no interfaces have a carrier
[ 35.024863][ T3932] 8021q: adding VLAN 0 to HW filter on device bond0
[ 35.035865][ T3932] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.208' (ED25519) to the list of known hosts.
2025/10/30 16:02:26 parsed 1 programs
syzkaller login: [ 59.235765][ T4271] cgroup: Unknown subsys name 'net'
[ 59.369219][ T4271] cgroup: Unknown subsys name 'rlimit'
[ 60.584245][ T4271] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 61.807369][ T4281] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 61.815217][ T4281] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 61.822811][ T4281] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 61.831194][ T4281] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 61.838879][ T4281] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 61.846801][ T4281] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 62.442880][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 62.457163][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 62.473076][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 62.486007][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 62.494001][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 62.502348][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 64.259610][ T4338] chnl_net:caif_netlink_parms(): no params data found
[ 64.299517][ T4338] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.307392][ T4338] bridge0: port 1(bridge_slave_0) entered disabled state
[ 64.315379][ T4338] device bridge_slave_0 entered promiscuous mode
[ 64.324261][ T4338] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.331538][ T4338] bridge0: port 2(bridge_slave_1) entered disabled state
[ 64.339634][ T4338] device bridge_slave_1 entered promiscuous mode
[ 64.369273][ T4338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 64.379893][ T4338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 64.400738][ T4338] team0: Port device team_slave_0 added
[ 64.418486][ T4338] team0: Port device team_slave_1 added
[ 64.434839][ T4338] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 64.441798][ T4338] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 64.467777][ T4338] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 64.481054][ T4338] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 64.488236][ T4338] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 64.514477][ T4338] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 64.549931][ T4338] device hsr_slave_0 entered promiscuous mode
[ 64.556887][ T4338] device hsr_slave_1 entered promiscuous mode
[ 64.667583][ T4338] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 64.677102][ T4338] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 64.687256][ T4338] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 64.696141][ T4338] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 64.769102][ T4338] 8021q: adding VLAN 0 to HW filter on device bond0
[ 64.781019][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 64.790652][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 64.807276][ T4338] 8021q: adding VLAN 0 to HW filter on device team0
[ 64.816371][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 64.826007][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 64.836186][ T70] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.843520][ T70] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 64.852614][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 64.871055][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 64.879707][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.888491][ T70] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.895626][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 64.915807][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 64.928200][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 64.939379][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 64.948496][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 64.957245][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 64.971825][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 64.981221][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 64.998542][ T4338] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 65.009881][ T4338] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 65.021269][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 65.031199][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 65.040491][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 