[   76.848309][    T8] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.153' (ED25519) to the list of known hosts.
2024/11/11 20:08:15 ignoring optional flag "sandboxArg"="0"
2024/11/11 20:08:15 ignoring optional flag "type"="gce"
2024/11/11 20:08:15 parsed 1 programs
2024/11/11 20:08:17 executed programs: 0
[   80.558020][ T6125] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   80.608106][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.616963][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.625530][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.634425][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.642409][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   80.650861][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.744129][ T6132] chnl_net:caif_netlink_parms(): no params data found
[   80.784178][ T6132] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.791435][ T6132] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.798705][ T6132] bridge_slave_0: entered allmulticast mode
[   80.805293][ T6132] bridge_slave_0: entered promiscuous mode
[   80.812700][ T6132] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.820037][ T6132] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.827782][ T6132] bridge_slave_1: entered allmulticast mode
[   80.834286][ T6132] bridge_slave_1: entered promiscuous mode
[   80.854637][ T6132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.865486][ T6132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.888606][ T6132] team0: Port device team_slave_0 added
[   80.895742][ T6132] team0: Port device team_slave_1 added
[   80.913927][ T6132] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.921151][ T6132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.947461][ T6132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.959954][ T6132] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.967530][ T6132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.993537][ T6132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.021091][ T6132] hsr_slave_0: entered promiscuous mode
[   81.027454][ T6132] hsr_slave_1: entered promiscuous mode
[   81.483076][ T6132] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.493630][ T6132] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.503729][ T6132] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.514360][ T6132] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.544430][ T6132] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.551623][ T6132] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.559092][ T6132] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.566351][ T6132] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.628405][ T6132] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.644047][ T3480] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.655396][ T3480] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.675457][ T6132] 8021q: adding VLAN 0 to HW filter on device team0
[   81.691494][ T2116] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.698717][ T2116] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.715263][ T2116] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.722444][ T2116] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.915224][ T6132] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.955058][ T6132] veth0_vlan: entered promiscuous mode
[   81.975293][ T6132] veth1_vlan: entered promiscuous mode
[   82.007778][ T6132] veth0_macvtap: entered promiscuous mode
[   82.018524][ T6132] veth1_macvtap: entered promiscuous mode
