Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts.
2026/06/06 03:16:42 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 114.749443][ T4629] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 116.380249][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.391098][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.402962][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 116.425006][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 116.434157][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 116.442287][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 118.745518][ T4698] chnl_net:caif_netlink_parms(): no params data found
[ 118.795011][ T4698] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.802637][ T4698] bridge0: port 1(bridge_slave_0) entered disabled state
[ 118.811301][ T4698] device bridge_slave_0 entered promiscuous mode
[ 118.820423][ T4698] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.829140][ T4698] bridge0: port 2(bridge_slave_1) entered disabled state
[ 118.837543][ T4698] device bridge_slave_1 entered promiscuous mode
[ 118.860214][ T4698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 118.872641][ T4698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 118.915264][ T4698] team0: Port device team_slave_0 added
[ 118.923850][ T4698] team0: Port device team_slave_1 added
[ 118.943862][ T4698] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 118.951457][ T4698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 118.980224][ T4698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 118.994349][ T4698] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 119.001964][ T4698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 119.028867][ T4698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 119.075517][ T4698] device hsr_slave_0 entered promiscuous mode
[ 119.082717][ T4698] device hsr_slave_1 entered promiscuous mode
[ 119.702593][ T4698] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 119.722154][ T4698] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 119.734530][ T4698] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 119.744892][ T4698] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 119.890337][ T4698] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.959658][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 119.971012][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 119.982957][ T4698] 8021q: adding VLAN 0 to HW filter on device team0
[ 120.010483][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 120.030530][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 120.048383][ T155] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.055669][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 120.088267][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 120.110148][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 120.129843][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 120.148500][ T154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.155645][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 120.191491][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 120.213108][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 120.243776][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 120.260005][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 120.280053][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 120.307792][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 120.318515][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 120.338514][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 120.355675][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 120.381097][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 120.398557][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 120.421539][ T4698] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 120.710436][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 120.727959][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 120.741628][ T4698] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 120.792219][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 120.809799][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 120.858722][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 120.871861][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 120.880982][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 120.890754][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 120.901903][ T4698] device veth0_vlan entered promiscuous mode
[ 120.945899][ T4698] device veth1_vlan entered promiscuous mode
[ 120.972986][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 120.984761][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 120.994112][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 121.004482][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 121.018109][ T4698] device veth0_macvtap entered promiscuous mode
[ 121.039263][ T4698] device veth1_macvtap entered promiscuous mode
