Warning: Permanently added '10.128.0.123' (ED25519) to the list of known hosts.
2025/04/10 23:05:12 ignoring optional flag "sandboxArg"="0"
2025/04/10 23:05:13 parsed 1 programs
[ 117.708298][ T6003] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 120.771513][ T6028] chnl_net:caif_netlink_parms(): no params data found
[ 120.835414][ T6028] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.842687][ T6028] bridge0: port 1(bridge_slave_0) entered disabled state
[ 120.851216][ T6028] bridge_slave_0: entered allmulticast mode
[ 120.860099][ T6028] bridge_slave_0: entered promiscuous mode
[ 120.868212][ T6028] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.875614][ T6028] bridge0: port 2(bridge_slave_1) entered disabled state
[ 120.883465][ T6028] bridge_slave_1: entered allmulticast mode
[ 120.890733][ T6028] bridge_slave_1: entered promiscuous mode
[ 120.925991][ T6028] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 120.941685][ T6028] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 120.974265][ T6028] team0: Port device team_slave_0 added
[ 120.982203][ T6028] team0: Port device team_slave_1 added
[ 121.010727][ T6028] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 121.017847][ T6028] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 121.044434][ T6028] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 121.057430][ T6028] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 121.065139][ T6028] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 121.092120][ T6028] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 121.134008][ T6028] hsr_slave_0: entered promiscuous mode
[ 121.140551][ T6028] hsr_slave_1: entered promiscuous mode
[ 121.244772][ T6028] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.307815][ T6028] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.366277][ T6028] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.411096][ T6028] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 121.537439][ T6028] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 121.549248][ T6028] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 121.560509][ T6028] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 121.572072][ T6028] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 121.639946][ T6028] 8021q: adding VLAN 0 to HW filter on device bond0
[ 121.659323][ T6028] 8021q: adding VLAN 0 to HW filter on device team0
[ 121.671796][ T81] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.679113][ T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 121.696321][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.703522][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 121.851712][ T6028] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 121.890381][ T6028] veth0_vlan: entered promiscuous mode
[ 121.902449][ T6028] veth1_vlan: entered promiscuous mode
[ 121.930469][ T6028] veth0_macvtap: entered promiscuous mode
[ 121.940734][ T6028] veth1_macvtap: entered promiscuous mode
[ 121.956439][ T6028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 121.971026][ T6028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 121.983280][ T6028] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 121.999309][ T6028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 122.010185][ T6028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 122.021507][ T6028] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 122.034246][ T6028] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.043252][ T6028] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.052674][ T6028] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.062057][ T6028] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.106798][ T56] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 123.118774][ T56] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 123.128471][ T56] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 123.138297][ T56] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 123.146338][ T56] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 124.374270][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.387401][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 124.421150][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 124.429367][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/04/10 23:05:24 executed programs: 0
