Warning: Permanently added '10.128.1.226' (ED25519) to the list of known hosts. 1970/01/01 00:00:58 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:00:58 ignoring optional flag "type"="gce" 1970/01/01 00:00:58 parsed 1 programs 1970/01/01 00:00:58 executed programs: 0 [ 58.751364][ T4302] chnl_net:caif_netlink_parms(): no params data found [ 58.787011][ T4302] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.788906][ T4302] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.791327][ T4302] device bridge_slave_0 entered promiscuous mode [ 58.796641][ T4302] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.798532][ T4302] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.801037][ T4302] device bridge_slave_1 entered promiscuous mode [ 58.822786][ T4302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.827778][ T4302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.846456][ T4302] team0: Port device team_slave_0 added [ 58.850595][ T4302] team0: Port device team_slave_1 added [ 58.865479][ T4302] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.867274][ T4302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.873769][ T4302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.880139][ T4302] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.881871][ T4302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.888988][ T4302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.936031][ T4302] device hsr_slave_0 entered promiscuous mode [ 58.985641][ T4302] device hsr_slave_1 entered promiscuous mode [ 59.786850][ T4302] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.810029][ T4302] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.846166][ T4302] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.897761][ T4302] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.988330][ T4302] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.996996][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.999195][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.003700][ T4302] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.009326][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.011770][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.015446][ T148] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.017167][ T148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.019708][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.028470][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.031144][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.033422][ T148] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.035259][ T148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.038297][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 60.050825][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.053378][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.057912][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.060390][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.062871][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.066591][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.068842][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.075982][ T4302] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.078991][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 60.081202][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.083581][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.086452][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.157573][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 60.159380][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 60.168372][ T4302] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.182605][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 60.185805][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.200319][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 60.202623][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.206580][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.208862][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.212691][ T4302] device veth0_vlan entered promiscuous mode [ 60.220459][ T4302] device veth1_vlan entered promiscuous mode [ 60.236802][ T255] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 60.239037][ T255] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 60.241266][ T255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.243587][ T255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.250295][ T4302] device veth0_macvtap entered promiscuous mode [ 60.253994][ T4302] device veth1_macvtap entered promiscuous mode [ 