Warning: Permanently added '10.128.10.19' (ED25519) to the list of known hosts.
2025/04/10 21:56:49 ignoring optional flag "sandboxArg"="0"
2025/04/10 21:56:49 parsed 1 programs
[ 117.586552][ T6072] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 121.009993][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.022238][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.047145][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.055269][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.534490][ T6121] chnl_net:caif_netlink_parms(): no params data found
[ 121.609402][ T6121] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.617137][ T6121] bridge0: port 1(bridge_slave_0) entered disabled state
[ 121.624463][ T6121] bridge_slave_0: entered allmulticast mode
[ 121.632004][ T6121] bridge_slave_0: entered promiscuous mode
[ 121.639885][ T6121] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.648114][ T6121] bridge0: port 2(bridge_slave_1) entered disabled state
[ 121.655599][ T6121] bridge_slave_1: entered allmulticast mode
[ 121.663662][ T6121] bridge_slave_1: entered promiscuous mode
[ 121.693727][ T6121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 121.705375][ T6121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 121.736219][ T6121] team0: Port device team_slave_0 added
[ 121.744354][ T6121] team0: Port device team_slave_1 added
[ 121.775227][ T6121] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 121.782305][ T6121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 121.809170][ T6121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 121.821971][ T6121] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 121.829310][ T6121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 121.855802][ T6121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 121.900421][ T6121] hsr_slave_0: entered promiscuous mode
[ 121.906802][ T6121] hsr_slave_1: entered promiscuous mode
[ 121.913712][ T6121] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 121.921635][ T6121] Cannot create hsr debugfs directory
[ 122.034312][ T6121] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 122.073775][ T6121] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 122.130357][ T6121] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 122.193483][ T6121] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 122.296894][ T6121] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 122.312079][ T6121] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 122.321986][ T6121] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 122.331749][ T6121] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 122.402079][ T6121] 8021q: adding VLAN 0 to HW filter on device bond0
[ 122.422166][ T6121] 8021q: adding VLAN 0 to HW filter on device team0
[ 122.434360][ T53] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.441898][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 122.457639][ T53] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.464835][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 122.617261][ T6121] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 122.658730][ T6121] veth0_vlan: entered promiscuous mode
[ 122.671472][ T6121] veth1_vlan: entered promiscuous mode
[ 122.699521][ T6121] veth0_macvtap: entered promiscuous mode
[ 122.708371][ T6121] veth1_macvtap: entered promiscuous mode
[ 122.726112][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 122.736758][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 122.748747][ T6121] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 122.763175][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 122.774602][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 122.786180][ T6121] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 122.799271][ T6121] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.808593][ T6121] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.818132][ T6121] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 122.828682][ T6121] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 123.120631][ T5140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 123.130641][ T5140] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 123.138910][ T5140] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 123.149701][ T5140] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 123.157878][ T5140] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/04/10 21:57:00 executed programs: 0