[   82.040715][ T6132] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.057871][ T6132] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.069927][ T6132] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.078867][ T6132] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.089274][ T6132] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.099713][ T6132] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.170170][ T3428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.183945][ T3428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.214853][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.225167][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.309227][ T6198] loop0: detected capacity change from 0 to 2048
[   82.329107][ T6198] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   82.364851][ T6198] jffs2: notice: (6198) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   82.448811][ T6201] ==================================================================
[   82.456954][ T6201] BUG: KASAN: slab-use-after-free in __mutex_lock+0xfe/0xd70
[   82.464428][ T6201] Read of size 8 at addr ffff88806a76a130 by task jffs2_gcd_mtd0/6201
[   82.472638][ T6201] 
[   82.472850][ T6205] loop0: detected capacity change from 0 to 2048
[   82.474968][ T6201] CPU: 1 UID: 0 PID: 6201 Comm: jffs2_gcd_mtd0 Not tainted 6.12.0-rc7-syzkaller #0
[   82.485785][ T6205] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   82.490526][ T6201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   82.490551][ T6201] Call Trace:
[   82.490559][ T6201]  <TASK>
[   82.490567][ T6201]  dump_stack_lvl+0x241/0x360
[   82.490593][ T6201]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.490612][ T6201]  ? __pfx__printk+0x10/0x10
[   82.490630][ T6201]  ? _printk+0xd5/0x120
[   82.490647][ T6201]  ? __virt_addr_valid+0x183/0x530
[   82.490663][ T6201]  ? __virt_addr_valid+0x183/0x530
[   82.490680][ T6201]  print_report+0x169/0x550
[   82.523585][ T6205] jffs2: notice: (6205) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[   82.526520][ T6201]  ? __virt_addr_valid+0x183/0x530
[   82.526544][ T6201]  ? __virt_addr_valid+0x183/0x530
[   82.526559][ T6201]  ? __virt_addr_valid+0x45f/0x530
[   82.526573][ T6201]  ? __phys_addr+0xba/0x170
[   82.526589][ T6201]  ? __mutex_lock+0xfe/0xd70
[   82.526606][ T6201]  kasan_report+0x143/0x180
[   82.595733][ T6201]  ? __mutex_lock+0xfe/0xd70
[   82.600356][ T6201]  __mutex_lock+0xfe/0xd70
[   82.604815][ T6201]  ? jffs2_garbage_collect_pass+0xae/0x2120
[   82.610762][ T6201]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   82.616168][ T6201]  ? __pfx___mutex_lock+0x10/0x10
[   82.621313][ T6201]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   82.627671][ T6201]  ? _raw_spin_lock_irq+0xdf/0x120
[   82.632900][ T6201]  jffs2_garbage_collect_pass+0xae/0x2120
[   82.638652][ T6201]  ? lockdep_hardirqs_on+0x99/0x150
[   82.644058][ T6201]  ? _raw_spin_unlock_irq+0x2e/0x50
[   82.649287][ T6201]  ? __set_current_blocked+0x310/0x380
[   82.654781][ T6201]  ? __pfx___set_current_blocked+0x10/0x10
[   82.660643][ T6201]  ? schedule+0x90/0x320
[   82.664912][ T6201]  ? schedule+0x155/0x320
[   82.669447][ T6201]  ? __pfx_jffs2_garbage_collect_pass+0x10/0x10
[   82.675720][ T6201]  ? schedule_timeout+0x21a/0x310
[   82.680862][ T6201]  ? sigprocmask+0x228/0x280
[   82.685479][ T6201]  ? __pfx_sigprocmask+0x10/0x10
[   82.690454][ T6201]  ? do_raw_spin_unlock+0x13c/0x8b0
[   82.695683][ T6201]  jffs2_garbage_collect_thread+0x64b/0x6e0
[   82.701612][ T6201]  ? __pfx_jffs2_garbage_collect_thread+0x10/0x10
[   82.708060][ T6201]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   82.713984][ T6201]  ? __kthread_parkme+0x169/0x1d0
[   82.719084][ T6201]  ? __pfx_jffs2_garbage_collect_thread+0x10/0x10
[   82.725551][ T6201]  kthread+0x2f0/0x390
[   82.729654][ T6201]  ? __pfx_jffs2_garbage_collect_thread+0x10/0x10
[   82.736103][ T6201]  ? __pfx_kthread+0x10/0x10
[   82.740727][ T6201]  ret_from_fork+0x4b/0x80
[   82.745171][ T6201]  ? __pfx_kthread+0x10/0x10
[   82.749795][ T6201]  ret_from_fork_asm+0x1a/0x30
[   82.754595][ T6201]  </TASK>
[   82.757641][ T6201] 
[   82.759987][ T6201] Allocated by task 6198:
[   82.764683][ T6201]  kasan_save_track+0x3f/0x80
[   82.769386][ T6201]  __kasan_kmalloc+0x98/0xb0
[   82.774004][ T6201]  __kmalloc_cache_noprof+0x19c/0x2c0
[   82.779492][ T6201]  jffs2_init_fs_context+0x4f/0xc0
[   82.784638][ T6201]  alloc_fs_context+0x68a/0x800
[   82.789520][ T6201]  do_new_mount+0x160/0xb40
[   82.794061][ T6201]  __se_sys_mount+0x2d6/0x3c0
[   82.798774][ T6201]  do_syscall_64+0xf3/0x230
[   82.803302][ T6201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.809219][ T6201] 
[   82.811559][ T6201] Freed by task 6132:
[   82.815641][ T6201]  kasan_save_track+0x3f/0x80
[   82.820348][ T6201]  kasan_save_free_info+0x40/0x50
[   82.825396][ T6201]  __kasan_slab_free+0x59/0x70
[   82.830283][ T6201]  kfree+0x1a0/0x440
[   82.834200][ T6201]  deactivate_locked_super+0xc4/0x130
[   82.839609][ T6201]  cleanup_mnt+0x41f/0x4b0
[   82.844055][ T6201]  task_work_run+0x24f/0x310
[   82.848667][ T6201]  syscall_exit_to_user_mode+0x168/0x370
[   82.854328][ T6201]  do_syscall_64+0x100/0x230
[   82.858944][ T6201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.864954][ T6201] 
[   82.867289][ T6201] The buggy address belongs to the object at ffff88806a76a000
[   82.867289][ T6201]  which belongs to the cache kmalloc-4k of size 4096
[   82.881535][ T6201] The buggy address is located 304 bytes inside of
[   82.881535][ T6201]  freed 4096-byte region [ffff88806a76a000, ffff88806a76b000)
[   82.895528][ T6201] 
[   82.897864][ T6201] The buggy address belongs to the physical page:
[   82.904299][ T6201] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6a768
[   82.913122][ T6201] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   82.921933][ T6201] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   82.929550][ T6201] page_type: f5(slab)
[   82.933558][ T6201] raw: 00fff00000000040 ffff88801ac42140 dead000000000122 0000000000000000
[   82.942175][ T6201] raw: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[   82.950783][ T6201] head: 00fff00000000040 ffff88801ac42140 dead000000000122 0000000000000000
[   82.959516][ T6201] head: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[   82.968216][ T6201] head: 00fff00000000003 ffffea0001a9da01 ffffffffffffffff 0000000000000000
[   82.976911][ T6201] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   82.985599][ T6201] page dumped because: kasan: bad access detected
[   82.992042][ T6201] page_owner tracks the page as allocated
[   82.997780][ T6201] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6198, tgid 6197 (syz-executor.0), ts 82363444179, free_ts 15846743984
[   83.018911][ T6201]  post_alloc_hook+0x1f3/0x230
[   83.023700][ T6201]  get_page_from_freelist+0x363e/0x3790
[   83.029287][ T6201]  __alloc_pages_noprof+0x292/0x710
[   83.034629][ T6201]  alloc_pages_mpol_noprof+0x3e8/0x680
[   83.040127][ T6201]  alloc_slab_page+0x6a/0x140
[   83.044869][ T6201]  allocate_slab+0x5a/0x2f0
[   83.049425][ T6201]  ___slab_alloc+0xcd1/0x14b0
[   83.054133][ T6201]  __slab_alloc+0x58/0xa0
[   83.058486][ T6201]  __kmalloc_noprof+0x25a/0x400
[   83.063364][ T6201]  tomoyo_realpath_from_path+0xcf/0x5e0
[   83.068937][ T6201]  tomoyo_mount_permission+0x3bc/0xb80
[   83.074426][ T6201]  security_sb_mount+0xe0/0x2f0
[   83.079328][ T6201]  path_mount+0xb9/0xfa0
[   83.083599][ T6201]  __se_sys_mount+0x2d6/0x3c0
[   83.088316][ T6201]  do_syscall_64+0xf3/0x230
[   83.092865][ T6201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.098783][ T6201] page last free pid 1 tgid 1 stack trace:
[   83.104602][ T6201]  free_unref_page+0xcd0/0xf00
[   83.109395][ T6201]  free_contig_range+0x152/0x550
[   83.114363][ T6201]  destroy_args+0x92/0x910
[   83.118829][ T6201]  debug_vm_pgtable+0x4be/0x550
[   83.123704][ T6201]  do_one_initcall+0x248/0x880
[   83.128493][ T6201]  do_initcall_level+0x157/0x210
[   83.133464][ T6201]  do_initcalls+0x3f/0x80
[   83.137828][ T6201]  kernel_init_freeable+0x435/0x5d0