[ 121.072715][ T4698] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 121.083038][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 121.091684][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 121.108712][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 121.128130][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 121.153265][ T4698] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 121.169269][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 121.179997][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 121.192115][ T4698] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.202119][ T4698] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.229647][ T4698] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 121.247641][ T4698] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/06/06 03:16:54 executed programs: 0
[ 122.510423][ T4798] chnl_net:caif_netlink_parms(): no params data found
[ 122.539376][ T1364] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 122.612036][ T4798] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.621986][ T4798] bridge0: port 1(bridge_slave_0) entered disabled state
[ 122.631008][ T4798] device bridge_slave_0 entered promiscuous mode
[ 122.640096][ T4798] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.647394][ T4798] bridge0: port 2(bridge_slave_1) entered disabled state
[ 122.659045][ T4798] device bridge_slave_1 entered promiscuous mode
[ 122.684727][ T4798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 122.697279][ T4798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 122.727025][ T4798] team0: Port device team_slave_0 added
[ 122.735401][ T4798] team0: Port device team_slave_1 added
[ 122.764432][ T4798] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 122.771890][ T4798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 122.798399][ T4798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 122.811673][ T4798] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 122.819421][ T4798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 122.848299][ T4798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 122.889469][ T4798] device hsr_slave_0 entered promiscuous mode
[ 122.896587][ T4798] device hsr_slave_1 entered promiscuous mode
[ 122.904344][ T4798] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 122.913268][ T4798] Cannot create hsr debugfs directory
[ 124.427739][ T4275] Bluetooth: hci0: command 0x0409 tx timeout
[ 125.426539][ T1364] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.945929][ T1364] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.998631][ T1364] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.508106][ T1346] Bluetooth: hci0: command 0x041b tx timeout
[ 126.814780][ T4798] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 126.831922][ T4798] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 126.843400][ T4798] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 126.882754][ T4798] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 126.981433][ T4798] 8021q: adding VLAN 0 to HW filter on device bond0
[ 126.996995][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 127.008034][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 127.020506][ T4798] 8021q: adding VLAN 0 to HW filter on device team0
[ 127.059828][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 127.078709][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 127.087304][ T155] bridge0: port 1(bridge_slave_0) entered blocking state
[ 127.094504][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 127.105146][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 127.115937][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 127.125173][ T155] bridge0: port 2(bridge_slave_1) entered blocking state
[ 127.132409][ T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 127.141630][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 127.187869][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 127.196279][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 127.206491][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 127.219186][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 127.229654][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 127.240498][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 127.286210][ T4798] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 127.299514][ T4798] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 127.311511][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 127.320433][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 127.329450][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 127.340624][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 127.351164][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 127.360636][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 127.492992][ T1364] device hsr_slave_0 left promiscuous mode
[ 127.501108][ T1364] device hsr_slave_1 left promiscuous mode