[ 123.913883][ T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 123.926505][ T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 123.934803][ T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 123.948450][ T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 123.957711][ T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 124.108949][ T6169] chnl_net:caif_netlink_parms(): no params data found
[ 124.184878][ T6169] bridge0: port 1(bridge_slave_0) entered blocking state
[ 124.192281][ T6169] bridge0: port 1(bridge_slave_0) entered disabled state
[ 124.199526][ T6169] bridge_slave_0: entered allmulticast mode
[ 124.207765][ T6169] bridge_slave_0: entered promiscuous mode
[ 124.216023][ T6169] bridge0: port 2(bridge_slave_1) entered blocking state
[ 124.224305][ T6169] bridge0: port 2(bridge_slave_1) entered disabled state
[ 124.232928][ T6169] bridge_slave_1: entered allmulticast mode
[ 124.240602][ T6169] bridge_slave_1: entered promiscuous mode
[ 124.272293][ T6169] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 124.285488][ T6169] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 124.329157][ T6169] team0: Port device team_slave_0 added
[ 124.338508][ T6169] team0: Port device team_slave_1 added
[ 124.373164][ T6169] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 124.380216][ T6169] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 124.407085][ T6169] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 124.424781][ T6169] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 124.432799][ T6169] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 124.458854][ T6169] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 124.508865][ T6169] hsr_slave_0: entered promiscuous mode
[ 124.516072][ T6169] hsr_slave_1: entered promiscuous mode
[ 124.522903][ T6169] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 124.530467][ T6169] Cannot create hsr debugfs directory
[ 124.639479][ T6169] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.981356][ T5140] Bluetooth: hci0: command tx timeout
[ 126.022968][ T6169] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.084089][ T6169] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.133751][ T6169] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.246635][ T6169] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 126.260098][ T6169] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 126.274988][ T6169] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 126.285162][ T6169] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 126.357940][ T6169] 8021q: adding VLAN 0 to HW filter on device bond0
[ 126.378101][ T6169] 8021q: adding VLAN 0 to HW filter on device team0
[ 126.390747][ T1329] bridge0: port 1(bridge_slave_0) entered blocking state
[ 126.397930][ T1329] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 126.413794][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 126.420932][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 126.578689][ T6169] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 126.618219][ T6169] veth0_vlan: entered promiscuous mode
[ 126.629592][ T6169] veth1_vlan: entered promiscuous mode
[ 126.656742][ T6169] veth0_macvtap: entered promiscuous mode
[ 126.667925][ T6169] veth1_macvtap: entered promiscuous mode
