[   66.765500][ T2396] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.775486][ T2396] batman_adv: batadv0: Removing interface: batadv_slave_0
[   66.785977][ T2396] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.793832][ T2396] batman_adv: batadv0: Removing interface: batadv_slave_1
[   66.807536][ T2396] veth1_macvtap: left promiscuous mode
[   66.813946][ T2396] veth0_macvtap: left promiscuous mode
[   66.819763][ T2396] veth1_vlan: left promiscuous mode
[   66.825349][ T2396] veth0_vlan: left promiscuous mode
[   67.021937][ T2396] team0 (unregistering): Port device team_slave_1 removed
[   67.036210][ T2396] team0 (unregistering): Port device team_slave_0 removed
[   82.131140][  T782] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.177' (ED25519) to the list of known hosts.
2024/05/17 01:03:55 ignoring optional flag "sandboxArg"="0"
2024/05/17 01:03:55 parsed 1 programs
2024/05/17 01:03:57 executed programs: 0
[   88.298301][ T5420] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   88.350602][ T4470] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   88.358824][ T4470] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   88.367223][ T4470] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   88.375408][ T4470] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   88.383695][ T4470] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   88.391224][ T4470] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.507964][ T5426] chnl_net:caif_netlink_parms(): no params data found
[   88.565135][ T5426] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.572403][ T5426] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.580050][ T5426] bridge_slave_0: entered allmulticast mode
[   88.587249][ T5426] bridge_slave_0: entered promiscuous mode
[   88.597191][ T5426] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.605097][ T5426] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.612408][ T5426] bridge_slave_1: entered allmulticast mode
[   88.619323][ T5426] bridge_slave_1: entered promiscuous mode
[   88.643041][ T5426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.655169][ T5426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.682213][ T5426] team0: Port device team_slave_0 added
[   88.692631][ T5426] team0: Port device team_slave_1 added
[   88.715597][ T5426] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.722650][ T5426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.748961][ T5426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.761081][ T5426] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.768054][ T5426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.794178][ T5426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.829423][ T5426] hsr_slave_0: entered promiscuous mode
[   88.835687][ T5426] hsr_slave_1: entered promiscuous mode
[   89.445123][ T5426] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.456436][ T5426] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   89.468806][ T5426] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   89.484864][ T5426] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   89.618862][ T5426] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.646643][ T5426] 8021q: adding VLAN 0 to HW filter on device team0
[   89.664539][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.671831][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.704282][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.711597][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.924717][ T5426] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.981280][ T5426] veth0_vlan: entered promiscuous mode
[   89.996980][ T5426] veth1_vlan: entered promiscuous mode
[   90.041696][ T5426] veth0_macvtap: entered promiscuous mode
[   90.052993][ T5426] veth1_macvtap: entered promiscuous mode
