no interfaces have a carrier
[ 38.560764][ T3854] 8021q: adding VLAN 0 to HW filter on device bond0
[ 38.570501][ T3854] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.236' (ED25519) to the list of known hosts.
2026/04/01 08:47:48 parsed 1 programs
syzkaller login: [ 68.562084][ T4189] cgroup: Unknown subsys name 'net'
[ 68.696872][ T4189] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 70.124300][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 71.265269][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.271965][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.486230][ T4204] chnl_net:caif_netlink_parms(): no params data found
[ 71.529679][ T4204] bridge0: port 1(bridge_slave_0) entered blocking state
[ 71.537046][ T4204] bridge0: port 1(bridge_slave_0) entered disabled state
[ 71.545126][ T4204] device bridge_slave_0 entered promiscuous mode
[ 71.554322][ T4204] bridge0: port 2(bridge_slave_1) entered blocking state
[ 71.561604][ T4204] bridge0: port 2(bridge_slave_1) entered disabled state
[ 71.569310][ T4204] device bridge_slave_1 entered promiscuous mode
[ 71.588950][ T4204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 71.599975][ T4204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 71.621631][ T4204] team0: Port device team_slave_0 added
[ 71.628873][ T4204] team0: Port device team_slave_1 added
[ 71.645723][ T4204] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 71.652717][ T4204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 71.678897][ T4204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 71.691996][ T4204] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 71.699150][ T4204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 71.725243][ T4204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 71.754991][ T4204] device hsr_slave_0 entered promiscuous mode
[ 71.761789][ T4204] device hsr_slave_1 entered promiscuous mode
[ 71.850878][ T4204] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 71.862026][ T4204] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 71.870807][ T4204] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 71.880213][ T4204] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 71.902220][ T4204] bridge0: port 2(bridge_slave_1) entered blocking state
[ 71.909489][ T4204] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 71.917166][ T4204] bridge0: port 1(bridge_slave_0) entered blocking state
[ 71.924237][ T4204] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 71.967308][ T4204] 8021q: adding VLAN 0 to HW filter on device bond0
[ 71.979932][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 71.990170][ T154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 71.998904][ T154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.007904][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 72.019823][ T4204] 8021q: adding VLAN 0 to HW filter on device team0
[ 72.031400][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 72.039992][ T155] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.047217][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 72.059684][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 72.068303][ T155] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.075364][ T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 72.093091][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 72.102791][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 72.114700][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 72.126107][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 72.137790][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 72.148458][ T4204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 72.232009][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 72.239462][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 72.253255][ T4204] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 72.270284][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 72.287436][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 72.296168][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 72.304161][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 72.314454][ T4204] device veth0_vlan entered promiscuous mode
[ 72.324764][ T4204] device veth1_vlan entered promiscuous mode
[ 72.343908][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 72.352401][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 72.360483][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 72.372506][ T4204] device veth0_macvtap entered promiscuous mode
[ 72.381966][ T4204] device veth1_macvtap entered promiscuous mode
