Warning: Permanently added '[localhost]:47631' (ED25519) to the list of known hosts.
2025/06/14 06:24:58 ignoring optional flag "sandboxArg"="0"
2025/06/14 06:25:00 parsed 1 programs
[  138.138168][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  138.141421][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  142.699316][ T5670] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  148.235707][ T4674] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  148.241099][ T4674] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  148.246575][ T4674] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  148.252397][ T4674] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  148.265473][ T4674] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  149.899783][ T5725] chnl_net:caif_netlink_parms(): no params data found
[  149.973100][ T5725] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.977487][ T5725] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.982627][ T5725] bridge_slave_0: entered allmulticast mode
[  149.988805][ T5725] bridge_slave_0: entered promiscuous mode
[  149.994289][ T5725] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.998517][ T5725] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.001648][ T5725] bridge_slave_1: entered allmulticast mode
[  150.006776][ T5725] bridge_slave_1: entered promiscuous mode
[  150.036513][ T5725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  150.042959][ T5725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  150.078306][ T5725] team0: Port device team_slave_0 added
[  150.083993][ T5725] team0: Port device team_slave_1 added
[  150.115611][ T5725] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.118875][ T5725] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.132438][ T5725] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.139762][ T5725] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.143129][ T5725] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.157569][ T5725] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.196826][ T5725] hsr_slave_0: entered promiscuous mode
[  150.200421][ T5725] hsr_slave_1: entered promiscuous mode
[  150.903045][ T5725] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  150.919134][ T5725] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  150.936436][ T5725] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  150.948440][ T5725] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  151.125764][ T5725] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.170092][ T5725] 8021q: adding VLAN 0 to HW filter on device team0
[  151.189901][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.193784][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.215664][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.219364][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.283360][ T5725] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  151.304917][ T5725] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  151.632307][ T5725] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.692708][ T5725] veth0_vlan: entered promiscuous mode
[  151.722287][ T5725] veth1_vlan: entered promiscuous mode
[  151.790726][ T5725] veth0_macvtap: entered promiscuous mode
[  151.828347][ T5725] veth1_macvtap: entered promiscuous mode
[  151.852683][ T5725] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.870135][ T5725] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.888427][ T5725] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.892395][ T5725] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.905450][ T5725] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.909480][ T5725] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.249309][   T53] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.816280][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.819785][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.881251][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.898137][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.157505][   T53] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.352288][   T53] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/06/14 06:25:17 executed programs: 0
