[   19.961208][ T3637] 8021q: adding VLAN 0 to HW filter on device bond0
[   19.965061][ T3637] eql: remember to turn off Van-Jacobson compression on your slave devices
[   20.014396][    T9] gvnic 0000:00:00.0 enp0s0: Device link is up.
[   20.019465][ T1953] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.143' (ECDSA) to the list of known hosts.
syzkaller login: [   42.499542][ T4052] chnl_net:caif_netlink_parms(): no params data found
[   42.545191][ T4052] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.546733][ T4052] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.548914][ T4052] device bridge_slave_0 entered promiscuous mode
[   42.553259][ T4052] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.554746][ T4052] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.557001][ T4052] device bridge_slave_1 entered promiscuous mode
[   42.574096][ T4052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   42.578076][ T4052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   42.594952][ T4052] team0: Port device team_slave_0 added
[   42.598064][ T4052] team0: Port device team_slave_1 added
[   42.612319][ T4052] batman_adv: batadv0: Adding interface: batadv_slave_0
[   42.613856][ T4052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   42.619351][ T4052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   42.624220][ T4052] batman_adv: batadv0: Adding interface: batadv_slave_1
[   42.625723][ T4052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   42.631300][ T4052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   42.685157][ T4052] device hsr_slave_0 entered promiscuous mode
[   42.732895][ T4052] device hsr_slave_1 entered promiscuous mode
[   42.873759][ T4052] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   42.934698][ T4052] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   42.975333][ T4052] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   43.025094][ T4052] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   43.091254][ T4052] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.092964][ T4052] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.094932][ T4052] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.096571][ T4052] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.145552][ T4052] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.153336][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.157213][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.160172][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.164652][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   43.173400][ T4052] 8021q: adding VLAN 0 to HW filter on device team0
[   43.179626][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.181685][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.183277][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.190090][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.192236][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.193927][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.210722][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   43.213739][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   43.224896][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   43.227169][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.233453][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.238228][ T4052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   43.250959][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   43.252991][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   43.260219][ T4052] 8021q: adding VLAN 0 to HW filter on device batadv0
[   43.275956][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.291509][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.294737][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.296831][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.301357][ T4052] device veth0_vlan entered promiscuous mode
[   43.310086][ T4052] device veth1_vlan entered promiscuous mode
[   43.329327][ T4052] device veth0_macvtap entered promiscuous mode
[   43.333444][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   43.335581][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   43.337888][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.340208][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   43.345155][ T4052] device veth1_macvtap entered promiscuous mode
[   43.360629][ T4052] batman_adv: batadv0: Interface activated: batadv_slave_0
[   43.362399][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.369624][ T4052] batman_adv: batadv0: Interface activated: batadv_slave_1
[   43.371485][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.376513][ T4052] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   43.378527][ T4052] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   43.380415][ T4052] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   43.382260][ T4052] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   43.433624][  T292] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   43.439433][  T292] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   43.444541][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   43.452229][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   43.454297][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   43.456601][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
executing program
[   43.678597][ T4052] loop0: detected capacity change from 0 to 32768
[   43.694482][ T4052] XFS (loop0): Mounting V5 Filesystem
[   43.755323][ T4052] XFS (loop0): Ending clean mount
[   43.759314][ T4052] XFS (loop0): Quotacheck needed: Please wait.
[   43.775683][ T4052] XFS (loop0): Quotacheck: Done.
[   43.780240][ T4052] FAULT_INJECTION: forcing a failure.
