xa0
[ 108.443500][ T5914] ? clear_bhb_loop+0x40/0x90
[ 108.448213][ T5914] ? clear_bhb_loop+0x40/0x90
[ 108.452926][ T5914] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 108.458864][ T5914] RIP: 0033:0x7faff4b9c799
[ 108.463312][ T5914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 108.482953][ T5914] RSP: 002b:00007fff4e22b0a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 108.491399][ T5914] RAX: ffffffffffffffda RBX: 00007faff4e15fa0 RCX: 00007faff4b9c799
[ 108.499397][ T5914] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 108.507416][ T5914] RBP: 00007faff4c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 108.515415][ T5914] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 108.523414][ T5914] R13: 00007faff4e15fac R14: 00007faff4e15fa0 R15: 00007faff4e15fa0
[ 108.531420][ T5914]
[ 108.536496][ T5914] BUG: Bad page state in process syz.0.17 pfn:2c62d
[ 108.543474][ T5914] page:ffffea0000b18b40 refcount:0 mapcount:0 mapping:0000000000000000 index:0xd pfn:0x2c62d
[ 108.553772][ T5914] flags: 0xfff0800000820c(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[ 108.564652][ T5914] page_type: 0xffffffff()
[ 108.569175][ T5914] raw: 00fff0800000820c ffffea0001f2a1c8 ffffc900032f7940 0000000000000000
[ 108.577878][ T5914] raw: 000000000000000d ffff8880311fc4d8 00000000ffffffff 0000000000000000
[ 108.586505][ T5914] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 108.593944][ T5914] page_owner tracks the page as allocated
[ 108.599761][ T5914] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5914, tgid 5914 (syz.0.17), ts 106760280968, free_ts 106728733619
[ 108.618552][ T5914] post_alloc_hook+0x1c1/0x200
[ 108.623480][ T5914] get_page_from_freelist+0x1951/0x19e0
[ 108.629392][ T5914] __alloc_pages+0x1f0/0x460
[ 108.634045][ T5914] folio_alloc+0x1e/0x30
[ 108.638587][ T5914] filemap_alloc_folio+0xdf/0x490
[ 108.643708][ T5914] do_read_cache_folio+0x364/0x7d0
[ 108.649811][ T5914] do_read_cache_page+0x32/0x250
[ 108.654899][ T5914] __get_metapage+0x31a/0xfa0
[ 108.659766][ T5914] diReadSpecial+0x25b/0x710
[ 108.664484][ T5914] jfs_mount+0x3d1/0x860
[ 108.668885][ T5914] jfs_fill_super+0x4e8/0xad0
[ 108.673602][ T5914] mount_bdev+0x221/0x2d0
[ 108.677984][ T5914] legacy_get_tree+0xea/0x180
[ 108.682733][ T5914] vfs_get_tree+0x8c/0x280
[ 108.687226][ T5914] do_new_mount+0x24b/0xa40
[ 108.692057][ T5083] Bluetooth: hci0: command tx timeout
[ 108.692797][ T5914] __se_sys_mount+0x2e7/0x3d0
[ 108.702514][ T5914] page last free stack trace:
[ 108.707207][ T5914] free_unref_page_prepare+0x7b2/0x8c0
[ 108.713226][ T5914] free_unref_page_list+0xbe/0x860
[ 108.718441][ T5914] release_pages+0x1f7a/0x2200
[ 108.723504][ T5914] tlb_flush_mmu+0x379/0x510
[ 108.728256][ T5914] tlb_finish_mmu+0xf9/0x220
[ 108.732898][ T5914] unmap_region+0x312/0x370
[ 108.737426][ T5914] do_vmi_align_munmap+0x10dc/0x16d0
[ 108.743175][ T5914] do_vmi_munmap+0x252/0x2d0
[ 108.747954][ T5914] __vm_munmap+0x1a2/0x3c0
[ 108.752503][ T5914] __x64_sys_munmap+0x60/0x70
[ 108.757200][ T5914] do_syscall_64+0x55/0xa0
