DUID 00:04:b0:cd:33:f9:4f:8a:55:45:4d:7b:3b:ee:3a:71:f0:8b
forked to background, child pid 3209
[   29.521042][ T3210] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.536263][ T3210] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
syzkaller login: [   76.249023][    T7] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.10.25' (ECDSA) to the list of known hosts.
2022/11/17 05:31:42 ignoring optional flag "sandboxArg"="0"
2022/11/17 05:31:43 parsed 1 programs
[  203.276872][ T3648] cgroup: Unknown subsys name 'net'
[  203.385298][ T3648] cgroup: Unknown subsys name 'rlimit'
2022/11/17 05:31:43 executed programs: 0
[  203.551041][ T3658] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  203.559066][ T3658] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  203.566423][ T3658] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  203.574419][ T3658] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  203.581991][ T3658] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  203.589372][ T3658] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  203.597349][ T3655] Bluetooth: hci0: HCI_REQ-0x0c1a
[  203.700252][ T3655] chnl_net:caif_netlink_parms(): no params data found
[  203.741440][ T3655] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.749003][ T3655] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.756763][ T3655] device bridge_slave_0 entered promiscuous mode
[  203.765435][ T3655] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.772551][ T3655] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.780395][ T3655] device bridge_slave_1 entered promiscuous mode
[  203.800706][ T3655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  203.811450][ T3655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  203.833343][ T3655] team0: Port device team_slave_0 added
[  203.840519][ T3655] team0: Port device team_slave_1 added
[  203.858530][ T3655] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.865468][ T3655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.892246][ T3655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  203.904813][ T3655] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.912418][ T3655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.938531][ T3655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  203.967202][ T3655] device hsr_slave_0 entered promiscuous mode
[  203.974191][ T3655] device hsr_slave_1 entered promiscuous mode
[  204.053015][ T3655] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  204.063186][ T3655] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  204.072205][ T3655] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  204.080767][ T3655] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  204.100573][ T3655] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.107835][ T3655] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.115642][ T3655] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.122774][ T3655] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.166447][ T3655] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.178142][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  204.187397][ T3296] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.196429][ T3296] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.204372][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  204.217375][ T3655] 8021q: adding VLAN 0 to HW filter on device team0