[ 124.584678][ T56] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 124.593255][ T56] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 124.601526][ T56] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 124.611466][ T56] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 124.619899][ T56] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 124.765853][ T6107] chnl_net:caif_netlink_parms(): no params data found
[ 124.835611][ T6107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.842861][ T6107] bridge0: port 1(bridge_slave_0) entered disabled state
[ 124.852170][ T6107] bridge_slave_0: entered allmulticast mode
[ 124.859644][ T6107] bridge_slave_0: entered promiscuous mode
[ 124.869323][ T6107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.877128][ T6107] bridge0: port 2(bridge_slave_1) entered disabled state
[ 124.885047][ T6107] bridge_slave_1: entered allmulticast mode
[ 124.892402][ T6107] bridge_slave_1: entered promiscuous mode
[ 124.921866][ T6107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 124.933953][ T6107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 124.969657][ T6107] team0: Port device team_slave_0 added
[ 124.979951][ T6107] team0: Port device team_slave_1 added
[ 125.009314][ T6107] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 125.016400][ T6107] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 125.043008][ T6107] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 125.055886][ T6107] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 125.063451][ T6107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 125.092394][ T6107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 125.136274][ T6107] hsr_slave_0: entered promiscuous mode
[ 125.143478][ T6107] hsr_slave_1: entered promiscuous mode
[ 125.150126][ T6107] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 125.159364][ T6107] Cannot create hsr debugfs directory
[ 125.264925][ T6107] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.318766][ T6107] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.399337][ T6107] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.491513][ T6107] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.625701][ T6107] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 125.636177][ T6107] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 125.647964][ T6107] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 125.659167][ T6107] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 125.729325][ T6107] 8021q: adding VLAN 0 to HW filter on device bond0
[ 125.749163][ T6107] 8021q: adding VLAN 0 to HW filter on device team0
[ 125.762969][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 125.770440][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 125.785915][ T64] bridge0: port 2(bridge_slave_1) entered blocking state
[ 125.793113][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 125.945930][ T6107] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 125.988755][ T6107] veth0_vlan: entered promiscuous mode
[ 126.002449][ T6107] veth1_vlan: entered promiscuous mode
[ 126.030994][ T6107] veth0_macvtap: entered promiscuous mode
[ 126.041500][ T6107] veth1_macvtap: entered promiscuous mode
