[   82.028858][   T27] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.79' (ED25519) to the list of known hosts.
2023/09/21 04:02:26 ignoring optional flag "sandboxArg"="0"
2023/09/21 04:02:26 parsed 1 programs
2023/09/21 04:02:26 executed programs: 0
[   85.709956][ T5036] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   85.719366][ T5036] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   85.730131][ T5036] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   85.739342][ T5036] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   85.751719][ T5036] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   85.760184][ T5036] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   85.884043][ T5384] chnl_net:caif_netlink_parms(): no params data found
[   85.939135][ T5384] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.946456][ T5384] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.953921][ T5384] bridge_slave_0: entered allmulticast mode
[   85.961700][ T5384] bridge_slave_0: entered promiscuous mode
[   85.970671][ T5384] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.979038][ T5384] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.986740][ T5384] bridge_slave_1: entered allmulticast mode
[   85.995184][ T5384] bridge_slave_1: entered promiscuous mode
[   86.021877][ T5384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.034361][ T5384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.062274][ T5384] team0: Port device team_slave_0 added
[   86.070784][ T5384] team0: Port device team_slave_1 added
[   86.094884][ T5384] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.103216][ T5384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.131580][ T5384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.144370][ T5384] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.151695][ T5384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.179108][ T5384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.216986][ T5384] hsr_slave_0: entered promiscuous mode
[   86.224651][ T5384] hsr_slave_1: entered promiscuous mode
[   86.943572][ T5384] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   86.956532][ T5384] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   86.973274][ T5384] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.987467][ T5384] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   87.101617][ T5384] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.131862][ T5384] 8021q: adding VLAN 0 to HW filter on device team0
[   87.160822][ T5033] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.170887][ T5033] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.206674][ T5033] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.215374][ T5033] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.261299][ T5384] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   87.278407][ T5384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.477177][ T5384] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.534255][ T5384] veth0_vlan: entered promiscuous mode
[   87.551060][ T5384] veth1_vlan: entered promiscuous mode
[   87.590515][ T5384] veth0_macvtap: entered promiscuous mode
[   87.605391][ T5384] veth1_macvtap: entered promiscuous mode
[   87.631875][ T5384] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.651378][ T5384] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.666858][ T5384] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.678572][ T5384] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.690546][ T5384] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.701085][ T5384] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.784647][ T5036] Bluetooth: hci0: command 0x0409 tx timeout
[   87.795595][ T5047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.810171][ T5047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.848586][  T779] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.857830][  T779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.934766][ T5447] loop0: detected capacity change from 0 to 264192