[  154.605453][ T5362] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  154.612517][ T5362] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  154.617977][ T5362] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  154.625228][ T5362] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  154.628710][ T5362] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  154.703545][   T53] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.051559][   T53] bridge_slave_1: left allmulticast mode
[  155.054198][   T53] bridge_slave_1: left promiscuous mode
[  155.075457][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.081310][   T53] bridge_slave_0: left allmulticast mode
[  155.084404][   T53] bridge_slave_0: left promiscuous mode
[  155.117065][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.428395][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  155.434041][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  155.440521][   T53] bond0 (unregistering): Released all slaves
[  155.467160][ T5815] chnl_net:caif_netlink_parms(): no params data found
[  155.528759][   T53] hsr_slave_0: left promiscuous mode
[  155.547027][   T53] hsr_slave_1: left promiscuous mode
[  155.557176][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.561212][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.585706][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.589043][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.627549][   T53] veth1_macvtap: left promiscuous mode
[  155.630628][   T53] veth0_macvtap: left promiscuous mode
[  155.633842][   T53] veth1_vlan: left promiscuous mode
[  155.645215][   T53] veth0_vlan: left promiscuous mode
[  156.400157][   T53] team0 (unregistering): Port device team_slave_1 removed
[  156.448160][   T53] team0 (unregistering): Port device team_slave_0 removed
[  156.696071][ T4674] Bluetooth: hci0: command tx timeout
[  157.057371][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.070994][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.085398][ T5815] bridge_slave_0: entered allmulticast mode
[  157.108480][ T5815] bridge_slave_0: entered promiscuous mode
[  157.125672][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.128802][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.132315][ T5815] bridge_slave_1: entered allmulticast mode
[  157.166040][ T5815] bridge_slave_1: entered promiscuous mode
[  157.227610][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.268003][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.706990][ T5815] team0: Port device team_slave_0 added
[  157.726438][ T5815] team0: Port device team_slave_1 added
[  157.892093][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.905704][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.949605][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.978813][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.982016][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.025505][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.206877][ T5815] hsr_slave_0: entered promiscuous mode
[  158.216670][ T5815] hsr_slave_1: entered promiscuous mode
[  158.775329][ T4674] Bluetooth: hci0: command tx timeout
[  158.834526][ T5815] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  158.850192][ T5815] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  158.869533][ T5815] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  158.886743][ T5815] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  159.056836][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.111325][ T5815] 8021q: adding VLAN 0 to HW filter on device team0
[  159.133856][   T21] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.138010][   T21] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.162764][   T21] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.166187][   T21] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.577111][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0
[  159.666126][ T5815] veth0_vlan: entered promiscuous mode
[  159.682637][ T5815] veth1_vlan: entered promiscuous mode
[  159.748492][ T5815] veth0_macvtap: entered promiscuous mode
