Warning: Permanently added '10.128.10.22' (ED25519) to the list of known hosts.
[   74.363475][ T4245] chnl_net:caif_netlink_parms(): no params data found
[   74.414789][ T4245] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.422114][ T4245] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.432075][ T4245] device bridge_slave_0 entered promiscuous mode
[   74.442144][ T4245] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.449478][ T4245] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.457627][ T4245] device bridge_slave_1 entered promiscuous mode
[   74.482491][ T4245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.493870][ T4245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.519742][ T4245] team0: Port device team_slave_0 added
[   74.528802][ T4245] team0: Port device team_slave_1 added
[   74.549740][ T4245] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.556776][ T4245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.582722][ T4245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.595849][ T4245] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.602904][ T4245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.628852][ T4245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.663585][ T4245] device hsr_slave_0 entered promiscuous mode
[   74.671751][ T4245] device hsr_slave_1 entered promiscuous mode
[   74.776645][ T4245] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   74.787343][ T4245] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   74.798486][ T4245] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   74.808253][ T4245] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   74.831469][ T4245] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.838727][ T4245] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.846791][ T4245] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.853904][ T4245] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.905782][ T4245] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.921104][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   74.932968][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.941562][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.950631][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   74.964572][ T4245] 8021q: adding VLAN 0 to HW filter on device team0
[   74.978939][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   74.987484][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.994558][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.008005][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   75.017159][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.024240][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.043935][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   75.052937][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   75.064908][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   75.078999][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   75.091557][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   75.102521][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   75.122332][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   75.129978][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   75.143677][ T4245] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.162378][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   75.184120][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   75.193709][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   75.202246][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   75.213558][ T4245] device veth0_vlan entered promiscuous mode
[   75.226459][ T4245] device veth1_vlan entered promiscuous mode
[   75.247471][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   75.255678][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   75.264662][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   75.276319][ T4245] device veth0_macvtap entered promiscuous mode