65.050946][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 65.059225][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 65.242640][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 65.250790][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 65.262968][ T4338] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 65.292611][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 65.302490][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 65.313296][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 65.321963][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 65.330340][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 65.338530][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 65.349476][ T4338] device veth0_vlan entered promiscuous mode
[ 65.363444][ T4338] device veth1_vlan entered promiscuous mode
[ 65.381683][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 65.390456][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 65.398529][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 65.408018][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 65.418576][ T4338] device veth0_macvtap entered promiscuous mode
[ 65.431693][ T4338] device veth1_macvtap entered promiscuous mode
[ 65.446596][ T4338] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 65.454379][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 65.462972][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 65.471045][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 65.480212][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 65.491771][ T4338] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 65.502460][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 65.512499][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 65.523378][ T4338] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.532405][ T4338] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.541273][ T4338] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.550007][ T4338] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.984552][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/10/30 16:02:34 executed programs: 0
[ 66.160260][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 66.168765][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 66.177534][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 66.186420][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 66.194043][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 66.201309][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 66.311251][ T4368] chnl_net:caif_netlink_parms(): no params data found
[ 66.362010][ T4368] bridge0: port 1(bridge_slave_0) entered blocking state
[ 66.369475][ T4368] bridge0: port 1(bridge_slave_0) entered disabled state
[ 66.377676][ T4368] device bridge_slave_0 entered promiscuous mode
[ 66.386144][ T4368] bridge0: port 2(bridge_slave_1) entered blocking state
[ 66.393245][ T4368] bridge0: port 2(bridge_slave_1) entered disabled state
[ 66.401117][ T4368] device bridge_slave_1 entered promiscuous mode
[ 66.424402][ T4368] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 66.435397][ T4368] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 66.458154][ T4368] team0: Port device team_slave_0 added
[ 66.466424][ T4368] team0: Port device team_slave_1 added
[ 66.482677][ T4368] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 66.490110][ T4368] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 66.516198][ T4368] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 66.529905][ T4368] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 66.537087][ T4368] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 66.563464][ T4368] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 66.597195][ T4368] device hsr_slave_0 entered promiscuous mode
[ 66.603834][ T4368] device hsr_slave_1 entered promiscuous mode
[ 66.610409][ T4368] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 66.618503][ T4368] Cannot create hsr debugfs directory
[ 68.244874][ T4281] Bluetooth: hci0: command 0x0409 tx timeout
[ 68.346160][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.326560][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.337075][ T4281] Bluetooth: hci0: command 0x041b tx timeout
[ 70.394654][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 71.251599][ T4368] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 71.260077][ T4368] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 71.269744][ T4368] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 71.278437][ T4368] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 71.333443][ T4368] 8021q: adding VLAN 0 to HW filter on device bond0
