[   75.999171][  T774] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.88' (ED25519) to the list of known hosts.
2023/09/22 09:56:41 ignoring optional flag "sandboxArg"="0"
2023/09/22 09:56:41 parsed 1 programs
2023/09/22 09:56:42 executed programs: 0
[   79.550955][ T5386] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   79.599365][ T4444] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   79.606968][ T4444] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   79.614903][ T4444] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   79.624965][ T4444] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   79.632610][ T4444] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   79.640318][ T4444] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   79.749937][ T5392] chnl_net:caif_netlink_parms(): no params data found
[   79.799792][ T5392] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.806903][ T5392] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.814348][ T5392] bridge_slave_0: entered allmulticast mode
[   79.821003][ T5392] bridge_slave_0: entered promiscuous mode
[   79.829170][ T5392] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.836325][ T5392] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.843603][ T5392] bridge_slave_1: entered allmulticast mode
[   79.850390][ T5392] bridge_slave_1: entered promiscuous mode
[   79.874381][ T5392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.885751][ T5392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.912678][ T5392] team0: Port device team_slave_0 added
[   79.920869][ T5392] team0: Port device team_slave_1 added
[   79.943216][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.950339][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.976274][ T5392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.988391][ T5392] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.995323][ T5392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.021337][ T5392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.056096][ T5392] hsr_slave_0: entered promiscuous mode
[   80.062507][ T5392] hsr_slave_1: entered promiscuous mode
[   80.706992][ T5392] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   80.717628][ T5392] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   80.730792][ T5392] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   80.743097][ T5392] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   80.774356][ T5392] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.781763][ T5392] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.789309][ T5392] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.796455][ T5392] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.809062][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.816814][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.896530][ T5392] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.920404][ T5392] 8021q: adding VLAN 0 to HW filter on device team0
[   80.934009][ T4779] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.941276][ T4779] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.971739][ T4779] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.978902][ T4779] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.171045][ T5392] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.221372][ T5392] veth0_vlan: entered promiscuous mode
[   81.241897][ T5392] veth1_vlan: entered promiscuous mode
[   81.280758][ T5392] veth0_macvtap: entered promiscuous mode
[   81.293754][ T5392] veth1_macvtap: entered promiscuous mode