[ 108.761765][ T5914] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 108.767800][ T5914] Modules linked in:
[ 108.775316][ T5914] CPU: 0 PID: 5914 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 108.784068][ T5914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 108.794191][ T5914] Call Trace:
[ 108.797489][ T5914]
[ 108.800430][ T5914] dump_stack_lvl+0x18c/0x250
[ 108.805139][ T5914] ? show_regs_print_info+0x20/0x20
[ 108.810402][ T5914] ? swiotlb_print_info+0x70/0x70
[ 108.815458][ T5914] ? dump_page+0xba3/0x14a0
[ 108.820018][ T5914] bad_page+0x14b/0x170
[ 108.824231][ T5914] free_unref_page_prepare+0x85f/0x8c0
[ 108.829717][ T5914] free_unref_page_list+0xbe/0x860
[ 108.834850][ T5914] ? __folio_memcg+0x63/0x160
[ 108.839540][ T5914] ? folio_memcg+0x127/0x480
[ 108.844139][ T5914] release_pages+0x1f7a/0x2200
[ 108.848918][ T5914] ? lru_cache_disable+0x30/0x30
[ 108.853870][ T5914] ? mlock_drain_local+0x79/0x490
[ 108.858910][ T5914] ? mlock_drain_local+0x79/0x490
[ 108.863943][ T5914] ? mlock_drain_local+0x28d/0x490
[ 108.869073][ T5914] __folio_batch_release+0x71/0xe0
[ 108.874201][ T5914] truncate_inode_pages_range+0x3b9/0xfb0
[ 108.879971][ T5914] ? mapping_evict_folio+0x510/0x510
[ 108.885357][ T5914] ? __static_call_return0+0x9/0x10
[ 108.890590][ T5914] ? shrink_dentry_list+0x685/0x6a0
[ 108.895817][ T5914] ? sync_filesystem+0x107/0x220
[ 108.900779][ T5914] jfs_remount+0x341/0x5b0
[ 108.905222][ T5914] ? jfs_statfs+0x550/0x550
[ 108.909740][ T5914] reconfigure_super+0x21e/0x8a0
[ 108.914697][ T5914] path_mount+0xd2f/0xff0
[ 108.919052][ T5914] __se_sys_mount+0x2e7/0x3d0
[ 108.923762][ T5914] ? __x64_sys_mount+0xc0/0xc0
[ 108.928652][ T5914] ? lockdep_hardirqs_on+0x98/0x150
[ 108.933973][ T5914] ? __x64_sys_mount+0x20/0xc0
[ 108.938779][ T5914] do_syscall_64+0x55/0xa0
[ 108.943232][ T5914] ? clear_bhb_loop+0x40/0x90
[ 108.948005][ T5914] ? clear_bhb_loop+0x40/0x90
[ 108.952718][ T5914] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 108.958646][ T5914] RIP: 0033:0x7faff4b9c799
[ 108.963081][ T5914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 108.982722][ T5914] RSP: 002b:00007fff4e22b0a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 108.991171][ T5914] RAX: ffffffffffffffda RBX: 00007faff4e15fa0 RCX: 00007faff4b9c799
[ 108.999170][ T5914] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 109.007167][ T5914] RBP: 00007faff4c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 109.015167][ T5914] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 109.023168][ T5914] R13: 00007faff4e15fac R14: 00007faff4e15fa0 R15: 00007faff4e15fa0
[ 109.031177][ T5914]
[ 109.040350][ T31] kworker/u4:2: attempt to access beyond end of device
[ 109.040350][ T31] loop0: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[ 109.054449][ T31] metapage_write_end_io: I/O error
[ 109.060371][ T112] blkno = 8ed2c, nblocks = 4
[ 109.065120][ T5875] syz-executor: attempt to access beyond end of device
[ 109.065120][ T5875] loop0: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[ 109.079422][ T112] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map