[ 72.397105][ T4204] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 72.405857][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 72.414865][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 72.426644][ T4204] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 72.434515][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 72.445866][ T4204] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.454913][ T4204] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.463814][ T4204] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.472600][ T4204] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.602809][ T4204] syz-executor (4204) used greatest stack depth: 20112 bytes left
[ 72.621083][ T155] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 73.585999][ T1479] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.597047][ T1479] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.609522][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 73.627606][ T1479] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.635687][ T1479] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.643279][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 75.297842][ T155] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.867126][ T155] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.927783][ T155] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.683810][ T155] device hsr_slave_0 left promiscuous mode
[ 78.702131][ T155] device hsr_slave_1 left promiscuous mode
[ 78.710167][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 78.731327][ T155] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 78.745298][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 78.752877][ T155] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 78.767347][ T155] device bridge_slave_1 left promiscuous mode
[ 78.785015][ T155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.818951][ T155] device bridge_slave_0 left promiscuous mode
[ 78.841699][ T155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.869329][ T155] device veth1_macvtap left promiscuous mode
[ 78.876017][ T155] device veth0_macvtap left promiscuous mode
[ 78.882498][ T155] device veth1_vlan left promiscuous mode
[ 78.888445][ T155] device veth0_vlan left promiscuous mode
[ 79.070436][ T155] team0 (unregistering): Port device team_slave_1 removed
[ 79.083125][ T155] team0 (unregistering): Port device team_slave_0 removed
[ 79.096369][ T155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 79.111683][ T155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 79.165153][ T155] bond0 (unregistering): Released all slaves
2026/04/01 08:48:02 executed programs: 0
[ 80.603871][ T4339] chnl_net:caif_netlink_parms(): no params data found
[ 80.721072][ T4339] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.728333][ T4339] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.737671][ T4339] device bridge_slave_0 entered promiscuous mode
[ 80.746801][ T4339] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.755187][ T4339] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.763393][ T4339] device bridge_slave_1 entered promiscuous mode
[ 80.808145][ T4339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 80.833685][ T4339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 80.886507][ T4339] team0: Port device team_slave_0 added
[ 80.903047][ T4339] team0: Port device team_slave_1 added
[ 80.942627][ T4339] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.949585][ T4339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.997810][ T4339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 81.017628][ T4339] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 81.026913][ T4339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.053245][ T4339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 81.104493][ T4339] device hsr_slave_0 entered promiscuous mode
[ 81.121416][ T4339] device hsr_slave_1 entered promiscuous mode
[ 81.510539][ T155] ODEBUG: Out of memory. ODEBUG disabled
[ 82.014373][ T4339] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 82.052294][ T4339] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 82.076181][ T4339] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 82.088050][ T4339] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 82.181063][ T4339] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.196928][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 82.204823][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 82.215961][ T4339] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.226626][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 82.237238][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 82.246045][ T1479] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.253255][ T1479] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.273414][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 82.283170][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 82.292916][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 82.301557][ T1479] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.308627][ T1479] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 