[ 126.684619][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 126.695969][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.705976][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 126.716448][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.728702][ T6169] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 126.744867][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 126.755460][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.768163][ T6169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 126.778828][ T6169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 126.790140][ T6169] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 126.802770][ T6169] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.811548][ T6169] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.820241][ T6169] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.829263][ T6169] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 126.894500][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.909628][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 126.934022][ T1329] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 126.942797][ T1329] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.184278][ T6184] loop0: detected capacity change from 0 to 32768
[ 127.191695][ T6184] =======================================================
[ 127.191695][ T6184] WARNING: The mand mount option has been deprecated and
[ 127.191695][ T6184] and is ignored by this kernel. Remove the mand
[ 127.191695][ T6184] option from the mount to silence this warning.
[ 127.191695][ T6184] =======================================================
[ 127.301714][ T6184] loop0: detected capacity change from 32768 to 32745
[ 127.309166][ T6184]
[ 127.311622][ T6184] ======================================================
[ 127.318647][ T6184] WARNING: possible circular locking dependency detected
[ 127.325661][ T6184] 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 Not tainted
[ 127.332784][ T6184] ------------------------------------------------------
[ 127.339798][ T6184] syz.0.15/6184 is trying to acquire lock:
[ 127.345698][ T6184] ffffffff90455248 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x280/0x580
[ 127.356303][ T6184]
[ 127.356303][ T6184] but task is already holding lock:
[ 127.363652][ T6184] ffff88814376e228 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x223/0xb20
[ 127.373839][ T6184]
[ 127.373839][ T6184] which lock already depends on the new lock.
[ 127.373839][ T6184]
[ 127.384235][ T6184]
[ 127.384235][ T6184] the existing dependency chain (in reverse order) is:
[ 127.393242][ T6184]
[ 127.393242][ T6184] -> #2 (&q->q_usage_counter(io)#17){++++}-{0:0}:
[ 127.401935][ T6184] lock_acquire+0x116/0x2f0
[ 127.406965][ T6184] blk_alloc_queue+0x542/0x620
[ 127.412248][ T6184] __blk_mq_alloc_disk+0x162/0x380
[ 127.417999][ T6184] loop_add+0x445/0xaf0
[ 127.422667][ T6184] loop_init+0x168/0x220
[ 127.427422][ T6184] do_one_initcall+0x24a/0x940
[ 127.432787][ T6184] do_initcall_level+0x157/0x210
[ 127.438234][ T6184] do_initcalls+0x71/0xd0
[ 127.443087][ T6184] kernel_init_freeable+0x432/0x5d0
[ 127.448897][ T6184] kernel_init+0x1d/0x2b0
[ 127.453740][ T6184] ret_from_fork+0x4b/0x80
[ 127.458670][ T6184] ret_from_fork_asm+0x1a/0x30
[ 127.463946][ T6184]
[ 127.463946][ T6184] -> #1 (fs_reclaim){+.+.}-{0:0}:
[ 127.471342][ T6184] lock_acquire+0x116/0x2f0
[ 127.476364][ T6184] fs_reclaim_acquire+0x88/0x130
[ 127.481819][ T6184] kmem_cache_alloc_node_noprof+0x4e/0x3b0
[ 127.488168][ T6184] __alloc_skb+0x1c2/0x480
[ 127.493108][ T6184] alloc_uevent_skb+0x74/0x230
[ 127.498408][ T6184] kobject_uevent_net_broadcast+0x2fd/0x580
[ 127.504834][ T6184] kobject_uevent_env+0x57d/0x8e0
[ 127.510476][ T6184] kobject_synth_uevent+0x4f4/0xaf0
[ 127.516183][ T6184] bus_uevent_store+0x116/0x170
[ 127.521546][ T6184] kernfs_fop_write_iter+0x398/0x510
[ 127.527338][ T6184] vfs_write+0x70f/0xd10
[ 127.532102][ T6184] ksys_write+0x19d/0x2d0
[ 127.536962][ T6184] do_syscall_64+0xf3/0x230
[ 127.541994][ T6184] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.548397][ T6184]
[ 127.548397][ T6184] -> #0 (uevent_sock_mutex){+.+.}-{4:4}:
[ 127.556206][ T6184] validate_chain+0xa69/0x24e0
[ 127.561478][ T6184] __lock_acquire+0xad5/0xd80
[ 127.566656][ T6184] lock_acquire+0x116/0x2f0
[ 127.571660][ T6184] __mutex_lock+0x1a5/0x10c0
[ 127.576752][ T6184] kobject_uevent_net_broadcast+0x280/0x580
[ 127.583153][ T6184] kobject_uevent_env+0x57d/0x8e0
[ 127.588689][ T6184] set_capacity_and_notify+0x269/0x2d0