[ 109.079422][ T112]
[ 109.092266][ T112] ERROR: (device loop0): remounting filesystem as read-only
[ 109.102319][ T5875] metapage_write_end_io: I/O error
[ 109.108010][ T112] BUG: Bad page state in process jfsCommit pfn:77ed6
[ 109.114851][ T112] page:ffffea0001dfb580 refcount:0 mapcount:0 mapping:0000000000000000 index:0x8ed2c pfn:0x77ed6
[ 109.125556][ T112] flags: 0xfff0800000820d(locked|referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[ 109.137094][ T112] page_type: 0xffffffff()
[ 109.141859][ T112] raw: 00fff0800000820d dead000000000100 dead000000000122 0000000000000000
[ 109.150967][ T112] raw: 000000000008ed2c ffff8880311fc7c0 00000000ffffffff 0000000000000000
[ 109.159980][ T112] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 109.167300][ T112] page_owner tracks the page as allocated
[ 109.173597][ T112] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5914, tgid 5914 (syz.0.17), ts 106861778315, free_ts 106601892341
[ 109.192296][ T112] post_alloc_hook+0x1c1/0x200
[ 109.197130][ T112] get_page_from_freelist+0x1951/0x19e0
[ 109.203096][ T112] __alloc_pages+0x1f0/0x460
[ 109.207743][ T112] folio_alloc+0x1e/0x30
[ 109.212418][ T112] filemap_alloc_folio+0xdf/0x490
[ 109.217581][ T112] __filemap_get_folio+0x3ea/0xbb0
[ 109.223422][ T112] pagecache_get_page+0x2a/0x250
[ 109.228733][ T112] __get_metapage+0x2a8/0xfa0
[ 109.233871][ T112] diNewExt+0xa82/0x3120
[ 109.239012][ T112] diAllocAG+0xea5/0x1da0
[ 109.243409][ T112] diAlloc+0x1d5/0x1660
[ 109.247622][ T112] ialloc+0x8c/0x950
[ 109.252066][ T112] jfs_mkdir+0x1df/0xac0
[ 109.256359][ T112] vfs_mkdir+0x296/0x440
[ 109.261220][ T112] do_mkdirat+0x1dc/0x450
[ 109.265589][ T112] __x64_sys_mkdirat+0x89/0xa0
[ 109.270517][ T112] page last free stack trace:
[ 109.275299][ T112] free_unref_page_prepare+0x7b2/0x8c0
[ 109.281326][ T112] free_unref_page+0x32/0x2e0
[ 109.286036][ T112] __unfreeze_partials+0x1cf/0x210
[ 109.291226][ T112] put_cpu_partial+0x17c/0x250
[ 109.296036][ T112] __slab_free+0x319/0x400
[ 109.300588][ T112] qlist_free_all+0x75/0xd0
[ 109.305130][ T112] kasan_quarantine_reduce+0x143/0x160
[ 109.310742][ T112] __kasan_slab_alloc+0x22/0x80
[ 109.315630][ T112] slab_post_alloc_hook+0x6e/0x4b0
[ 109.320828][ T112] kmem_cache_alloc_node+0x14c/0x320
[ 109.326153][ T112] __alloc_skb+0x103/0x2c0
[ 109.330634][ T112] rtmsg_ifinfo_build_skb+0x8c/0x260
[ 109.336129][ T112] rtmsg_ifinfo+0x8c/0x1a0
[ 109.340949][ T112] netdev_state_change+0xfe/0x170
[ 109.346008][ T112] linkwatch_do_dev+0x10d/0x160
[ 109.351294][ T112] __linkwatch_run_queue+0x417/0x670
[ 109.356687][ T112] Modules linked in:
[ 109.361084][ T112] CPU: 0 PID: 112 Comm: jfsCommit Tainted: G B syzkaller #0
[ 109.369904][ T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 109.380018][ T112] Call Trace:
[ 109.383333][ T112]
[ 109.386313][ T112] dump_stack_lvl+0x18c/0x250
[ 109.391047][ T112] ? show_regs_print_info+0x20/0x20
[ 109.396307][ T112] ? swiotlb_print_info+0x70/0x70
[ 109.401488][ T112] ? dump_page+0xba3/0x14a0
[ 109.406059][ T112] bad_page+0x14b/0x170
[ 109.410279][ T112] free_unref_page_prepare+0x85f/0x8c0