[ 126.060572][ T6107] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 126.071198][ T6107] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.081924][ T6107] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 126.093185][ T6107] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.104973][ T6107] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 126.120361][ T6107] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 126.141097][ T6107] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.152020][ T6107] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 126.163075][ T6107] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.174935][ T6107] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 126.190380][ T6107] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.199384][ T6107] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.208793][ T6107] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.219209][ T6107] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.318483][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.343155][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.376900][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.388515][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.682634][ T6121] loop0: detected capacity change from 0 to 32768
[ 126.690786][ T6121] =======================================================
[ 126.690786][ T6121] WARNING: The mand mount option has been deprecated and
[ 126.690786][ T6121] and is ignored by this kernel. Remove the mand
[ 126.690786][ T6121] option from the mount to silence this warning.
[ 126.690786][ T6121] =======================================================
[ 126.730039][ T5140] Bluetooth: hci0: command tx timeout
[ 126.788331][ T6121] loop0: detected capacity change from 32768 to 32745
[ 126.796712][ T6121]
[ 126.799044][ T6121] ======================================================
[ 126.806140][ T6121] WARNING: possible circular locking dependency detected
[ 126.813200][ T6121] 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 Not tainted
[ 126.820407][ T6121] ------------------------------------------------------
[ 126.827423][ T6121] syz.0.15/6121 is trying to acquire lock:
[ 126.833231][ T6121] ffffffff90455248 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x280/0x580
[ 126.844030][ T6121]
[ 126.844030][ T6121] but task is already holding lock:
[ 126.851406][ T6121] ffff888025301de8 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x223/0xb20
[ 126.861842][ T6121]
[ 126.861842][ T6121] which lock already depends on the new lock.
[ 126.861842][ T6121]
[ 126.872269][ T6121]
[ 126.872269][ T6121] the existing dependency chain (in reverse order) is:
[ 126.881293][ T6121]
[ 126.881293][ T6121] -> #2 (&q->q_usage_counter(io)#17){++++}-{0:0}:
[ 126.889891][ T6121] lock_acquire+0x116/0x2f0
[ 126.894906][ T6121] blk_alloc_queue+0x542/0x620
[ 126.900263][ T6121] __blk_mq_alloc_disk+0x162/0x380
[ 126.905923][ T6121] loop_add+0x445/0xaf0
[ 126.910603][ T6121] loop_init+0x168/0x220
[ 126.915539][ T6121] do_one_initcall+0x24a/0x940
[ 126.920816][ T6121] do_initcall_level+0x157/0x210
[ 126.926314][ T6121] do_initcalls+0x71/0xd0
[ 126.931193][ T6121] kernel_init_freeable+0x432/0x5d0
[ 126.936943][ T6121] kernel_init+0x1d/0x2b0
[ 126.941878][ T6121] ret_from_fork+0x4b/0x80
[ 126.946807][ T6121] ret_from_fork_asm+0x1a/0x30
[ 126.952111][ T6121]
[ 126.952111][ T6121] -> #1 (fs_reclaim){+.+.}-{0:0}:
[ 126.959317][ T6121] lock_acquire+0x116/0x2f0
[ 126.964418][ T6121] fs_reclaim_acquire+0x88/0x130
[ 126.969877][ T6121] kmem_cache_alloc_node_noprof+0x4e/0x3b0
[ 126.976193][ T6121] __alloc_skb+0x1c2/0x480
[ 126.981115][ T6121] alloc_uevent_skb+0x74/0x230
[ 126.986390][ T6121] kobject_uevent_net_broadcast+0x2fd/0x580
[ 126.992968][ T6121] kobject_uevent_env+0x57d/0x8e0
[ 126.998516][ T6121] kobject_synth_uevent+0x4f4/0xaf0
[ 127.004266][ T6121] bus_uevent_store+0x116/0x170
[ 127.009703][ T6121] kernfs_fop_write_iter+0x398/0x510
[ 127.015913][ T6121] vfs_write+0x70f/0xd10
[ 127.020703][ T6121] ksys_write+0x19d/0x2d0
[ 127.025556][ T6121] do_syscall_64+0xf3/0x230
[ 127.030771][ T6121] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.037200][ T6121]
[ 127.037200][ T6121] -> #0 (uevent_sock_mutex){+.+.}-{4:4}:
[ 127.045026][ T6121] validate_chain+0xa69/0x24e0
[ 127.050320][ T6121] __lock_acquire+0xad5/0xd80
[ 127.055515][ T6121] lock_acquire+0x116/0x2f0
[ 127.060648][ T6121] __mutex_lock+0x1a5/0x10c0
[ 127.065847][ T6121] kobject_uevent_net_broadcast+0x280/0x580
[ 127.072337][ T6121] kobject_uevent_env+0x57d/0x8e0