[  159.767823][ T5815] veth1_macvtap: entered promiscuous mode
[  159.802622][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0
[  159.820099][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1
[  159.840631][ T5815] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.856758][ T5815] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.861312][ T5815] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.882862][ T5815] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.048250][ T1038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.051829][ T1038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.129550][   T21] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.133587][   T21] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/06/14 06:25:23 executed programs: 2
[  160.783775][ T5894] loop0: detected capacity change from 0 to 32768
[  160.855930][ T4674] Bluetooth: hci0: command tx timeout
[  160.887151][ T5894] loop0: detected capacity change from 32768 to 32767
[  160.891527][ T5894] 
[  160.892787][ T5894] ======================================================
[  160.895846][ T5894] WARNING: possible circular locking dependency detected
[  160.898794][ T5894] 6.16.0-rc1-syzkaller-g4774cfe3543a #0 Not tainted
[  160.903195][ T5894] ------------------------------------------------------
[  160.906933][ T5894] syz.0.16/5894 is trying to acquire lock:
[  160.909512][ T5894] ffffffff8f87a3e8 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x27e/0x560
[  160.914170][ T5894] 
[  160.914170][ T5894] but task is already holding lock:
[  160.917489][ T5894] ffff888000ea9e00 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x227/0xaf0
[  160.922939][ T5894] 
[  160.922939][ T5894] which lock already depends on the new lock.
[  160.922939][ T5894] 
[  160.927550][ T5894] 
[  160.927550][ T5894] the existing dependency chain (in reverse order) is:
[  160.931768][ T5894] 
[  160.931768][ T5894] -> #2 (&q->q_usage_counter(io)#17){++++}-{0:0}:
[  160.936461][ T5894]        lock_acquire+0x120/0x360
[  160.938744][ T5894]        blk_alloc_queue+0x538/0x620
[  160.941019][ T5894]        __blk_mq_alloc_disk+0x162/0x340
[  160.943594][ T5894]        loop_add+0x41b/0xad0
[  160.946031][ T5894]        loop_init+0x173/0x230
[  160.948791][ T5894]        do_one_initcall+0x233/0x820
[  160.951281][ T5894]        do_initcall_level+0x137/0x1f0
[  160.953696][ T5894]        do_initcalls+0x69/0xd0
[  160.955811][ T5894]        kernel_init_freeable+0x3d9/0x570
[  160.958735][ T5894]        kernel_init+0x1d/0x1d0
[  160.961352][ T5894]        ret_from_fork+0x3fc/0x770
[  160.963836][ T5894]        ret_from_fork_asm+0x1a/0x30
[  160.966169][ T5894] 
[  160.966169][ T5894] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  160.969418][ T5894]        lock_acquire+0x120/0x360
[  160.972062][ T5894]        fs_reclaim_acquire+0x72/0x100
[  160.975315][ T5894]        kmem_cache_alloc_node_noprof+0x47/0x3c0
[  160.978094][ T5894]        __alloc_skb+0x112/0x2d0
[  160.980327][ T5894]        alloc_uevent_skb+0x7d/0x230
[  160.982646][ T5894]        kobject_uevent_net_broadcast+0x2fa/0x560
[  160.985387][ T5894]        kobject_uevent_env+0x55b/0x8c0
[  160.987812][ T5894]        kobject_synth_uevent+0x527/0xb00
[  160.990787][ T5894]        bus_uevent_store+0x115/0x170
[  160.993566][ T5894]        kernfs_fop_write_iter+0x378/0x4f0
[  160.996192][ T5894]        vfs_write+0x548/0xa90
[  160.998116][ T5894]        ksys_write+0x145/0x250
[  161.000257][ T5894]        do_syscall_64+0xfa/0x3b0
[  161.002527][ T5894]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.006188][ T5894] 
[  161.006188][ T5894] -> #0 (uevent_sock_mutex){+.+.}-{4:4}:
[  161.010047][ T5894]        validate_chain+0xb9b/0x2140
[  161.012456][ T5894]        __lock_acquire+0xab9/0xd20
[  161.015198][ T5894]        lock_acquire+0x120/0x360
[  161.017783][ T5894]        __mutex_lock+0x182/0xe80
[  161.020611][ T5894]        kobject_uevent_net_broadcast+0x27e/0x560
[  161.024234][ T5894]        kobject_uevent_env+0x55b/0x8c0
[  161.026824][ T5894]        set_capacity_and_notify+0x26d/0x2d0
[  161.029798][ T5894]        loop_set_status+0x45b/0xaf0