[   75.288646][ T4245] device veth1_macvtap entered promiscuous mode
[   75.306819][ T4245] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.314345][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   75.324607][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   75.337859][ T4245] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.345738][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   75.358099][ T4245] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.368952][ T4245] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.378115][ T4245] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.387429][ T4245] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.449973][ T4245] loop0: detected capacity change from 0 to 2048
[   75.462350][ T4245] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   75.479636][ T4245] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   78.669921][ T4245] ==================================================================
[   78.678046][ T4245] BUG: KASAN: use-after-free in crc_itu_t+0x218/0x2a0
[   78.684882][ T4245] Read of size 1 at addr ffff888029279000 by task syz-executor273/4245
[   78.693150][ T4245] 
[   78.695519][ T4245] CPU: 0 PID: 4245 Comm: syz-executor273 Not tainted 6.1.123-syzkaller #0
[   78.704039][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   78.714144][ T4245] Call Trace:
[   78.717459][ T4245]  <TASK>
[   78.720417][ T4245]  dump_stack_lvl+0x1e3/0x2cb
[   78.725171][ T4245]  ? nf_tcp_handle_invalid+0x642/0x642
[   78.730663][ T4245]  ? panic+0x764/0x764
[   78.734757][ T4245]  ? _printk+0xd1/0x111
[   78.738924][ T4245]  ? __virt_addr_valid+0x17f/0x530
[   78.744069][ T4245]  ? __virt_addr_valid+0x17f/0x530
[   78.749193][ T4245]  print_report+0x15f/0x4f0
[   78.753706][ T4245]  ? __virt_addr_valid+0x17f/0x530
[   78.758865][ T4245]  ? __virt_addr_valid+0x17f/0x530
[   78.763986][ T4245]  ? __virt_addr_valid+0x45b/0x530
[   78.769106][ T4245]  ? __phys_addr+0xb6/0x170
[   78.773624][ T4245]  ? crc_itu_t+0x218/0x2a0
[   78.778050][ T4245]  kasan_report+0x136/0x160
[   78.782594][ T4245]  ? crc_itu_t+0x218/0x2a0
[   78.787039][ T4245]  crc_itu_t+0x218/0x2a0
[   78.791317][ T4245]  udf_sync_fs+0x1ce/0x380
[   78.795756][ T4245]  ? udf_put_super+0x160/0x160
[   78.800536][ T4245]  ? get_nr_dirty_inodes+0x2ab/0x2e0
[   78.805838][ T4245]  sync_filesystem+0xe8/0x220
[   78.810549][ T4245]  generic_shutdown_super+0x6b/0x340
[   78.815856][ T4245]  kill_block_super+0x7a/0xe0
[   78.820562][ T4245]  deactivate_locked_super+0xa0/0x110
[   78.825957][ T4245]  cleanup_mnt+0x490/0x520
[   78.830386][ T4245]  ? lockdep_hardirqs_on+0x94/0x130
[   78.835681][ T4245]  task_work_run+0x246/0x300
[   78.840283][ T4245]  ? kasan_quarantine_put+0xd4/0x220
[   78.845575][ T4245]  ? task_work_cancel+0x2e0/0x2e0
[   78.850608][ T4245]  ? kmem_cache_free+0x292/0x510
[   78.855557][ T4245]  ? do_exit+0xa69/0x26a0
[   78.859903][ T4245]  do_exit+0xa6e/0x26a0
[   78.864071][ T4245]  ? put_task_struct+0x80/0x80
[   78.868847][ T4245]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   78.874864][ T4245]  ? print_irqtrace_events+0x210/0x210
[   78.880350][ T4245]  ? _raw_spin_unlock_irq+0x1f/0x40
[   78.885567][ T4245]  ? lockdep_hardirqs_on+0x94/0x130
[   78.890801][ T4245]  do_group_exit+0x202/0x2b0
[   78.895413][ T4245]  __x64_sys_exit_group+0x3b/0x40
[   78.900449][ T4245]  do_syscall_64+0x3b/0xb0
[   78.904877][ T4245]  ? clear_bhb_loop+0x45/0xa0
[   78.909559][ T4245]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   78.915548][ T4245] RIP: 0033:0x7fe3c6719cf9
[   78.920117][ T4245] Code: Unable to access opcode bytes at 0x7fe3c6719ccf.
[   78.927133][ T4245] RSP: 002b:00007ffe816b3ab8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   78.935549][ T4245] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fe3c6719cf9
[   78.943522][ T4245] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   78.951494][ T4245] RBP: 00007fe3c67a2390 R08: ffffffffffffffb8 R09: 0000000000000000