[  204.227364][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  204.235712][ T3296] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.242827][ T3296] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.253399][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  204.262537][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.269633][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.288727][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  204.301883][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  204.309770][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  204.321113][ T3295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  204.333067][ T3655] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  204.345596][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  204.354309][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  204.478734][ T3655] 8021q: adding VLAN 0 to HW filter on device batadv0
[  204.487124][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  204.494650][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  204.511565][ T3295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  204.530111][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  204.538606][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  204.546148][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  204.556069][ T3655] device veth0_vlan entered promiscuous mode
[  204.567326][ T3655] device veth1_vlan entered promiscuous mode
[  204.584612][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  204.592637][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  204.600953][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  204.612879][ T3655] device veth0_macvtap entered promiscuous mode
[  204.623038][ T3655] device veth1_macvtap entered promiscuous mode
[  204.637957][ T3655] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.645366][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  204.654995][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  204.666266][ T3655] batman_adv: batadv0: Interface activated: batadv_slave_1
[  204.674468][ T3295] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  204.683258][ T3295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  204.694503][ T3655] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.704787][ T3655] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  204.713596][ T3655] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  204.722386][ T3655] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  204.785520][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.798440][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.810181][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  204.827439][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.835678][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.845144][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  204.919728][ T3671] loop0: detected capacity change from 0 to 32768
[  204.941552][   T27] audit: type=1800 audit(1668663104.959:2): pid=3671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=7 res=0 errno=0
[  205.622859][ T3671] ================================================================================
[  205.632666][ T3671] UBSAN: shift-out-of-bounds in fs/jfs/jfs_extent.c:314:16
[  205.640508][ T3671] shift exponent -1 is negative
[  205.645427][ T3671] CPU: 1 PID: 3671 Comm: syz-executor.0 Not tainted 6.1.0-rc5-syzkaller-00018-g59d0d52c30d4 #0
[  205.655753][ T3671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  205.665808][ T3671] Call Trace:
[  205.669080][ T3671]  <TASK>
[  205.672103][ T3671]  dump_stack_lvl+0x1b1/0x28e
[  205.676804][ T3671]  ? nf_tcp_handle_invalid+0x62e/0x62e
[  205.682257][ T3671]  ? vsnprintf+0x1af/0x1ce0
[  205.686755][ T3671]  ? panic+0x710/0x710
[  205.690824][ T3671]  ? extAlloc+0x104/0xff0
[  205.695187][ T3671]  __ubsan_handle_shift_out_of_bounds+0x33d/0x3b0
[  205.701601][ T3671]  ? do_raw_spin_unlock+0x134/0x8a0
[  205.706794][ T3671]  extAlloc+0xe40/0xff0
[  205.711038][ T3671]  ? jfs_ioc_trim+0x660/0x660
[  205.715729][ T3671]  jfs_get_block+0x342/0xce0
[  205.720327][ T3671]  ? jfs_dirty_inode+0x240/0x240
[  205.725262][ T3671]  ? create_page_buffers+0x244/0x4b0