[  161.032943][ T5894]        lo_ioctl+0xa5e/0x2410
[  161.035724][ T5894]        blkdev_ioctl+0x5a8/0x6d0
[  161.038169][ T5894]        __se_sys_ioctl+0xf9/0x170
[  161.040529][ T5894]        do_syscall_64+0xfa/0x3b0
[  161.043077][ T5894]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.046294][ T5894] 
[  161.046294][ T5894] other info that might help us debug this:
[  161.046294][ T5894] 
[  161.050699][ T5894] Chain exists of:
[  161.050699][ T5894]   uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#17
[  161.050699][ T5894] 
[  161.057495][ T5894]  Possible unsafe locking scenario:
[  161.057495][ T5894] 
[  161.060876][ T5894]        CPU0                    CPU1
[  161.063222][ T5894]        ----                    ----
[  161.065483][ T5894]   lock(&q->q_usage_counter(io)#17);
[  161.068151][ T5894]                                lock(fs_reclaim);
[  161.071581][ T5894]                                lock(&q->q_usage_counter(io)#17);
[  161.075145][ T5894]   lock(uevent_sock_mutex);
[  161.077147][ T5894] 
[  161.077147][ T5894]  *** DEADLOCK ***
[  161.077147][ T5894] 
[  161.081185][ T5894] 3 locks held by syz.0.16/5894:
[  161.084018][ T5894]  #0: ffff888031365400 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2c/0xaf0
[  161.088485][ T5894]  #1: ffff888000ea9e00 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x227/0xaf0
[  161.093086][ T5894]  #2: ffff888000ea9e38 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: loop_set_status+0x227/0xaf0
[  161.098173][ T5894] 
[  161.098173][ T5894] stack backtrace:
[  161.100783][ T5894] CPU: 0 UID: 0 PID: 5894 Comm: syz.0.16 Not tainted 6.16.0-rc1-syzkaller-g4774cfe3543a #0 PREEMPT(full) 
[  161.100799][ T5894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.100808][ T5894] Call Trace:
[  161.100818][ T5894]  <TASK>
[  161.100825][ T5894]  dump_stack_lvl+0x189/0x250
[  161.100855][ T5894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.100873][ T5894]  ? __pfx__printk+0x10/0x10
[  161.100887][ T5894]  ? print_lock_name+0xde/0x100
[  161.100898][ T5894]  print_circular_bug+0x2ee/0x310
[  161.100912][ T5894]  check_noncircular+0x134/0x160
[  161.100925][ T5894]  validate_chain+0xb9b/0x2140
[  161.100942][ T5894]  __lock_acquire+0xab9/0xd20
[  161.100960][ T5894]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  161.100975][ T5894]  lock_acquire+0x120/0x360
[  161.100991][ T5894]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  161.101007][ T5894]  __mutex_lock+0x182/0xe80
[  161.101018][ T5894]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  161.101030][ T5894]  ? vsnprintf+0xe11/0xf00
[  161.101045][ T5894]  ? kobject_uevent_net_broadcast+0x27e/0x560
[  161.101058][ T5894]  ? __pfx___mutex_lock+0x10/0x10
[  161.101068][ T5894]  ? add_uevent_var+0x278/0x450
[  161.101081][ T5894]  ? kobject_uevent_env+0x50a/0x8c0
[  161.101093][ T5894]  ? __pfx_add_uevent_var+0x10/0x10
[  161.101106][ T5894]  kobject_uevent_net_broadcast+0x27e/0x560
[  161.101121][ T5894]  kobject_uevent_env+0x55b/0x8c0
[  161.101137][ T5894]  set_capacity_and_notify+0x26d/0x2d0
[  161.101157][ T5894]  ? __pfx_set_capacity_and_notify+0x10/0x10
[  161.101174][ T5894]  ? loop_set_status_from_info+0x185/0x250
[  161.101191][ T5894]  loop_set_status+0x45b/0xaf0
[  161.101208][ T5894]  lo_ioctl+0xa5e/0x2410
[  161.101224][ T5894]  ? __pfx_lo_ioctl+0x10/0x10
[  161.101236][ T5894]  ? do_raw_spin_lock+0x121/0x290
[  161.101252][ T5894]  ? __lock_acquire+0xab9/0xd20
[  161.101269][ T5894]  ? __lock_acquire+0xab9/0xd20
[  161.101284][ T5894]  ? __lock_acquire+0xab9/0xd20
[  161.101300][ T5894]  ? __lock_acquire+0xab9/0xd20
[  161.101317][ T5894]  ? __lock_acquire+0xab9/0xd20
[  161.101335][ T5894]  ? __lock_acquire+0xab9/0xd20
[  161.101354][ T5894]  ? is_bpf_text_address+0x26/0x2b0
[  161.101374][ T5894]  ? is_bpf_text_address+0x292/0x2b0
[  161.101390][ T5894]  ? is_bpf_text_address+0x26/0x2b0
[  161.101408][ T5894]  ? kernel_text_address+0xa5/0xe0
[  161.101421][ T5894]  ? __kernel_text_address+0xd/0x40
[  161.101435][ T5894]  ? unwind_get_return_address+0x4d/0x90
[  161.101452][ T5894]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  161.101466][ T5894]  ? arch_stack_walk+0xfc/0x150