[   81.316427][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.332849][ T5392] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.347795][ T5392] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.357755][ T5392] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.367071][ T5392] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.377686][ T5392] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.452107][ T4779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.470681][ T4779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.510808][    T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.519038][    T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.689021][ T4444] Bluetooth: hci0: command 0x0409 tx timeout
[   81.861572][ T5457] loop0: detected capacity change from 0 to 32768
[   81.885172][   T27] audit: type=1800 audit(1695376605.249:2): pid=5457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=5 res=0 errno=0
[   81.915643][   T27] audit: type=1800 audit(1695376605.279:3): pid=5457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=7 res=0 errno=0
[   81.978251][   T27] audit: type=1800 audit(1695376605.339:4): pid=5471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=8 res=0 errno=0
[   82.013323][   T27] audit: type=1804 audit(1695376605.379:5): pid=5471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2096396738/syzkaller.Hqs5R1/0/bus/bus" dev="loop0" ino=5 res=1 errno=0
[   82.831601][ T5493] loop0: detected capacity change from 0 to 32768
[   82.853140][   T27] audit: type=1800 audit(1695376606.219:6): pid=5493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=5 res=0 errno=0
[   82.875577][   T27] audit: type=1800 audit(1695376606.239:7): pid=5493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=7 res=0 errno=0
[   82.931987][   T27] audit: type=1800 audit(1695376606.299:8): pid=5507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=8 res=0 errno=0
[   82.955710][   T27] audit: type=1804 audit(1695376606.319:9): pid=5507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2096396738/syzkaller.Hqs5R1/1/bus/bus" dev="loop0" ino=5 res=1 errno=0
[   83.758247][ T4444] Bluetooth: hci0: command 0x041b tx timeout
[   83.820732][ T5532] loop0: detected capacity change from 0 to 32768
[   83.846452][   T27] audit: type=1800 audit(1695376607.209:10): pid=5532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="loop0" ino=5 res=0 errno=0
[   83.870519][   T27] audit: type=1800 audit(1695376607.209:11): pid=5532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=7 res=0 errno=0
[   83.961366][ T5532] ================================================================================
[   83.973066][ T5532] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_xtree.c:622:15
[   83.982242][ T5532] index 19 is out of range for type 'xad_t [18]'
[   83.989686][ T5532] CPU: 1 PID: 5532 Comm: syz-executor.0 Not tainted 6.6.0-rc2-syzkaller-00244-g27bbf45eae9c #0
[   84.000118][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   84.010181][ T5532] Call Trace:
[   84.013464][ T5532]  <TASK>
[   84.016402][ T5532]  dump_stack_lvl+0x125/0x1b0
[   84.021107][ T5532]  __ubsan_handle_out_of_bounds+0x111/0x150
[   84.027020][ T5532]  xtInsert+0xe82/0xef0
[   84.031374][ T5532]  ? xtLookup+0x840/0x840
[   84.035716][ T5532]  ? reacquire_held_locks+0x4b0/0x4b0
[   84.041113][ T5532]  ? spin_bug+0x1d0/0x1d0
[   84.045461][ T5532]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   84.051490][ T5532]  ? rcu_is_watching+0x12/0xb0
[   84.056325][ T5532]  extAlloc+0x834/0xf00
[   84.060513][ T5532]  ? jfs_ioc_trim+0x5c0/0x5c0
[   84.065211][ T5532]  ? down_write_nested+0x153/0x200
[   84.070347][ T5532]  ? iov_iter_extract_pages+0x2dc/0x19b0
[   84.076011][ T5532]  jfs_get_block+0x428/0xb20
[   84.080613][ T5532]  ? jfs_read_folio+0x20/0x20