[ 127.510540][ T1364] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 127.518316][ T1364] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 127.526432][ T1364] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 127.536919][ T1364] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 127.561052][ T1364] device bridge_slave_1 left promiscuous mode
[ 127.567349][ T1364] bridge0: port 2(bridge_slave_1) entered disabled state
[ 127.576701][ T1364] device bridge_slave_0 left promiscuous mode
[ 127.583595][ T1364] bridge0: port 1(bridge_slave_0) entered disabled state
[ 127.597193][ T1364] device veth1_macvtap left promiscuous mode
[ 127.604032][ T1364] device veth0_macvtap left promiscuous mode
[ 127.610817][ T1364] device veth1_vlan left promiscuous mode
[ 127.616736][ T1364] device veth0_vlan left promiscuous mode
[ 127.847143][ T1364] team0 (unregistering): Port device team_slave_1 removed
[ 127.864404][ T1364] team0 (unregistering): Port device team_slave_0 removed
[ 127.878669][ T1364] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 127.895812][ T1364] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 127.960365][ T1364] bond0 (unregistering): Released all slaves
[ 128.030316][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 128.039224][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 128.053489][ T4798] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 128.074249][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 128.084240][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 128.117052][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 128.127111][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 128.142261][ T4798] device veth0_vlan entered promiscuous mode
[ 128.151439][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 128.160168][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 128.174189][ T4798] device veth1_vlan entered promiscuous mode
[ 128.203733][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 128.213153][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 128.221759][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 128.231588][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 128.250364][ T4798] device veth0_macvtap entered promiscuous mode
[ 128.263652][ T4798] device veth1_macvtap entered promiscuous mode
[ 128.291543][ T4798] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 128.301540][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 128.310087][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 128.318572][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 128.327303][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 128.339849][ T4798] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 128.347471][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 128.357214][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 128.376624][ T4798] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.385612][ T4798] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.395658][ T4798] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.405086][ T4798] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 128.470705][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.484993][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.499860][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 128.518744][ T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 128.526614][ T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 128.535720][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2026/06/06 03:17:00 executed programs: 2
[ 128.587713][ T4275] Bluetooth: hci0: command 0x040f tx timeout
[ 128.844895][ T5068] loop0: detected capacity change from 0 to 32768
[ 128.934430][ T26] audit: type=1800 audit(1780715821.283:2): pid=5068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="bus" dev="loop0" ino=9 res=0 errno=0
[ 129.414858][ T5070] loop0: detected capacity change from 0 to 32768
[ 129.447818][ T26] audit: type=1800 audit(1780715821.803:3): pid=5070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.18" name="bus" dev="loop0" ino=9 res=0 errno=0
[ 129.482753][ T5070] ==================================================================
[ 129.491336][ T5070] BUG: KASAN: use-after-free in dtInsertEntry+0x8a5/0x1270
[ 129.498606][ T5070] Read of size 1 at addr ffff888077770fe0 by task syz.0.18/5070
[ 129.506271][ T5070]
[ 129.508643][ T5070] CPU: 0 PID: 5070 Comm: syz.0.18 Not tainted syzkaller #0
[ 129.515862][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 129.525982][ T5070] Call Trace:
[ 129.529299][ T5070]
[ 129.532256][ T5070] dump_stack_lvl+0x188/0x250
[ 129.536985][ T5070] ? show_regs_print_info+0x20/0x20
[ 129.542304][ T5070] ? _printk+0xda/0x130
[ 129.546509][ T5070] ? load_image+0x400/0x400
[ 129.551089][ T5070] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 129.556607][ T5070] print_address_description+0x60/0x2d0
[ 129.562216][ T5070] ? dtInsertEntry+0x8a5/0x1270
[ 129.567202][ T5070] kasan_report+0xdf/0x130
[ 129.571664][ T5070] ? dtInsertEntry+0x8a5/0x1270
[ 129.576560][ T5070] dtInsertEntry+0x8a5/0x1270
[ 129.581293][ T5070] ? dtSplitPage+0x16a9/0x3200
