Warning: Permanently added '10.128.0.125' (ED25519) to the list of known hosts.
2025/09/26 06:39:15 ignoring optional flag "type"="gce"
2025/09/26 06:39:16 parsed 1 programs
2025/09/26 06:39:16 executed programs: 0
[   83.719169][ T4456] chnl_net:caif_netlink_parms(): no params data found
[   83.779267][ T4456] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.786968][ T4456] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.794847][ T4456] device bridge_slave_0 entered promiscuous mode
[   83.803712][ T4456] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.811202][ T4456] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.819737][ T4456] device bridge_slave_1 entered promiscuous mode
[   83.849118][ T4456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.861333][ T4456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.893666][ T4456] team0: Port device team_slave_0 added
[   83.901954][ T4456] team0: Port device team_slave_1 added
[   83.929715][ T4456] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.937094][ T4456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.966457][ T4456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.980564][ T4456] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.987629][ T4456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.015004][ T4456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.058005][ T4456] device hsr_slave_0 entered promiscuous mode
[   84.065371][ T4456] device hsr_slave_1 entered promiscuous mode
[   84.554702][ T4456] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.567053][ T4456] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.578334][ T4456] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.588380][ T4456] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.618757][ T4456] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.625905][ T4456] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.633341][ T4456] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.640467][ T4456] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.701811][ T4456] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.717602][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   84.726446][  T155] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.736298][  T155] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.746108][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   84.763007][ T4456] 8021q: adding VLAN 0 to HW filter on device team0
[   84.775845][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   84.785397][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.797698][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.804781][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.828115][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   84.837602][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   84.846224][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.853495][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.865187][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   84.874692][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   84.885679][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   84.895779][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.917437][ T4456] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   84.929346][ T4456] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.943068][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   84.953970][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   84.963171][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.975851][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   84.985563][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   84.997574][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   85.006281][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.022132][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   85.149671][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   85.157893][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   85.171895][ T4456] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.197419][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   85.207620][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   85.227728][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   85.236262][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   85.248264][ T4456] device veth0_vlan entered promiscuous mode
[   85.258855][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   85.268218][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   85.280288][ T4456] device veth1_vlan entered promiscuous mode
[   85.303405][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   85.315783][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   85.325243][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   85.336052][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   85.348456][ T4456] device veth0_macvtap entered promiscuous mode
[   85.361103][ T4456] device veth1_macvtap entered promiscuous mode