[ 127.078087][ T6121] set_capacity_and_notify+0x269/0x2d0
[ 127.084131][ T6121] loop_set_status+0x4a4/0xb20
[ 127.089425][ T6121] lo_ioctl+0xce1/0x2850
[ 127.094190][ T6121] blkdev_ioctl+0x5df/0x710
[ 127.099286][ T6121] __se_sys_ioctl+0xf1/0x160
[ 127.104606][ T6121] do_syscall_64+0xf3/0x230
[ 127.109764][ T6121] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.116170][ T6121]
[ 127.116170][ T6121] other info that might help us debug this:
[ 127.116170][ T6121]
[ 127.126387][ T6121] Chain exists of:
[ 127.126387][ T6121] uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#17
[ 127.126387][ T6121]
[ 127.140226][ T6121] Possible unsafe locking scenario:
[ 127.140226][ T6121]
[ 127.148215][ T6121] CPU0 CPU1
[ 127.153584][ T6121] ---- ----
[ 127.158935][ T6121] lock(&q->q_usage_counter(io)#17);
[ 127.164399][ T6121] lock(fs_reclaim);
[ 127.170893][ T6121] lock(&q->q_usage_counter(io)#17);
[ 127.178866][ T6121] lock(uevent_sock_mutex);
[ 127.183444][ T6121]
[ 127.183444][ T6121] *** DEADLOCK ***
[ 127.183444][ T6121]
[ 127.192107][ T6121] 3 locks held by syz.0.15/6121:
[ 127.197052][ T6121] #0: ffff888143f53b68 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2b/0xb20
[ 127.206718][ T6121] #1: ffff888025301de8 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x223/0xb20
[ 127.217424][ T6121] #2: ffff888025301e20 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: loop_set_status+0x223/0xb20
[ 127.228392][ T6121]
[ 127.228392][ T6121] stack backtrace:
[ 127.234469][ T6121] CPU: 0 UID: 0 PID: 6121 Comm: syz.0.15 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full)
[ 127.234485][ T6121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 127.234495][ T6121] Call Trace:
[ 127.234502][ T6121]
[ 127.234508][ T6121] dump_stack_lvl+0x241/0x360
[ 127.234529][ T6121] ? __pfx_dump_stack_lvl+0x10/0x10
[ 127.234544][ T6121] ? __pfx__printk+0x10/0x10
[ 127.234559][ T6121] ? print_lock+0x171/0x1a0
[ 127.234573][ T6121] print_circular_bug+0x2e1/0x300
[ 127.234588][ T6121] check_noncircular+0x142/0x160
[ 127.234605][ T6121] validate_chain+0xa69/0x24e0
[ 127.234619][ T6121] ? __pfx_number+0x10/0x10
[ 127.234643][ T6121] __lock_acquire+0xad5/0xd80
[ 127.234656][ T6121] lock_acquire+0x116/0x2f0
[ 127.234667][ T6121] ? kobject_uevent_net_broadcast+0x280/0x580
[ 127.234685][ T6121] ? vsnprintf+0x1156/0x1230
[ 127.234703][ T6121] __mutex_lock+0x1a5/0x10c0
[ 127.234716][ T6121] ? kobject_uevent_net_broadcast+0x280/0x580
[ 127.234734][ T6121] ? __pfx_vsnprintf+0x10/0x10
[ 127.234752][ T6121] ? kobject_uevent_net_broadcast+0x280/0x580
[ 127.234768][ T6121] ? __pfx___mutex_lock+0x10/0x10
[ 127.234781][ T6121] ? add_uevent_var+0x291/0x490
[ 127.234799][ T6121] ? kobject_uevent_env+0x503/0x8e0
[ 127.234814][ T6121] ? __pfx_add_uevent_var+0x10/0x10
[ 127.234831][ T6121] kobject_uevent_net_broadcast+0x280/0x580
[ 127.234850][ T6121] kobject_uevent_env+0x57d/0x8e0
[ 127.234868][ T6121] set_capacity_and_notify+0x269/0x2d0
[ 127.234886][ T6121] ? __pfx_set_capacity_and_notify+0x10/0x10
[ 127.234901][ T6121] ? __asan_memcpy+0x40/0x70
[ 127.234916][ T6121] ? loop_set_status_from_info+0x184/0x240
[ 127.234932][ T6121] loop_set_status+0x4a4/0xb20
[ 127.234951][ T6121] lo_ioctl+0xce1/0x2850
[ 127.234969][ T6121] ? __pfx_lo_ioctl+0x10/0x10
[ 127.234987][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235000][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235011][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235023][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235034][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235046][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235057][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235073][ T6121] ? is_bpf_text_address+0x26/0x2a0
[ 127.235087][ T6121] ? is_bpf_text_address+0x288/0x2a0
[ 127.235099][ T6121] ? is_bpf_text_address+0x26/0x2a0
[ 127.235111][ T6121] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 127.235128][ T6121] ? kernel_text_address+0xa7/0xe0
[ 127.235145][ T6121] ? __kernel_text_address+0xd/0x40