[   84.085296][ T5532]  ? kasan_set_track+0x25/0x30
[   84.090080][ T5532]  ? kmem_cache_alloc+0x348/0x3b0
[   84.095136][ T5532]  __blockdev_direct_IO+0x2445/0x3cb0
[   84.100546][ T5532]  ? submit_page_section+0xa10/0xa10
[   84.105850][ T5532]  ? invalidate_inode_pages2_range+0xdbc/0x1290
[   84.112116][ T5532]  ? jfs_read_folio+0x20/0x20
[   84.116838][ T5532]  jfs_direct_IO+0x10c/0x2c0
[   84.121455][ T5532]  generic_file_direct_write+0x132/0x360
[   84.127117][ T5532]  ? __mnt_drop_write_file+0x45/0xf0
[   84.132418][ T5532]  __generic_file_write_iter+0x11d/0x240
[   84.138067][ T5532]  generic_file_write_iter+0xe3/0x350
[   84.143468][ T5532]  do_iter_readv_writev+0x21e/0x3c0
[   84.148676][ T5532]  ? generic_copy_file_range+0x1d0/0x1d0
[   84.154318][ T5532]  ? bpf_lsm_file_permission+0x9/0x10
[   84.159700][ T5532]  ? security_file_permission+0x94/0x100
[   84.165355][ T5532]  do_iter_write+0x17f/0x830
[   84.169960][ T5532]  vfs_iter_write+0x7a/0xb0
[   84.174471][ T5532]  iter_file_splice_write+0x698/0xbf0
[   84.179866][ T5532]  ? splice_from_pipe_next+0x5d0/0x5d0
[   84.185429][ T5532]  ? warn_unsupported+0xc0/0xc0
[   84.190299][ T5532]  ? security_file_permission+0xdc/0x100
[   84.195951][ T5532]  ? splice_from_pipe_next+0x5d0/0x5d0
[   84.201425][ T5532]  direct_splice_actor+0x118/0x180
[   84.206546][ T5532]  splice_direct_to_actor+0x347/0xa30
[   84.211931][ T5532]  ? folio_flags.constprop.0+0x150/0x150
[   84.217576][ T5532]  ? vfs_splice_read+0x3b0/0x3b0
[   84.222524][ T5532]  ? bpf_lsm_file_permission+0x9/0x10
[   84.227909][ T5532]  ? security_file_permission+0x94/0x100
[   84.233579][ T5532]  do_splice_direct+0x1af/0x280
[   84.238457][ T5532]  ? splice_direct_to_actor+0xa30/0xa30
[   84.244017][ T5532]  ? propagate_umount+0x1af0/0x1af0
[   84.249236][ T5532]  do_sendfile+0xb88/0x1390
[   84.253760][ T5532]  ? vfs_iocb_iter_write+0x4c0/0x4c0
[   84.259068][ T5532]  ? xfd_validate_state+0x5d/0x180
[   84.264217][ T5532]  ? restore_fpregs_from_fpstate+0xc1/0x1d0
[   84.270145][ T5532]  __x64_sys_sendfile64+0x1d6/0x220
[   84.275366][ T5532]  ? __ia32_sys_sendfile+0x220/0x220
[   84.280675][ T5532]  ? syscall_enter_from_user_mode+0x26/0x80
[   84.286586][ T5532]  do_syscall_64+0x38/0xb0
[   84.291024][ T5532]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.296928][ T5532] RIP: 0033:0x7f81d9a7cb29
[   84.301355][ T5532] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   84.320969][ T5532] RSP: 002b:00007f81da78a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   84.329388][ T5532] RAX: ffffffffffffffda RBX: 00007f81d9b9bf80 RCX: 00007f81d9a7cb29
[   84.337368][ T5532] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[   84.345340][ T5532] RBP: 00007f81d9ac847a R08: 0000000000000000 R09: 0000000000000000
[   84.353317][ T5532] R10: 0001000000201004 R11: 0000000000000246 R12: 0000000000000000
[   84.361306][ T5532] R13: 000000000000000b R14: 00007f81d9b9bf80 R15: 00007ffe3f5b1368
[   84.369292][ T5532]  </TASK>
[   84.390870][ T5532] ================================================================================
[   84.402399][ T5532] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[   84.409604][ T5532] CPU: 1 PID: 5532 Comm: syz-executor.0 Not tainted 6.6.0-rc2-syzkaller-00244-g27bbf45eae9c #0
[   84.419946][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   84.430005][ T5532] Call Trace:
[   84.433291][ T5532]  <TASK>
[   84.436224][ T5532]  dump_stack_lvl+0xd9/0x1b0
[   84.440848][ T5532]  panic+0x6a6/0x750
[   84.444765][ T5532]  ? panic_smp_self_stop+0xa0/0xa0
[   84.449890][ T5532]  ? syslog_print_all+0x3f0/0x3f0
[   84.454950][ T5532]  check_panic_on_warn+0xab/0xb0
[   84.459909][ T5532]  __ubsan_handle_out_of_bounds+0x139/0x150