[ 71.359481][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 71.367742][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 71.377655][ T4368] 8021q: adding VLAN 0 to HW filter on device team0
[ 71.387705][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 71.396708][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 71.406131][ T70] bridge0: port 1(bridge_slave_0) entered blocking state
[ 71.413267][ T70] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 71.422021][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 71.435980][ T9] device hsr_slave_0 left promiscuous mode
[ 71.442307][ T9] device hsr_slave_1 left promiscuous mode
[ 71.449977][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 71.458368][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 71.466505][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 71.474026][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 71.481512][ T9] device bridge_slave_1 left promiscuous mode
[ 71.488025][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 71.498978][ T9] device bridge_slave_0 left promiscuous mode
[ 71.505796][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 71.527002][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.533470][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.540478][ T9] device veth1_macvtap left promiscuous mode
[ 71.547057][ T9] device veth0_macvtap left promiscuous mode
[ 71.553102][ T9] device veth1_vlan left promiscuous mode
[ 71.559126][ T9] device veth0_vlan left promiscuous mode
[ 71.825708][ T9] team0 (unregistering): Port device team_slave_1 removed
[ 71.850245][ T9] team0 (unregistering): Port device team_slave_0 removed
[ 71.874858][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 71.900696][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 72.123663][ T9] bond0 (unregistering): Released all slaves
[ 72.195612][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 72.204746][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 72.213055][ T70] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.220164][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 72.239690][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 72.255525][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 72.270236][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 72.279458][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 72.288313][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 72.298189][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 72.306904][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 72.330271][ T4368] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 72.341705][ T4368] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 72.353602][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 72.362403][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 72.370842][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 72.380206][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 72.388981][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 72.405420][ T48] Bluetooth: hci0: command 0x040f tx timeout
[ 72.558274][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 72.565897][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 72.578526][ T4368] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 72.600613][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 72.610050][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 72.628558][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 72.636788][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 72.646137][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 72.653922][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 72.663467][ T4368] device veth0_vlan entered promiscuous mode
[ 72.675197][ T4368] device veth1_vlan entered promiscuous mode
[ 72.696635][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 72.705405][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 72.713274][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 72.722131][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 72.732314][ T4368] device veth0_macvtap entered promiscuous mode
[ 72.745229][ T4368] device veth1_macvtap entered promiscuous mode