[   90.073445][ T5426] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.092562][ T5426] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.107238][ T5426] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.117247][ T5426] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.126698][ T5426] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.135979][ T5426] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.222193][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.243838][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.280322][   T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.288208][   T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.450442][ T4470] Bluetooth: hci0: command tx timeout
[   90.718863][ T5494] loop0: detected capacity change from 0 to 32768
[   90.790116][ T5494] sp ms: 103, dp ms: 2, diWrite
[   90.798132][ T5494] sp ms: 103, dp ms: 103, diWrite
[   90.805063][ T5494] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 0
[   90.805063][ T5494] 
[   90.818544][ T5494] ERROR: (device loop0): remounting filesystem as read-only
[   91.632573][ T5535] loop0: detected capacity change from 0 to 32768
[   91.672447][ T5535] sp ms: 103, dp ms: 2, diWrite
[   91.684313][ T5535] ==================================================================
[   91.692420][ T5535] BUG: KASAN: slab-out-of-bounds in jfs_readdir+0x1b79/0x4660
[   91.699916][ T5535] Read of size 1 at addr ffff8880112dfdd5 by task syz-executor.0/5535
[   91.708097][ T5535] 
[   91.710441][ T5535] CPU: 1 PID: 5535 Comm: syz-executor.0 Not tainted 6.9.0-rc5-syzkaller-dirty #0
[   91.719557][ T5535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   91.729606][ T5535] Call Trace:
[   91.732873][ T5535]  <TASK>
[   91.735878][ T5535]  dump_stack_lvl+0x241/0x360
[   91.740572][ T5535]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.745791][ T5535]  ? __pfx__printk+0x10/0x10
[   91.750374][ T5535]  ? _printk+0xd5/0x120
[   91.754521][ T5535]  ? __virt_addr_valid+0x183/0x520
[   91.759629][ T5535]  ? __virt_addr_valid+0x183/0x520
[   91.764756][ T5535]  print_report+0x169/0x550
[   91.769253][ T5535]  ? __virt_addr_valid+0x183/0x520
[   91.774354][ T5535]  ? __virt_addr_valid+0x183/0x520
[   91.779553][ T5535]  ? __virt_addr_valid+0x44e/0x520
[   91.784664][ T5535]  ? __phys_addr+0xba/0x170
[   91.789166][ T5535]  ? jfs_readdir+0x1b79/0x4660
[   91.793927][ T5535]  kasan_report+0x143/0x180
[   91.798425][ T5535]  ? jfs_readdir+0x1b79/0x4660
[   91.803297][ T5535]  jfs_readdir+0x1b79/0x4660
[   91.807985][ T5535]  ? __pfx_jfs_readdir+0x10/0x10
[   91.812932][ T5535]  ? __pfx___down_write_common+0x10/0x10
[   91.818732][ T5535]  ? __pfx___mutex_lock+0x10/0x10
[   91.824105][ T5535]  ? __pfx_jfs_readdir+0x10/0x10
[   91.829036][ T5535]  wrap_directory_iterator+0x94/0xe0
[   91.834316][ T5535]  iterate_dir+0x539/0x6f0
[   91.838895][ T5535]  __se_sys_getdents64+0x20d/0x4f0
[   91.844005][ T5535]  ? __pfx___se_sys_getdents64+0x10/0x10
[   91.849641][ T5535]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   91.855703][ T5535]  ? __pfx_filldir64+0x10/0x10
[   91.860587][ T5535]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   91.866905][ T5535]  ? do_syscall_64+0x102/0x240
[   91.871665][ T5535]  ? do_syscall_64+0xb6/0x240
[   91.876332][ T5535]  do_syscall_64+0xf5/0x240
[   91.880846][ T5535]  ? clear_bhb_loop+0x35/0x90
[   91.885540][ T5535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.891439][ T5535] RIP: 0033:0x7f447227dea9
[   91.895847][ T5535] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   91.915444][ T5535] RSP: 002b:00007f4472f0a0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   91.923946][ T5535] RAX: ffffffffffffffda RBX: 00007f44723abf80 RCX: 00007f447227dea9
[   91.931909][ T5535] RDX: 000000000000005d RSI: 00000000200002c0 RDI: 0000000000000005
[   91.939899][ T5535] RBP: 00007f44722ca4a4 R08: 0000000000000000 R09: 0000000000000000