[   78.959467][ T4245] R10: 00000000200023c3 R11: 0000000000000246 R12: 00007fe3c67a2390
[   78.967441][ T4245] R13: 0000000000000000 R14: 00007fe3c67a51c0 R15: 00007fe3c66e04f0
[   78.975423][ T4245]  </TASK>
[   78.978443][ T4245] 
[   78.980762][ T4245] Allocated by task 4103:
[   78.985083][ T4245]  kasan_set_track+0x4b/0x70
[   78.989677][ T4245]  __kasan_slab_alloc+0x65/0x70
[   78.994524][ T4245]  slab_post_alloc_hook+0x52/0x3a0
[   78.999643][ T4245]  kmem_cache_alloc+0x10c/0x2d0
[   79.004499][ T4245]  vm_area_dup+0x23/0x1b0
[   79.008826][ T4245]  __split_vma+0xcc/0x4c0
[   79.013153][ T4245]  mprotect_fixup+0x753/0x840
[   79.017830][ T4245]  do_mprotect_pkey+0x8b6/0xbe0
[   79.022682][ T4245]  __x64_sys_mprotect+0x7c/0x90
[   79.027532][ T4245]  do_syscall_64+0x3b/0xb0
[   79.031958][ T4245]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.037866][ T4245] 
[   79.040189][ T4245] Freed by task 4103:
[   79.044163][ T4245]  kasan_set_track+0x4b/0x70
[   79.048755][ T4245]  kasan_save_free_info+0x27/0x40
[   79.053783][ T4245]  ____kasan_slab_free+0xd6/0x120
[   79.058806][ T4245]  kmem_cache_free+0x292/0x510
[   79.063574][ T4245]  exit_mmap+0x4cf/0x980
[   79.067814][ T4245]  __mmput+0x115/0x3c0
[   79.071923][ T4245]  exit_mm+0x226/0x300
[   79.076006][ T4245]  do_exit+0x9f1/0x26a0
[   79.080169][ T4245]  do_group_exit+0x202/0x2b0
[   79.084769][ T4245]  __x64_sys_exit_group+0x3b/0x40
[   79.089802][ T4245]  do_syscall_64+0x3b/0xb0
[   79.094312][ T4245]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.100215][ T4245] 
[   79.102536][ T4245] The buggy address belongs to the object at ffff888029279000
[   79.102536][ T4245]  which belongs to the cache vm_area_struct of size 152
[   79.116849][ T4245] The buggy address is located 0 bytes inside of
[   79.116849][ T4245]  152-byte region [ffff888029279000, ffff888029279098)
[   79.129952][ T4245] 
[   79.132280][ T4245] The buggy address belongs to the physical page:
[   79.138695][ T4245] page:ffffea0000a49e40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29279
[   79.148846][ T4245] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[   79.156410][ T4245] raw: 00fff00000000200 ffffea0000c7eb00 dead000000000008 ffff888140008b40
[   79.165015][ T4245] raw: 0000000000000000 0000000000120012 00000001ffffffff 0000000000000000
[   79.173591][ T4245] page dumped because: kasan: bad access detected
[   79.180024][ T4245] page_owner tracks the page as allocated
[   79.185731][ T4245] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 3620, tgid 3620 (S10udev), ts 30516850276, free_ts 30513015777
[   79.203619][ T4245]  post_alloc_hook+0x18d/0x1b0
[   79.208392][ T4245]  get_page_from_freelist+0x3731/0x38d0
[   79.213942][ T4245]  __alloc_pages+0x28d/0x770
[   79.218980][ T4245]  alloc_slab_page+0x6a/0x150
[   79.223665][ T4245]  new_slab+0x84/0x2d0
[   79.227739][ T4245]  ___slab_alloc+0xc20/0x1270
[   79.232545][ T4245]  kmem_cache_alloc+0x1a5/0x2d0
[   79.237405][ T4245]  vm_area_dup+0x23/0x1b0
[   79.241734][ T4245]  copy_mm+0xbbc/0x1990
[   79.245897][ T4245]  copy_process+0x19d5/0x4060
[   79.250583][ T4245]  kernel_clone+0x222/0x920
[   79.255086][ T4245]  __x64_sys_clone+0x231/0x280
[   79.259853][ T4245]  do_syscall_64+0x3b/0xb0
[   79.264540][ T4245]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.270446][ T4245] page last free stack trace:
[   79.275123][ T4245]  free_unref_page_prepare+0x12a6/0x15b0
[   79.280761][ T4245]  free_unref_page_list+0x663/0x900
[   79.285965][ T4245]  release_pages+0x24c4/0x27a0
[   79.290730][ T4245]  tlb_flush_mmu+0xfc/0x210
[   79.295235][ T4245]  tlb_finish_mmu+0xce/0x1f0
[   79.299830][ T4245]  exit_mmap+0x3b3/0x980
[   79.304072][ T4245]  __mmput+0x115/0x3c0
[   79.308142][ T4245]  exit_mm+0x226/0x300
[   79.312215][ T4245]  do_exit+0x9f1/0x26a0
[   79.316376][ T4245]  do_group_exit+0x202/0x2b0
[   79.320973][ T4245]  __x64_sys_exit_group+0x3b/0x40
[   79.326004][ T4245]  do_syscall_64+0x3b/0xb0
[   79.330432][ T4245]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.336344][ T4245] 