[   83.143095][ T6201]  kernel_init+0x1d/0x2b0
[   83.147547][ T6201]  ret_from_fork+0x4b/0x80
[   83.151996][ T6201]  ret_from_fork_asm+0x1a/0x30
[   83.156791][ T6201] 
[   83.159144][ T6201] Memory state around the buggy address:
[   83.164876][ T6201]  ffff88806a76a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   83.172959][ T6201]  ffff88806a76a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   83.181401][ T6201] >ffff88806a76a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   83.189480][ T6201]                                      ^
[   83.195140][ T6201]  ffff88806a76a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   83.203219][ T6201]  ffff88806a76a200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   83.211303][ T6201] ==================================================================
[   83.225282][ T5142] Bluetooth: hci0: command tx timeout
[   83.231822][ T6201] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   83.239052][ T6201] CPU: 1 UID: 0 PID: 6201 Comm: jffs2_gcd_mtd0 Not tainted 6.12.0-rc7-syzkaller #0
[   83.248348][ T6201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   83.258502][ T6201] Call Trace:
[   83.261781][ T6201]  <TASK>
[   83.264703][ T6201]  dump_stack_lvl+0x241/0x360
[   83.269382][ T6201]  ? __pfx_dump_stack_lvl+0x10/0x10
[   83.274573][ T6201]  ? __pfx__printk+0x10/0x10
[   83.279168][ T6201]  ? preempt_schedule+0xe1/0xf0
[   83.284042][ T6201]  ? vscnprintf+0x5d/0x90
[   83.288379][ T6201]  panic+0x349/0x880
[   83.292282][ T6201]  ? check_panic_on_warn+0x21/0xb0
[   83.297392][ T6201]  ? __pfx_panic+0x10/0x10
[   83.301807][ T6201]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   83.307788][ T6201]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   83.314113][ T6201]  ? print_report+0x502/0x550
[   83.318799][ T6201]  check_panic_on_warn+0x86/0xb0
[   83.323749][ T6201]  ? __mutex_lock+0xfe/0xd70
[   83.328334][ T6201]  end_report+0x77/0x160
[   83.332745][ T6201]  kasan_report+0x154/0x180
[   83.337247][ T6201]  ? __mutex_lock+0xfe/0xd70
[   83.341836][ T6201]  __mutex_lock+0xfe/0xd70
[   83.346358][ T6201]  ? jffs2_garbage_collect_pass+0xae/0x2120
[   83.352332][ T6201]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   83.357705][ T6201]  ? __pfx___mutex_lock+0x10/0x10
[   83.362734][ T6201]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   83.369056][ T6201]  ? _raw_spin_lock_irq+0xdf/0x120
[   83.374163][ T6201]  jffs2_garbage_collect_pass+0xae/0x2120
[   83.379971][ T6201]  ? lockdep_hardirqs_on+0x99/0x150
[   83.385338][ T6201]  ? _raw_spin_unlock_irq+0x2e/0x50
[   83.390648][ T6201]  ? __set_current_blocked+0x310/0x380
[   83.396205][ T6201]  ? __pfx___set_current_blocked+0x10/0x10
[   83.402107][ T6201]  ? schedule+0x90/0x320
[   83.406356][ T6201]  ? schedule+0x155/0x320
[   83.410676][ T6201]  ? __pfx_jffs2_garbage_collect_pass+0x10/0x10
[   83.416996][ T6201]  ? schedule_timeout+0x21a/0x310
[   83.422026][ T6201]  ? sigprocmask+0x228/0x280
[   83.426700][ T6201]  ? __pfx_sigprocmask+0x10/0x10
[   83.431730][ T6201]  ? do_raw_spin_unlock+0x13c/0x8b0
[   83.437016][ T6201]  jffs2_garbage_collect_thread+0x64b/0x6e0
[   83.442915][ T6201]  ? __pfx_jffs2_garbage_collect_thread+0x10/0x10
[   83.449335][ T6201]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   83.455238][ T6201]  ? __kthread_parkme+0x169/0x1d0
[   83.460261][ T6201]  ? __pfx_jffs2_garbage_collect_thread+0x10/0x10
[   83.466735][ T6201]  kthread+0x2f0/0x390
[   83.470804][ T6201]  ? __pfx_jffs2_garbage_collect_thread+0x10/0x10
[   83.477330][ T6201]  ? __pfx_kthread+0x10/0x10
[   83.481919][ T6201]  ret_from_fork+0x4b/0x80
[   83.486405][ T6201]  ? __pfx_kthread+0x10/0x10
[   83.491001][ T6201]  ret_from_fork_asm+0x1a/0x30
[   83.495771][ T6201]  </TASK>
[   83.499085][ T6201] Kernel Offset: disabled
[   83.503421][ T6201] Rebooting in 86400 seconds..