[   43.780240][ T4052] name failslab, interval 1, probability 0, space 0, times 1
[   43.783987][ T4052] CPU: 0 PID: 4052 Comm: syz-executor590 Not tainted 5.15.98-syzkaller #0
[   43.785795][ T4052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   43.787902][ T4052] Call trace:
[   43.788575][ T4052]  dump_backtrace+0x0/0x530
[   43.789534][ T4052]  show_stack+0x2c/0x3c
[   43.790507][ T4052]  dump_stack_lvl+0x108/0x170
[   43.791596][ T4052]  dump_stack+0x1c/0x58
[   43.792536][ T4052]  should_fail+0x400/0x5cc
[   43.793517][ T4052]  __should_failslab+0xbc/0x110
[   43.794531][ T4052]  should_failslab+0x10/0x28
[   43.795527][ T4052]  slab_pre_alloc_hook+0x64/0xe8
[   43.796645][ T4052]  __kmalloc_node+0xb8/0x4ec
[   43.797712][ T4052]  kvmalloc_node+0x88/0x204
[   43.798698][ T4052]  xlog_cil_commit+0x2c4/0x23f4
[   43.799770][ T4052]  __xfs_trans_commit+0x834/0x1018
[   43.800924][ T4052]  xfs_trans_commit+0x24/0x34
[   43.801963][ T4052]  xfs_fileattr_set+0xe0c/0x15b8
[   43.803080][ T4052]  vfs_fileattr_set+0x708/0xad0
[   43.804159][ T4052]  do_vfs_ioctl+0x1634/0x2a38
[   43.805192][ T4052]  __arm64_sys_ioctl+0xe4/0x1c8
[   43.806328][ T4052]  invoke_syscall+0x98/0x2b8
[   43.807305][ T4052]  el0_svc_common+0x138/0x258
[   43.808331][ T4052]  do_el0_svc+0x58/0x14c
[   43.809267][ T4052]  el0_svc+0x7c/0x1f0
[   43.810112][ T4052]  el0t_64_sync_handler+0x84/0xe4
[   43.811172][ T4052]  el0t_64_sync+0x1a0/0x1a4
[   43.813187][ T4052] ==================================================================
[   43.815091][ T4052] BUG: KASAN: null-ptr-deref in xlog_cil_commit+0x2f4/0x23f4
[   43.816763][ T4052] Write of size 88 at addr 0000000000000000 by task syz-executor590/4052
[   43.818588][ T4052] 
[   43.819113][ T4052] CPU: 0 PID: 4052 Comm: syz-executor590 Not tainted 5.15.98-syzkaller #0
[   43.820912][ T4052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   43.823066][ T4052] Call trace:
[   43.823736][ T4052]  dump_backtrace+0x0/0x530
[   43.824741][ T4052]  show_stack+0x2c/0x3c
[   43.825742][ T4052]  dump_stack_lvl+0x108/0x170
[   43.826784][ T4052]  kasan_report+0x168/0x1e4
[   43.827723][ T4052]  kasan_check_range+0x274/0x2b4
[   43.828819][ T4052]  memset+0x58/0x88
[   43.829607][ T4052]  xlog_cil_commit+0x2f4/0x23f4
[   43.830749][ T4052]  __xfs_trans_commit+0x834/0x1018
[   43.831866][ T4052]  xfs_trans_commit+0x24/0x34
[   43.832902][ T4052]  xfs_fileattr_set+0xe0c/0x15b8
[   43.833936][ T4052]  vfs_fileattr_set+0x708/0xad0
[   43.835014][ T4052]  do_vfs_ioctl+0x1634/0x2a38
[   43.836021][ T4052]  __arm64_sys_ioctl+0xe4/0x1c8
[   43.837092][ T4052]  invoke_syscall+0x98/0x2b8
[   43.838160][ T4052]  el0_svc_common+0x138/0x258
[   43.839211][ T4052]  do_el0_svc+0x58/0x14c
[   43.840207][ T4052]  el0_svc+0x7c/0x1f0
[   43.841137][ T4052]  el0t_64_sync_handler+0x84/0xe4
[   43.842186][ T4052]  el0t_64_sync+0x1a0/0x1a4
[   43.843191][ T4052] ==================================================================
[   43.844970][ T4052] Disabling lock debugging due to kernel taint
[   43.847892][ T4052] Unable to handle kernel paging request at virtual address dfff800000000003