[   87.953964][ T5447] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   87.969069][ T5447] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   87.979010][ T5447] REISERFS (device loop0): using ordered data mode
[   87.986254][ T5447] reiserfs: using flush barriers
[   87.995027][ T5447] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[   88.040000][ T5447] REISERFS (device loop0): checking transaction log (loop0)
[   88.055657][ T5447] REISERFS (device loop0): Using r5 hash to sort names
[   88.063420][ T5447] REISERFS (device loop0): using 3.5.x disk format
[   88.131188][ T5455] loop0: detected capacity change from 0 to 264192
[   88.145214][ T5455] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   88.213107][ T5455] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   88.240024][ T5455] REISERFS (device loop0): using ordered data mode
[   88.247640][ T5455] reiserfs: using flush barriers
[   88.255685][ T5455] REISERFS (device loop0): journal params: device loop0, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 0, max trans age 30
[   88.292839][ T5455] REISERFS (device loop0): checking transaction log (loop0)
[   88.303905][ T5455] REISERFS (device loop0): Using r5 hash to sort names
[   88.310815][ T5455] REISERFS (device loop0): using 3.5.x disk format
[   88.319593][ T5455] ==================================================================
[   88.327784][ T5455] BUG: KASAN: use-after-free in search_by_entry_key+0x579/0x1380
[   88.335546][ T5455] Read of size 4 at addr ffff88806e3c0fc4 by task syz-executor.0/5455
[   88.343720][ T5455] 
[   88.346061][ T5455] CPU: 0 PID: 5455 Comm: syz-executor.0 Not tainted 6.6.0-rc2-syzkaller-00048-g42dc814987c1 #0
[   88.356424][ T5455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   88.366504][ T5455] Call Trace:
[   88.369807][ T5455]  <TASK>
[   88.372754][ T5455]  dump_stack_lvl+0x1e7/0x2d0
[   88.378429][ T5455]  ? nf_tcp_handle_invalid+0x650/0x650
[   88.383916][ T5455]  ? panic+0x770/0x770
[   88.388017][ T5455]  ? _printk+0xd5/0x120
[   88.392378][ T5455]  print_report+0x163/0x540
[   88.397263][ T5455]  ? __virt_addr_valid+0x22f/0x2e0
[   88.403198][ T5455]  ? __phys_addr+0xba/0x170
[   88.407837][ T5455]  ? search_by_entry_key+0x579/0x1380
[   88.413256][ T5455]  kasan_report+0x175/0x1b0
[   88.417888][ T5455]  ? search_by_entry_key+0x579/0x1380
[   88.423398][ T5455]  search_by_entry_key+0x579/0x1380
[   88.428827][ T5455]  ? make_cpu_key+0x2f/0x230
[   88.433628][ T5455]  reiserfs_find_entry+0x2ce/0x19b0
[   88.439392][ T5455]  ? reiserfs_write_lock+0x7a/0xd0
[   88.444566][ T5455]  ? __lock_acquire+0x7f70/0x7f70
[   88.450364][ T5455]  ? reiserfs_get_parent+0x2d0/0x2d0
[   88.455868][ T5455]  ? __d_lookup_rcu+0x3b8/0x4c0
[   88.461841][ T5455]  ? do_raw_spin_unlock+0x13b/0x8b0
[   88.467098][ T5455]  reiserfs_lookup+0x1e2/0x580
[   88.472265][ T5455]  ? reiserfs_init_priv_inode+0x150/0x150
[   88.478211][ T5455]  ? __init_waitqueue_head+0xae/0x150
[   88.483655][ T5455]  __lookup_slow+0x282/0x3e0
[   88.488293][ T5455]  ? lookup_one_len+0x2d0/0x2d0
[   88.493474][ T5455]  lookup_one_len+0x18b/0x2d0
[   88.498538][ T5455]  ? lookup_one_common+0x460/0x460
[   88.504171][ T5455]  ? prepare_error_buf+0x1a30/0x1a30
[   88.509584][ T5455]  reiserfs_lookup_privroot+0x89/0x180
[   88.515089][ T5455]  reiserfs_fill_super+0x195b/0x2620
[   88.520459][ T5455]  ? reiserfs_kill_sb+0x150/0x150
[   88.525531][ T5455]  ? __down_write_common+0x161/0x200
[   88.530870][ T5455]  mount_bdev+0x237/0x300
[   88.535503][ T5455]  ? reiserfs_kill_sb+0x150/0x150
[   88.540661][ T5455]  ? get_tree_bdev+0x5b0/0x5b0
[   88.545466][ T5455]  ? vfs_parse_fs_string+0x190/0x230
[   88.550958][ T5455]  ? vfs_parse_fs_param+0x410/0x410
[   88.556291][ T5455]  ? cap_capable+0x1b4/0x240
[   88.561050][ T5455]  legacy_get_tree+0xef/0x190