[ 72.758180][ T4368] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 72.766815][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 72.775691][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 72.783435][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 72.792439][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 72.809218][ T4368] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 72.816663][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 72.825789][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 72.837122][ T4368] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.846363][ T4368] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.855184][ T4368] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.864340][ T4368] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.911096][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 72.925630][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 72.939244][ T70] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 72.951375][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 72.960318][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 72.971602][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 73.027195][ T4426] loop0: detected capacity change from 0 to 2048
[ 73.048717][ T4426] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[ 73.062032][ T4426] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[ 73.072800][ T4426] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[ 73.080842][ T4426] UDF-fs: Scanning with blocksize 512 failed
[ 73.097051][ T4426] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 73.155180][ T4426] getblk(): invalid block size 1024 requested
[ 73.161462][ T4426] logical block size: 4096
[ 73.166350][ T4426] CPU: 0 PID: 4426 Comm: syz.0.17 Not tainted syzkaller #0
[ 73.173562][ T4426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 73.183654][ T4426] Call Trace:
[ 73.186941][ T4426]
[ 73.189881][ T4426] dump_stack_lvl+0x168/0x22e
[ 73.194584][ T4426] ? write_boundary_block+0xb0/0xb0
[ 73.199781][ T4426] ? show_regs_print_info+0x12/0x12
[ 73.205059][ T4426] ? load_image+0x3b0/0x3b0
[ 73.209570][ T4426] ? security_path_truncate+0xcf/0x120
[ 73.215016][ T4426] ? verify_lock_unused+0x140/0x140
[ 73.220204][ T4426] __getblk_gfp+0x1c3/0xb20
[ 73.224709][ T4426] ? udf_current_aext+0x44e/0xb00
[ 73.229744][ T4426] __bread_gfp+0x26/0x330
[ 73.234064][ T4426] udf_next_aext+0x25b/0x450
[ 73.238650][ T4426] inode_bmap+0x25b/0x670
[ 73.242970][ T4426] udf_setsize+0x537/0x1090
[ 73.247521][ T4426] ? udf_evict_inode+0x3e0/0x3e0
[ 73.252446][ T4426] ? current_time+0x1dd/0x2a0
[ 73.257122][ T4426] ? setattr_prepare+0x1f5/0xd00
[ 73.262042][ T4426] ? atime_needs_update+0x780/0x780
[ 73.267233][ T4426] udf_setattr+0x404/0x560
[ 73.271648][ T4426] ? udf_release_file+0x120/0x120
[ 73.276688][ T4426] notify_change+0xc74/0xf40
[ 73.281355][ T4426] do_truncate+0x197/0x220
[ 73.285762][ T4426] ? put_page_bootmem+0x2c0/0x2c0
[ 73.290786][ T4426] ? bpf_lsm_path_truncate+0x5/0x10
[ 73.295997][ T4426] vfs_truncate+0x262/0x2f0
[ 73.300488][ T4426] do_sys_truncate+0xdc/0x190
[ 73.305148][ T4426] ? break_lease+0xd0/0xd0
[ 73.309548][ T4426] ? lockdep_hardirqs_on+0x94/0x140
[ 73.314734][ T4426] do_syscall_64+0x4c/0xa0
[ 73.319130][ T4426] ? clear_bhb_loop+0x60/0xb0
[ 73.323789][ T4426] ? clear_bhb_loop+0x60/0xb0
[ 73.328450][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 73.334340][ T4426] RIP: 0033:0x7f4c6758efc9
[ 73.338748][ T4426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 73.358342][ T4426] RSP: 002b:00007ffde0944bf8 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 73.366744][ T4426] RAX: ffffffffffffffda RBX: 00007f4c677e5fa0 RCX: 00007f4c6758efc9
[ 73.374709][ T4426] RDX: 0000000000000000 RSI: 000000404000f000 RDI: 0000200000000080
[ 73.382767][ T4426] RBP: 00007f4c67611f91 R08: 0000000000000000 R09: 0000000000000000
[ 73.390727][ T4426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 73.398688][ T4426] R13: 00007f4c677e5fa0 R14: 00007f4c677e5fa0 R15: 0000000000000002
[ 73.406678][ T4426]
[ 73.414904][ T4426] ==================================================================
[ 73.423158][ T4426] BUG: KASAN: slab-out-of-bounds in udf_get_fileshortad+0x152/0x1a0
[ 73.431139][ T4426] Read of size 4 at addr ffff88801ee4cf38 by task syz.0.17/4426
[ 73.438750][ T4426]
[ 73.441058][ T4426] CPU: 1 PID: 4426 Comm: syz.0.17 Not tainted syzkaller #0
[ 73.448236][ T4426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 73.458449][ T4426] Call Trace:
[ 73.461723][ T4426]
[ 73.464643][ T4426] dump_stack_lvl+0x168/0x22e
[ 73.469316][ T4426] ? __lock_acquire+0x7c50/0x7c50
