[   76.028683][  T920] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.243' (ED25519) to the list of known hosts.
2023/11/07 11:56:10 ignoring optional flag "sandboxArg"="0"
2023/11/07 11:56:10 parsed 1 programs
2023/11/07 11:56:10 executed programs: 0
[   77.243606][ T4460] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.252121][ T4460] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.259659][ T4460] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.267927][ T4460] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.275513][ T4460] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.282916][ T4460] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.395949][ T5417] chnl_net:caif_netlink_parms(): no params data found
[   77.447381][ T5417] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.454494][ T5417] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.461642][ T5417] bridge_slave_0: entered allmulticast mode
[   77.469260][ T5417] bridge_slave_0: entered promiscuous mode
[   77.476793][ T5417] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.483974][ T5417] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.491157][ T5417] bridge_slave_1: entered allmulticast mode
[   77.498400][ T5417] bridge_slave_1: entered promiscuous mode
[   77.522370][ T5417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.533538][ T5417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.560917][ T5417] team0: Port device team_slave_0 added
[   77.569059][ T5417] team0: Port device team_slave_1 added
[   77.590379][ T5417] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.597429][ T5417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.623411][ T5417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.635586][ T5417] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.642564][ T5417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.668510][ T5417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.704048][ T5417] hsr_slave_0: entered promiscuous mode
[   77.710351][ T5417] hsr_slave_1: entered promiscuous mode
[   78.588681][ T5417] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   78.601180][ T5417] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   78.613944][ T5417] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   78.626387][ T5417] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   78.731495][ T5417] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.752975][ T5417] 8021q: adding VLAN 0 to HW filter on device team0
[   78.772816][ T5075] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.779979][ T5075] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.801155][ T5075] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.808315][ T5075] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.852812][ T5417] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   79.005919][ T5417] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.059817][ T5417] veth0_vlan: entered promiscuous mode
[   79.073221][ T5417] veth1_vlan: entered promiscuous mode
[   79.110185][ T5417] veth0_macvtap: entered promiscuous mode
[   79.125347][ T5417] veth1_macvtap: entered promiscuous mode
[   79.151856][ T5417] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.169480][ T5417] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.185727][ T5417] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.196214][ T5417] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.206277][ T5417] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.216205][ T5417] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.293380][ T2789] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.307940][   T50] Bluetooth: hci0: command 0x0409 tx timeout
[   79.316855][ T2789] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.351822][ T2789] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.363466][ T2789] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.449886][ T5494] loop0: detected capacity change from 0 to 1024
[   79.510184][ T5494] hfsplus: request for non-existent node 184549376 in B*Tree
