Warning: Permanently added '10.128.1.95' (ECDSA) to the list of known hosts.
[   52.239669][ T3540] chnl_net:caif_netlink_parms(): no params data found
[   52.279231][ T3540] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.287019][ T3540] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.294882][ T3540] device bridge_slave_0 entered promiscuous mode
[   52.304349][ T3540] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.311756][ T3540] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.319828][ T3540] device bridge_slave_1 entered promiscuous mode
[   52.339518][ T3540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.351403][ T3540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.372986][ T3540] team0: Port device team_slave_0 added
[   52.380273][ T3540] team0: Port device team_slave_1 added
[   52.398202][ T3540] batman_adv: batadv0: Adding interface: batadv_slave_0
[   52.405210][ T3540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.431339][ T3540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   52.444352][ T3540] batman_adv: batadv0: Adding interface: batadv_slave_1
[   52.451488][ T3540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.478295][ T3540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   52.507494][ T3540] device hsr_slave_0 entered promiscuous mode
[   52.514492][ T3540] device hsr_slave_1 entered promiscuous mode
[   52.599375][ T3540] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   52.609950][ T3540] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   52.619421][ T3540] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   52.628823][ T3540] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   52.648836][ T3540] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.656017][ T3540] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.663758][ T3540] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.670860][ T3540] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.712744][ T3540] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.725459][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.735748][  T153] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.745591][  T153] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.754070][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   52.768007][ T3540] 8021q: adding VLAN 0 to HW filter on device team0
[   52.779498][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.788244][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.795300][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.817919][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.826989][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.834137][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.842857][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   52.851603][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   52.860027][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.871955][ T3540] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   52.885591][ T3540] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   52.895012][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   52.903147][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.923237][ T3540] 8021q: adding VLAN 0 to HW filter on device batadv0
[   52.934628][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   52.942624][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   52.968364][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   52.977689][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   52.985885][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   52.994949][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   53.004483][ T3540] device veth0_vlan entered promiscuous mode
[   53.016421][ T3540] device veth1_vlan entered promiscuous mode
[   53.032981][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   53.042227][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   53.050811][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   53.060715][ T3540] device veth0_macvtap entered promiscuous mode
[   53.073452][ T3540] device veth1_macvtap entered promiscuous mode
[   53.088523][ T3540] batman_adv: batadv0: Interface activated: batadv_slave_0
[   53.095942][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   53.107350][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   53.118905][ T3540] batman_adv: batadv0: Interface activated: batadv_slave_1
[   53.127457][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   53.139033][ T3540] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.149005][ T3540] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.158160][ T3540] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.167504][ T3540] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.211730][ T3540] loop0: detected capacity change from 0 to 2048