[   91.947881][ T5535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.955859][ T5535] R13: 000000000000000b R14: 00007f44723abf80 R15: 00007ffff75dcee8
[   91.963836][ T5535]  </TASK>
[   91.966844][ T5535] 
[   91.969156][ T5535] Allocated by task 5535:
[   91.973486][ T5535]  kasan_save_track+0x3f/0x80
[   91.978156][ T5535]  __kasan_slab_alloc+0x66/0x80
[   91.983084][ T5535]  kmem_cache_alloc_lru+0x178/0x350
[   91.988276][ T5535]  jfs_alloc_inode+0x28/0x70
[   91.992852][ T5535]  iget_locked+0x1ad/0x850
[   91.997259][ T5535]  jfs_iget+0x22/0x3b0
[   92.001314][ T5535]  jfs_fill_super+0x808/0xc50
[   92.005980][ T5535]  mount_bdev+0x20a/0x2d0
[   92.010297][ T5535]  legacy_get_tree+0xee/0x190
[   92.014966][ T5535]  vfs_get_tree+0x90/0x2a0
[   92.019475][ T5535]  do_new_mount+0x2be/0xb40
[   92.023976][ T5535]  __se_sys_mount+0x2d9/0x3c0
[   92.028669][ T5535]  do_syscall_64+0xf5/0x240
[   92.033172][ T5535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.039060][ T5535] 
[   92.041373][ T5535] The buggy address belongs to the object at ffff8880112def00
[   92.041373][ T5535]  which belongs to the cache jfs_ip of size 2240
[   92.055414][ T5535] The buggy address is located 1557 bytes to the right of
[   92.055414][ T5535]  allocated 2240-byte region [ffff8880112def00, ffff8880112df7c0)
[   92.070258][ T5535] 
[   92.072691][ T5535] The buggy address belongs to the physical page:
[   92.079104][ T5535] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112d8
[   92.087863][ T5535] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   92.095397][ T5535] memcg:ffff888015bb6d01
[   92.099620][ T5535] flags: 0xfff80000000840(slab|head|node=0|zone=1|lastcpupid=0xfff)
[   92.107610][ T5535] page_type: 0xffffffff()
[   92.112632][ T5535] raw: 00fff80000000840 ffff888015be6dc0 dead000000000122 0000000000000000
[   92.121294][ T5535] raw: 0000000000000000 00000000000d000d 00000001ffffffff ffff888015bb6d01
[   92.129882][ T5535] head: 00fff80000000840 ffff888015be6dc0 dead000000000122 0000000000000000
[   92.138667][ T5535] head: 0000000000000000 00000000000d000d 00000001ffffffff ffff888015bb6d01
[   92.147448][ T5535] head: 00fff80000000003 ffffea000044b601 dead000000000122 00000000ffffffff
[   92.156112][ T5535] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000
[   92.164804][ T5535] page dumped because: kasan: bad access detected
[   92.171207][ T5535] page_owner tracks the page as allocated
[   92.176908][ T5535] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5492, tgid 556946219 (syz-executor.0), ts 5494, free_ts 89804801893
[   92.200864][ T5535]  post_alloc_hook+0x1ea/0x210
[   92.205625][ T5535]  get_page_from_freelist+0x3410/0x35b0
[   92.211248][ T5535]  __alloc_pages+0x256/0x6c0
[   92.215830][ T5535]  alloc_slab_page+0x5f/0x160
[   92.220512][ T5535]  new_slab+0x84/0x2f0
[   92.224590][ T5535]  ___slab_alloc+0xc73/0x1260
[   92.229341][ T5535]  kmem_cache_alloc_lru+0x253/0x350
[   92.234530][ T5535]  jfs_alloc_inode+0x28/0x70
[   92.239470][ T5535]  new_inode_pseudo+0x69/0x1e0
[   92.244243][ T5535]  new_inode+0x22/0x1d0
[   92.248405][ T5535]  jfs_fill_super+0x408/0xc50
[   92.253120][ T5535]  mount_bdev+0x20a/0x2d0
[   92.257464][ T5535]  legacy_get_tree+0xee/0x190
[   92.262146][ T5535]  vfs_get_tree+0x90/0x2a0
[   92.266584][ T5535]  do_new_mount+0x2be/0xb40
[   92.271080][ T5535]  __se_sys_mount+0x2d9/0x3c0
[   92.275745][ T5535] page last free pid 5473 tgid 5473 stack trace:
[   92.282065][ T5535]  free_unref_page_prepare+0x97b/0xaa0
[   92.287531][ T5535]  free_unref_page+0x37/0x3f0
[   92.292203][ T5535]  __put_partials+0xeb/0x130
[   92.296777][ T5535]  put_cpu_partial+0x17c/0x250
[   92.301527][ T5535]  __slab_free+0x2ea/0x3d0
[   92.306018][ T5535]  qlist_free_all+0x5e/0xc0
[   92.310511][ T5535]  kasan_quarantine_reduce+0x14f/0x170
[   92.315956][ T5535]  __kasan_slab_alloc+0x23/0x80