[   88.565935][ T5455]  ? remove_save_link+0x540/0x540
[   88.571089][ T5455]  vfs_get_tree+0x8c/0x280
[   88.575719][ T5455]  do_new_mount+0x28f/0xae0
[   88.580330][ T5455]  ? do_move_mount_old+0x170/0x170
[   88.585497][ T5455]  ? user_path_at_empty+0x12f/0x180
[   88.590738][ T5455]  __se_sys_mount+0x2d9/0x3c0
[   88.595467][ T5455]  ? __x64_sys_mount+0xc0/0xc0
[   88.600289][ T5455]  ? syscall_enter_from_user_mode+0x32/0x230
[   88.606302][ T5455]  ? lockdep_hardirqs_on+0x98/0x140
[   88.611708][ T5455]  ? __x64_sys_mount+0x20/0xc0
[   88.616599][ T5455]  do_syscall_64+0x41/0xc0
[   88.621674][ T5455]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   88.627690][ T5455] RIP: 0033:0x7feec707c43a
[   88.632134][ T5455] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   88.651771][ T5455] RSP: 002b:00007feec8285ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   88.660389][ T5455] RAX: ffffffffffffffda RBX: 00007feec8285f80 RCX: 00007feec707c43a
[   88.668480][ T5455] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007feec8285f40
[   88.677177][ T5455] RBP: 0000000020000000 R08: 00007feec8285f80 R09: 0000000020000000
[   88.685357][ T5455] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000020000100
[   88.693619][ T5455] R13: 0000000020000400 R14: 00007feec8285f40 R15: 0000000020000040
[   88.701935][ T5455]  </TASK>
[   88.704992][ T5455] 
[   88.707340][ T5455] The buggy address belongs to the physical page:
[   88.713873][ T5455] page:ffffea0001b8f000 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6e3c0
[   88.726239][ T5455] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   88.733685][ T5455] page_type: 0xffffffff()
[   88.738138][ T5455] raw: 00fff00000000000 ffffea0001b8f048 ffff8880b9842220 0000000000000000
[   88.746763][ T5455] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   88.756413][ T5455] page dumped because: kasan: bad access detected
[   88.763215][ T5455] page_owner tracks the page as freed
[   88.768622][ T5455] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5369, tgid 5369 (udevd), ts 88225350655, free_ts 88230862975
[   88.788102][ T5455]  post_alloc_hook+0x1e6/0x210
[   88.792914][ T5455]  get_page_from_freelist+0x31db/0x3360
[   88.798509][ T5455]  __alloc_pages+0x255/0x670
[   88.803574][ T5455]  __folio_alloc+0x13/0x30
[   88.808021][ T5455]  vma_alloc_folio+0x48a/0x9a0
[   88.812822][ T5455]  handle_mm_fault+0x2376/0x62b0
[   88.818413][ T5455]  exc_page_fault+0x2ac/0x860
[   88.823312][ T5455]  asm_exc_page_fault+0x26/0x30
[   88.828402][ T5455] page last free stack trace:
[   88.833796][ T5455]  free_unref_page_prepare+0x8c3/0x9f0
[   88.839393][ T5455]  free_unref_page_list+0x596/0x830
[   88.844805][ T5455]  release_pages+0x2113/0x23f0
[   88.849839][ T5455]  tlb_flush_mmu+0x34c/0x4e0
[   88.854475][ T5455]  tlb_finish_mmu+0xd4/0x1f0
[   88.859213][ T5455]  unmap_region+0x300/0x350
[   88.864456][ T5455]  do_vmi_align_munmap+0x121e/0x1850
[   88.870299][ T5455]  __se_sys_brk+0x691/0xef0
[   88.874845][ T5455]  do_syscall_64+0x41/0xc0
[   88.879740][ T5455]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   88.886290][ T5455] 
[   88.888891][ T5455] Memory state around the buggy address:
[   88.894551][ T5455]  ffff88806e3c0e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.902746][ T5455]  ffff88806e3c0f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.911013][ T5455] >ffff88806e3c0f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.919098][ T5455]                                            ^
[   88.925276][ T5455]  ffff88806e3c1000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.933974][ T5455]  ffff88806e3c1080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   88.942319][ T5455] ==================================================================
[   88.980762][ T5455] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   88.988286][ T5455] CPU: 0 PID: 5455 Comm: syz-executor.0 Not tainted 6.6.0-rc2-syzkaller-00048-g42dc814987c1 #0