[ 127.235161][ T6121] ? unwind_get_return_address+0x4d/0x90
[ 127.235176][ T6121] ? arch_stack_walk+0xff/0x150
[ 127.235194][ T6121] ? stack_trace_save+0x11a/0x1d0
[ 127.235210][ T6121] ? __pfx_stack_trace_save+0x10/0x10
[ 127.235226][ T6121] ? stack_depot_save_flags+0x44/0x940
[ 127.235243][ T6121] ? do_syscall_64+0xf3/0x230
[ 127.235256][ T6121] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.235269][ T6121] ? do_vfs_ioctl+0xef8/0x2750
[ 127.235294][ T6121] ? kasan_quarantine_put+0xdc/0x230
[ 127.235308][ T6121] ? lockdep_hardirqs_on+0x9d/0x150
[ 127.235324][ T6121] ? tomoyo_path_number_perm+0x215/0x790
[ 127.235340][ T6121] ? blkdev_common_ioctl+0x1060/0x25a0
[ 127.235356][ T6121] ? __pfx_blkdev_common_ioctl+0x10/0x10
[ 127.235370][ T6121] ? tomoyo_path_number_perm+0x215/0x790
[ 127.235386][ T6121] ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 127.235403][ T6121] ? do_sys_openat2+0x165/0x1d0
[ 127.235418][ T6121] ? __lock_acquire+0xad5/0xd80
[ 127.235429][ T6121] ? __asan_memset+0x23/0x50
[ 127.235443][ T6121] ? smack_file_ioctl+0x2a7/0x3b0
[ 127.235465][ T6121] ? __pfx_smack_file_ioctl+0x10/0x10
[ 127.235480][ T6121] ? file_to_blk_mode+0xcb/0x140
[ 127.235496][ T6121] ? __pfx_lo_ioctl+0x10/0x10
[ 127.235510][ T6121] blkdev_ioctl+0x5df/0x710
[ 127.235525][ T6121] ? __pfx_blkdev_ioctl+0x10/0x10
[ 127.235539][ T6121] ? __pfx_blkdev_ioctl+0x10/0x10
[ 127.235553][ T6121] __se_sys_ioctl+0xf1/0x160
[ 127.235569][ T6121] do_syscall_64+0xf3/0x230
[ 127.235583][ T6121] ? clear_bhb_loop+0x45/0xa0
[ 127.235596][ T6121] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.235611][ T6121] RIP: 0033:0x7f0cd177e719
[ 127.235629][ T6121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 127.235639][ T6121] RSP: 002b:00007f0cd24fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 127.235653][ T6121] RAX: ffffffffffffffda RBX: 00007f0cd1935f80 RCX: 00007f0cd177e719
[ 127.235662][ T6121] RDX: 0000000020000140 RSI: 0000000000004c02 RDI: 0000000000000005
[ 127.235669][ T6121] RBP: 00007f0cd17f139e R08: 0000000000000000 R09: 0000000000000000
[ 127.235677][ T6121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 127.235684][ T6121] R13: 0000000000000000 R14: 00007f0cd1935f80 R15: 00007ffc2f8e47f8
[ 127.235697][ T6121]
[ 127.742821][ T6107] ERROR: (device loop0): diRead: i_ino != di_number
[ 127.742821][ T6107]
[ 127.752686][ T6107] ERROR: (device loop0): remounting filesystem as read-only
[ 127.761626][ T6107] jfs_lookup: iget failed on inum 32
[ 127.767784][ T6107] ERROR: (device loop0): diRead: i_ino != di_number
[ 127.767784][ T6107]
[ 127.776823][ T6107] jfs_lookup: iget failed on inum 32
[ 130.109244][ T117] ------------[ cut here ]------------
[ 130.114908][ T117] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2768:24
[ 130.122650][ T117] index 4294967295 is out of range for type 's8[1365]' (aka 'signed char[1365]')
[ 130.132151][ T117] CPU: 1 UID: 0 PID: 117 Comm: jfsCommit Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full)
[ 130.132172][ T117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 130.132180][ T117] Call Trace:
[ 130.132185][ T117]
[ 130.132192][ T117] dump_stack_lvl+0x241/0x360
[ 130.132217][ T117] ? __pfx_dump_stack_lvl+0x10/0x10
[ 130.132235][ T117] ? __pfx__printk+0x10/0x10
[ 130.132253][ T117] ? lock_metapage+0x3f9/0x4a0
[ 130.132272][ T117] __ubsan_handle_out_of_bounds+0x121/0x150
[ 130.132295][ T117] dbJoin+0x2ed/0x310
[ 130.132317][ T117] dbFreeBits+0x4ea/0xdd0
[ 130.132342][ T117] dbFree+0x35c/0x680
[ 130.132365][ T117] txFreeMap+0x96a/0xd50
[ 130.132384][ T117] ? __mark_inode_dirty+0x3db/0xe90
[ 130.132405][ T117] xtTruncate+0xe82/0x32a0
[ 130.132433][ T117] ? __pfx_xtTruncate+0x10/0x10
[ 130.132466][ T117] jfs_free_zero_link+0x47f/0x700
[ 130.132482][ T117] ? inode_wait_for_writeback+0x115/0x2c0
[ 130.132500][ T117] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 130.132521][ T117] jfs_evict_inode+0x362/0x440
[ 130.132536][ T117] ? __pfx_jfs_evict_inode+0x10/0x10
[ 130.132551][ T117] evict+0x4f9/0x9b0
[ 130.132575][ T117] ? __pfx_evict+0x10/0x10