[ 127.594674][ T6184] loop_set_status+0x4a4/0xb20
[ 127.599951][ T6184] lo_ioctl+0xce1/0x2850
[ 127.604701][ T6184] blkdev_ioctl+0x5df/0x710
[ 127.609727][ T6184] __se_sys_ioctl+0xf1/0x160
[ 127.614832][ T6184] do_syscall_64+0xf3/0x230
[ 127.619854][ T6184] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.626252][ T6184]
[ 127.626252][ T6184] other info that might help us debug this:
[ 127.626252][ T6184]
[ 127.636465][ T6184] Chain exists of:
[ 127.636465][ T6184] uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#17
[ 127.636465][ T6184]
[ 127.650218][ T6184] Possible unsafe locking scenario:
[ 127.650218][ T6184]
[ 127.657762][ T6184] CPU0 CPU1
[ 127.663121][ T6184] ---- ----
[ 127.668615][ T6184] lock(&q->q_usage_counter(io)#17);
[ 127.673985][ T6184] lock(fs_reclaim);
[ 127.680558][ T6184] lock(&q->q_usage_counter(io)#17);
[ 127.688550][ T6184] lock(uevent_sock_mutex);
[ 127.693145][ T6184]
[ 127.693145][ T6184] *** DEADLOCK ***
[ 127.693145][ T6184]
[ 127.701299][ T6184] 3 locks held by syz.0.15/6184:
[ 127.706219][ T6184] #0: ffff8881437d0368 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2b/0xb20
[ 127.715615][ T6184] #1: ffff88814376e228 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x223/0xb20
[ 127.726367][ T6184] #2: ffff88814376e260 (&q->q_usage_counter(queue)#19){+.+.}-{0:0}, at: loop_set_status+0x223/0xb20
[ 127.737549][ T6184]
[ 127.737549][ T6184] stack backtrace:
[ 127.743563][ T6184] CPU: 0 UID: 0 PID: 6184 Comm: syz.0.15 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full)
[ 127.743582][ T6184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 127.743593][ T6184] Call Trace:
[ 127.743598][ T6184]
[ 127.743604][ T6184] dump_stack_lvl+0x241/0x360
[ 127.743629][ T6184] ? __pfx_dump_stack_lvl+0x10/0x10
[ 127.743645][ T6184] ? __pfx__printk+0x10/0x10
[ 127.743660][ T6184] ? print_lock+0x171/0x1a0
[ 127.743676][ T6184] print_circular_bug+0x2e1/0x300
[ 127.743691][ T6184] check_noncircular+0x142/0x160
[ 127.743708][ T6184] validate_chain+0xa69/0x24e0
[ 127.743722][ T6184] ? __pfx_number+0x10/0x10
[ 127.743746][ T6184] __lock_acquire+0xad5/0xd80
[ 127.743760][ T6184] lock_acquire+0x116/0x2f0
[ 127.743770][ T6184] ? kobject_uevent_net_broadcast+0x280/0x580
[ 127.743789][ T6184] ? vsnprintf+0x1156/0x1230
[ 127.743807][ T6184] __mutex_lock+0x1a5/0x10c0
[ 127.743821][ T6184] ? kobject_uevent_net_broadcast+0x280/0x580
[ 127.743838][ T6184] ? __pfx_vsnprintf+0x10/0x10
[ 127.743857][ T6184] ? kobject_uevent_net_broadcast+0x280/0x580
[ 127.743873][ T6184] ? __pfx___mutex_lock+0x10/0x10
[ 127.743886][ T6184] ? add_uevent_var+0x291/0x490
[ 127.743903][ T6184] ? kobject_uevent_env+0x503/0x8e0
[ 127.743919][ T6184] ? __pfx_add_uevent_var+0x10/0x10
[ 127.743936][ T6184] kobject_uevent_net_broadcast+0x280/0x580
[ 127.743954][ T6184] kobject_uevent_env+0x57d/0x8e0
[ 127.743973][ T6184] set_capacity_and_notify+0x269/0x2d0
[ 127.743991][ T6184] ? __pfx_set_capacity_and_notify+0x10/0x10
[ 127.744006][ T6184] ? __asan_memcpy+0x40/0x70
[ 127.744021][ T6184] ? loop_set_status_from_info+0x184/0x240
[ 127.744038][ T6184] loop_set_status+0x4a4/0xb20
[ 127.744057][ T6184] lo_ioctl+0xce1/0x2850
[ 127.744071][ T6184] ? do_raw_spin_lock+0x151/0x370
[ 127.744088][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744098][ T6184] ? __pfx_lo_ioctl+0x10/0x10
[ 127.744112][ T6184] ? do_raw_spin_lock+0x151/0x370
[ 127.744131][ T6184] ? do_raw_spin_unlock+0x13c/0x8b0
[ 127.744149][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744161][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744173][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744184][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744196][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744207][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744223][ T6184] ? is_bpf_text_address+0x26/0x2a0
[ 127.744237][ T6184] ? is_bpf_text_address+0x288/0x2a0
[ 127.744249][ T6184] ? is_bpf_text_address+0x26/0x2a0
[ 127.744261][ T6184] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 127.744278][ T6184] ? kernel_text_address+0xa7/0xe0