[ 129.586115][ T5070] dtSplitPage+0x2501/0x3200
[ 129.590814][ T5070] dtInsert+0xff4/0x5830
[ 129.595120][ T5070] ? lockdep_hardirqs_on+0x94/0x140
[ 129.600485][ T5070] ? __lock_acquire+0x7d10/0x7d10
[ 129.605562][ T5070] ? do_raw_spin_lock+0x128/0x2f0
[ 129.610653][ T5070] ? UniStrupr+0x2e0/0x2e0
[ 129.615219][ T5070] ? __rwlock_init+0x140/0x140
[ 129.620029][ T5070] ? txLock+0xcb1/0x1b10
[ 129.624308][ T5070] ? dtInitRoot+0x226/0x660
[ 129.628844][ T5070] jfs_mkdir+0x758/0xad0
[ 129.633142][ T5070] ? jfs_symlink+0xfb0/0xfb0
[ 129.637794][ T5070] ? make_kgid+0x660/0x660
[ 129.642248][ T5070] ? apparmor_path_mkdir+0x1ac/0x230
[ 129.647602][ T5070] ? generic_permission+0x230/0x510
[ 129.653016][ T5070] ? inode_permission+0xef/0x480
[ 129.657995][ T5070] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 129.663104][ T5070] ? security_inode_mkdir+0xb3/0x100
[ 129.668435][ T5070] vfs_mkdir+0x387/0x570
[ 129.672716][ T5070] do_mkdirat+0x1df/0x5b0
[ 129.677083][ T5070] ? vfs_mkdir+0x570/0x570
[ 129.681530][ T5070] ? getname_flags+0x1fe/0x500
[ 129.686338][ T5070] __x64_sys_mkdirat+0x85/0x90
[ 129.691132][ T5070] do_syscall_64+0x4c/0xa0
[ 129.695587][ T5070] ? clear_bhb_loop+0x30/0x80
[ 129.700313][ T5070] ? clear_bhb_loop+0x30/0x80
[ 129.705027][ T5070] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 129.710973][ T5070] RIP: 0033:0x7f3ead852687
[ 129.715433][ T5070] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 129.735085][ T5070] RSP: 002b:00007f3eaceb4e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 129.743665][ T5070] RAX: ffffffffffffffda RBX: 00007f3eaceb4ee0 RCX: 00007f3ead852687
[ 129.751714][ T5070] RDX: 00000000000001ff RSI: 00002000000003c0 RDI: 00000000ffffff9c
[ 129.760067][ T5070] RBP: 0000000000000000 R08: 0000200000000140 R09: 0000000000000000
[ 129.768249][ T5070] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000003c0
[ 129.776536][ T5070] R13: 00007f3eaceb4ea0 R14: 0000000000000000 R15: 0000000000000000
[ 129.784731][ T5070]
[ 129.787773][ T5070]
[ 129.790120][ T5070] Allocated by task 4657:
[ 129.794500][ T5070] __kasan_kmalloc+0xb5/0xf0
[ 129.799135][ T5070] kvmalloc_node+0x84/0x130
[ 129.803667][ T5070] xt_replace_table+0x160/0x750
[ 129.808546][ T5070] xt_register_table+0x156/0x460
[ 129.813516][ T5070] ip6t_register_table+0x16e/0x810
[ 129.818656][ T5070] ip6table_raw_table_init+0x50/0x70
[ 129.823965][ T5070] xt_find_table_lock+0x220/0x360
[ 129.829017][ T5070] xt_request_find_table_lock+0x22/0x100
[ 129.834675][ T5070] do_ip6t_get_ctl+0x5e8/0x1120
[ 129.839557][ T5070] nf_getsockopt+0x25e/0x280
[ 129.844188][ T5070] ipv6_getsockopt+0x473/0x2470
[ 129.849091][ T5070] tcp_getsockopt+0x200/0x25a0
[ 129.853922][ T5070] __sys_getsockopt+0x1b0/0x230
[ 129.858896][ T5070] __x64_sys_getsockopt+0xb1/0xc0
[ 129.863942][ T5070] do_syscall_64+0x4c/0xa0
[ 129.868380][ T5070] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 129.874297][ T5070]
[ 129.876642][ T5070] Freed by task 1364:
[ 129.880640][ T5070] kasan_set_track+0x4b/0x70
[ 129.885259][ T5070] kasan_set_free_info+0x1f/0x40
[ 129.890229][ T5070] ____kasan_slab_free+0xd5/0x110
[ 129.895290][ T5070] slab_free_freelist_hook+0xea/0x170
[ 129.900702][ T5070] kfree+0xef/0x2a0
[ 129.904570][ T5070] xt_free_table_info+0xce/0x190
[ 129.909553][ T5070] cleanup_net+0x706/0xba0
[ 129.914009][ T5070] process_one_work+0x85f/0x1010
[ 129.918981][ T5070] worker_thread+0xaa6/0x1290
[ 129.923698][ T5070] kthread+0x436/0x520
[ 129.927793][ T5070] ret_from_fork+0x1f/0x30
[ 129.932257][ T5070]
[ 129.934691][ T5070] The buggy address belongs to the object at ffff888077770fe0
[ 129.934691][ T5070] which belongs to the cache kmalloc-16 of size 16
[ 129.948698][ T5070] The buggy address is located 0 bytes inside of
[ 129.948698][ T5070] 16-byte region [ffff888077770fe0, ffff888077770ff0)
[ 129.962575][ T5070] The buggy address belongs to the page:
[ 129.968641][ T5070] page:ffffea0001dddc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77770
[ 129.981024][ T5070] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 129.989035][ T5070] raw: 00fff00000000200 ffffea0000ab07c0 0000000a0000000a ffff888016c413c0
[ 129.997928][ T5070] raw: 0000000000000000 0000000000800080 00000001ffffffff 0000000000000000
[ 130.006735][ T5070] page dumped because: kasan: bad access detected
[ 130.013286][ T5070] page_owner tracks the page as allocated
[ 130.019023][ T5070] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x116cc0(GFP_USER|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY), pid 4256, ts 78043692971, free_ts 77154135278
[ 130.037523][ T5070] get_page_from_freelist+0x1bbd/0x1ca0
[ 130.043156][ T5070] __alloc_pages+0x1ee/0x480
[ 130.047796][ T5070] new_slab+0xb6/0x4b0
[ 130.052094][ T5070] ___slab_alloc+0x80a/0xdd0
[ 130.056715][ T5070] __kmalloc_node+0x200/0x3b0
[ 130.061426][ T5070] memcg_alloc_page_obj_cgroups+0x81/0x120
[ 130.067450][ T5070] new_slab+0x100/0x4b0
[ 130.071723][ T5070] ___slab_alloc+0x80a/0xdd0
[ 130.076342][ T5070] __kmalloc_node+0x200/0x3b0