82.319857][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 82.329321][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 82.350925][ T4339] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 82.361886][ T4339] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 82.374681][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 82.385179][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 82.394577][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 82.403757][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 82.414150][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 82.422940][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 82.431567][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 82.439898][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 82.448489][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 82.456601][ T4377] Bluetooth: hci0: command 0x0409 tx timeout
[ 82.459937][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 82.577377][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 82.586789][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 82.599483][ T4339] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 82.623346][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 82.633139][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 82.695083][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 82.703943][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 82.715356][ T4339] device veth0_vlan entered promiscuous mode
[ 82.724444][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 82.734430][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 82.746453][ T4339] device veth1_vlan entered promiscuous mode
[ 82.809424][ T4339] device veth0_macvtap entered promiscuous mode
[ 82.818180][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 82.826651][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 82.835083][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 82.844325][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 82.854201][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 82.865037][ T4339] device veth1_macvtap entered promiscuous mode
[ 82.920003][ T4339] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 82.928602][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 82.939781][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 82.948676][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 82.961067][ T4339] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 83.005958][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 83.014900][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 83.027970][ T4339] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.039397][ T4339] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.049971][ T4339] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.060166][ T4339] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.146244][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.161529][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.174789][ T1479] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 83.232986][ T1479] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.240997][ T1479] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.249077][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 83.616665][ T4446] loop0: detected capacity change from 0 to 32768
[ 83.669408][ T4446]
[ 83.669408][ T4446] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.669408][ T4446]
[ 83.703838][ T4446]
[ 83.703838][ T4446] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.703838][ T4446]
[ 83.716277][ T4446]
[ 83.716277][ T4446] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.716277][ T4446]
[ 83.734098][ T277]
[ 83.734098][ T277] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.734098][ T277]
[ 83.777353][ T144]
[ 83.777353][ T144] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.777353][ T144]
[ 83.801275][ T144]
[ 83.801275][ T144] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.801275][ T144]
[ 83.818198][ T276]
[ 83.818198][ T276] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.818198][ T276]
[ 83.833525][ T4339]
[ 83.833525][ T4339] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.833525][ T4339]
[ 83.845849][ T4339]
[ 83.845849][ T4339] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 83.845849][ T4339]
[ 84.409703][ T4475] loop0: detected capacity change from 0 to 32768
[ 84.489281][ T4475]
[ 84.489281][ T4475] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.489281][ T4475]
[ 84.512968][ T4475]
[ 84.512968][ T4475] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.512968][ T4475]
[ 84.531484][ T4377] Bluetooth: hci0: command 0x041b tx timeout
[ 84.551160][ T4475]
[ 84.551160][ T4475] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.551160][ T4475]
[ 84.572032][ T276]
[ 84.572032][ T276] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.572032][ T276]