[ 127.744295][ T6184] ? __kernel_text_address+0xd/0x40
[ 127.744312][ T6184] ? unwind_get_return_address+0x4d/0x90
[ 127.744326][ T6184] ? arch_stack_walk+0xff/0x150
[ 127.744344][ T6184] ? stack_trace_save+0x11a/0x1d0
[ 127.744359][ T6184] ? __pfx_stack_trace_save+0x10/0x10
[ 127.744380][ T6184] ? stack_depot_save_flags+0x44/0x940
[ 127.744397][ T6184] ? do_syscall_64+0xf3/0x230
[ 127.744410][ T6184] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.744423][ T6184] ? do_vfs_ioctl+0xef8/0x2750
[ 127.744449][ T6184] ? kasan_quarantine_put+0xdc/0x230
[ 127.744464][ T6184] ? lockdep_hardirqs_on+0x9d/0x150
[ 127.744479][ T6184] ? tomoyo_path_number_perm+0x215/0x790
[ 127.744496][ T6184] ? blkdev_common_ioctl+0x1060/0x25a0
[ 127.744512][ T6184] ? __pfx_blkdev_common_ioctl+0x10/0x10
[ 127.744525][ T6184] ? tomoyo_path_number_perm+0x215/0x790
[ 127.744542][ T6184] ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 127.744559][ T6184] ? do_sys_openat2+0x165/0x1d0
[ 127.744574][ T6184] ? __lock_acquire+0xad5/0xd80
[ 127.744585][ T6184] ? __asan_memset+0x23/0x50
[ 127.744599][ T6184] ? smack_file_ioctl+0x2a7/0x3b0
[ 127.744615][ T6184] ? __pfx_smack_file_ioctl+0x10/0x10
[ 127.744629][ T6184] ? file_to_blk_mode+0xcb/0x140
[ 127.744646][ T6184] ? __pfx_lo_ioctl+0x10/0x10
[ 127.744660][ T6184] blkdev_ioctl+0x5df/0x710
[ 127.744675][ T6184] ? __pfx_blkdev_ioctl+0x10/0x10
[ 127.744690][ T6184] ? __pfx_blkdev_ioctl+0x10/0x10
[ 127.744704][ T6184] __se_sys_ioctl+0xf1/0x160
[ 127.744720][ T6184] do_syscall_64+0xf3/0x230
[ 127.744734][ T6184] ? clear_bhb_loop+0x45/0xa0
[ 127.744747][ T6184] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 127.744762][ T6184] RIP: 0033:0x7f7a0417e719
[ 127.744780][ T6184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 127.744789][ T6184] RSP: 002b:00007f7a04ecf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 127.744804][ T6184] RAX: ffffffffffffffda RBX: 00007f7a04335f80 RCX: 00007f7a0417e719
[ 127.744812][ T6184] RDX: 0000000020000140 RSI: 0000000000004c02 RDI: 0000000000000005
[ 127.744820][ T6184] RBP: 00007f7a041f139e R08: 0000000000000000 R09: 0000000000000000
[ 127.744827][ T6184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 127.744835][ T6184] R13: 0000000000000000 R14: 00007f7a04335f80 R15: 00007ffdeb4edb78
[ 127.744847][ T6184]
[ 128.235793][ T5140] Bluetooth: hci0: command tx timeout
[ 128.262666][ T6169] ERROR: (device loop0): diRead: i_ino != di_number
[ 128.262666][ T6169]
[ 128.272334][ T6169] ERROR: (device loop0): remounting filesystem as read-only
[ 128.279697][ T6169] jfs_lookup: iget failed on inum 32
[ 128.289457][ T6169] ERROR: (device loop0): diRead: i_ino != di_number
[ 128.289457][ T6169]
[ 128.298436][ T6169] jfs_lookup: iget failed on inum 32
[ 130.953135][ T117] ------------[ cut here ]------------
[ 130.958642][ T117] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2768:24
[ 130.966995][ T117] index 4294967295 is out of range for type 's8[1365]' (aka 'signed char[1365]')
[ 130.976228][ T117] CPU: 1 UID: 0 PID: 117 Comm: jfsCommit Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full)
[ 130.976249][ T117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 130.976258][ T117] Call Trace:
[ 130.976264][ T117]
[ 130.976269][ T117] dump_stack_lvl+0x241/0x360
[ 130.976295][ T117] ? __pfx_dump_stack_lvl+0x10/0x10
[ 130.976312][ T117] ? __pfx__printk+0x10/0x10
[ 130.976329][ T117] ? lock_metapage+0x3f9/0x4a0
[ 130.976347][ T117] __ubsan_handle_out_of_bounds+0x121/0x150
[ 130.976369][ T117] dbJoin+0x2ed/0x310
[ 130.976389][ T117] dbFreeBits+0x4ea/0xdd0
[ 130.976410][ T117] dbFree+0x35c/0x680
[ 130.976431][ T117] txFreeMap+0x96a/0xd50
[ 130.976448][ T117] ? __mark_inode_dirty+0x3db/0xe90
[ 130.976468][ T117] xtTruncate+0xe82/0x32a0
[ 130.976498][ T117] ? __pfx_xtTruncate+0x10/0x10
[ 130.976531][ T117] jfs_free_zero_link+0x47f/0x700
[ 130.976548][ T117] ? inode_wait_for_writeback+0x115/0x2c0
[ 130.976567][ T117] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 130.976589][ T117] jfs_evict_inode+0x362/0x440
[ 130.976605][ T117] ? __pfx_jfs_evict_inode+0x10/0x10
[ 130.976619][ T117] evict+0x4f9/0x9b0