[   84.465822][ T5532]  xtInsert+0xe82/0xef0
[   84.470003][ T5532]  ? xtLookup+0x840/0x840
[   84.474343][ T5532]  ? reacquire_held_locks+0x4b0/0x4b0
[   84.479735][ T5532]  ? spin_bug+0x1d0/0x1d0
[   84.484081][ T5532]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   84.490108][ T5532]  ? rcu_is_watching+0x12/0xb0
[   84.494872][ T5532]  extAlloc+0x834/0xf00
[   84.499030][ T5532]  ? jfs_ioc_trim+0x5c0/0x5c0
[   84.503704][ T5532]  ? down_write_nested+0x153/0x200
[   84.508812][ T5532]  ? iov_iter_extract_pages+0x2dc/0x19b0
[   84.514445][ T5532]  jfs_get_block+0x428/0xb20
[   84.519033][ T5532]  ? jfs_read_folio+0x20/0x20
[   84.523788][ T5532]  ? kasan_set_track+0x25/0x30
[   84.528552][ T5532]  ? kmem_cache_alloc+0x348/0x3b0
[   84.533577][ T5532]  __blockdev_direct_IO+0x2445/0x3cb0
[   84.538960][ T5532]  ? submit_page_section+0xa10/0xa10
[   84.544245][ T5532]  ? invalidate_inode_pages2_range+0xdbc/0x1290
[   84.550480][ T5532]  ? jfs_read_folio+0x20/0x20
[   84.555175][ T5532]  jfs_direct_IO+0x10c/0x2c0
[   84.559762][ T5532]  generic_file_direct_write+0x132/0x360
[   84.565392][ T5532]  ? __mnt_drop_write_file+0x45/0xf0
[   84.570677][ T5532]  __generic_file_write_iter+0x11d/0x240
[   84.576308][ T5532]  generic_file_write_iter+0xe3/0x350
[   84.581679][ T5532]  do_iter_readv_writev+0x21e/0x3c0
[   84.586868][ T5532]  ? generic_copy_file_range+0x1d0/0x1d0
[   84.592494][ T5532]  ? bpf_lsm_file_permission+0x9/0x10
[   84.597858][ T5532]  ? security_file_permission+0x94/0x100
[   84.603491][ T5532]  do_iter_write+0x17f/0x830
[   84.608083][ T5532]  vfs_iter_write+0x7a/0xb0
[   84.612589][ T5532]  iter_file_splice_write+0x698/0xbf0
[   84.617964][ T5532]  ? splice_from_pipe_next+0x5d0/0x5d0
[   84.623504][ T5532]  ? warn_unsupported+0xc0/0xc0
[   84.628441][ T5532]  ? security_file_permission+0xdc/0x100
[   84.634071][ T5532]  ? splice_from_pipe_next+0x5d0/0x5d0
[   84.639539][ T5532]  direct_splice_actor+0x118/0x180
[   84.644645][ T5532]  splice_direct_to_actor+0x347/0xa30
[   84.650105][ T5532]  ? folio_flags.constprop.0+0x150/0x150
[   84.655736][ T5532]  ? vfs_splice_read+0x3b0/0x3b0
[   84.660750][ T5532]  ? bpf_lsm_file_permission+0x9/0x10
[   84.666202][ T5532]  ? security_file_permission+0x94/0x100
[   84.671835][ T5532]  do_splice_direct+0x1af/0x280
[   84.676682][ T5532]  ? splice_direct_to_actor+0xa30/0xa30
[   84.682224][ T5532]  ? propagate_umount+0x1af0/0x1af0
[   84.687421][ T5532]  do_sendfile+0xb88/0x1390
[   84.691953][ T5532]  ? vfs_iocb_iter_write+0x4c0/0x4c0
[   84.697228][ T5532]  ? xfd_validate_state+0x5d/0x180
[   84.702339][ T5532]  ? restore_fpregs_from_fpstate+0xc1/0x1d0
[   84.708232][ T5532]  __x64_sys_sendfile64+0x1d6/0x220
[   84.713428][ T5532]  ? __ia32_sys_sendfile+0x220/0x220
[   84.718707][ T5532]  ? syscall_enter_from_user_mode+0x26/0x80
[   84.724603][ T5532]  do_syscall_64+0x38/0xb0
[   84.729012][ T5532]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.734896][ T5532] RIP: 0033:0x7f81d9a7cb29
[   84.739303][ T5532] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   84.758908][ T5532] RSP: 002b:00007f81da78a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   84.767326][ T5532] RAX: ffffffffffffffda RBX: 00007f81d9b9bf80 RCX: 00007f81d9a7cb29
[   84.775289][ T5532] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[   84.783252][ T5532] RBP: 00007f81d9ac847a R08: 0000000000000000 R09: 0000000000000000
[   84.791213][ T5532] R10: 0001000000201004 R11: 0000000000000246 R12: 0000000000000000
[   84.799177][ T5532] R13: 000000000000000b R14: 00007f81d9b9bf80 R15: 00007ffe3f5b1368
[   84.807248][ T5532]  </TASK>
[   84.811312][ T5532] Kernel Offset: disabled
[   84.815681][ T5532] Rebooting in 86400 seconds..