[   79.338670][ T4245] Memory state around the buggy address:
[   79.344298][ T4245]  ffff888029278f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   79.352361][ T4245]  ffff888029278f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   79.360423][ T4245] >ffff888029279000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   79.368496][ T4245]                    ^
[   79.372569][ T4245]  ffff888029279080: fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb
[   79.380661][ T4245]  ffff888029279100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[   79.388722][ T4245] ==================================================================
[   79.403785][ T4245] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   79.411018][ T4245] CPU: 1 PID: 4245 Comm: syz-executor273 Not tainted 6.1.123-syzkaller #0
[   79.419535][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.429592][ T4245] Call Trace:
[   79.432871][ T4245]  <TASK>
[   79.435804][ T4245]  dump_stack_lvl+0x1e3/0x2cb
[   79.440499][ T4245]  ? nf_tcp_handle_invalid+0x642/0x642
[   79.445975][ T4245]  ? panic+0x764/0x764
[   79.450067][ T4245]  ? preempt_schedule_common+0xa6/0xd0
[   79.455541][ T4245]  ? vscnprintf+0x59/0x80
[   79.459966][ T4245]  panic+0x318/0x764
[   79.463865][ T4245]  ? check_panic_on_warn+0x1d/0xa0
[   79.468982][ T4245]  ? memcpy_page_flushcache+0xfc/0xfc
[   79.474357][ T4245]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   79.480342][ T4245]  ? _raw_spin_unlock+0x40/0x40
[   79.485286][ T4245]  ? print_report+0x4a3/0x4f0
[   79.489970][ T4245]  check_panic_on_warn+0x7e/0xa0
[   79.494915][ T4245]  ? crc_itu_t+0x218/0x2a0
[   79.499379][ T4245]  end_report+0x66/0x110
[   79.503630][ T4245]  kasan_report+0x143/0x160
[   79.508142][ T4245]  ? crc_itu_t+0x218/0x2a0
[   79.512583][ T4245]  crc_itu_t+0x218/0x2a0
[   79.516841][ T4245]  udf_sync_fs+0x1ce/0x380
[   79.521268][ T4245]  ? udf_put_super+0x160/0x160
[   79.526041][ T4245]  ? get_nr_dirty_inodes+0x2ab/0x2e0
[   79.531371][ T4245]  sync_filesystem+0xe8/0x220
[   79.536056][ T4245]  generic_shutdown_super+0x6b/0x340
[   79.541352][ T4245]  kill_block_super+0x7a/0xe0
[   79.546042][ T4245]  deactivate_locked_super+0xa0/0x110
[   79.551443][ T4245]  cleanup_mnt+0x490/0x520
[   79.555907][ T4245]  ? lockdep_hardirqs_on+0x94/0x130
[   79.561112][ T4245]  task_work_run+0x246/0x300
[   79.565719][ T4245]  ? kasan_quarantine_put+0xd4/0x220
[   79.571011][ T4245]  ? task_work_cancel+0x2e0/0x2e0
[   79.576048][ T4245]  ? kmem_cache_free+0x292/0x510
[   79.581080][ T4245]  ? do_exit+0xa69/0x26a0
[   79.585422][ T4245]  do_exit+0xa6e/0x26a0
[   79.589593][ T4245]  ? put_task_struct+0x80/0x80
[   79.594386][ T4245]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   79.600406][ T4245]  ? print_irqtrace_events+0x210/0x210
[   79.605879][ T4245]  ? _raw_spin_unlock_irq+0x1f/0x40
[   79.611097][ T4245]  ? lockdep_hardirqs_on+0x94/0x130
[   79.616309][ T4245]  do_group_exit+0x202/0x2b0
[   79.620918][ T4245]  __x64_sys_exit_group+0x3b/0x40
[   79.625967][ T4245]  do_syscall_64+0x3b/0xb0
[   79.630395][ T4245]  ? clear_bhb_loop+0x45/0xa0
[   79.635076][ T4245]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   79.640984][ T4245] RIP: 0033:0x7fe3c6719cf9
[   79.645399][ T4245] Code: Unable to access opcode bytes at 0x7fe3c6719ccf.
[   79.652426][ T4245] RSP: 002b:00007ffe816b3ab8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   79.660877][ T4245] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fe3c6719cf9
[   79.668969][ T4245] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   79.676951][ T4245] RBP: 00007fe3c67a2390 R08: ffffffffffffffb8 R09: 0000000000000000
[   79.685294][ T4245] R10: 00000000200023c3 R11: 0000000000000246 R12: 00007fe3c67a2390
[   79.693295][ T4245] R13: 0000000000000000 R14: 00007fe3c67a51c0 R15: 00007fe3c66e04f0
[   79.701299][ T4245]  </TASK>
[   79.704623][ T4245] Kernel Offset: disabled
[   79.709056][ T4245] Rebooting in 86400 seconds..