[   92.320794][ T5535]  kmem_cache_alloc+0x174/0x340
[   92.325643][ T5535]  getname_flags+0xbd/0x4f0
[   92.330136][ T5535]  do_sys_openat2+0xd2/0x1d0
[   92.334729][ T5535]  __x64_sys_openat+0x247/0x2a0
[   92.339566][ T5535]  do_syscall_64+0xf5/0x240
[   92.344065][ T5535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.349962][ T5535] 
[   92.352370][ T5535] Memory state around the buggy address:
[   92.357988][ T5535]  ffff8880112dfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   92.366205][ T5535]  ffff8880112dfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   92.374250][ T5535] >ffff8880112dfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   92.382309][ T5535]                                                  ^
[   92.388966][ T5535]  ffff8880112dfe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   92.397009][ T5535]  ffff8880112dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   92.405145][ T5535] ==================================================================
[   92.455669][ T5535] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   92.462998][ T5535] CPU: 1 PID: 5535 Comm: syz-executor.0 Not tainted 6.9.0-rc5-syzkaller-dirty #0
[   92.472127][ T5535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   92.482199][ T5535] Call Trace:
[   92.485496][ T5535]  <TASK>
[   92.488535][ T5535]  dump_stack_lvl+0x241/0x360
[   92.493253][ T5535]  ? __pfx_dump_stack_lvl+0x10/0x10
[   92.498476][ T5535]  ? __pfx__printk+0x10/0x10
[   92.503265][ T5535]  ? preempt_schedule+0xe1/0xf0
[   92.508143][ T5535]  ? vscnprintf+0x5d/0x90
[   92.512492][ T5535]  panic+0x349/0x860
[   92.516419][ T5535]  ? check_panic_on_warn+0x21/0xb0
[   92.521558][ T5535]  ? __pfx_panic+0x10/0x10
[   92.526004][ T5535]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   92.532013][ T5535]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   92.538383][ T5535]  ? print_report+0x502/0x550
[   92.543088][ T5535]  check_panic_on_warn+0x86/0xb0
[   92.548136][ T5535]  ? jfs_readdir+0x1b79/0x4660
[   92.552916][ T5535]  end_report+0x77/0x160
[   92.557176][ T5535]  kasan_report+0x154/0x180
[   92.561713][ T5535]  ? jfs_readdir+0x1b79/0x4660
[   92.566504][ T5535]  jfs_readdir+0x1b79/0x4660
[   92.571122][ T5535]  ? __pfx_jfs_readdir+0x10/0x10
[   92.576179][ T5535]  ? __pfx___down_write_common+0x10/0x10
[   92.581835][ T5535]  ? __pfx___mutex_lock+0x10/0x10
[   92.586968][ T5535]  ? __pfx_jfs_readdir+0x10/0x10
[   92.592020][ T5535]  wrap_directory_iterator+0x94/0xe0
[   92.598202][ T5535]  iterate_dir+0x539/0x6f0
[   92.602733][ T5535]  __se_sys_getdents64+0x20d/0x4f0
[   92.607980][ T5535]  ? __pfx___se_sys_getdents64+0x10/0x10
[   92.613633][ T5535]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   92.619636][ T5535]  ? __pfx_filldir64+0x10/0x10
[   92.624422][ T5535]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   92.630892][ T5535]  ? do_syscall_64+0x102/0x240
[   92.635767][ T5535]  ? do_syscall_64+0xb6/0x240
[   92.640474][ T5535]  do_syscall_64+0xf5/0x240
[   92.645013][ T5535]  ? clear_bhb_loop+0x35/0x90
[   92.649714][ T5535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.655637][ T5535] RIP: 0033:0x7f447227dea9
[   92.660077][ T5535] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   92.679879][ T5535] RSP: 002b:00007f4472f0a0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   92.688418][ T5535] RAX: ffffffffffffffda RBX: 00007f44723abf80 RCX: 00007f447227dea9
[   92.696416][ T5535] RDX: 000000000000005d RSI: 00000000200002c0 RDI: 0000000000000005
[   92.704415][ T5535] RBP: 00007f44722ca4a4 R08: 0000000000000000 R09: 0000000000000000
[   92.712406][ T5535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.720400][ T5535] R13: 000000000000000b R14: 00007f44723abf80 R15: 00007ffff75dcee8
[   92.728489][ T5535]  </TASK>
[   92.731942][ T5535] Kernel Offset: disabled
[   92.736343][ T5535] Rebooting in 86400 seconds..