Warning: Permanently added '10.128.1.176' (ED25519) to the list of known hosts.
2025/07/18 07:45:53 ignoring optional flag "sandboxArg"="0"
2025/07/18 07:45:53 parsed 1 programs
[  123.612611][ T6323] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  126.468703][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  126.480650][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  126.489577][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  126.502191][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  126.523104][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  127.915366][ T6366] chnl_net:caif_netlink_parms(): no params data found
[  128.005710][ T6366] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.013594][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.020885][ T6366] bridge_slave_0: entered allmulticast mode
[  128.027910][ T6366] bridge_slave_0: entered promiscuous mode
[  128.036706][ T6366] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.044065][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.051393][ T6366] bridge_slave_1: entered allmulticast mode
[  128.058344][ T6366] bridge_slave_1: entered promiscuous mode
[  128.086331][ T6366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.099144][ T6366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.252131][ T6366] team0: Port device team_slave_0 added
[  128.287859][ T6366] team0: Port device team_slave_1 added
[  128.360880][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.367846][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.394845][ T6366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.408708][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.416465][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.444039][ T6366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.503499][ T6366] hsr_slave_0: entered promiscuous mode
[  128.509984][ T6366] hsr_slave_1: entered promiscuous mode
[  129.194936][ T6366] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  129.208729][ T6366] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  129.236042][ T6366] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  129.248728][ T6366] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  129.356784][ T6366] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.385665][ T6366] 8021q: adding VLAN 0 to HW filter on device team0
[  129.404879][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.412287][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.430034][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.437295][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.713482][ T6366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.761316][ T6366] veth0_vlan: entered promiscuous mode
[  129.777113][ T6366] veth1_vlan: entered promiscuous mode
[  129.826021][ T6366] veth0_macvtap: entered promiscuous mode
[  129.839717][ T6366] veth1_macvtap: entered promiscuous mode
[  129.870252][ T6366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.892375][ T6366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.907243][ T6366] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.918599][ T6366] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.930257][ T6366] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.941020][ T6366] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.137391][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.223506][   T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.308888][   T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.413011][   T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.687666][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  131.704835][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.739188][ T2911] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  131.748481][ T2911] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/18 07:46:05 executed programs: 0
[  131.909662][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  131.922680][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  131.932859][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  131.943068][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  131.952555][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  132.218185][ T6500] chnl_net:caif_netlink_parms(): no params data found
[  132.356286][ T6500] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.363893][ T6500] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.372538][ T6500] bridge_slave_0: entered allmulticast mode
[  132.380703][ T6500] bridge_slave_0: entered promiscuous mode
[  132.389997][ T6500] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.397518][ T6500] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.405253][ T6500] bridge_slave_1: entered allmulticast mode
[  132.413518][ T6500] bridge_slave_1: entered promiscuous mode
[  132.458281][ T6500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  132.471532][ T6500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  132.518606][ T6500] team0: Port device team_slave_0 added
[  132.529378][ T6500] team0: Port device team_slave_1 added
[  132.598678][ T6500] batman_adv: batadv0: Adding interface: batadv_slave_0