[ 130.132597][ T117] ? iput+0x713/0xa50
[ 130.132616][ T117] txUpdateMap+0x948/0xb20
[ 130.132637][ T117] ? __pfx_txUpdateMap+0x10/0x10
[ 130.132660][ T117] jfs_lazycommit+0x49c/0xba0
[ 130.132678][ T117] ? _raw_spin_unlock_irqrestore+0x90/0x140
[ 130.132693][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 130.132712][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.132731][ T117] ? __pfx_default_wake_function+0x10/0x10
[ 130.132749][ T117] ? __kthread_parkme+0x1a8/0x200
[ 130.132767][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.132786][ T117] kthread+0x7b7/0x940
[ 130.132806][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.132825][ T117] ? __pfx_kthread+0x10/0x10
[ 130.132843][ T117] ? __pfx_kthread+0x10/0x10
[ 130.132860][ T117] ? __pfx_kthread+0x10/0x10
[ 130.132878][ T117] ? __pfx_kthread+0x10/0x10
[ 130.132896][ T117] ? _raw_spin_unlock_irq+0x23/0x50
[ 130.132910][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 130.132926][ T117] ? __pfx_kthread+0x10/0x10
[ 130.132944][ T117] ret_from_fork+0x4b/0x80
[ 130.132959][ T117] ? __pfx_kthread+0x10/0x10
[ 130.132977][ T117] ret_from_fork_asm+0x1a/0x30
[ 130.133004][ T117]
[ 130.133017][ T117] ---[ end trace ]---
[ 130.370743][ T117] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 130.378018][ T117] CPU: 0 UID: 0 PID: 117 Comm: jfsCommit Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full)
[ 130.389835][ T117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 130.399881][ T117] Call Trace:
[ 130.403147][ T117]
[ 130.406059][ T117] dump_stack_lvl+0x241/0x360
[ 130.410828][ T117] ? __pfx_dump_stack_lvl+0x10/0x10
[ 130.416053][ T117] ? __pfx__printk+0x10/0x10
[ 130.420655][ T117] ? vscnprintf+0x5d/0x90
[ 130.425073][ T117] panic+0x349/0x880
[ 130.428964][ T117] ? check_panic_on_warn+0x21/0xb0
[ 130.434060][ T117] ? __pfx_panic+0x10/0x10
[ 130.438455][ T117] ? _printk+0xd5/0x120
[ 130.442591][ T117] ? __pfx__printk+0x10/0x10
[ 130.447162][ T117] ? lock_metapage+0x3f9/0x4a0
[ 130.451917][ T117] check_panic_on_warn+0x86/0xb0
[ 130.456836][ T117] __ubsan_handle_out_of_bounds+0x141/0x150
[ 130.462726][ T117] dbJoin+0x2ed/0x310
[ 130.466708][ T117] dbFreeBits+0x4ea/0xdd0
[ 130.471034][ T117] dbFree+0x35c/0x680
[ 130.475045][ T117] txFreeMap+0x96a/0xd50
[ 130.479565][ T117] ? __mark_inode_dirty+0x3db/0xe90
[ 130.484847][ T117] xtTruncate+0xe82/0x32a0
[ 130.489261][ T117] ? __pfx_xtTruncate+0x10/0x10
[ 130.494104][ T117] jfs_free_zero_link+0x47f/0x700
[ 130.499128][ T117] ? inode_wait_for_writeback+0x115/0x2c0
[ 130.504842][ T117] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 130.510368][ T117] jfs_evict_inode+0x362/0x440
[ 130.515110][ T117] ? __pfx_jfs_evict_inode+0x10/0x10
[ 130.520390][ T117] evict+0x4f9/0x9b0
[ 130.524267][ T117] ? __pfx_evict+0x10/0x10
[ 130.528662][ T117] ? iput+0x713/0xa50
[ 130.532638][ T117] txUpdateMap+0x948/0xb20
[ 130.537059][ T117] ? __pfx_txUpdateMap+0x10/0x10
[ 130.542008][ T117] jfs_lazycommit+0x49c/0xba0
[ 130.546768][ T117] ? _raw_spin_unlock_irqrestore+0x90/0x140
[ 130.552735][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 130.557919][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.563192][ T117] ? __pfx_default_wake_function+0x10/0x10
[ 130.568997][ T117] ? __kthread_parkme+0x1a8/0x200
[ 130.574009][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.579361][ T117] kthread+0x7b7/0x940
[ 130.583577][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.589055][ T117] ? __pfx_kthread+0x10/0x10
[ 130.593640][ T117] ? __pfx_kthread+0x10/0x10
[ 130.598226][ T117] ? __pfx_kthread+0x10/0x10
[ 130.602812][ T117] ? __pfx_kthread+0x10/0x10
[ 130.607490][ T117] ? _raw_spin_unlock_irq+0x23/0x50
[ 130.612764][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 130.618124][ T117] ? __pfx_kthread+0x10/0x10
[ 130.622789][ T117] ret_from_fork+0x4b/0x80
[ 130.627190][ T117] ? __pfx_kthread+0x10/0x10
[ 130.631962][ T117] ret_from_fork_asm+0x1a/0x30
[ 130.636825][ T117]
[ 130.640221][ T117] Kernel Offset: disabled
[ 130.644538][ T117] Rebooting in 86400 seconds..