[ 130.976643][ T117] ? __pfx_evict+0x10/0x10
[ 130.976665][ T117] ? iput+0x713/0xa50
[ 130.976683][ T117] txUpdateMap+0x948/0xb20
[ 130.976705][ T117] ? __pfx_txUpdateMap+0x10/0x10
[ 130.976726][ T117] jfs_lazycommit+0x49c/0xba0
[ 130.976745][ T117] ? _raw_spin_unlock_irqrestore+0x90/0x140
[ 130.976761][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 130.976781][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.976799][ T117] ? __pfx_default_wake_function+0x10/0x10
[ 130.976816][ T117] ? __kthread_parkme+0x1a8/0x200
[ 130.976835][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.976853][ T117] kthread+0x7b7/0x940
[ 130.976872][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 130.976891][ T117] ? __pfx_kthread+0x10/0x10
[ 130.976908][ T117] ? __pfx_kthread+0x10/0x10
[ 130.976925][ T117] ? __pfx_kthread+0x10/0x10
[ 130.976942][ T117] ? __pfx_kthread+0x10/0x10
[ 130.976959][ T117] ? _raw_spin_unlock_irq+0x23/0x50
[ 130.976973][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 130.976989][ T117] ? __pfx_kthread+0x10/0x10
[ 130.977007][ T117] ret_from_fork+0x4b/0x80
[ 130.977022][ T117] ? __pfx_kthread+0x10/0x10
[ 130.977040][ T117] ret_from_fork_asm+0x1a/0x30
[ 130.977076][ T117]
[ 130.977083][ T117] ---[ end trace ]---
[ 131.213222][ T117] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 131.220444][ T117] CPU: 1 UID: 0 PID: 117 Comm: jfsCommit Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full)
[ 131.232267][ T117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 131.242366][ T117] Call Trace:
[ 131.245658][ T117]
[ 131.248597][ T117] dump_stack_lvl+0x241/0x360
[ 131.253301][ T117] ? __pfx_dump_stack_lvl+0x10/0x10
[ 131.258513][ T117] ? __pfx__printk+0x10/0x10
[ 131.263119][ T117] ? vscnprintf+0x5d/0x90
[ 131.267468][ T117] panic+0x349/0x880
[ 131.271391][ T117] ? check_panic_on_warn+0x21/0xb0
[ 131.276589][ T117] ? __pfx_panic+0x10/0x10
[ 131.280994][ T117] ? _printk+0xd5/0x120
[ 131.285144][ T117] ? __pfx__printk+0x10/0x10
[ 131.289736][ T117] ? lock_metapage+0x3f9/0x4a0
[ 131.294578][ T117] check_panic_on_warn+0x86/0xb0
[ 131.299510][ T117] __ubsan_handle_out_of_bounds+0x141/0x150
[ 131.305422][ T117] dbJoin+0x2ed/0x310
[ 131.309428][ T117] dbFreeBits+0x4ea/0xdd0
[ 131.313770][ T117] dbFree+0x35c/0x680
[ 131.317751][ T117] txFreeMap+0x96a/0xd50
[ 131.321988][ T117] ? __mark_inode_dirty+0x3db/0xe90
[ 131.327184][ T117] xtTruncate+0xe82/0x32a0
[ 131.331687][ T117] ? __pfx_xtTruncate+0x10/0x10
[ 131.336536][ T117] jfs_free_zero_link+0x47f/0x700
[ 131.341546][ T117] ? inode_wait_for_writeback+0x115/0x2c0
[ 131.347354][ T117] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 131.352991][ T117] jfs_evict_inode+0x362/0x440
[ 131.357738][ T117] ? __pfx_jfs_evict_inode+0x10/0x10
[ 131.363098][ T117] evict+0x4f9/0x9b0
[ 131.367165][ T117] ? __pfx_evict+0x10/0x10
[ 131.371599][ T117] ? iput+0x713/0xa50
[ 131.375591][ T117] txUpdateMap+0x948/0xb20
[ 131.380106][ T117] ? __pfx_txUpdateMap+0x10/0x10
[ 131.385054][ T117] jfs_lazycommit+0x49c/0xba0
[ 131.389829][ T117] ? _raw_spin_unlock_irqrestore+0x90/0x140
[ 131.395711][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 131.400916][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 131.406106][ T117] ? __pfx_default_wake_function+0x10/0x10
[ 131.411904][ T117] ? __kthread_parkme+0x1a8/0x200
[ 131.416914][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 131.422108][ T117] kthread+0x7b7/0x940
[ 131.426174][ T117] ? __pfx_jfs_lazycommit+0x10/0x10
[ 131.431448][ T117] ? __pfx_kthread+0x10/0x10
[ 131.436025][ T117] ? __pfx_kthread+0x10/0x10
[ 131.440602][ T117] ? __pfx_kthread+0x10/0x10
[ 131.445178][ T117] ? __pfx_kthread+0x10/0x10
[ 131.449760][ T117] ? _raw_spin_unlock_irq+0x23/0x50
[ 131.455293][ T117] ? lockdep_hardirqs_on+0x9d/0x150
[ 131.460529][ T117] ? __pfx_kthread+0x10/0x10
[ 131.465111][ T117] ret_from_fork+0x4b/0x80
[ 131.469521][ T117] ? __pfx_kthread+0x10/0x10
[ 131.474137][ T117] ret_from_fork_asm+0x1a/0x30
[ 131.478903][ T117]
[ 131.482180][ T117] Kernel Offset: disabled
[ 131.486494][ T117] Rebooting in 86400 seconds..