[ 84.602382][ T144]
[ 84.602382][ T144] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.602382][ T144]
[ 84.613938][ T144]
[ 84.613938][ T144] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.613938][ T144]
[ 84.643430][ T276]
[ 84.643430][ T276] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.643430][ T276]
[ 84.661443][ T4339]
[ 84.661443][ T4339] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.661443][ T4339]
[ 84.681693][ T4339]
[ 84.681693][ T4339] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 84.681693][ T4339]
[ 85.076432][ T4490] loop0: detected capacity change from 0 to 32768
[ 85.138291][ T4490]
[ 85.138291][ T4490] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.138291][ T4490]
[ 85.173421][ T4490]
[ 85.173421][ T4490] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.173421][ T4490]
[ 85.185468][ T4490]
[ 85.185468][ T4490] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.185468][ T4490]
[ 85.223414][ T277]
[ 85.223414][ T277] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.223414][ T277]
[ 85.245420][ T1479]
[ 85.245420][ T1479] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.245420][ T1479]
[ 85.288593][ T1479]
[ 85.288593][ T1479] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.288593][ T1479]
[ 85.321447][ T4339]
[ 85.321447][ T4339] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.321447][ T4339]
[ 85.352223][ T4339]
[ 85.352223][ T4339] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.352223][ T4339]
[ 85.383285][ T277]
[ 85.383285][ T277] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 85.383285][ T277]
[ 85.399018][ T277] ==================================================================
[ 85.407249][ T277] BUG: KASAN: use-after-free in txEnd+0x329/0x520
[ 85.413721][ T277] Write of size 8 at addr ffff88807a395840 by task jfsCommit/277
[ 85.421462][ T277]
[ 85.423820][ T277] CPU: 0 PID: 277 Comm: jfsCommit Not tainted syzkaller #0
[ 85.431039][ T277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 85.441125][ T277] Call Trace:
[ 85.444439][ T277]
[ 85.447403][ T277] dump_stack_lvl+0x188/0x250
[ 85.452105][ T277] ? show_regs_print_info+0x20/0x20
[ 85.457328][ T277] ? _printk+0xda/0x130
[ 85.461504][ T277] ? txEnd+0x329/0x520
[ 85.465598][ T277] ? load_image+0x400/0x400
[ 85.470120][ T277] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 85.475606][ T277] print_address_description+0x60/0x2d0
[ 85.481176][ T277] ? txEnd+0x329/0x520
[ 85.485263][ T277] kasan_report+0xdf/0x130
[ 85.489701][ T277] ? txEnd+0x329/0x520
[ 85.493795][ T277] kasan_check_range+0x235/0x290
[ 85.498766][ T277] txEnd+0x329/0x520
[ 85.502705][ T277] jfs_lazycommit+0x5b8/0xb40
[ 85.507407][ T277] ? txFreelock+0x5a0/0x5a0
[ 85.511925][ T277] ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 85.517867][ T277] ? sched_dynamic_update+0x210/0x210
[ 85.523266][ T277] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 85.529179][ T277] ? __kthread_parkme+0x157/0x1b0
[ 85.534220][ T277] kthread+0x436/0x520
[ 85.538310][ T277] ? txFreelock+0x5a0/0x5a0
[ 85.542831][ T277] ? kthread_blkcg+0xd0/0xd0
[ 85.547469][ T277] ret_from_fork+0x1f/0x30
[ 85.551926][ T277]
[ 85.554964][ T277]
[ 85.557296][ T277] Allocated by task 4490:
[ 85.561681][ T277] __kasan_kmalloc+0xb5/0xf0
[ 85.566299][ T277] lmLogOpen+0x2c0/0xf90
[ 85.570564][ T277] jfs_mount_rw+0xf8/0x5c0
[ 85.574997][ T277] jfs_fill_super+0x5c1/0xb00
[ 85.579690][ T277] mount_bdev+0x287/0x3c0
[ 85.584036][ T277] legacy_get_tree+0xe6/0x180
[ 85.588726][ T277] vfs_get_tree+0x88/0x270
[ 85.593166][ T277] do_new_mount+0x24a/0xa40
[ 85.597704][ T277] __se_sys_mount+0x2e3/0x3d0
[ 85.602408][ T277] do_syscall_64+0x4c/0xa0
[ 85.606836][ T277] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 85.612748][ T277]
[ 85.615099][ T277] Freed by task 4339:
[ 85.619090][ T277] kasan_set_track+0x4b/0x70
[ 85.623714][ T277] kasan_set_free_info+0x1f/0x40
[ 85.628675][ T277] ____kasan_slab_free+0xd5/0x110
[ 85.633728][ T277] slab_free_freelist_hook+0xea/0x170
[ 85.639135][ T277] kfree+0xef/0x2a0
[ 85.642970][ T277] lmLogClose+0x293/0x520
[ 85.647334][ T277] jfs_umount+0x28f/0x360
[ 85.651695][ T277] jfs_put_super+0x88/0x190
[ 85.656225][ T277] generic_shutdown_super+0x130/0x300
[ 85.661622][ T277] kill_block_super+0x7c/0xe0
[ 85.666318][ T277] deactivate_locked_super+0x93/0xf0
[ 85.671630][ T277] cleanup_mnt+0x42d/0x4e0
[ 85.676070][ T277] task_work_run+0x125/0x1a0
[ 85.680686][ T277] exit_to_user_mode_loop+0x10f/0x130
[ 85.686079][ T277] exit_to_user_mode_prepare+0xee/0x180
[ 85.691636][ T277] syscall_exit_to_user_mode+0x16/0x40
[ 85.697131][ T277] do_syscall_64+0x58/0xa0
[ 85.701567][ T277] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 85.707482][ T277]
[ 85.709830][ T277] The buggy address belongs to the object at ffff88807a395800
[ 85.709830][ T277] which belongs to the cache kmalloc-1k of size 1024