60.267090][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.268789][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.270891][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 60.273117][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.276909][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.282719][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.288368][ T255] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.290703][ T255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.294058][ T4302] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.297897][ T4302] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.299944][ T4302] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.301699][ T4302] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.361217][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.363055][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.368210][ T255] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.393115][ T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.395426][ T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.399149][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.503961][ T4416] loop0: detected capacity change from 0 to 8192 [ 60.510824][ T4416] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 60.513193][ T4416] REISERFS (device loop0): using ordered data mode [ 60.516503][ T4416] reiserfs: using flush barriers [ 60.518699][ T4416] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 60.522448][ T4416] REISERFS (device loop0): checking transaction log (loop0) [ 60.528568][ T4416] REISERFS (device loop0): Using r5 hash to sort names [ 60.530422][ T4416] REISERFS (device loop0): using 3.5.x disk format [ 60.532718][ T4416] ================================================================== [ 60.534678][ T4416] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x504/0x944 [ 60.536498][ T4416] Read of size 18446744073709551584 at addr ffff0000e18a7fa4 by task syz-executor.0/4416 [ 60.538801][ T4416] [ 60.539314][ T4416] CPU: 0 PID: 4416 Comm: syz-executor.0 Not tainted 5.15.167-syzkaller #0 [ 60.541271][ T4416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 60.543562][ T4416] Call trace: [ 60.544403][ T4416] dump_backtrace+0x0/0x530 [ 60.545467][ T4416] show_stack+0x2c/0x3c [ 60.546448][ T4416] dump_stack_lvl+0x108/0x170 [ 60.547511][ T4416] print_address_description+0x7c/0x3f0 [ 60.548664][ T4416] kasan_report+0x174/0x1e4 [ 60.549774][ T4416] kasan_check_range+0x274/0x2b4 [ 60.550970][ T4416] memmove+0x90/0xe8 [ 60.551931][ T4416] leaf_paste_entries+0x504/0x944 [ 60.552935][ T4416] balance_leaf+0xa0d4/0xe860 [ 60.554076][ T4416] do_balance+0x27c/0x790 [ 60.555091][ T4416] reiserfs_paste_into_item+0x630/0x744 [ 60.556344][ T4416] reiserfs_add_entry+0x8c0/0xc8c [ 60.557563][ T4416] reiserfs_mkdir+0x588/0x77c [ 60.558690][ T4416] reiserfs_xattr_init+0x2b0/0x6dc [ 60.559897][ T4416] reiserfs_fill_super+0x1b28/0x1e8c [ 60.561250][ T4416] mount_bdev+0x274/0x370 [ 60.562360][ T4416] get_super_block+0x44/0x58 [ 60.563423][ T4416] legacy_get_tree+0xd4/0x16c [ 60.564565][ T4416] vfs_get_tree+0x90/0x274 [ 60.565537][ T4416] do_new_mount+0x278/0x8fc [ 60.566635][ T4416] path_mount+0x594/0x101c [ 60.567674][ T4416] __arm64_sys_mount+0x510/0x5e0 [ 60.568877][ T4416] invoke_syscall+0x98/0x2b8 [ 60.570000][ T4416] el0_svc_common+0x138/0x258 [ 60.571039][ T4416] do_el0_svc+0x58/0x14c [ 60.572049][ T4416] el0_svc+0x7c/0x1f0 [ 60.573062][ T4416] el0t_64_sync_handler+0x84/0xe4 [ 60.574177][ T4416] el0t_64_sync+0x1a0/0x1a4 [ 60.575292][ T4416] [ 60.575851][ T4416] The buggy address belongs to the page: [ 60.577086][ T4416] page:000000001bea64ce refcount:3 mapcount:0 mapping:000000001caba77b index:0x213 pfn:0x1218a7 [ 60.579430][ T4416] memcg:ffff0000ce38c000 [ 60.580497][ T4416] aops:def_blk_aops ino:700000 [ 60.581739][ T4416] flags: 0x5ffc00000002022(referenced|active|private|node=0|zone=2|lastcpupid=0x7ff) [ 60.584149][ T4416] raw: 05ffc00000002022 0000000000000000 dead000000000122 ffff0000c0494f48 [ 60.586149][ T4416] raw: 0000000000000213 ffff0000de706570 00000003ffffffff ffff0000ce38c000 [ 60.588046][ T4416] page dumped because: kasan: bad access detected [ 60.589572][ T4416] [ 60.590098][ T4416] Memory state around the buggy address: [ 60.591334][ T4416] ffff0000e18a7e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.593088][ T4416] ffff0000e18a7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.594996][ T4416] >ffff0000e18a7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.596959][ T4416] ^ [ 60.598164][ T4416] ffff0000e18a8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 60.600184][ T4416] ffff0000e18a8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 60.602025][ T4416] ================================================================== [ 60.603902][ T4416] Disabling lock debugging due to kernel taint [ 60.612811][ T4416] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376 [ 60.617504][ T4416] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 60.619793][ T4416] REISERFS (device loop0): Remounting filesystem read-only [ 60.621426][ T4416] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [1 2 0x0 SD] stat data [ 60.625911][ T4416] REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount. [ 60.629327][ T4416] REISERFS warning: reiserfs-5094 has_valid_deh_location: directory entry location seems wrong *3.5*[1768256046 1718773107 0x72705f73 UNKNOWN], item_len 16872, item_location 2, free_space(entry_count) 21376 [ 60.633832][ T4416] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 60.636929][ T4416] REISERFS error (device loop0): zam-7001 reiserfs_find_entry: io error [ 60.674883][ T3604] Bluetooth: hci0: command 0x0409 tx timeout [ 60.786451][ T4441] loop0: detected capacity change from 0 to 8192 [ 60.789258][ T4441] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 60.791259][ T4441] REISERFS (device loop0): using ordered data mode [ 60.792787][ T4441] reiserfs: using flush barriers [ 60.795321][ T4441] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 60.798868][ T4441] REISERFS (device loop0): checking transaction log (loop0) [ 60.801008][ T4441] REISERFS (device loop0): Using r5 hash to sort names [ 60.802409][ T4441] REISERFS (device loop0): using 3.5.x disk format [ 60.808783][ T4445] Unable to handle kernel paging request at virtual address dfff80002000000a [ 60.810726][ T4445] Mem abort info: [ 60.811564][ T4445] ESR = 0x0000000096000007 [ 60.812528][ T0] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: console_unlock+0x133c/0x1394 [ 60.814210][ C0] Unable to handle kernel paging request at virtual address dfff800f00000020 [ 60.815031][ T0] SMP: stopping secondary CPUs [ 60.817107][ C0] Mem abort info: [ 60.818875][ C0] ESR = 0x0000000096000005 [ 60.819892][ C0] EC = 0x25: DABT (current EL), IL = 32 bits [ 60.821274][ C0] SET = 0, FnV = 0 [ 60.822070][ C0] EA = 0, S1PTW = 0 [ 60.822857][ C0] FSC = 0x05: level 1 translation fault [ 60.824043][ C0] Data abort info: [ 60.824856][ C0] ISV = 0, ISS = 0x00000005 [ 60.825950][ C0] CM = 0, WnR = 0 [ 60.826791][ C0] [dfff800f00000020] address between user and kernel address ranges [ 60.828491][ C0] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 60.830027][ C0] Modules linked in: [ 60.830769][ C0] CPU: 0 PID: 0 Comm: ÀC?Õ Tainted: G B 5.15.167-syzkaller #0 [ 60.832515][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 60.834666][ C0] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 60.836481][ C0] pc : scheduler_tick+0x1cc/0x41c [ 60.837667][ C0] lr : scheduler_tick+0x1a8/0x41c [ 60.838706][ C0] sp : ffff80001fb35ea0 [ 60.839732][ C0] x29: ffff80001fb35eb0 x28: 1ffff000029581ff x27: dfff800000000000 [ 60.841429][ C0] x26: 0000000000000000 x25: 0000007800000100 x24: 0000000000000000 [ 60.843258][ C0] x23: ffff0001b41a0918 x22: ffff0000dbea3680 x21: 0000000000000000 [ 60.845065][ C0] x20: ffff800014ac0ff8 x19: ffff0001b41a0900 x18: 0000000000000000 [ 60.846916][ C0] x17: ff00000001000000 x16: ffff800011ac23e0 x15: 3c00000023000000 [ 60.848516][ C0] x14: 0000000000000004 x13: 0000000000000000 x12: ffff700003f66bb8 [ 60.850313][ C0] x11: 0000000000010002 x10: 0000000000000003 x9 : 0000000000000000 [ 60.852019][ C0] x8 : 0000000f00000020 x7 : 0000000000000000 x6 : ffff80000825ab78 [ 60.853858][ C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80000830545c [ 60.855795][ C0] x2 : 0000000000000000 x1 : ffff8000120c8040 x0 : 0000000000000001 [ 60.857508][ C0] Code: 9419ed86 f9400328 91022119 d343ff28 (387b6908) [ 60.858910][ C0] ---[ end trace 509389ddb5178a42 ]--- [ 60.883415][ C0] Unable to handle kernel paging request at virtual address dfff80000000007f [ 60.885369][ C0] Mem abort info: [ 60.886155][ C0] ESR = 0x0000000096000006 [ 60.887197][ C0] EC = 0x25: DABT (current EL), IL = 32 bits [ 60.888574][ C0] SET = 0, FnV = 0 [ 60.889458][ C0] EA = 0, S1PTW = 0 [ 60.890411][ C0] FSC = 0x06: level 2 translation fault [ 60.891586][ C0] Data abort info: [ 60.892378][ C0] ISV = 0, ISS = 0x00000006 [ 60.893487][ C0] CM = 0, WnR = 0 [ 60.894379][ C0] [dfff80000000007f] address between user and kernel address ranges [ 61.907829][ T0] SMP: failed to stop secondary CPUs 0-1 [ 61.909121][ T0] Kernel Offset: disabled [ 61.910077][ T0] CPU features: 0x8,000081c1,21302e40 [ 61.911239][ T0] Memory Limit: none [ 61.912066][ T0] pstore: dump skipped in Panic path because of concurrent dump [ 61.913775][ T0] Rebooting in 86400 seconds..