[ 73.474329][ T4426] ? show_regs_print_info+0x12/0x12
[ 73.479516][ T4426] ? load_image+0x3b0/0x3b0
[ 73.484005][ T4426] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 73.489368][ T4426] ? __virt_addr_valid+0x188/0x540
[ 73.494479][ T4426] ? __virt_addr_valid+0x465/0x540
[ 73.499583][ T4426] ? udf_get_fileshortad+0x152/0x1a0
[ 73.504852][ T4426] print_report+0xa8/0x210
[ 73.509257][ T4426] kasan_report+0x10b/0x140
[ 73.513750][ T4426] ? udf_get_fileshortad+0x152/0x1a0
[ 73.519018][ T4426] udf_get_fileshortad+0x152/0x1a0
[ 73.524120][ T4426] udf_current_aext+0x43a/0xb00
[ 73.529045][ T4426] udf_next_aext+0x101/0x450
[ 73.533627][ T4426] udf_setsize+0x9f7/0x1090
[ 73.538119][ T4426] ? udf_evict_inode+0x3e0/0x3e0
[ 73.543041][ T4426] ? current_time+0x1dd/0x2a0
[ 73.547714][ T4426] ? setattr_prepare+0x1f5/0xd00
[ 73.552635][ T4426] ? atime_needs_update+0x780/0x780
[ 73.557817][ T4426] udf_setattr+0x404/0x560
[ 73.562217][ T4426] ? udf_release_file+0x120/0x120
[ 73.567226][ T4426] notify_change+0xc74/0xf40
[ 73.571801][ T4426] do_truncate+0x197/0x220
[ 73.576200][ T4426] ? put_page_bootmem+0x2c0/0x2c0
[ 73.581210][ T4426] ? bpf_lsm_path_truncate+0x5/0x10
[ 73.586398][ T4426] vfs_truncate+0x262/0x2f0
[ 73.590884][ T4426] do_sys_truncate+0xdc/0x190
[ 73.595551][ T4426] ? break_lease+0xd0/0xd0
[ 73.599956][ T4426] ? lockdep_hardirqs_on+0x94/0x140
[ 73.605151][ T4426] do_syscall_64+0x4c/0xa0
[ 73.609551][ T4426] ? clear_bhb_loop+0x60/0xb0
[ 73.614212][ T4426] ? clear_bhb_loop+0x60/0xb0
[ 73.618873][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 73.624749][ T4426] RIP: 0033:0x7f4c6758efc9
[ 73.629148][ T4426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 73.649087][ T4426] RSP: 002b:00007ffde0944bf8 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 73.657669][ T4426] RAX: ffffffffffffffda RBX: 00007f4c677e5fa0 RCX: 00007f4c6758efc9
[ 73.665629][ T4426] RDX: 0000000000000000 RSI: 000000404000f000 RDI: 0000200000000080
[ 73.673684][ T4426] RBP: 00007f4c67611f91 R08: 0000000000000000 R09: 0000000000000000
[ 73.681662][ T4426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 73.689641][ T4426] R13: 00007f4c677e5fa0 R14: 00007f4c677e5fa0 R15: 0000000000000002
[ 73.697618][ T4426]
[ 73.700628][ T4426]
[ 73.702933][ T4426] Allocated by task 4385:
[ 73.707242][ T4426] kasan_set_track+0x4b/0x70
[ 73.711826][ T4426] __kasan_kmalloc+0x8e/0xa0
[ 73.716410][ T4426] __kmalloc+0xb0/0x240
[ 73.720568][ T4426] ___neigh_create+0x6ce/0x24c0
[ 73.725414][ T4426] ip6_finish_output2+0x14f0/0x1590
[ 73.730608][ T4426] ndisc_send_skb+0xbfb/0x1510
[ 73.735361][ T4426] ndisc_send_ns+0xc8/0x150
[ 73.739848][ T4426] addrconf_dad_work+0xa15/0x14d0
[ 73.744861][ T4426] process_one_work+0x898/0x1160
[ 73.749781][ T4426] worker_thread+0xaa2/0x1250
[ 73.754440][ T4426] kthread+0x29d/0x330
[ 73.758497][ T4426] ret_from_fork+0x1f/0x30
[ 73.762900][ T4426]
[ 73.765206][ T4426] The buggy address belongs to the object at ffff88801ee4c800
[ 73.765206][ T4426] which belongs to the cache kmalloc-1k of size 1024
[ 73.779242][ T4426] The buggy address is located 824 bytes to the right of
[ 73.779242][ T4426] 1024-byte region [ffff88801ee4c800, ffff88801ee4cc00)
[ 73.793103][ T4426]
[ 73.795429][ T4426] The buggy address belongs to the physical page:
[ 73.801855][ T4426] page:ffffea00007b9200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ee48
[ 73.812007][ T4426] head:ffffea00007b9200 order:3 compound_mapcount:0 compound_pincount:0
[ 73.820323][ T4426] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 73.828300][ T4426] raw: 00fff00000010200 ffffea000082de00 dead000000000002 ffff888017441dc0
[ 73.836867][ T4426] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 73.845426][ T4426] page dumped because: kasan: bad access detected
[ 73.851822][ T4426] page_owner tracks the page as allocated
[ 73.857517][ T4426] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3949, tgid 3949 (dhcpcd), ts 33529695024, free_ts 33486061819
[ 73.878732][ T4426] post_alloc_hook+0x173/0x1a0
[ 73.883505][ T4426] get_page_from_freelist+0x1a26/0x1ac0
[ 73.889046][ T4426] __alloc_pages+0x1df/0x4e0
[ 73.893623][ T4426] alloc_slab_page+0x5d/0x160
[ 73.898286][ T4426] new_slab+0x87/0x2c0
[ 73.902341][ T4426] ___slab_alloc+0xbc6/0x1230
[ 73.907005][ T4426] __kmem_cache_alloc_node+0x1a0/0x260
[ 73.912537][ T4426] __kmalloc+0xa0/0x240
[ 73.916774][ T4426] load_elf_phdrs+0x132/0x230
[ 73.921533][ T4426] load_elf_binary+0x955/0x26d0
[ 73.926368][ T4426] bprm_execve+0xb10/0x18a0