[  132.607555][ T6500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.637500][ T6500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.653121][ T6500] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.660512][ T6500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.689669][ T6500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.798575][   T36] bridge_slave_1: left allmulticast mode
[  132.805508][   T36] bridge_slave_1: left promiscuous mode
[  132.811706][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.824453][   T36] bridge_slave_0: left allmulticast mode
[  132.830122][   T36] bridge_slave_0: left promiscuous mode
[  132.835955][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.143229][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  133.155345][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  133.168205][   T36] bond0 (unregistering): Released all slaves
[  133.205073][ T6500] hsr_slave_0: entered promiscuous mode
[  133.213271][ T6500] hsr_slave_1: entered promiscuous mode
[  133.219679][ T6500] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  133.228129][ T6500] Cannot create hsr debugfs directory
[  133.293014][   T36] hsr_slave_0: left promiscuous mode
[  133.299386][   T36] hsr_slave_1: left promiscuous mode
[  133.307925][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.317728][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.326577][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.336032][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.362394][   T36] veth1_macvtap: left promiscuous mode
[  133.368042][   T36] veth0_macvtap: left promiscuous mode
[  133.373988][   T36] veth1_vlan: left promiscuous mode
[  133.379441][   T36] veth0_vlan: left promiscuous mode
[  133.405217][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  133.413428][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.966070][   T36] team0 (unregistering): Port device team_slave_1 removed
[  134.012967][   T36] team0 (unregistering): Port device team_slave_0 removed
[  134.041688][   T51] Bluetooth: hci0: command tx timeout
[  135.518328][ T6500] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  135.546081][ T6500] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  135.571675][ T6500] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  135.625488][ T6500] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  135.785514][ T6500] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.826753][ T6500] 8021q: adding VLAN 0 to HW filter on device team0
[  135.854515][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.861809][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.873003][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.880216][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.120562][   T51] Bluetooth: hci0: command tx timeout
[  136.134952][ T6500] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.191272][ T6500] veth0_vlan: entered promiscuous mode
[  136.213493][ T6500] veth1_vlan: entered promiscuous mode
[  136.257269][ T6500] veth0_macvtap: entered promiscuous mode
[  136.273265][ T6500] veth1_macvtap: entered promiscuous mode
[  136.305260][ T6500] batman_adv: batadv0: Interface activated: batadv_slave_0
[  136.326031][ T6500] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.343339][ T6500] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.352689][ T6500] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.363732][ T6500] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.373103][ T6500] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.473686][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.496820][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.537693][ T2911] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.549965][ T2911] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.965312][ T6623] loop0: detected capacity change from 0 to 32768
[  137.085510][ T6623] loop0: detected capacity change from 32768 to 32745
2025/07/18 07:46:11 executed programs: 3
[  137.131559][ T6500] ERROR: (device loop0): diRead: i_ino != di_number
[  137.131559][ T6500] 
[  137.154765][ T6500] ERROR: (device loop0): remounting filesystem as read-only
[  137.174354][ T6500] jfs_lookup: iget failed on inum 32
[  137.180263][ T6500] ERROR: (device loop0): diRead: i_ino != di_number
[  137.180263][ T6500] 
[  137.211844][ T6500] jfs_lookup: iget failed on inum 32
[  138.115399][  T112] ------------[ cut here ]------------
[  138.120018][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.133376][  T112] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2772:24
[  138.146040][  T112] index 4294967295 is out of range for type 's8[1365]' (aka 'signed char[1365]')
[  138.156491][  T112] CPU: 0 UID: 0 PID: 112 Comm: jfsCommit Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[  138.156515][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.156533][  T112] Call Trace:
[  138.156544][  T112]  <TASK>
[  138.156552][  T112]  dump_stack_lvl+0x189/0x250
[  138.156581][  T112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.156599][  T112]  ? __pfx__printk+0x10/0x10
[  138.156625][  T112]  ? lock_metapage+0x301/0x400
[  138.156651][  T112]  ubsan_epilogue+0xa/0x40
[  138.156671][  T112]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  138.156698][  T112]  dbJoin+0x29f/0x300
[  138.156716][  T112]  ? do_read_cache_folio+0x4c6/0x590