[   53.224651][ T3540] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   53.362601][ T3540] ==================================================================
[   53.370710][ T3540] BUG: KASAN: use-after-free in crc_itu_t+0x1d1/0x2a0
[   53.377515][ T3540] Read of size 1 at addr ffff88807331e000 by task syz-executor495/3540
[   53.385750][ T3540] 
[   53.388079][ T3540] CPU: 1 PID: 3540 Comm: syz-executor495 Not tainted 6.1.31-syzkaller #0
[   53.396468][ T3540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   53.406500][ T3540] Call Trace:
[   53.409761][ T3540]  <TASK>
[   53.412673][ T3540]  dump_stack_lvl+0x1e3/0x2cb
[   53.417355][ T3540]  ? irq_work_queue+0xc6/0x150
[   53.422125][ T3540]  ? nf_tcp_handle_invalid+0x642/0x642
[   53.427572][ T3540]  ? panic+0x75d/0x75d
[   53.431623][ T3540]  ? _printk+0xd1/0x111
[   53.435758][ T3540]  ? _raw_spin_lock_irqsave+0xac/0x120
[   53.441200][ T3540]  print_report+0x15f/0x4f0
[   53.445689][ T3540]  ? time64_to_tm+0x32d/0x4d0
[   53.450349][ T3540]  ? __virt_addr_valid+0x22b/0x2e0
[   53.455444][ T3540]  ? __phys_addr+0xb6/0x170
[   53.459929][ T3540]  ? crc_itu_t+0x1d1/0x2a0
[   53.464330][ T3540]  kasan_report+0x136/0x160
[   53.468908][ T3540]  ? crc_itu_t+0x1d1/0x2a0
[   53.473312][ T3540]  crc_itu_t+0x1d1/0x2a0
[   53.477539][ T3540]  udf_close_lvid+0x57a/0x9a0
[   53.482199][ T3540]  ? udf_open_lvid+0x5a0/0x5a0
[   53.486943][ T3540]  ? clear_inode+0x150/0x150
[   53.491516][ T3540]  ? module_put+0x15a/0x350
[   53.496001][ T3540]  udf_put_super+0xc9/0x160
[   53.500570][ T3540]  ? udf_free_in_core_inode+0x20/0x20
[   53.505924][ T3540]  generic_shutdown_super+0x130/0x340
[   53.511384][ T3540]  kill_block_super+0x7a/0xe0
[   53.516059][ T3540]  deactivate_locked_super+0xa0/0x110
[   53.521514][ T3540]  cleanup_mnt+0x490/0x520
[   53.525918][ T3540]  ? lockdep_hardirqs_on+0x94/0x130
[   53.531102][ T3540]  task_work_run+0x246/0x300
[   53.535673][ T3540]  ? kasan_quarantine_put+0xd4/0x220
[   53.541287][ T3540]  ? task_work_cancel+0x2b0/0x2b0
[   53.546295][ T3540]  ? kmem_cache_free+0x292/0x510
[   53.551212][ T3540]  ? do_exit+0x6f6/0x2300
[   53.555524][ T3540]  do_exit+0x6fb/0x2300
[   53.559760][ T3540]  ? do_group_exit+0x1f2/0x2b0
[   53.564504][ T3540]  ? put_task_struct+0x80/0x80
[   53.569265][ T3540]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   53.575338][ T3540]  ? print_irqtrace_events+0x210/0x210
[   53.580781][ T3540]  ? _raw_spin_unlock_irq+0x1f/0x40
[   53.585965][ T3540]  ? lockdep_hardirqs_on+0x94/0x130
[   53.591164][ T3540]  do_group_exit+0x202/0x2b0
[   53.595744][ T3540]  __x64_sys_exit_group+0x3b/0x40
[   53.600750][ T3540]  do_syscall_64+0x3d/0xb0
[   53.605232][ T3540]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.611116][ T3540] RIP: 0033:0x7f3d1f82d369
[   53.615611][ T3540] Code: Unable to access opcode bytes at 0x7f3d1f82d33f.
[   53.622628][ T3540] RSP: 002b:00007ffcb52ef198 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   53.631031][ T3540] RAX: ffffffffffffffda RBX: 00007f3d1f8b9410 RCX: 00007f3d1f82d369
[   53.638987][ T3540] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   53.646936][ T3540] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000000000000
[   53.654900][ T3540] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007f3d1f8b9410
[   53.662865][ T3540] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   53.670833][ T3540]  </TASK>
[   53.673841][ T3540] 
[   53.676154][ T3540] The buggy address belongs to the physical page:
[   53.682654][ T3540] page:ffffea0001ccc780 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x7331e
[   53.692784][ T3540] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   53.700004][ T3540] raw: 00fff00000000000 ffffea0001ccc7c8 ffffea00012177c8 0000000000000000
[   53.708567][ T3540] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   53.717228][ T3540] page dumped because: kasan: bad access detected
[   53.723645][ T3540] page_owner tracks the page as freed
[   53.729093][ T3540] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 3540, tgid 3540 (syz-executor495), ts 53250130709, free_ts 53354193203
[   53.747999][ T3540]  post_alloc_hook+0x18d/0x1b0
[   53.752835][ T3540]  get_page_from_freelist+0x32ed/0x3480
[   53.758357][ T3540]  __alloc_pages+0x28d/0x770
[   53.762932][ T3540]  __folio_alloc+0xf/0x30
[   53.767252][ T3540]  vma_alloc_folio+0x486/0x990
[   53.772018][ T3540]  handle_mm_fault+0x2e85/0x5330
[   53.776937][ T3540]  exc_page_fault+0x58d/0x790
[   53.781684][ T3540]  asm_exc_page_fault+0x22/0x30
[   53.786688][ T3540] page last free stack trace:
[   53.791337][ T3540]  free_unref_page_prepare+0xf63/0x1120
[   53.796868][ T3540]  free_unref_page_list+0x107/0x810
[   53.802046][ T3540]  release_pages+0x2836/0x2b40
[   53.806806][ T3540]  tlb_flush_mmu+0xfc/0x210
[   53.811294][ T3540]  tlb_finish_mmu+0xce/0x1f0
[   53.815864][ T3540]  exit_mmap+0x3c3/0x9f0
[   53.820098][ T3540]  __mmput+0x115/0x3c0
[   53.824151][ T3540]  exit_mm+0x226/0x300
[   53.828205][ T3540]  do_exit+0x67e/0x2300
[   53.832339][ T3540]  do_group_exit+0x202/0x2b0
[   53.837430][ T3540]  __x64_sys_exit_group+0x3b/0x40
[   53.842441][ T3540]  do_syscall_64+0x3d/0xb0
[   53.846839][ T3540]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.852709][ T3540] 
[   53.855011][ T3540] Memory state around the buggy address:
[   53.860714][ T3540]  ffff88807331df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.869023][ T3540]  ffff88807331df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.877080][ T3540] >ffff88807331e000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   53.885116][ T3540]                    ^
[   53.889163][ T3540]  ffff88807331e080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   53.897215][ T3540]  ffff88807331e100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   53.905254][ T3540] ==================================================================
[   53.924918][ T3540] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   53.932144][ T3540] CPU: 1 PID: 3540 Comm: syz-executor495 Not tainted 6.1.31-syzkaller #0
[   53.940544][ T3540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   53.950591][ T3540] Call Trace:
[   53.953859][ T3540]  <TASK>
[   53.956792][ T3540]  dump_stack_lvl+0x1e3/0x2cb
[   53.961464][ T3540]  ? nf_tcp_handle_invalid+0x642/0x642
[   53.966915][ T3540]  ? panic+0x75d/0x75d
[   53.970973][ T3540]  ? preempt_schedule_common+0xa6/0xd0
[   53.976426][ T3540]  ? vscnprintf+0x59/0x80
[   53.980745][ T3540]  panic+0x318/0x75d
[   53.984629][ T3540]  ? check_panic_on_warn+0x1d/0xa0
[   53.989731][ T3540]  ? memcpy_page_flushcache+0xfc/0xfc
[   53.995096][ T3540]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   54.001066][ T3540]  ? _raw_spin_unlock+0x40/0x40
[   54.005906][ T3540]  ? print_report+0x4a3/0x4f0
[   54.010577][ T3540]  check_panic_on_warn+0x7e/0xa0
[   54.015505][ T3540]  ? crc_itu_t+0x1d1/0x2a0
[   54.019916][ T3540]  end_report+0x66/0x110
[   54.024153][ T3540]  kasan_report+0x143/0x160
[   54.028650][ T3540]  ? crc_itu_t+0x1d1/0x2a0
[   54.033059][ T3540]  crc_itu_t+0x1d1/0x2a0
[   54.037469][ T3540]  udf_close_lvid+0x57a/0x9a0
[   54.042152][ T3540]  ? udf_open_lvid+0x5a0/0x5a0
[   54.046910][ T3540]  ? clear_inode+0x150/0x150
[   54.051505][ T3540]  ? module_put+0x15a/0x350
[   54.055999][ T3540]  udf_put_super+0xc9/0x160
[   54.060491][ T3540]  ? udf_free_in_core_inode+0x20/0x20
[   54.065940][ T3540]  generic_shutdown_super+0x130/0x340
[   54.071299][ T3540]  kill_block_super+0x7a/0xe0
[   54.075963][ T3540]  deactivate_locked_super+0xa0/0x110
[   54.081327][ T3540]  cleanup_mnt+0x490/0x520
[   54.085739][ T3540]  ? lockdep_hardirqs_on+0x94/0x130
[   54.090932][ T3540]  task_work_run+0x246/0x300
[   54.095511][ T3540]  ? kasan_quarantine_put+0xd4/0x220
[   54.100785][ T3540]  ? task_work_cancel+0x2b0/0x2b0
[   54.105802][ T3540]  ? kmem_cache_free+0x292/0x510
[   54.110732][ T3540]  ? do_exit+0x6f6/0x2300
[   54.115054][ T3540]  do_exit+0x6fb/0x2300
[   54.119204][ T3540]  ? do_group_exit+0x1f2/0x2b0
[   54.123959][ T3540]  ? put_task_struct+0x80/0x80
[   54.128715][ T3540]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   54.134682][ T3540]  ? print_irqtrace_events+0x210/0x210
[   54.140129][ T3540]  ? _raw_spin_unlock_irq+0x1f/0x40
[   54.145313][ T3540]  ? lockdep_hardirqs_on+0x94/0x130
[   54.150503][ T3540]  do_group_exit+0x202/0x2b0
[   54.155092][ T3540]  __x64_sys_exit_group+0x3b/0x40
[   54.160116][ T3540]  do_syscall_64+0x3d/0xb0
[   54.164531][ T3540]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   54.170414][ T3540] RIP: 0033:0x7f3d1f82d369
[   54.174819][ T3540] Code: Unable to access opcode bytes at 0x7f3d1f82d33f.
[   54.181821][ T3540] RSP: 002b:00007ffcb52ef198 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   54.190219][ T3540] RAX: ffffffffffffffda RBX: 00007f3d1f8b9410 RCX: 00007f3d1f82d369
[   54.198264][ T3540] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[   54.206226][ T3540] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000000000000
[   54.214185][ T3540] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007f3d1f8b9410
[   54.222146][ T3540] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   54.230117][ T3540]  </TASK>
[   54.233277][ T3540] Kernel Offset: disabled
[   54.237593][ T3540] Rebooting in 86400 seconds..