[ 130.081046][ T5070] kvmalloc_node+0x84/0x130
[ 130.085694][ T5070] alloc_netdev_mqs+0x84/0xc40
[ 130.090488][ T5070] nsim_create+0x76/0x3e0
[ 130.094859][ T5070] __nsim_dev_port_add+0x698/0xab0
[ 130.100006][ T5070] nsim_dev_port_add_all+0x37/0x100
[ 130.105233][ T5070] nsim_dev_probe+0x763/0x9c0
[ 130.109936][ T5070] really_probe+0x284/0xc80
[ 130.114466][ T5070] page last free stack trace:
[ 130.119332][ T5070] free_unref_page_prepare+0x637/0x6c0
[ 130.124824][ T5070] free_unref_page+0x8f/0x2a0
[ 130.129620][ T5070] __vunmap+0x8b9/0xa50
[ 130.133803][ T5070] kcov_close+0x27/0x50
[ 130.137986][ T5070] __fput+0x234/0x930
[ 130.142003][ T5070] task_work_run+0x125/0x1a0
[ 130.146630][ T5070] do_exit+0x626/0x20c0
[ 130.150817][ T5070] do_group_exit+0x12e/0x300
[ 130.155448][ T5070] get_signal+0x6d6/0x12d0
[ 130.159938][ T5070] arch_do_signal_or_restart+0xe7/0x12c0
[ 130.165611][ T5070] exit_to_user_mode_loop+0x9e/0x130
[ 130.170945][ T5070] exit_to_user_mode_prepare+0xee/0x180
[ 130.176522][ T5070] syscall_exit_to_user_mode+0x16/0x40
[ 130.182013][ T5070] do_syscall_64+0x58/0xa0
[ 130.186466][ T5070] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 130.192835][ T5070]
[ 130.195186][ T5070] Memory state around the buggy address:
[ 130.200838][ T5070] ffff888077770e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[ 130.208925][ T5070] ffff888077770f00: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[ 130.217230][ T5070] >ffff888077770f80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 130.225312][ T5070] ^
[ 130.232531][ T5070] ffff888077771000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 130.240700][ T5070] ffff888077771080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 130.248781][ T5070] ==================================================================
[ 130.256865][ T5070] Disabling lock debugging due to kernel taint
[ 130.278895][ T5070] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 130.286588][ T5070] CPU: 0 PID: 5070 Comm: syz.0.18 Tainted: G B syzkaller #0
[ 130.295204][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 130.305287][ T5070] Call Trace:
[ 130.308588][ T5070]
[ 130.311535][ T5070] dump_stack_lvl+0x188/0x250
[ 130.316250][ T5070] ? show_regs_print_info+0x20/0x20
[ 130.321473][ T5070] ? load_image+0x400/0x400
[ 130.325994][ T5070] panic+0x2e5/0x810
[ 130.330064][ T5070] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 130.336238][ T5070] ? bpf_jit_dump+0xd0/0xd0
[ 130.340852][ T5070] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 130.346865][ T5070] ? _raw_spin_unlock+0x40/0x40
[ 130.351770][ T5070] ? dtInsertEntry+0x8a5/0x1270
[ 130.356650][ T5070] check_panic_on_warn+0x80/0xa0
[ 130.361620][ T5070] ? dtInsertEntry+0x8a5/0x1270
[ 130.366507][ T5070] end_report+0x6d/0xf0
[ 130.370715][ T5070] kasan_report+0x102/0x130
[ 130.375271][ T5070] ? dtInsertEntry+0x8a5/0x1270
[ 130.380327][ T5070] dtInsertEntry+0x8a5/0x1270
[ 130.385131][ T5070] ? dtSplitPage+0x16a9/0x3200
[ 130.390270][ T5070] dtSplitPage+0x2501/0x3200
[ 130.394907][ T5070] dtInsert+0xff4/0x5830
[ 130.399180][ T5070] ? lockdep_hardirqs_on+0x94/0x140
[ 130.404417][ T5070] ? __lock_acquire+0x7d10/0x7d10
[ 130.409570][ T5070] ? do_raw_spin_lock+0x128/0x2f0
[ 130.414609][ T5070] ? UniStrupr+0x2e0/0x2e0
[ 130.419047][ T5070] ? __rwlock_init+0x140/0x140
[ 130.423910][ T5070] ? txLock+0xcb1/0x1b10
[ 130.428180][ T5070] ? dtInitRoot+0x226/0x660
[ 130.432703][ T5070] jfs_mkdir+0x758/0xad0
[ 130.436964][ T5070] ? jfs_symlink+0xfb0/0xfb0
[ 130.441575][ T5070] ? make_kgid+0x660/0x660
[ 130.446162][ T5070] ? apparmor_path_mkdir+0x1ac/0x230
[ 130.451463][ T5070] ? generic_permission+0x230/0x510
[ 130.456760][ T5070] ? inode_permission+0xef/0x480
[ 130.461820][ T5070] ? bpf_lsm_inode_mkdir+0x5/0x10
[ 130.466979][ T5070] ? security_inode_mkdir+0xb3/0x100
[ 130.472393][ T5070] vfs_mkdir+0x387/0x570
[ 130.476660][ T5070] do_mkdirat+0x1df/0x5b0
[ 130.481052][ T5070] ? vfs_mkdir+0x570/0x570
[ 130.485484][ T5070] ? getname_flags+0x1fe/0x500
[ 130.490263][ T5070] __x64_sys_mkdirat+0x85/0x90
[ 130.495131][ T5070] do_syscall_64+0x4c/0xa0
[ 130.499565][ T5070] ? clear_bhb_loop+0x30/0x80
[ 130.504254][ T5070] ? clear_bhb_loop+0x30/0x80
[ 130.508946][ T5070] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 130.514855][ T5070] RIP: 0033:0x7f3ead852687
[ 130.519313][ T5070] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 130.538947][ T5070] RSP: 002b:00007f3eaceb4e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 130.547380][ T5070] RAX: ffffffffffffffda RBX: 00007f3eaceb4ee0 RCX: 00007f3ead852687
[ 130.555364][ T5070] RDX: 00000000000001ff RSI: 00002000000003c0 RDI: 00000000ffffff9c
[ 130.563348][ T5070] RBP: 0000000000000000 R08: 0000200000000140 R09: 0000000000000000
[ 130.571329][ T5070] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000003c0
[ 130.579337][ T5070] R13: 00007f3eaceb4ea0 R14: 0000000000000000 R15: 0000000000000000
[ 130.587334][ T5070]
[ 130.590615][ T5070] Kernel Offset: disabled
[ 130.594961][ T5070] Rebooting in 86400 seconds..