[  138.156738][  T112]  dbFreeBits+0x4e1/0xdb0
[  138.156763][  T112]  ? down_read_nested+0x1af/0x2f0
[  138.156786][  T112]  dbFree+0x336/0x650
[  138.156813][  T112]  txFreeMap+0x9e6/0xde0
[  138.156832][  T112]  ? __mark_inode_dirty+0x3ab/0xdf0
[  138.156859][  T112]  xtTruncate+0xcd7/0x2dd0
[  138.156900][  T112]  ? __pfx_xtTruncate+0x10/0x10
[  138.156943][  T112]  ? __lock_acquire+0xab9/0xd20
[  138.156966][  T112]  ? __asan_memset+0x22/0x50
[  138.156994][  T112]  ? __dquot_initialize+0x218/0xcb0
[  138.157016][  T112]  jfs_free_zero_link+0x33a/0x4a0
[  138.157042][  T112]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  138.157062][  T112]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  138.157092][  T112]  jfs_evict_inode+0x363/0x440
[  138.157110][  T112]  ? evict+0x4f8/0x9c0
[  138.157133][  T112]  ? __pfx_jfs_evict_inode+0x10/0x10
[  138.157150][  T112]  evict+0x504/0x9c0
[  138.157178][  T112]  ? __pfx_evict+0x10/0x10
[  138.157196][  T112]  ? do_raw_spin_unlock+0x122/0x240
[  138.157220][  T112]  ? _raw_spin_unlock+0x28/0x50
[  138.157241][  T112]  ? iput+0x6d8/0x9d0
[  138.157266][  T112]  jfs_lazycommit+0x43f/0xa90
[  138.157290][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  138.157308][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  138.157332][  T112]  ? __kthread_parkme+0x7b/0x200
[  138.157350][  T112]  ? __kthread_parkme+0x1a1/0x200
[  138.157373][  T112]  kthread+0x711/0x8a0
[  138.157395][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  138.157410][  T112]  ? __pfx_kthread+0x10/0x10
[  138.157431][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.157452][  T112]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.157466][  T112]  ? __pfx_kthread+0x10/0x10
[  138.157487][  T112]  ret_from_fork+0x3fc/0x770
[  138.157507][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  138.157534][  T112]  ? __switch_to_asm+0x39/0x70
[  138.157552][  T112]  ? __switch_to_asm+0x33/0x70
[  138.157569][  T112]  ? __pfx_kthread+0x10/0x10
[  138.157588][  T112]  ret_from_fork_asm+0x1a/0x30
[  138.157622][  T112]  </TASK>
[  138.157628][  T112] ---[ end trace ]---
[  138.423367][  T112] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  138.430632][  T112] CPU: 0 UID: 0 PID: 112 Comm: jfsCommit Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[  138.442653][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.452861][  T112] Call Trace:
[  138.456175][  T112]  <TASK>
[  138.459140][  T112]  dump_stack_lvl+0x99/0x250
[  138.463764][  T112]  ? __asan_memcpy+0x40/0x70
[  138.468399][  T112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.473645][  T112]  ? __pfx__printk+0x10/0x10
[  138.478382][  T112]  panic+0x2db/0x790
[  138.482409][  T112]  ? __pfx_panic+0x10/0x10
[  138.486860][  T112]  ? _printk+0xcf/0x120
[  138.491048][  T112]  ? __pfx__printk+0x10/0x10
[  138.495678][  T112]  check_panic_on_warn+0x89/0xb0
[  138.500649][  T112]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  138.506496][  T112]  dbJoin+0x29f/0x300
[  138.510513][  T112]  ? do_read_cache_folio+0x4c6/0x590
[  138.515833][  T112]  dbFreeBits+0x4e1/0xdb0
[  138.520215][  T112]  ? down_read_nested+0x1af/0x2f0
[  138.525375][  T112]  dbFree+0x336/0x650
[  138.529450][  T112]  txFreeMap+0x9e6/0xde0
[  138.533740][  T112]  ? __mark_inode_dirty+0x3ab/0xdf0
[  138.539055][  T112]  xtTruncate+0xcd7/0x2dd0
[  138.543504][  T112]  ? __pfx_xtTruncate+0x10/0x10
[  138.548474][  T112]  ? __lock_acquire+0xab9/0xd20
[  138.553328][  T112]  ? __asan_memset+0x22/0x50
[  138.557926][  T112]  ? __dquot_initialize+0x218/0xcb0
[  138.563119][  T112]  jfs_free_zero_link+0x33a/0x4a0
[  138.568143][  T112]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  138.573683][  T112]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  138.579752][  T112]  jfs_evict_inode+0x363/0x440
[  138.584512][  T112]  ? evict+0x4f8/0x9c0
[  138.588779][  T112]  ? __pfx_jfs_evict_inode+0x10/0x10
[  138.594158][  T112]  evict+0x504/0x9c0
[  138.598063][  T112]  ? __pfx_evict+0x10/0x10
[  138.602571][  T112]  ? do_raw_spin_unlock+0x122/0x240
[  138.607796][  T112]  ? _raw_spin_unlock+0x28/0x50
[  138.612733][  T112]  ? iput+0x6d8/0x9d0
[  138.616713][  T112]  jfs_lazycommit+0x43f/0xa90
[  138.621385][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  138.626577][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  138.632382][  T112]  ? __kthread_parkme+0x7b/0x200
[  138.637312][  T112]  ? __kthread_parkme+0x1a1/0x200
[  138.642345][  T112]  kthread+0x711/0x8a0
[  138.646408][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  138.651595][  T112]  ? __pfx_kthread+0x10/0x10
[  138.656179][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.661381][  T112]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.666653][  T112]  ? __pfx_kthread+0x10/0x10
[  138.671239][  T112]  ret_from_fork+0x3fc/0x770
[  138.675821][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  138.680930][  T112]  ? __switch_to_asm+0x39/0x70
[  138.685693][  T112]  ? __switch_to_asm+0x33/0x70
[  138.690456][  T112]  ? __pfx_kthread+0x10/0x10
[  138.695043][  T112]  ret_from_fork_asm+0x1a/0x30
[  138.699822][  T112]  </TASK>
[  138.703095][  T112] Kernel Offset: disabled
[  138.707447][  T112] Rebooting in 86400 seconds..