[  205.730542][ T3671]  __block_write_begin_int+0x54c/0x1a80
[  205.736094][ T3671]  ? jfs_dirty_inode+0x240/0x240
[  205.741015][ T3671]  ? page_zero_new_buffers+0x940/0x940
[  205.746462][ T3671]  ? PageHeadHuge+0x8a/0x1d0
[  205.751042][ T3671]  ? jfs_dirty_inode+0x240/0x240
[  205.755965][ T3671]  block_write_begin+0x93/0x1e0
[  205.760802][ T3671]  ? jfs_write_begin+0x16/0x60
[  205.765555][ T3671]  jfs_write_begin+0x2d/0x60
[  205.770142][ T3671]  generic_perform_write+0x2e4/0x5e0
[  205.775439][ T3671]  ? generic_file_direct_write+0x610/0x610
[  205.781234][ T3671]  ? __file_remove_privs+0x6c0/0x6c0
[  205.786518][ T3671]  ? generic_write_checks+0x15c/0x1c0
[  205.791886][ T3671]  __generic_file_write_iter+0x176/0x400
[  205.797507][ T3671]  generic_file_write_iter+0xab/0x310
[  205.802869][ T3671]  do_iter_write+0x6c2/0xc20
[  205.807455][ T3671]  ? rcu_read_lock_sched_held+0x87/0x110
[  205.813072][ T3671]  ? vfs_iter_write+0xa0/0xa0
[  205.817742][ T3671]  ? vfs_iter_write+0x69/0xa0
[  205.822405][ T3671]  iter_file_splice_write+0x7fc/0xfc0
[  205.827796][ T3671]  ? splice_from_pipe+0x200/0x200
[  205.832814][ T3671]  ? splice_shrink_spd+0xb0/0xb0
[  205.837762][ T3671]  ? splice_from_pipe+0x200/0x200
[  205.842798][ T3671]  direct_splice_actor+0xe6/0x1c0
[  205.847848][ T3671]  splice_direct_to_actor+0x4e4/0xc00
[  205.853238][ T3671]  ? do_splice_direct+0x3d0/0x3d0
[  205.858252][ T3671]  ? pipe_to_sendpage+0x340/0x340
[  205.863268][ T3671]  ? bpf_lsm_file_permission+0x5/0x10
[  205.868625][ T3671]  ? security_file_permission+0xe0/0x5c0
[  205.874249][ T3671]  do_splice_direct+0x279/0x3d0
[  205.879090][ T3671]  ? splice_direct_to_actor+0xc00/0xc00
[  205.884627][ T3671]  ? rcu_read_lock_any_held+0xb1/0x130
[  205.890076][ T3671]  ? apparmor_file_permission+0x2a0/0x310
[  205.895785][ T3671]  do_sendfile+0x5fb/0xf80
[  205.900207][ T3671]  ? do_pwritev+0x350/0x350
[  205.904708][ T3671]  ? lockdep_hardirqs_on_prepare+0x428/0x790
[  205.910683][ T3671]  __se_sys_sendfile64+0x14f/0x1b0
[  205.915787][ T3671]  ? __x64_sys_sendfile64+0xa0/0xa0
[  205.920975][ T3671]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[  205.926940][ T3671]  ? lockdep_hardirqs_on+0x8d/0x130
[  205.932129][ T3671]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[  205.938099][ T3671]  do_syscall_64+0x3d/0xb0
[  205.942503][ T3671]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  205.948388][ T3671] RIP: 0033:0x7ff3a4c8b639
[  205.952790][ T3671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  205.972382][ T3671] RSP: 002b:00007ff3a5a08168 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  205.980784][ T3671] RAX: ffffffffffffffda RBX: 00007ff3a4dabf80 RCX: 00007ff3a4c8b639
[  205.988742][ T3671] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000004
[  205.996697][ T3671] RBP: 00007ff3a4ce6ae9 R08: 0000000000000000 R09: 0000000000000000
[  206.004650][ T3671] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000000
[  206.012613][ T3671] R13: 00007ffda377f6bf R14: 00007ff3a5a08300 R15: 0000000000022000
[  206.020584][ T3671]  </TASK>
[  206.026661][ T3671] ================================================================================
[  206.036386][ T3671] Kernel panic - not syncing: panic_on_warn set ...
[  206.039574][ T3658] Bluetooth: hci0: command 0x0409 tx timeout
[  206.048957][ T3671] CPU: 0 PID: 3671 Comm: syz-executor.0 Not tainted 6.1.0-rc5-syzkaller-00018-g59d0d52c30d4 #0
[  206.059276][ T3671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  206.069314][ T3671] Call Trace:
[  206.072580][ T3671]  <TASK>
[  206.075496][ T3671]  dump_stack_lvl+0x1b1/0x28e
[  206.080162][ T3671]  ? nf_tcp_handle_invalid+0x62e/0x62e
[  206.085606][ T3671]  ? panic+0x710/0x710
[  206.089679][ T3671]  ? preempt_schedule_thunk+0x16/0x18
[  206.095067][ T3671]  ? vscnprintf+0x59/0x80