[ 73.930858][ T4426] do_execveat_common+0x51b/0x6c0
[ 73.935868][ T4426] __x64_sys_execve+0x8e/0xa0
[ 73.940529][ T4426] do_syscall_64+0x4c/0xa0
[ 73.944931][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 73.950807][ T4426] page last free stack trace:
[ 73.955457][ T4426] free_unref_page_prepare+0x8b4/0x9a0
[ 73.960901][ T4426] free_unref_page+0x2e/0x3f0
[ 73.965569][ T4426] __unfreeze_partials+0x1a5/0x200
[ 73.970672][ T4426] put_cpu_partial+0x17c/0x250
[ 73.975422][ T4426] qlist_free_all+0x76/0xe0
[ 73.979936][ T4426] kasan_quarantine_reduce+0x144/0x160
[ 73.985385][ T4426] __kasan_slab_alloc+0x1e/0x80
[ 73.990228][ T4426] slab_post_alloc_hook+0x4b/0x480
[ 73.995496][ T4426] kmem_cache_alloc+0x123/0x2f0
[ 74.000332][ T4426] vm_area_dup+0x23/0x1a0
[ 74.004667][ T4426] __split_vma+0xb9/0x500
[ 74.008988][ T4426] mprotect_fixup+0x597/0x7f0
[ 74.013671][ T4426] do_mprotect_pkey+0x754/0xa40
[ 74.018521][ T4426] __x64_sys_mprotect+0x7c/0x90
[ 74.023358][ T4426] do_syscall_64+0x4c/0xa0
[ 74.027769][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 74.033657][ T4426]
[ 74.035979][ T4426] Memory state around the buggy address:
[ 74.041597][ T4426] ffff88801ee4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 74.049646][ T4426] ffff88801ee4ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 74.057697][ T4426] >ffff88801ee4cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 74.065736][ T4426] ^
[ 74.071608][ T4426] ffff88801ee4cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 74.079652][ T4426] ffff88801ee4d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 74.087696][ T4426] ==================================================================
[ 74.103451][ T4426] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 74.110756][ T4426] CPU: 0 PID: 4426 Comm: syz.0.17 Not tainted syzkaller #0
[ 74.117940][ T4426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 74.127978][ T4426] Call Trace:
[ 74.131244][ T4426]
[ 74.134160][ T4426] dump_stack_lvl+0x168/0x22e
[ 74.138830][ T4426] ? memcpy+0x3c/0x60
[ 74.142804][ T4426] ? show_regs_print_info+0x12/0x12
[ 74.147985][ T4426] ? load_image+0x3b0/0x3b0
[ 74.152479][ T4426] panic+0x2c9/0x710
[ 74.156363][ T4426] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 74.162500][ T4426] ? bpf_jit_dump+0xd0/0xd0
[ 74.166989][ T4426] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 74.172874][ T4426] ? _raw_spin_unlock+0x40/0x40
[ 74.177710][ T4426] check_panic_on_warn+0x80/0xa0
[ 74.182633][ T4426] ? udf_get_fileshortad+0x152/0x1a0
[ 74.187905][ T4426] end_report+0x66/0x110
[ 74.192134][ T4426] kasan_report+0x118/0x140
[ 74.196624][ T4426] ? udf_get_fileshortad+0x152/0x1a0
[ 74.202521][ T4426] udf_get_fileshortad+0x152/0x1a0
[ 74.207616][ T4426] udf_current_aext+0x43a/0xb00
[ 74.212457][ T4426] udf_next_aext+0x101/0x450
[ 74.217035][ T4426] udf_setsize+0x9f7/0x1090
[ 74.221525][ T4426] ? udf_evict_inode+0x3e0/0x3e0
[ 74.226460][ T4426] ? current_time+0x1dd/0x2a0
[ 74.231173][ T4426] ? setattr_prepare+0x1f5/0xd00
[ 74.236090][ T4426] ? atime_needs_update+0x780/0x780
[ 74.241270][ T4426] udf_setattr+0x404/0x560
[ 74.245673][ T4426] ? udf_release_file+0x120/0x120
[ 74.250684][ T4426] notify_change+0xc74/0xf40
[ 74.255261][ T4426] do_truncate+0x197/0x220
[ 74.259664][ T4426] ? put_page_bootmem+0x2c0/0x2c0
[ 74.264674][ T4426] ? bpf_lsm_path_truncate+0x5/0x10
[ 74.269859][ T4426] vfs_truncate+0x262/0x2f0
[ 74.274342][ T4426] do_sys_truncate+0xdc/0x190
[ 74.278997][ T4426] ? break_lease+0xd0/0xd0
[ 74.283392][ T4426] ? lockdep_hardirqs_on+0x94/0x140
[ 74.288581][ T4426] do_syscall_64+0x4c/0xa0
[ 74.292975][ T4426] ? clear_bhb_loop+0x60/0xb0
[ 74.297633][ T4426] ? clear_bhb_loop+0x60/0xb0
[ 74.302288][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 74.308161][ T4426] RIP: 0033:0x7f4c6758efc9
[ 74.312556][ T4426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 74.332139][ T4426] RSP: 002b:00007ffde0944bf8 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 74.340544][ T4426] RAX: ffffffffffffffda RBX: 00007f4c677e5fa0 RCX: 00007f4c6758efc9
[ 74.348498][ T4426] RDX: 0000000000000000 RSI: 000000404000f000 RDI: 0000200000000080
[ 74.356481][ T4426] RBP: 00007f4c67611f91 R08: 0000000000000000 R09: 0000000000000000
[ 74.364436][ T4426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 74.372387][ T4426] R13: 00007f4c677e5fa0 R14: 00007f4c677e5fa0 R15: 0000000000000002
[ 74.380347][ T4426]
[ 74.383600][ T4426] Kernel Offset: disabled
[ 74.387912][ T4426] Rebooting in 86400 seconds..