[   85.380438][ T4456] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.390249][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   85.400260][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   85.410062][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   85.419095][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.433755][ T4456] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.442418][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   85.455777][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   85.468674][ T4456] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.478965][ T4456] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.487995][ T4456] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.498240][ T4456] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.597769][ T4223] Bluetooth: hci0: command 0x0409 tx timeout
[   85.648381][ T4558] loop0: detected capacity change from 0 to 8192
[   85.673042][ T4558] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   85.685943][ T4558] REISERFS (device loop0): using ordered data mode
[   85.692707][ T4558] reiserfs: using flush barriers
[   85.706313][ T4558] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   85.728389][ T4558] REISERFS (device loop0): checking transaction log (loop0)
[   85.857611][ T4558] REISERFS (device loop0): Using r5 hash to sort names
[   86.021849][ T4573] loop0: detected capacity change from 0 to 8192
[   86.039392][ T4573] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   86.056682][ T4573] REISERFS (device loop0): using ordered data mode
[   86.063577][ T4573] reiserfs: using flush barriers
[   86.072074][ T4573] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   86.095132][ T4573] REISERFS (device loop0): checking transaction log (loop0)
[   86.269154][ T4573] REISERFS (device loop0): Using r5 hash to sort names
[   86.287727][ T4573] ==================================================================
[   86.296092][ T4573] BUG: KASAN: use-after-free in reiserfs_readdir_inode+0x4a0/0x1240
[   86.304307][ T4573] Read of size 8 at addr ffff88806f704000 by task syz-executor.0/4573
[   86.312540][ T4573] 
[   86.314907][ T4573] CPU: 0 PID: 4573 Comm: syz-executor.0 Not tainted syzkaller #0
[   86.322650][ T4573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   86.332856][ T4573] Call Trace:
[   86.336160][ T4573]  <TASK>
[   86.339118][ T4573]  dump_stack_lvl+0x168/0x230
[   86.343848][ T4573]  ? show_regs_print_info+0x20/0x20
[   86.349088][ T4573]  ? load_image+0x3b0/0x3b0
[   86.353621][ T4573]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[   86.359044][ T4573]  ? mutex_lock_io_nested+0x60/0x60
[   86.364672][ T4573]  print_address_description+0x60/0x2d0
[   86.370273][ T4573]  ? reiserfs_readdir_inode+0x4a0/0x1240
[   86.375936][ T4573]  kasan_report+0xdf/0x130
[   86.380391][ T4573]  ? reiserfs_readdir_inode+0x4a0/0x1240
[   86.386060][ T4573]  kasan_check_range+0x27b/0x290
[   86.391035][ T4573]  reiserfs_readdir_inode+0x4a0/0x1240
[   86.396636][ T4573]  ? reiserfs_dir_fsync+0x100/0x100
[   86.401905][ T4573]  ? read_lock_is_recursive+0x10/0x10
[   86.407501][ T4573]  ? preempt_count_add+0x8d/0x190
[   86.412752][ T4573]  ? down_read_killable+0x1ce/0x340
[   86.417990][ T4573]  ? fsnotify_perm+0x254/0x560
[   86.422798][ T4573]  iterate_dir+0x218/0x560
[   86.427252][ T4573]  ? reiserfs_sync_file+0x270/0x270
[   86.432492][ T4573]  __se_sys_getdents64+0xe5/0x260
[   86.437643][ T4573]  ? __x64_sys_getdents64+0x80/0x80
[   86.442879][ T4573]  ? filldir+0x720/0x720
[   86.447169][ T4573]  ? vtime_user_exit+0x2dc/0x400
[   86.452145][ T4573]  ? lockdep_hardirqs_on+0x94/0x140
[   86.457574][ T4573]  do_syscall_64+0x4c/0xa0
[   86.462022][ T4573]  ? clear_bhb_loop+0x30/0x80
[   86.466761][ T4573]  ? clear_bhb_loop+0x30/0x80
[   86.471558][ T4573]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   86.477510][ T4573] RIP: 0033:0x7f1aca5d6959
[   86.481964][ T4573] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   86.501687][ T4573] RSP: 002b:00007f1ac99580c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   86.510147][ T4573] RAX: ffffffffffffffda RBX: 00007f1aca6f5f80 RCX: 00007f1aca5d6959
[   86.518275][ T4573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   86.526274][ T4573] RBP: 00007f1aca632c88 R08: 0000000000000000 R09: 0000000000000000
[   86.534276][ T4573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.542409][ T4573] R13: 000000000000000b R14: 00007f1aca6f5f80 R15: 00007fff1b61b738
[   86.550435][ T4573]  </TASK>
[   86.553485][ T4573] 
[   86.555822][ T4573] The buggy address belongs to the page:
[   86.561479][ T4573] page:ffffea0001bdc100 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x6f704
[   86.571654][ T4573] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   86.578809][ T4573] raw: 00fff00000000000 ffffea0001bdc148 ffffea0001bd9a88 0000000000000000
[   86.587427][ T4573] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   86.596128][ T4573] page dumped because: kasan: bad access detected
[   86.602580][ T4573] page_owner tracks the page as freed