[   79.528365][ T5494] hfsplus: request for non-existent node 184549376 in B*Tree
[   79.536553][ T5494] ==================================================================
[   79.544629][ T5494] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x232/0x250
[   79.552543][ T5494] Read of size 8 at addr ffff88801ec9dcc0 by task syz-executor.0/5494
[   79.560708][ T5494] 
[   79.563036][ T5494] CPU: 1 PID: 5494 Comm: syz-executor.0 Not tainted 6.6.0-syzkaller-15029-gbe3ca57cfb77 #0
[   79.573052][ T5494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   79.583124][ T5494] Call Trace:
[   79.586409][ T5494]  <TASK>
[   79.589342][ T5494]  dump_stack_lvl+0xd9/0x1b0
[   79.593957][ T5494]  print_report+0xc4/0x620
[   79.598400][ T5494]  ? __virt_addr_valid+0x5e/0x2d0
[   79.603436][ T5494]  ? __phys_addr+0xc6/0x140
[   79.607950][ T5494]  kasan_report+0xda/0x110
[   79.612375][ T5494]  ? hfsplus_bnode_read+0x232/0x250
[   79.617590][ T5494]  ? hfsplus_bnode_read+0x232/0x250
[   79.622834][ T5494]  hfsplus_bnode_read+0x232/0x250
[   79.627869][ T5494]  hfsplus_bnode_dump+0x2a2/0x3d0
[   79.632904][ T5494]  ? hfsplus_bnode_move+0x910/0x910
[   79.638117][ T5494]  ? hfsplus_bnode_write_u16+0x84/0xb0
[   79.643588][ T5494]  ? hfsplus_bnode_move+0x2a/0x910
[   79.648707][ T5494]  ? rcu_sync_func+0xc0/0x190
[   79.653401][ T5494]  ? __mark_inode_dirty+0x297/0xd50
[   79.658625][ T5494]  hfsplus_brec_remove+0x3de/0x4f0
[   79.663765][ T5494]  __hfsplus_delete_attr+0x29e/0x3b0
[   79.669072][ T5494]  ? hfsplus_find_exit+0xc0/0xc0
[   79.674018][ T5494]  ? hfsplus_part_find+0xbb0/0xbb0
[   79.679140][ T5494]  hfsplus_delete_all_attrs+0x26d/0x330
[   79.684702][ T5494]  ? do_raw_spin_lock+0x12e/0x2b0
[   79.689754][ T5494]  ? hfsplus_delete_attr+0x300/0x300
[   79.695059][ T5494]  ? spin_bug+0x1d0/0x1d0
[   79.699404][ T5494]  ? rcu_is_watching+0x12/0xb0
[   79.704172][ T5494]  ? __mark_inode_dirty+0x599/0xd50
[   79.709382][ T5494]  hfsplus_delete_cat+0x83b/0xdd0
[   79.714417][ T5494]  ? trace_contention_end+0xd6/0x100
[   79.719714][ T5494]  ? hfsplus_create_cat+0x10d0/0x10d0
[   79.725124][ T5494]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   79.731127][ T5494]  hfsplus_unlink+0x213/0x7f0
[   79.735817][ T5494]  ? hfsplus_symlink+0x2b0/0x2b0
[   79.740773][ T5494]  ? rwsem_down_write_slowpath+0x12a0/0x12a0
[   79.746774][ T5494]  vfs_unlink+0x2f1/0x900
[   79.751110][ T5494]  ? bpf_lsm_path_unlink+0x9/0x10
[   79.756155][ T5494]  do_unlinkat+0x5bc/0x740
[   79.760584][ T5494]  ? __ia32_sys_rmdir+0x110/0x110
[   79.765620][ T5494]  ? __check_object_size+0x323/0x730
[   79.770949][ T5494]  ? getname_flags.part.0+0x1e2/0x4e0
[   79.776330][ T5494]  __x64_sys_unlink+0xc8/0x110
[   79.781108][ T5494]  do_syscall_64+0x3f/0x110
[   79.785625][ T5494]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   79.791527][ T5494] RIP: 0033:0x7f817367c859
[   79.795947][ T5494] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   79.815566][ T5494] RSP: 002b:00007f81744140c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   79.823978][ T5494] RAX: ffffffffffffffda RBX: 00007f817379bf80 RCX: 00007f817367c859
[   79.831950][ T5494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140
[   79.839925][ T5494] RBP: 00007f81736d8ad0 R08: 0000000000000000 R09: 0000000000000000
[   79.847895][ T5494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   79.855868][ T5494] R13: 000000000000000b R14: 00007f817379bf80 R15: 00007ffe57340038
[   79.863847][ T5494]  </TASK>
[   79.866874][ T5494] 
[   79.869198][ T5494] Allocated by task 5494:
[   79.873521][ T5494]  kasan_save_stack+0x33/0x50
[   79.878209][ T5494]  kasan_set_track+0x25/0x30
[   79.882822][ T5494]  __kasan_kmalloc+0xa2/0xb0
[   79.887420][ T5494]  __kmalloc+0x60/0x100
[   79.891592][ T5494]  __hfs_bnode_create+0x108/0x860
[   79.896637][ T5494]  hfsplus_bnode_find+0x2c4/0xcb0
[   79.901667][ T5494]  hfsplus_brec_find+0x2b9/0x520
[   79.906608][ T5494]  hfsplus_delete_all_attrs+0x246/0x330
[   79.912160][ T5494]  hfsplus_delete_cat+0x83b/0xdd0
[   79.917187][ T5494]  hfsplus_unlink+0x213/0x7f0
[   79.921870][ T5494]  vfs_unlink+0x2f1/0x900