[ 109.415799][ T112] free_unref_page+0x32/0x2e0
[ 109.420542][ T112] ? __folio_put+0xef/0x210
[ 109.425190][ T112] txUnlock+0x27e/0xcb0
[ 109.429442][ T112] jfs_lazycommit+0x56e/0xa70
[ 109.434167][ T112] ? txFreelock+0x5a0/0x5a0
[ 109.438703][ T112] ? do_task_dead+0xd0/0xd0
[ 109.443383][ T112] ? __kthread_parkme+0x7a/0x1c0
[ 109.448382][ T112] kthread+0x2fa/0x390
[ 109.452491][ T112] ? txFreelock+0x5a0/0x5a0
[ 109.457026][ T112] ? kthread_blkcg+0xd0/0xd0
[ 109.461649][ T112] ret_from_fork+0x48/0x80
[ 109.466119][ T112] ? kthread_blkcg+0xd0/0xd0
[ 109.470751][ T112] ret_from_fork_asm+0x11/0x20
[ 109.475568][ T112]
[ 109.485876][ T112] page:ffffea0001dfb580 refcount:0 mapcount:0 mapping:0000000000000000 index:0x8ed2c pfn:0x77ed6
[ 109.509892][ T112] flags: 0xfff0800000820d(locked|referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[ 109.521275][ T112] page_type: 0xffffffff()
[ 109.525677][ T112] raw: 00fff0800000820d dead000000000100 dead000000000122 0000000000000000
[ 109.534590][ T112] raw: 000000000008ed2c ffff8880311fc7c0 00000000ffffffff 0000000000000000
[ 109.543598][ T112] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[ 109.554116][ T112] page_owner tracks the page as allocated
[ 109.559912][ T112] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5914, tgid 5914 (syz.0.17), ts 106861778315, free_ts 106601892341
[ 109.578502][ T112] post_alloc_hook+0x1c1/0x200
[ 109.583328][ T112] get_page_from_freelist+0x1951/0x19e0
[ 109.588966][ T112] __alloc_pages+0x1f0/0x460
[ 109.593625][ T112] folio_alloc+0x1e/0x30
[ 109.598037][ T112] filemap_alloc_folio+0xdf/0x490
[ 109.603111][ T112] __filemap_get_folio+0x3ea/0xbb0
[ 109.608280][ T112] pagecache_get_page+0x2a/0x250
[ 109.613253][ T112] __get_metapage+0x2a8/0xfa0
[ 109.618016][ T112] diNewExt+0xa82/0x3120
[ 109.622319][ T112] diAllocAG+0xea5/0x1da0
[ 109.626706][ T112] diAlloc+0x1d5/0x1660
[ 109.631136][ T112] ialloc+0x8c/0x950
[ 109.635077][ T112] jfs_mkdir+0x1df/0xac0
[ 109.639987][ T112] vfs_mkdir+0x296/0x440
[ 109.644453][ T112] do_mkdirat+0x1dc/0x450
[ 109.648887][ T112] __x64_sys_mkdirat+0x89/0xa0
[ 109.653686][ T112] page last free stack trace:
[ 109.658420][ T112] free_unref_page_prepare+0x7b2/0x8c0
[ 109.663930][ T112] free_unref_page+0x32/0x2e0
[ 109.668691][ T112] __unfreeze_partials+0x1cf/0x210
[ 109.673849][ T112] put_cpu_partial+0x17c/0x250
[ 109.678923][ T112] __slab_free+0x319/0x400
[ 109.683367][ T112] qlist_free_all+0x75/0xd0
[ 109.687933][ T112] kasan_quarantine_reduce+0x143/0x160
[ 109.693436][ T112] __kasan_slab_alloc+0x22/0x80
[ 109.698352][ T112] slab_post_alloc_hook+0x6e/0x4b0
[ 109.703500][ T112] kmem_cache_alloc_node+0x14c/0x320
[ 109.708932][ T112] __alloc_skb+0x103/0x2c0
[ 109.713374][ T112] rtmsg_ifinfo_build_skb+0x8c/0x260
[ 109.718724][ T112] rtmsg_ifinfo+0x8c/0x1a0
[ 109.723181][ T112] netdev_state_change+0xfe/0x170
[ 109.728619][ T112] linkwatch_do_dev+0x10d/0x160
[ 109.733513][ T112] __linkwatch_run_queue+0x417/0x670
[ 109.739240][ T112] ------------[ cut here ]------------
[ 109.744935][ T112] kernel BUG at include/linux/mm.h:1458!