[   88.998628][ T5455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   89.008807][ T5455] Call Trace:
[   89.012115][ T5455]  <TASK>
[   89.015077][ T5455]  dump_stack_lvl+0x1e7/0x2d0
[   89.019985][ T5455]  ? nf_tcp_handle_invalid+0x650/0x650
[   89.025474][ T5455]  ? panic+0x770/0x770
[   89.029585][ T5455]  ? preempt_schedule_common+0x83/0xc0
[   89.035175][ T5455]  ? vscnprintf+0x5d/0x80
[   89.039650][ T5455]  panic+0x30f/0x770
[   89.043592][ T5455]  ? check_panic_on_warn+0x21/0xa0
[   89.048928][ T5455]  ? __memcpy_flushcache+0x2b0/0x2b0
[   89.054351][ T5455]  ? _raw_spin_unlock_irqrestore+0x12c/0x140
[   89.060544][ T5455]  ? _raw_spin_unlock+0x40/0x40
[   89.065531][ T5455]  ? print_report+0x4fb/0x540
[   89.070248][ T5455]  check_panic_on_warn+0x82/0xa0
[   89.075299][ T5455]  ? search_by_entry_key+0x579/0x1380
[   89.080709][ T5455]  end_report+0x6e/0x130
[   89.085167][ T5455]  kasan_report+0x186/0x1b0
[   89.089720][ T5455]  ? search_by_entry_key+0x579/0x1380
[   89.095219][ T5455]  search_by_entry_key+0x579/0x1380
[   89.100718][ T5455]  ? make_cpu_key+0x2f/0x230
[   89.105633][ T5455]  reiserfs_find_entry+0x2ce/0x19b0
[   89.110878][ T5455]  ? reiserfs_write_lock+0x7a/0xd0
[   89.116190][ T5455]  ? __lock_acquire+0x7f70/0x7f70
[   89.121253][ T5455]  ? reiserfs_get_parent+0x2d0/0x2d0
[   89.126584][ T5455]  ? __d_lookup_rcu+0x3b8/0x4c0
[   89.131561][ T5455]  ? do_raw_spin_unlock+0x13b/0x8b0
[   89.137249][ T5455]  reiserfs_lookup+0x1e2/0x580
[   89.142593][ T5455]  ? reiserfs_init_priv_inode+0x150/0x150
[   89.148822][ T5455]  ? __init_waitqueue_head+0xae/0x150
[   89.154414][ T5455]  __lookup_slow+0x282/0x3e0
[   89.159133][ T5455]  ? lookup_one_len+0x2d0/0x2d0
[   89.164119][ T5455]  lookup_one_len+0x18b/0x2d0
[   89.169358][ T5455]  ? lookup_one_common+0x460/0x460
[   89.174693][ T5455]  ? prepare_error_buf+0x1a30/0x1a30
[   89.180025][ T5455]  reiserfs_lookup_privroot+0x89/0x180
[   89.185529][ T5455]  reiserfs_fill_super+0x195b/0x2620
[   89.191067][ T5455]  ? reiserfs_kill_sb+0x150/0x150
[   89.196241][ T5455]  ? __down_write_common+0x161/0x200
[   89.201775][ T5455]  mount_bdev+0x237/0x300
[   89.206403][ T5455]  ? reiserfs_kill_sb+0x150/0x150
[   89.211609][ T5455]  ? get_tree_bdev+0x5b0/0x5b0
[   89.216946][ T5455]  ? vfs_parse_fs_string+0x190/0x230
[   89.222278][ T5455]  ? vfs_parse_fs_param+0x410/0x410
[   89.227512][ T5455]  ? cap_capable+0x1b4/0x240
[   89.232239][ T5455]  legacy_get_tree+0xef/0x190
[   89.237225][ T5455]  ? remove_save_link+0x540/0x540
[   89.242374][ T5455]  vfs_get_tree+0x8c/0x280
[   89.246847][ T5455]  do_new_mount+0x28f/0xae0
[   89.251410][ T5455]  ? do_move_mount_old+0x170/0x170
[   89.256558][ T5455]  ? user_path_at_empty+0x12f/0x180
[   89.261787][ T5455]  __se_sys_mount+0x2d9/0x3c0
[   89.266507][ T5455]  ? __x64_sys_mount+0xc0/0xc0
[   89.271821][ T5455]  ? syscall_enter_from_user_mode+0x32/0x230
[   89.277937][ T5455]  ? lockdep_hardirqs_on+0x98/0x140
[   89.283172][ T5455]  ? __x64_sys_mount+0x20/0xc0
[   89.287968][ T5455]  do_syscall_64+0x41/0xc0
[   89.292692][ T5455]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   89.298712][ T5455] RIP: 0033:0x7feec707c43a
[   89.303177][ T5455] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   89.323171][ T5455] RSP: 002b:00007feec8285ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   89.331961][ T5455] RAX: ffffffffffffffda RBX: 00007feec8285f80 RCX: 00007feec707c43a
[   89.341005][ T5455] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007feec8285f40
[   89.349271][ T5455] RBP: 0000000020000000 R08: 00007feec8285f80 R09: 0000000020000000
[   89.357444][ T5455] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000020000100
[   89.365790][ T5455] R13: 0000000020000400 R14: 00007feec8285f40 R15: 0000000020000040
[   89.373795][ T5455]  </TASK>
[   89.377057][ T5455] Kernel Offset: disabled
[   89.381377][ T5455] Rebooting in 86400 seconds..