[   79.926200][ T5494]  do_unlinkat+0x5bc/0x740
[   79.930654][ T5494]  __x64_sys_unlink+0xc8/0x110
[   79.935426][ T5494]  do_syscall_64+0x3f/0x110
[   79.939945][ T5494]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   79.945857][ T5494] 
[   79.948175][ T5494] Last potentially related work creation:
[   79.953891][ T5494]  kasan_save_stack+0x33/0x50
[   79.958574][ T5494]  __kasan_record_aux_stack+0xbc/0xd0
[   79.963950][ T5494]  insert_work+0x38/0x230
[   79.968283][ T5494]  __queue_work+0x5d0/0x1050
[   79.972875][ T5494]  queue_work_on+0xed/0x110
[   79.977383][ T5494]  addr_event.constprop.0+0x391/0x560
[   79.982766][ T5494]  inet6addr_event+0x113/0x180
[   79.987537][ T5494]  notifier_call_chain+0xb6/0x3b0
[   79.992583][ T5494]  atomic_notifier_call_chain+0x71/0x1b0
[   79.998230][ T5494]  ipv6_add_addr+0x1400/0x2040
[   80.003006][ T5494]  inet6_addr_add+0x3bb/0xbe0
[   80.007690][ T5494]  inet6_rtm_newaddr+0x11da/0x1aa0
[   80.012830][ T5494]  rtnetlink_rcv_msg+0x3c7/0xe00
[   80.017795][ T5494]  netlink_rcv_skb+0x16b/0x440
[   80.022557][ T5494]  netlink_unicast+0x53b/0x810
[   80.027325][ T5494]  netlink_sendmsg+0x93c/0xe40
[   80.032095][ T5494]  __sock_sendmsg+0xd5/0x180
[   80.036692][ T5494]  __sys_sendto+0x255/0x340
[   80.041217][ T5494]  __x64_sys_sendto+0xe0/0x1b0
[   80.046005][ T5494]  do_syscall_64+0x3f/0x110
[   80.050515][ T5494]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   80.056416][ T5494] 
[   80.058754][ T5494] The buggy address belongs to the object at ffff88801ec9dc00
[   80.058754][ T5494]  which belongs to the cache kmalloc-192 of size 192
[   80.072823][ T5494] The buggy address is located 40 bytes to the right of
[   80.072823][ T5494]  allocated 152-byte region [ffff88801ec9dc00, ffff88801ec9dc98)
[   80.087412][ T5494] 
[   80.089742][ T5494] The buggy address belongs to the physical page:
[   80.096146][ T5494] page:ffffea00007b2740 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ec9d
[   80.106300][ T5494] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[   80.113848][ T5494] page_type: 0xffffffff()
[   80.118186][ T5494] raw: 00fff00000000800 ffff888013041a00 dead000000000100 dead000000000122
[   80.126774][ T5494] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   80.135360][ T5494] page dumped because: kasan: bad access detected
[   80.141767][ T5494] page_owner tracks the page as allocated
[   80.147481][ T5494] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, tgid 1 (swapper/0), ts 7312439225, free_ts 7208024345
[   80.164849][ T5494]  post_alloc_hook+0x2cf/0x340
[   80.169627][ T5494]  get_page_from_freelist+0xa25/0x36c0
[   80.175101][ T5494]  __alloc_pages+0x1d0/0x4a0
[   80.179709][ T5494]  alloc_pages_mpol+0x258/0x5f0
[   80.184569][ T5494]  allocate_slab+0x251/0x380
[   80.189164][ T5494]  ___slab_alloc+0x8c7/0x1580
[   80.193847][ T5494]  __slab_alloc.constprop.0+0x56/0xa0
[   80.199231][ T5494]  __kmem_cache_alloc_node+0x131/0x310
[   80.204704][ T5494]  kmalloc_trace+0x25/0xe0
[   80.209132][ T5494]  call_usermodehelper_setup+0x9a/0x340
[   80.214681][ T5494]  kobject_uevent_env+0x1678/0x1800
[   80.219894][ T5494]  driver_bound+0x177/0x2c0
[   80.224399][ T5494]  really_probe+0x67e/0xc90
[   80.228909][ T5494]  __driver_probe_device+0x1de/0x4b0
[   80.234207][ T5494]  driver_probe_device+0x4c/0x1a0
[   80.239235][ T5494]  __device_attach_driver+0x1d4/0x300
[   80.244612][ T5494] page last free stack trace:
[   80.249273][ T5494]  free_unref_page_prepare+0x4f8/0xa90
[   80.254741][ T5494]  free_unref_page+0x33/0x3b0
[   80.259427][ T5494]  vfree+0x3fb/0xe40
[   80.263322][ T5494]  delayed_vfree_work+0x56/0x70
[   80.268177][ T5494]  process_one_work+0x884/0x15c0
[   80.273127][ T5494]  worker_thread+0x8b9/0x1290
[   80.277812][ T5494]  kthread+0x33c/0x440
[   80.281891][ T5494]  ret_from_fork+0x45/0x80
[   80.286317][ T5494]  ret_from_fork_asm+0x11/0x20
[   80.291098][ T5494] 
[   80.293419][ T5494] Memory state around the buggy address:
[   80.299043][ T5494]  ffff88801ec9db80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.307098][ T5494]  ffff88801ec9dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.315157][ T5494] >ffff88801ec9dc80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.323209][ T5494]                                            ^
[   80.329351][ T5494]  ffff88801ec9dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.337412][ T5494]  ffff88801ec9dd80: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc
[   80.345465][ T5494] ==================================================================
[   80.408199][ T5494] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   80.415425][ T5494] CPU: 1 PID: 5494 Comm: syz-executor.0 Not tainted 6.6.0-syzkaller-15029-gbe3ca57cfb77 #0
[   80.425407][ T5494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   80.435460][ T5494] Call Trace:
[   80.438748][ T5494]  <TASK>
[   80.441679][ T5494]  dump_stack_lvl+0xd9/0x1b0
[   80.446280][ T5494]  panic+0x6dc/0x790
[   80.450182][ T5494]  ? panic_smp_self_stop+0xa0/0xa0
[   80.455300][ T5494]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   80.461471][ T5494]  ? preempt_schedule_thunk+0x1a/0x30
[   80.466861][ T5494]  ? preempt_schedule_common+0x45/0xc0
[   80.472336][ T5494]  ? check_panic_on_warn+0x1f/0xb0
[   80.477467][ T5494]  check_panic_on_warn+0xab/0xb0
[   80.482420][ T5494]  end_report+0x108/0x150
[   80.486775][ T5494]  kasan_report+0xea/0x110
[   80.491198][ T5494]  ? hfsplus_bnode_read+0x232/0x250
[   80.496406][ T5494]  ? hfsplus_bnode_read+0x232/0x250
[   80.501636][ T5494]  hfsplus_bnode_read+0x232/0x250
[   80.506678][ T5494]  hfsplus_bnode_dump+0x2a2/0x3d0
[   80.511729][ T5494]  ? hfsplus_bnode_move+0x910/0x910
[   80.516952][ T5494]  ? hfsplus_bnode_write_u16+0x84/0xb0
[   80.522424][ T5494]  ? hfsplus_bnode_move+0x2a/0x910
[   80.527549][ T5494]  ? rcu_sync_func+0xc0/0x190
[   80.532253][ T5494]  ? __mark_inode_dirty+0x297/0xd50
[   80.537477][ T5494]  hfsplus_brec_remove+0x3de/0x4f0
[   80.542607][ T5494]  __hfsplus_delete_attr+0x29e/0x3b0
[   80.547911][ T5494]  ? hfsplus_find_exit+0xc0/0xc0
[   80.552875][ T5494]  ? hfsplus_part_find+0xbb0/0xbb0
[   80.558011][ T5494]  hfsplus_delete_all_attrs+0x26d/0x330
[   80.563572][ T5494]  ? do_raw_spin_lock+0x12e/0x2b0
[   80.568620][ T5494]  ? hfsplus_delete_attr+0x300/0x300
[   80.573922][ T5494]  ? spin_bug+0x1d0/0x1d0
[   80.578272][ T5494]  ? rcu_is_watching+0x12/0xb0
[   80.583044][ T5494]  ? __mark_inode_dirty+0x599/0xd50
[   80.588256][ T5494]  hfsplus_delete_cat+0x83b/0xdd0
[   80.593309][ T5494]  ? trace_contention_end+0xd6/0x100
[   80.598609][ T5494]  ? hfsplus_create_cat+0x10d0/0x10d0
[   80.603992][ T5494]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   80.609996][ T5494]  hfsplus_unlink+0x213/0x7f0
[   80.614691][ T5494]  ? hfsplus_symlink+0x2b0/0x2b0
[   80.619657][ T5494]  ? rwsem_down_write_slowpath+0x12a0/0x12a0
[   80.625655][ T5494]  vfs_unlink+0x2f1/0x900
[   80.629992][ T5494]  ? bpf_lsm_path_unlink+0x9/0x10
[   80.635028][ T5494]  do_unlinkat+0x5bc/0x740
[   80.639450][ T5494]  ? __ia32_sys_rmdir+0x110/0x110
[   80.644480][ T5494]  ? __check_object_size+0x323/0x730
[   80.649780][ T5494]  ? getname_flags.part.0+0x1e2/0x4e0
[   80.655164][ T5494]  __x64_sys_unlink+0xc8/0x110
[   80.659952][ T5494]  do_syscall_64+0x3f/0x110
[   80.664470][ T5494]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   80.670392][ T5494] RIP: 0033:0x7f817367c859
[   80.674807][ T5494] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   80.694419][ T5494] RSP: 002b:00007f81744140c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   80.702840][ T5494] RAX: ffffffffffffffda RBX: 00007f817379bf80 RCX: 00007f817367c859
[   80.710813][ T5494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140
[   80.718790][ T5494] RBP: 00007f81736d8ad0 R08: 0000000000000000 R09: 0000000000000000
[   80.726771][ T5494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   80.734753][ T5494] R13: 000000000000000b R14: 00007f817379bf80 R15: 00007ffe57340038
[   80.742739][ T5494]  </TASK>
[   80.745995][ T5494] Kernel Offset: disabled
[   80.750299][ T5494] Rebooting in 86400 seconds..