[   43.849745][ T4052] Mem abort info:
[   43.850652][ T4052]   ESR = 0x0000000096000006
[   43.851625][ T4052]   EC = 0x25: DABT (current EL), IL = 32 bits
[   43.853093][ T4052]   SET = 0, FnV = 0
[   43.854032][ T4052]   EA = 0, S1PTW = 0
[   43.854857][ T4052]   FSC = 0x06: level 2 translation fault
[   43.856126][ T4052] Data abort info:
[   43.856967][ T4052]   ISV = 0, ISS = 0x00000006
[   43.857978][ T4052]   CM = 0, WnR = 0
[   43.858751][ T4052] [dfff800000000003] address between user and kernel address ranges
[   43.860467][ T4052] Internal error: Oops: 96000006 [#1] PREEMPT SMP
[   43.861829][ T4052] Modules linked in:
[   43.862669][ T4052] CPU: 0 PID: 4052 Comm: syz-executor590 Tainted: G    B             5.15.98-syzkaller #0
[   43.864923][ T4052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   43.867069][ T4052] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   43.868759][ T4052] pc : xlog_cil_commit+0x304/0x23f4
[   43.869881][ T4052] lr : xlog_cil_commit+0x2f4/0x23f4
[   43.871087][ T4052] sp : ffff80001afa74e0
[   43.871965][ T4052] x29: ffff80001afa7600 x28: ffff0000dbdef000 x27: 1ffff000035f4eb8
[   43.873674][ T4052] x26: dfff800000000000 x25: 0000000000000000 x24: ffff0000dbdef010
[   43.875535][ T4052] x23: 0000000000000150 x22: 1fffe0001b7bde10 x21: ffff0000dbdef080
[   43.877272][ T4052] x20: 0000000000000002 x19: dfff800000000000 x18: 1fffe000368fe38e
[   43.879076][ T4052] x17: 1fffe000368fe38e x16: ffff800011979fe4 x15: ffff8000149cf960
[   43.880903][ T4052] x14: ffff0001b47f1c80 x13: ffffffffffffffff x12: 0000000000000000
[   43.882710][ T4052] x11: ff8080000819ea4c x10: 0000000000000000 x9 : 0000000000000000
[   43.884413][ T4052] x8 : 0000000000000003 x7 : 0000000000000000 x6 : ffff80000826bc28
[   43.886212][ T4052] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80000819ea18
[   43.887928][ T4052] x2 : 0000000000000001 x1 : 0000000000000001 x0 : 0000000000000018
[   43.889684][ T4052] Call trace:
[   43.890344][ T4052]  xlog_cil_commit+0x304/0x23f4
[   43.891410][ T4052]  __xfs_trans_commit+0x834/0x1018
[   43.892588][ T4052]  xfs_trans_commit+0x24/0x34
[   43.893549][ T4052]  xfs_fileattr_set+0xe0c/0x15b8
[   43.894602][ T4052]  vfs_fileattr_set+0x708/0xad0
[   43.895668][ T4052]  do_vfs_ioctl+0x1634/0x2a38
[   43.896672][ T4052]  __arm64_sys_ioctl+0xe4/0x1c8
[   43.897746][ T4052]  invoke_syscall+0x98/0x2b8
[   43.898696][ T4052]  el0_svc_common+0x138/0x258
[   43.899751][ T4052]  do_el0_svc+0x58/0x14c
[   43.900696][ T4052]  el0_svc+0x7c/0x1f0
[   43.901592][ T4052]  el0t_64_sync_handler+0x84/0xe4
[   43.902619][ T4052]  el0t_64_sync+0x1a0/0x1a4
[   43.903587][ T4052] Code: 91006320 d2d0001a d343fc08 f2fbfffa (38736908) 
[   43.905094][ T4052] ---[ end trace 74bcdfbab03f3b82 ]---
[   44.228344][ T4052] Kernel panic - not syncing: Oops: Fatal exception
[   44.229872][ T4052] SMP: stopping secondary CPUs
[   44.230932][ T4052] Kernel Offset: disabled
[   44.231931][ T4052] CPU features: 0x000081c1,21302e40
[   44.233060][ T4052] Memory Limit: none
[   44.581475][ T4052] Rebooting in 86400 seconds..