[  161.101479][ T5894]  ? stack_trace_save+0x9c/0xe0
[  161.101494][ T5894]  ? kasan_save_track+0x4f/0x80
[  161.101514][ T5894]  ? kasan_save_track+0x3e/0x80
[  161.101530][ T5894]  ? kasan_save_free_info+0x46/0x50
[  161.101542][ T5894]  ? __kasan_slab_free+0x62/0x70
[  161.101551][ T5894]  ? kfree+0x18e/0x440
[  161.101568][ T5894]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  161.101582][ T5894]  ? security_file_ioctl+0xcb/0x2d0
[  161.101594][ T5894]  ? __se_sys_ioctl+0x47/0x170
[  161.101611][ T5894]  ? do_syscall_64+0xfa/0x3b0
[  161.101626][ T5894]  ? do_vfs_ioctl+0xf37/0x1990
[  161.101640][ T5894]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  161.101654][ T5894]  ? kasan_quarantine_put+0xdd/0x220
[  161.101668][ T5894]  ? blkdev_common_ioctl+0xfc3/0x2450
[  161.101680][ T5894]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  161.101694][ T5894]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  161.101706][ T5894]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  161.101721][ T5894]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  161.101733][ T5894]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  161.101753][ T5894]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  161.101768][ T5894]  ? __lock_acquire+0xab9/0xd20
[  161.101786][ T5894]  ? __pfx_lo_ioctl+0x10/0x10
[  161.101799][ T5894]  blkdev_ioctl+0x5a8/0x6d0
[  161.101816][ T5894]  ? __pfx_blkdev_ioctl+0x10/0x10
[  161.101830][ T5894]  ? __fget_files+0x2a/0x420
[  161.101843][ T5894]  ? bpf_lsm_file_ioctl+0x9/0x20
[  161.101859][ T5894]  ? __pfx_blkdev_ioctl+0x10/0x10
[  161.101875][ T5894]  __se_sys_ioctl+0xf9/0x170
[  161.101892][ T5894]  do_syscall_64+0xfa/0x3b0
[  161.101901][ T5894]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.101917][ T5894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.101928][ T5894]  ? clear_bhb_loop+0x60/0xb0
[  161.101940][ T5894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.101952][ T5894] RIP: 0033:0x7f6405b8d169
[  161.101968][ T5894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.101978][ T5894] RSP: 002b:00007f640690a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.101994][ T5894] RAX: ffffffffffffffda RBX: 00007f6405da5fa0 RCX: 00007f6405b8d169
[  161.102002][ T5894] RDX: 0000400000000300 RSI: 0000000000004c02 RDI: 0000000000000004
[  161.102011][ T5894] RBP: 00007f6405c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  161.102017][ T5894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  161.102023][ T5894] R13: 0000000000000000 R14: 00007f6405da5fa0 R15: 00007ffd7c1dff28
[  161.102033][ T5894]  </TASK>
[  161.478934][ T5894] ERROR: (device loop0): txBegin: read-only filesystem
[  161.478934][ T5894] 
[  161.502471][ T5894] ERROR: (device loop0): remounting filesystem as read-only
[  161.522487][ T5894] ERROR: (device loop0): dbFindCtl: Corrupt dmapctl page
[  161.522487][ T5894] 
[  161.535893][ T5894] jfs_create: dtInsert returned -EIO
[  161.541688][ T5894] ERROR: (device (efault)): jfs_create: 
[  161.541688][ T5894] 
[  161.558558][ T5894] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000a: 0000 [#1] SMP KASAN NOPTI
[  161.564017][ T5894] KASAN: null-ptr-deref in range [0x0000000000000050-0x0000000000000057]
[  161.567815][ T5894] CPU: 0 UID: 0 PID: 5894 Comm: syz.0.16 Not tainted 6.16.0-rc1-syzkaller-g4774cfe3543a #0 PREEMPT(full) 
[  161.572833][ T5894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.577846][ T5894] RIP: 0010:jfs_error+0x130/0x2c0
[  161.580199][ T5894] Code: 8d 4c 24 60 48 c7 c7 60 73 c3 8b 48 89 74 24 08 e8 e5 8d fe ff 4d 8d 6f 50 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 06 00 74 08 4c 89 ef e8 a1 d2 fa 00 4d 8b 65 00 4c 89 e6
[  161.588901][ T5894] RSP: 0018:ffffc90002b5f600 EFLAGS: 00010206
[  161.591620][ T5894] RAX: dffffc0000000000 RBX: 1ffff9200056bec8 RCX: 30579ff254064200
[  161.595502][ T5894] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  161.599016][ T5894] RBP: ffffc90002b5f710 R08: ffffc90002b5f327 R09: 1ffff9200056be64
[  161.602510][ T5894] R10: dffffc0000000000 R11: fffff5200056be65 R12: ffffc90002b5f680
[  161.606635][ T5894] R13: 0000000000000050 R14: 000000000000000a R15: 0000000000000000