[   86.608068][ T4573] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 4490, ts 86215728156, free_ts 86266165722
[   86.623637][ T4573]  get_page_from_freelist+0x1b77/0x1c60
[   86.629245][ T4573]  __alloc_pages+0x1e1/0x470
[   86.633871][ T4573]  alloc_pages_vma+0x393/0x7c0
[   86.638663][ T4573]  handle_mm_fault+0x2382/0x43c0
[   86.643633][ T4573]  do_user_addr_fault+0x489/0xc80
[   86.648694][ T4573]  exc_page_fault+0x60/0x100
[   86.653326][ T4573]  asm_exc_page_fault+0x22/0x30
[   86.658203][ T4573]  copy_user_enhanced_fast_string+0xe/0x40
[   86.664039][ T4573]  copy_page_to_iter+0x49e/0x910
[   86.669030][ T4573]  filemap_read+0x1d94/0x2480
[   86.673737][ T4573]  blkdev_read_iter+0x11d/0x150
[   86.678630][ T4573]  vfs_read+0x725/0xcf0
[   86.682812][ T4573]  ksys_read+0x14d/0x250
[   86.687082][ T4573]  do_syscall_64+0x4c/0xa0
[   86.691529][ T4573]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   86.697545][ T4573] page last free stack trace:
[   86.702240][ T4573]  free_unref_page_prepare+0x637/0x6c0
[   86.707740][ T4573]  free_unref_page_list+0x122/0x7e0
[   86.713026][ T4573]  release_pages+0x184b/0x1bb0
[   86.717828][ T4573]  tlb_finish_mmu+0x164/0x2e0
[   86.722677][ T4573]  unmap_region+0x315/0x360
[   86.727225][ T4573]  __do_munmap+0x9d3/0xdc0
[   86.731711][ T4573]  __vm_munmap+0x137/0x230
[   86.736184][ T4573]  __x64_sys_munmap+0x67/0x70
[   86.740899][ T4573]  do_syscall_64+0x4c/0xa0
[   86.745454][ T4573]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   86.751382][ T4573] 
[   86.753739][ T4573] Memory state around the buggy address:
[   86.759398][ T4573]  ffff88806f703f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   86.767485][ T4573]  ffff88806f703f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   86.775578][ T4573] >ffff88806f704000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.783662][ T4573]                    ^
[   86.787760][ T4573]  ffff88806f704080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.795894][ T4573]  ffff88806f704100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   86.803995][ T4573] ==================================================================
[   86.812195][ T4573] Disabling lock debugging due to kernel taint
[   86.822982][    T7] cfg80211: failed to load regulatory.db
[   86.838185][ T4573] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   86.845434][ T4573] CPU: 0 PID: 4573 Comm: syz-executor.0 Tainted: G    B             syzkaller #0
[   86.854570][ T4573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   86.864651][ T4573] Call Trace:
[   86.867950][ T4573]  <TASK>
[   86.870958][ T4573]  dump_stack_lvl+0x168/0x230
[   86.875674][ T4573]  ? show_regs_print_info+0x20/0x20
[   86.880998][ T4573]  ? load_image+0x3b0/0x3b0
[   86.885562][ T4573]  panic+0x2c9/0x7f0
[   86.889528][ T4573]  ? bpf_jit_dump+0xd0/0xd0
[   86.894067][ T4573]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[   86.899988][ T4573]  ? _raw_spin_unlock+0x40/0x40
[   86.905306][ T4573]  ? reiserfs_readdir_inode+0x4a0/0x1240
[   86.910969][ T4573]  check_panic_on_warn+0x80/0xa0
[   86.915934][ T4573]  ? reiserfs_readdir_inode+0x4a0/0x1240
[   86.921591][ T4573]  end_report+0x6d/0xf0
[   86.925774][ T4573]  kasan_report+0x102/0x130
[   86.930321][ T4573]  ? reiserfs_readdir_inode+0x4a0/0x1240
[   86.935978][ T4573]  kasan_check_range+0x27b/0x290
[   86.940944][ T4573]  reiserfs_readdir_inode+0x4a0/0x1240
[   86.946440][ T4573]  ? reiserfs_dir_fsync+0x100/0x100
[   86.951768][ T4573]  ? read_lock_is_recursive+0x10/0x10
[   86.957322][ T4573]  ? preempt_count_add+0x8d/0x190
[   86.962466][ T4573]  ? down_read_killable+0x1ce/0x340
[   86.967701][ T4573]  ? fsnotify_perm+0x254/0x560
[   86.972512][ T4573]  iterate_dir+0x218/0x560
[   86.976955][ T4573]  ? reiserfs_sync_file+0x270/0x270
[   86.982183][ T4573]  __se_sys_getdents64+0xe5/0x260
[   86.987235][ T4573]  ? __x64_sys_getdents64+0x80/0x80
[   86.992458][ T4573]  ? filldir+0x720/0x720
[   86.996721][ T4573]  ? vtime_user_exit+0x2dc/0x400
[   87.001681][ T4573]  ? lockdep_hardirqs_on+0x94/0x140
[   87.006935][ T4573]  do_syscall_64+0x4c/0xa0
[   87.011376][ T4573]  ? clear_bhb_loop+0x30/0x80
[   87.016079][ T4573]  ? clear_bhb_loop+0x30/0x80
[   87.020788][ T4573]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   87.026714][ T4573] RIP: 0033:0x7f1aca5d6959
[   87.031155][ T4573] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   87.050783][ T4573] RSP: 002b:00007f1ac99580c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   87.059328][ T4573] RAX: ffffffffffffffda RBX: 00007f1aca6f5f80 RCX: 00007f1aca5d6959
[   87.067514][ T4573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   87.075512][ T4573] RBP: 00007f1aca632c88 R08: 0000000000000000 R09: 0000000000000000
[   87.083655][ T4573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.091759][ T4573] R13: 000000000000000b R14: 00007f1aca6f5f80 R15: 00007fff1b61b738
[   87.099771][ T4573]  </TASK>
[   87.104677][ T4573] Kernel Offset: disabled
[   87.109028][ T4573] Rebooting in 86400 seconds..