[ 15.333705][ T5647] 8021q: adding VLAN 0 to HW filter on device bond0 [ 15.338298][ T5647] eql: remember to turn off Van-Jacobson compression on your slave devices [ 15.383503][ T10] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 15.386559][ T3489] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.139' (ECDSA) to the list of known hosts. syzkaller login: [ 36.170895][ T5973] chnl_net:caif_netlink_parms(): no params data found [ 36.200724][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.202254][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.203816][ T5973] bridge_slave_0: entered allmulticast mode [ 36.205578][ T5973] bridge_slave_0: entered promiscuous mode [ 36.209776][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.211257][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.212924][ T5973] bridge_slave_1: entered allmulticast mode [ 36.214592][ T5973] bridge_slave_1: entered promiscuous mode [ 36.226674][ T5973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.230477][ T5973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.242823][ T5973] team0: Port device team_slave_0 added [ 36.245356][ T5973] team0: Port device team_slave_1 added [ 36.255708][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.257134][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.262883][ T5973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.266708][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.268196][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.273901][ T5973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.330869][ T5973] hsr_slave_0: entered promiscuous mode [ 36.369413][ T5973] hsr_slave_1: entered promiscuous mode [ 36.467247][ T5973] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 36.502056][ T5973] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 36.540972][ T5973] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 36.580798][ T5973] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 36.632542][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.634197][ T5973] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.635989][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.637462][ T5973] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.666201][ T5973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.674835][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 36.678115][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.681459][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.683792][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 36.689820][ T5973] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.700279][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.702372][ T5558] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.703843][ T5558] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.705503][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.707755][ T5558] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.709282][ T5558] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.717412][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 36.719862][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 36.723258][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 36.732226][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.734287][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.738600][ T5973] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 36.749922][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 36.751636][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 36.756794][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.766461][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.777231][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.781251][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 36.783223][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 36.787158][ T5973] veth0_vlan: entered promiscuous mode [ 36.792822][ T5973] veth1_vlan: entered promiscuous mode [ 36.805331][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 36.807271][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 36.809720][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.813496][ T5973] veth0_macvtap: entered promiscuous mode [ 36.816845][ T5973] veth1_macvtap: entered promiscuous mode [ 36.826282][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.827950][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 36.830665][ T5555] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 36.834955][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.836729][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 36.841731][ T5973] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.843597][ T5973] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.845424][ T5973] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.847240][ T5973] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.885845][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.887608][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.896236][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 36.901217][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.902859][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.905142][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready executing program [ 36.910591][ T5973] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5973 'syz-executor287' [ 37.071784][ T5973] loop0: detected capacity change from 0 to 32768 [ 37.075985][ T5973] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor287 (5973) [ 37.083940][ T5973] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 37.085914][ T5973] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11 [ 37.088136][ T5973] BTRFS info (device loop0): doing ref verification [ 37.089999][ T5973] BTRFS info (device loop0): using free space tree [ 37.103173][ T5973] BTRFS info (device loop0): enabling ssd optimizations [ 37.104550][ T5973] BTRFS info (device loop0): auto enabling async discard [ 37.145799][ T5973] FAULT_INJECTION: forcing a failure. [ 37.145799][ T5973] name failslab, interval 1, probability 0, space 0, times 1 [ 37.148678][ T5973] CPU: 0 PID: 5973 Comm: syz-executor287 Not tainted 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 [ 37.150688][ T5973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 37.152925][ T5973] Call trace: [ 37.153614][ T5973] dump_backtrace+0x1b8/0x1e4 [ 37.154740][ T5973] show_stack+0x2c/0x44 [ 37.155672][ T5973] dump_stack_lvl+0xd0/0x124 [ 37.156720][ T5973] dump_stack+0x1c/0x28 [ 37.157540][ T5973] should_fail_ex+0x3f8/0x5c4 [ 37.158540][ T5973] __should_failslab+0xc8/0x128 [ 37.159682][ T5973] should_failslab+0x10/0x28 [ 37.160564][ T5973] __kmem_cache_alloc_node+0x80/0x388 [ 37.161739][ T5973] kmalloc_trace+0x3c/0x88 [ 37.162619][ T5973] ulist_add_merge+0x144/0x424 [ 37.163405][ T5973] ulist_add+0x40/0x54 [ 37.164208][ T5973] clear_state_bit+0x10c/0x2cc [ 37.165195][ T5973] __clear_extent_bit+0x56c/0xaf0 [ 37.166272][ T5973] clear_record_extent_bits+0x64/0xa0 [ 37.167429][ T5973] __btrfs_qgroup_release_data+0x3c0/0x9b4 [ 37.168665][ T5973] btrfs_qgroup_free_data+0x40/0x54 [ 37.169939][ T5973] btrfs_invalidate_folio+0x56c/0xa18 [ 37.171123][ T5973] truncate_cleanup_folio+0x1f4/0x3bc [ 37.172223][ T5973] truncate_inode_pages_range+0x230/0xf74 [ 37.173451][ T5973] truncate_setsize+0xd8/0x104 [ 37.174395][ T5973] btrfs_setattr+0x550/0xf34 [ 37.175399][ T5973] notify_change+0xa84/0xd20 [ 37.176412][ T5973] do_truncate+0x1c0/0x28c [ 37.177455][ T5973] do_sys_ftruncate+0x284/0x318 [ 37.178496][ T5973] __arm64_sys_ftruncate+0x60/0x74 [ 37.179588][ T5973] invoke_syscall+0x98/0x2c0 [ 37.180558][ T5973] el0_svc_common+0x138/0x244 [ 37.181538][ T5973] do_el0_svc+0x64/0x198 [ 37.182539][ T5973] el0_svc+0x4c/0x160 [ 37.183332][ T5973] el0t_64_sync_handler+0x84/0xfc [ 37.184353][ T5973] el0t_64_sync+0x190/0x194 [ 37.185878][ T5973] ------------[ cut here ]------------ [ 37.187065][ T5973] kernel BUG at fs/btrfs/extent-io-tree.c:515! [ 37.188541][ T5973] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP [ 37.190135][ T5973] Modules linked in: [ 37.190979][ T5973] CPU: 0 PID: 5973 Comm: syz-executor287 Not tainted 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 [ 37.193028][ T5973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 37.195107][ T5973] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 37.196768][ T5973] pc : clear_state_bit+0x2c8/0x2cc [ 37.197789][ T5973] lr : clear_state_bit+0x2c8/0x2cc [ 37.198900][ T5973] sp : ffff8000968a71a0 [ 37.199773][ T5973] x29: ffff8000968a71a0 x28: 0000000000000fff x27: ffff0000d0cc8d88 [ 37.201524][ T5973] x26: 0000000000000000 x25: dfff800000000000 x24: 0000000000000800 [ 37.203273][ T5973] x23: 0000000000000fff x22: 00000000fffffff4 x21: 0000000000000000 [ 37.205036][ T5973] x20: ffff0000e0ba1370 x19: ffff0000d0cc8d80 x18: ffff8000968a6600 [ 37.206640][ T5973] x17: 0000000000000000 x16: ffff80008a443320 x15: 0000000000000002 [ 37.208275][ T5973] x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001 [ 37.209864][ T5973] x11: 0000000000000001 x10: 0000000000000000 x9 : 0000000000000000 [ 37.211632][ T5973] x8 : ffff0000d77bd340 x7 : 0000000000000001 x6 : 0000000000000001 [ 37.213072][ T10] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 37.213246][ T5973] x5 : 00000000ffffffff x4 : 0000000000000820 x3 : 0000000000000820 [ 37.216910][ T5973] x2 : 0000000000000038 x1 : 00000000fffffff4 x0 : 0000000000000000 [ 37.218539][ T5973] Call trace: [ 37.219265][ T5973] clear_state_bit+0x2c8/0x2cc [ 37.220233][ T5973] __clear_extent_bit+0x56c/0xaf0 [ 37.221283][ T5973] clear_record_extent_bits+0x64/0xa0 [ 37.222470][ T5973] __btrfs_qgroup_release_data+0x3c0/0x9b4 [ 37.223685][ T5973] btrfs_qgroup_free_data+0x40/0x54 [ 37.224711][ T5973] btrfs_invalidate_folio+0x56c/0xa18 [ 37.225798][ T5973] truncate_cleanup_folio+0x1f4/0x3bc [ 37.227030][ T5973] truncate_inode_pages_range+0x230/0xf74 [ 37.228271][ T5973] truncate_setsize+0xd8/0x104 [ 37.229317][ T5973] btrfs_setattr+0x550/0xf34 [ 37.230253][ T5973] notify_change+0xa84/0xd20 [ 37.231184][ T5973] do_truncate+0x1c0/0x28c [ 37.232201][ T5973] do_sys_ftruncate+0x284/0x318 [ 37.233194][ T5973] __arm64_sys_ftruncate+0x60/0x74 [ 37.234311][ T5973] invoke_syscall+0x98/0x2c0 [ 37.235222][ T5973] el0_svc_common+0x138/0x244 [ 37.236356][ T5973] do_el0_svc+0x64/0x198 [ 37.237286][ T5973] el0_svc+0x4c/0x160 [ 37.238137][ T5973] el0t_64_sync_handler+0x84/0xfc [ 37.239172][ T5973] el0t_64_sync+0x190/0x194 [ 37.240164][ T5973] Code: aa1603e0 9798d687 17ffffb4 9786a87d (d4210000) [ 37.241599][ T5973] ---[ end trace 0000000000000000 ]--- [ 37.568007][ T5973] Kernel panic - not syncing: Oops - BUG: Fatal exception [ 37.569533][ T5973] SMP: stopping secondary CPUs [ 37.570523][ T5973] Kernel Offset: disabled [ 37.571414][ T5973] CPU features: 0x0000004,0e008010,c4017203 [ 37.572673][ T5973] Memory Limit: none [ 37.901658][ T5973] Rebooting in 86400 seconds..