[  161.610547][ T5894] FS:  00007f640690a6c0(0000) GS:ffff88808d252000(0000) knlGS:0000000000000000
[  161.614644][ T5894] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  161.617953][ T5894] CR2: 0000560d39412048 CR3: 0000000056f65000 CR4: 0000000000352ef0
[  161.622207][ T5894] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  161.625834][ T5894] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  161.629345][ T5894] Call Trace:
[  161.630930][ T5894]  <TASK>
[  161.632421][ T5894]  ? _printk+0xcf/0x120
[  161.634668][ T5894]  ? __pfx_jfs_error+0x10/0x10
[  161.637188][ T5894]  ? __pfx__printk+0x10/0x10
[  161.639320][ T5894]  ? txAbort+0x63d/0x760
[  161.641183][ T5894]  jfs_create+0x732/0xa80
[  161.643201][ T5894]  ? __pfx_jfs_create+0x10/0x10
[  161.645517][ T5894]  ? __pfx_jfs_lookup+0x10/0x10
[  161.648127][ T5894]  ? generic_permission+0x2e5/0x690
[  161.650736][ T5894]  ? inode_permission+0x149/0x470
[  161.653253][ T5894]  ? bpf_lsm_path_mknod+0x9/0x20
[  161.655504][ T5894]  ? bpf_lsm_inode_create+0x9/0x20
[  161.657731][ T5894]  ? __pfx_jfs_create+0x10/0x10
[  161.659949][ T5894]  path_openat+0x14f1/0x3830
[  161.661999][ T5894]  ? __pfx_path_openat+0x10/0x10
[  161.664457][ T5894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.667782][ T5894]  do_filp_open+0x1fa/0x410
[  161.670205][ T5894]  ? __pfx_do_filp_open+0x10/0x10
[  161.672624][ T5894]  ? _raw_spin_unlock+0x28/0x50
[  161.674706][ T5894]  ? alloc_fd+0x64c/0x6c0
[  161.676435][ T5894]  do_sys_openat2+0x121/0x1c0
[  161.678628][ T5894]  ? __se_sys_futex+0x36f/0x400
[  161.681210][ T5894]  ? __pfx_do_sys_openat2+0x10/0x10
[  161.684547][ T5894]  ? rcu_is_watching+0x15/0xb0
[  161.687326][ T5894]  __x64_sys_creat+0x8f/0xc0
[  161.689821][ T5894]  do_syscall_64+0xfa/0x3b0
[  161.692429][ T5894]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.695808][ T5894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.699132][ T5894]  ? clear_bhb_loop+0x60/0xb0
[  161.701375][ T5894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.704322][ T5894] RIP: 0033:0x7f6405b8d169
[  161.706655][ T5894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.715667][ T5894] RSP: 002b:00007f640690a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  161.719598][ T5894] RAX: ffffffffffffffda RBX: 00007f6405da5fa0 RCX: 00007f6405b8d169
[  161.723715][ T5894] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000e00
[  161.727354][ T5894] RBP: 00007f6405c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  161.731030][ T5894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  161.734893][ T5894] R13: 0000000000000000 R14: 00007f6405da5fa0 R15: 00007ffd7c1dff28
[  161.739216][ T5894]  </TASK>
[  161.740566][ T5894] Modules linked in:
[  161.743101][ T5894] ---[ end trace 0000000000000000 ]---
[  161.907338][ T5894] RIP: 0010:jfs_error+0x130/0x2c0
[  161.909698][ T5894] Code: 8d 4c 24 60 48 c7 c7 60 73 c3 8b 48 89 74 24 08 e8 e5 8d fe ff 4d 8d 6f 50 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 06 00 74 08 4c 89 ef e8 a1 d2 fa 00 4d 8b 65 00 4c 89 e6
[  161.934986][ T5894] RSP: 0018:ffffc90002b5f600 EFLAGS: 00010206
[  161.938338][ T5894] RAX: dffffc0000000000 RBX: 1ffff9200056bec8 RCX: 30579ff254064200
[  161.942427][ T5894] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  161.964769][ T5894] RBP: ffffc90002b5f710 R08: ffffc90002b5f327 R09: 1ffff9200056be64
[  161.968229][ T5894] R10: dffffc0000000000 R11: fffff5200056be65 R12: ffffc90002b5f680
[  161.971836][ T5894] R13: 0000000000000050 R14: 000000000000000a R15: 0000000000000000
[  161.994924][ T5894] FS:  00007f640690a6c0(0000) GS:ffff88808d252000(0000) knlGS:0000000000000000
[  161.999814][ T5894] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  162.002722][ T5894] CR2: 00007f4010075e9c CR3: 0000000056f65000 CR4: 0000000000352ef0
[  162.031920][ T5894] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  162.036336][ T5894] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  162.039433][ T5894] Kernel panic - not syncing: Fatal exception
[  162.042622][ T5894] Kernel Offset: disabled
[  162.044753][ T5894] Rebooting in 86400 seconds..