[  206.099417][ T3671]  panic+0x2d6/0x710
[  206.103309][ T3671]  ? __ubsan_handle_shift_out_of_bounds+0x360/0x3b0
[  206.109924][ T3671]  ? memcpy_page_flushcache+0xfc/0xfc
[  206.115293][ T3671]  ? panic+0x710/0x710
[  206.119353][ T3671]  ? extAlloc+0x104/0xff0
[  206.123671][ T3671]  __ubsan_handle_shift_out_of_bounds+0x3af/0x3b0
[  206.130083][ T3671]  ? do_raw_spin_unlock+0x134/0x8a0
[  206.135285][ T3671]  extAlloc+0xe40/0xff0
[  206.139442][ T3671]  ? jfs_ioc_trim+0x660/0x660
[  206.144117][ T3671]  jfs_get_block+0x342/0xce0
[  206.148699][ T3671]  ? jfs_dirty_inode+0x240/0x240
[  206.153628][ T3671]  ? create_page_buffers+0x244/0x4b0
[  206.158904][ T3671]  __block_write_begin_int+0x54c/0x1a80
[  206.164453][ T3671]  ? jfs_dirty_inode+0x240/0x240
[  206.169382][ T3671]  ? page_zero_new_buffers+0x940/0x940
[  206.174840][ T3671]  ? PageHeadHuge+0x8a/0x1d0
[  206.179432][ T3671]  ? jfs_dirty_inode+0x240/0x240
[  206.184354][ T3671]  block_write_begin+0x93/0x1e0
[  206.189204][ T3671]  ? jfs_write_begin+0x16/0x60
[  206.193973][ T3671]  jfs_write_begin+0x2d/0x60
[  206.198551][ T3671]  generic_perform_write+0x2e4/0x5e0
[  206.203833][ T3671]  ? generic_file_direct_write+0x610/0x610
[  206.209626][ T3671]  ? __file_remove_privs+0x6c0/0x6c0
[  206.214897][ T3671]  ? generic_write_checks+0x15c/0x1c0
[  206.220267][ T3671]  __generic_file_write_iter+0x176/0x400
[  206.225933][ T3671]  generic_file_write_iter+0xab/0x310
[  206.231297][ T3671]  do_iter_write+0x6c2/0xc20
[  206.235898][ T3671]  ? rcu_read_lock_sched_held+0x87/0x110
[  206.241520][ T3671]  ? vfs_iter_write+0xa0/0xa0
[  206.246194][ T3671]  ? vfs_iter_write+0x69/0xa0
[  206.250862][ T3671]  iter_file_splice_write+0x7fc/0xfc0
[  206.256238][ T3671]  ? splice_from_pipe+0x200/0x200
[  206.261258][ T3671]  ? splice_shrink_spd+0xb0/0xb0
[  206.266190][ T3671]  ? splice_from_pipe+0x200/0x200
[  206.271206][ T3671]  direct_splice_actor+0xe6/0x1c0
[  206.276222][ T3671]  splice_direct_to_actor+0x4e4/0xc00
[  206.281591][ T3671]  ? do_splice_direct+0x3d0/0x3d0
[  206.286609][ T3671]  ? pipe_to_sendpage+0x340/0x340
[  206.291649][ T3671]  ? bpf_lsm_file_permission+0x5/0x10
[  206.297014][ T3671]  ? security_file_permission+0xe0/0x5c0
[  206.302643][ T3671]  do_splice_direct+0x279/0x3d0
[  206.307486][ T3671]  ? splice_direct_to_actor+0xc00/0xc00
[  206.313020][ T3671]  ? rcu_read_lock_any_held+0xb1/0x130
[  206.318468][ T3671]  ? apparmor_file_permission+0x2a0/0x310
[  206.324179][ T3671]  do_sendfile+0x5fb/0xf80
[  206.328597][ T3671]  ? do_pwritev+0x350/0x350
[  206.333196][ T3671]  ? lockdep_hardirqs_on_prepare+0x428/0x790
[  206.339186][ T3671]  __se_sys_sendfile64+0x14f/0x1b0
[  206.344291][ T3671]  ? __x64_sys_sendfile64+0xa0/0xa0
[  206.349480][ T3671]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[  206.355448][ T3671]  ? lockdep_hardirqs_on+0x8d/0x130
[  206.360648][ T3671]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[  206.366633][ T3671]  do_syscall_64+0x3d/0xb0
[  206.371043][ T3671]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  206.376925][ T3671] RIP: 0033:0x7ff3a4c8b639
[  206.381330][ T3671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  206.400931][ T3671] RSP: 002b:00007ff3a5a08168 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  206.409334][ T3671] RAX: ffffffffffffffda RBX: 00007ff3a4dabf80 RCX: 00007ff3a4c8b639
[  206.417297][ T3671] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000004
[  206.425266][ T3671] RBP: 00007ff3a4ce6ae9 R08: 0000000000000000 R09: 0000000000000000
[  206.433238][ T3671] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000000
[  206.441209][ T3671] R13: 00007ffda377f6bf R14: 00007ff3a5a08300 R15: 0000000000022000
[  206.449184][ T3671]  </TASK>
[  206.452354][ T3671] Kernel Offset: disabled
[  206.456760][ T3671] Rebooting in 86400 seconds..