[ 109.751356][ T112] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 109.757441][ T112] CPU: 1 PID: 112 Comm: jfsCommit Tainted: G B syzkaller #0
[ 109.766124][ T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 109.776197][ T112] RIP: 0010:put_metapage+0x253/0x340
[ 109.781508][ T112] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 57 78 d9 fe e9 25 ff ff ff e8 5d 3c 81 fe 48 8b 3c 24 48 c7 c6 80 07 04 8b e8 7d aa c1 fe <0f> 0b 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff e8 76 40 81
[ 109.801305][ T112] RSP: 0018:ffffc90002d17cc0 EFLAGS: 00010246
[ 109.807383][ T112] RAX: d75703e008efa800 RBX: ffff8880311fc7c0 RCX: d75703e008efa800
[ 109.815374][ T112] RDX: 0000000000000000 RSI: ffffffff8b1c8980 RDI: ffffffff8b1c8940
[ 109.823452][ T112] RBP: 000000000000007f R08: ffffffff8e8b02af R09: 1ffffffff1d16055
[ 109.831439][ T112] R10: dffffc0000000000 R11: fffffbfff1d16056 R12: ffff8880311fc7e8
[ 109.839444][ T112] R13: ffffea0001dfb5b4 R14: 1ffff1100623f8fd R15: 1ffff1100623f90a
[ 109.847438][ T112] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 109.856399][ T112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 109.863007][ T112] CR2: 0000561bac9e9b80 CR3: 000000002bccb000 CR4: 00000000003506e0
[ 109.871011][ T112] Call Trace:
[ 109.874400][ T112]
[ 109.877359][ T112] txUnlock+0x427/0xcb0
[ 109.881569][ T112] jfs_lazycommit+0x56e/0xa70
[ 109.886281][ T112] ? txFreelock+0x5a0/0x5a0
[ 109.890808][ T112] ? do_task_dead+0xd0/0xd0
[ 109.895335][ T112] ? __kthread_parkme+0x7a/0x1c0
[ 109.900300][ T112] kthread+0x2fa/0x390
[ 109.904398][ T112] ? txFreelock+0x5a0/0x5a0
[ 109.908959][ T112] ? kthread_blkcg+0xd0/0xd0
[ 109.913577][ T112] ret_from_fork+0x48/0x80
[ 109.918025][ T112] ? kthread_blkcg+0xd0/0xd0
[ 109.922739][ T112] ret_from_fork_asm+0x11/0x20
[ 109.927535][ T112]
[ 109.930583][ T112] Modules linked in:
[ 109.935003][ T112] ---[ end trace 0000000000000000 ]---
[ 109.940544][ T112] RIP: 0010:put_metapage+0x253/0x340
[ 109.945889][ T112] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 57 78 d9 fe e9 25 ff ff ff e8 5d 3c 81 fe 48 8b 3c 24 48 c7 c6 80 07 04 8b e8 7d aa c1 fe <0f> 0b 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff e8 76 40 81
[ 109.966009][ T112] RSP: 0018:ffffc90002d17cc0 EFLAGS: 00010246
[ 109.972984][ T112] RAX: d75703e008efa800 RBX: ffff8880311fc7c0 RCX: d75703e008efa800
[ 109.981049][ T112] RDX: 0000000000000000 RSI: ffffffff8b1c8980 RDI: ffffffff8b1c8940
[ 109.989090][ T112] RBP: 000000000000007f R08: ffffffff8e8b02af R09: 1ffffffff1d16055
[ 109.997093][ T112] R10: dffffc0000000000 R11: fffffbfff1d16056 R12: ffff8880311fc7e8
[ 110.005155][ T112] R13: ffffea0001dfb5b4 R14: 1ffff1100623f8fd R15: 1ffff1100623f90a
[ 110.013191][ T112] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 110.022211][ T112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 110.028881][ T112] CR2: 0000561bac9e9b80 CR3: 000000000cf32000 CR4: 00000000003506e0
[ 110.036896][ T112] Kernel panic - not syncing: Fatal exception
[ 110.043561][ T112] Kernel Offset: disabled
[ 110.047902][ T112] Rebooting in 86400 seconds..