[ 85.723894][ T277] The buggy address is located 64 bytes inside of
[ 85.723894][ T277] 1024-byte region [ffff88807a395800, ffff88807a395c00)
[ 85.737187][ T277] The buggy address belongs to the page:
[ 85.742841][ T277] page:ffffea0001e8e400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a390
[ 85.753011][ T277] head:ffffea0001e8e400 order:3 compound_mapcount:0 compound_pincount:0
[ 85.761349][ T277] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.769356][ T277] raw: 00fff00000010200 ffffea0000a57a00 0000000600000006 ffff888016c41dc0
[ 85.777959][ T277] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 85.786586][ T277] page dumped because: kasan: bad access detected
[ 85.793053][ T277] page_owner tracks the page as allocated
[ 85.798792][ T277] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 155, ts 72414307760, free_ts 72343622902
[ 85.817230][ T277] get_page_from_freelist+0x1bbd/0x1ca0
[ 85.822807][ T277] __alloc_pages+0x1ee/0x480
[ 85.827420][ T277] new_slab+0xc0/0x4b0
[ 85.831523][ T277] ___slab_alloc+0x80a/0xdd0
[ 85.836126][ T277] __kmalloc_node_track_caller+0x1fc/0x3a0
[ 85.841949][ T277] __alloc_skb+0x22c/0x750
[ 85.846385][ T277] inet6_rt_notify+0xdd/0x290
[ 85.851081][ T277] fib6_add+0x1d4d/0x3d40
[ 85.855418][ T277] ip6_route_add+0x86/0x130
[ 85.859938][ T277] addrconf_add_linklocal+0x444/0x6c0
[ 85.865320][ T277] addrconf_addr_gen+0x559/0x6b0
[ 85.870279][ T277] addrconf_init_auto_addrs+0x747/0xb00
[ 85.875858][ T277] addrconf_notify+0xa6b/0xf00
[ 85.880666][ T277] raw_notifier_call_chain+0xcb/0x160
[ 85.886064][ T277] netdev_state_change+0xe0/0x160
[ 85.891109][ T277] linkwatch_do_dev+0x10d/0x160
[ 85.895981][ T277] page last free stack trace:
[ 85.900667][ T277] free_unref_page_prepare+0x637/0x6c0
[ 85.906145][ T277] free_unref_page+0x8f/0x2a0
[ 85.910848][ T277] __unfreeze_partials+0x1a5/0x200
[ 85.915978][ T277] put_cpu_partial+0x12d/0x190
[ 85.920768][ T277] qlist_free_all+0x35/0x90
[ 85.925291][ T277] kasan_quarantine_reduce+0x150/0x160
[ 85.930776][ T277] __kasan_slab_alloc+0x2f/0xd0
[ 85.935650][ T277] slab_post_alloc_hook+0x4c/0x380
[ 85.940777][ T277] kmem_cache_alloc_node+0x12d/0x2d0
[ 85.946093][ T277] __alloc_skb+0xf4/0x750
[ 85.950439][ T277] netlink_ack+0x372/0xb50
[ 85.954869][ T277] netlink_rcv_skb+0x27a/0x440
[ 85.959649][ T277] netlink_unicast+0x774/0x920
[ 85.964430][ T277] netlink_sendmsg+0x8ba/0xbe0
[ 85.969231][ T277] __sys_sendto+0x46d/0x620
[ 85.973786][ T277] __x64_sys_sendto+0xda/0xf0
[ 85.978487][ T277]
[ 85.980828][ T277] Memory state around the buggy address:
[ 85.986467][ T277] ffff88807a395700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 85.994550][ T277] ffff88807a395780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.002633][ T277] >ffff88807a395800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 86.010705][ T277] ^
[ 86.016878][ T277] ffff88807a395880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 86.024991][ T277] ffff88807a395900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 86.033058][ T277] ==================================================================
[ 86.041126][ T277] Disabling lock debugging due to kernel taint
[ 86.350086][ T4509] loop0: detected capacity change from 0 to 32768
[ 86.368372][ T277] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 86.375622][ T277] CPU: 0 PID: 277 Comm: jfsCommit Tainted: G B syzkaller #0
[ 86.384226][ T277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 86.394312][ T277] Call Trace:
[ 86.397613][ T277]
[ 86.400575][ T277] dump_stack_lvl+0x188/0x250
[ 86.405276][ T277] ? show_regs_print_info+0x20/0x20
[ 86.410518][ T277] ? load_image+0x400/0x400
[ 86.415041][ T277] panic+0x2e5/0x810
[ 86.418956][ T277] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 86.425133][ T277] ? bpf_jit_dump+0xd0/0xd0
[ 86.429656][ T277] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 86.435664][ T277] ? _raw_spin_unlock+0x40/0x40
[ 86.440548][ T277] ? txEnd+0x329/0x520
[ 86.444636][ T277] check_panic_on_warn+0x80/0xa0
[ 86.449598][ T277] ? txEnd+0x329/0x520
[ 86.453679][ T277] end_report+0x6d/0xf0
[ 86.457860][ T277] kasan_report+0x102/0x130
[ 86.462407][ T277] ? txEnd+0x329/0x520
[ 86.466499][ T277] kasan_check_range+0x235/0x290
[ 86.471454][ T277] txEnd+0x329/0x520
[ 86.475389][ T277] jfs_lazycommit+0x5b8/0xb40
[ 86.480087][ T277] ? txFreelock+0x5a0/0x5a0
[ 86.484609][ T277] ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 86.490518][ T277] ? sched_dynamic_update+0x210/0x210
[ 86.495922][ T277] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 86.501834][ T277] ? __kthread_parkme+0x157/0x1b0
[ 86.506915][ T277] kthread+0x436/0x520
[ 86.510997][ T277] ? txFreelock+0x5a0/0x5a0
[ 86.515509][ T277] ? kthread_blkcg+0xd0/0xd0
[ 86.520119][ T277] ret_from_fork+0x1f/0x30
[ 86.524557][ T277]
[ 86.527948][ T277] Kernel Offset: disabled
[ 86.532283][ T277] Rebooting in 86400 seconds..