Warning: Permanently added '10.128.0.194' (ED25519) to the list of known hosts.
2025/11/02 03:47:53 ignoring optional flag "type"="gce"
2025/11/02 03:47:54 parsed 1 programs
2025/11/02 03:47:54 executed programs: 0
[   65.103087][ T4447] chnl_net:caif_netlink_parms(): no params data found
[   65.136434][ T4447] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.143519][ T4447] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.151671][ T4447] device bridge_slave_0 entered promiscuous mode
[   65.159414][ T4447] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.166657][ T4447] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.174728][ T4447] device bridge_slave_1 entered promiscuous mode
[   65.192379][ T4447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.202907][ T4447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.222811][ T4447] team0: Port device team_slave_0 added
[   65.230080][ T4447] team0: Port device team_slave_1 added
[   65.247338][ T4447] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.254429][ T4447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.280390][ T4447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.293191][ T4447] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.300714][ T4447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.326789][ T4447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.362850][ T4447] device hsr_slave_0 entered promiscuous mode
[   65.369962][ T4447] device hsr_slave_1 entered promiscuous mode
[   65.845188][ T4447] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.856144][ T4447] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.865816][ T4447] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.875678][ T4447] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.901600][ T4447] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.908729][ T4447] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.916134][ T4447] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.923216][ T4447] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.970982][ T4447] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.987140][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.995880][  T896] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.003541][  T896] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.013626][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   66.026960][ T4447] 8021q: adding VLAN 0 to HW filter on device team0
[   66.038742][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   66.047394][  T896] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.054505][  T896] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.067746][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   66.077220][  T896] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.084649][  T896] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.103801][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   66.112634][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   66.123463][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   66.133642][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   66.143542][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   66.152588][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   66.162494][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   66.179396][ T4447] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   66.189948][ T4447] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   66.201672][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   66.211239][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   66.220494][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   66.230425][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   66.240388][  T896] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   66.352919][ T4447] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.364089][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   66.371717][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   66.392112][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   66.402610][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   66.422369][ T4447] device veth0_vlan entered promiscuous mode
[   66.430657][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   66.440450][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   66.449792][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   66.457781][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   66.472595][ T4447] device veth1_vlan entered promiscuous mode
[   66.495562][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   66.505027][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   66.513482][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   66.522834][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   66.535796][ T4447] device veth0_macvtap entered promiscuous mode
[   66.546492][ T4447] device veth1_macvtap entered promiscuous mode
[   66.565154][ T4447] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.572542][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   66.581764][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   66.591389][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   66.600834][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   66.614527][ T4447] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.624752][ T4447] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.633469][ T4447] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.643409][ T4447] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.652880][ T4447] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.664216][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.673929][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   66.753103][ T4540] loop0: detected capacity change from 0 to 2048
[   66.789848][ T4540] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   66.993745][ T4447] ==================================================================
[   67.002000][ T4447] BUG: KASAN: use-after-free in crc_itu_t+0x1f5/0x280
[   67.008788][ T4447] Read of size 1 at addr ffff8880744ed000 by task syz-executor.0/4447
[   67.017326][ T4447] 
[   67.019662][ T4447] CPU: 0 PID: 4447 Comm: syz-executor.0 Not tainted syzkaller #0
[   67.027473][ T4447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.037556][ T4447] Call Trace:
[   67.040846][ T4447]  <TASK>
[   67.043780][ T4447]  dump_stack_lvl+0x168/0x230
[   67.048480][ T4447]  ? show_regs_print_info+0x20/0x20
[   67.053779][ T4447]  ? load_image+0x3b0/0x3b0
[   67.058289][ T4447]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[   67.063760][ T4447]  print_address_description+0x60/0x2d0
[   67.069407][ T4447]  ? crc_itu_t+0x1f5/0x280
[   67.073861][ T4447]  kasan_report+0xdf/0x130
[   67.078306][ T4447]  ? crc_itu_t+0x1f5/0x280
[   67.082784][ T4447]  crc_itu_t+0x1f5/0x280
[   67.087043][ T4447]  udf_close_lvid+0x543/0x990
[   67.091739][ T4447]  ? udf_open_lvid+0x5a0/0x5a0
[   67.096535][ T4447]  ? iput+0x333/0x8a0
[   67.100528][ T4447]  ? clear_inode+0x150/0x150
[   67.105136][ T4447]  udf_put_super+0xc8/0x160
[   67.109650][ T4447]  ? udf_free_in_core_inode+0x20/0x20
[   67.115035][ T4447]  generic_shutdown_super+0x130/0x300
[   67.120421][ T4447]  kill_block_super+0x7c/0xe0
[   67.125114][ T4447]  deactivate_locked_super+0x93/0xf0
[   67.130417][ T4447]  cleanup_mnt+0x418/0x4d0
[   67.134856][ T4447]  ? lockdep_hardirqs_on+0x94/0x140
[   67.140084][ T4447]  task_work_run+0x125/0x1a0
[   67.144716][ T4447]  exit_to_user_mode_loop+0x10f/0x130
[   67.150104][ T4447]  exit_to_user_mode_prepare+0xee/0x180
[   67.155668][ T4447]  syscall_exit_to_user_mode+0x16/0x40
[   67.161142][ T4447]  do_syscall_64+0x58/0xa0
[   67.165576][ T4447]  ? clear_bhb_loop+0x30/0x80
[   67.170266][ T4447]  ? clear_bhb_loop+0x30/0x80
[   67.175041][ T4447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.180957][ T4447] RIP: 0033:0x7fc28f656c87
[   67.185387][ T4447] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   67.205089][ T4447] RSP: 002b:00007ffe8213e418 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   67.213518][ T4447] RAX: 0000000000000000 RBX: 00007fc28f6b0c5a RCX: 00007fc28f656c87
[   67.221501][ T4447] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe8213e4d0
[   67.229483][ T4447] RBP: 00007ffe8213e4d0 R08: 0000000000000000 R09: 0000000000000000
[   67.237564][ T4447] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe8213f590
[   67.245548][ T4447] R13: 00007fc28f6b0c5a R14: 0000000000010488 R15: 0000000000000006
[   67.253541][ T4447]  </TASK>
[   67.256549][ T4447] 
[   67.258857][ T4447] Allocated by task 4535:
[   67.263188][ T4447]  __kasan_slab_alloc+0x9c/0xd0
[   67.268037][ T4447]  slab_post_alloc_hook+0x4c/0x380
[   67.273133][ T4447]  kmem_cache_alloc+0x100/0x290
[   67.277975][ T4447]  copy_mm+0x8b1/0x1380
[   67.282117][ T4447]  copy_process+0x17c6/0x3e00
[   67.286777][ T4447]  kernel_clone+0x219/0x930
[   67.291260][ T4447]  __x64_sys_clone+0x170/0x1c0
[   67.296002][ T4447]  do_syscall_64+0x4c/0xa0
[   67.300399][ T4447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.306274][ T4447] 
[   67.308577][ T4447] Freed by task 4541:
[   67.312533][ T4447]  kasan_set_track+0x4b/0x70
[   67.317103][ T4447]  kasan_set_free_info+0x1f/0x40
[   67.322021][ T4447]  ____kasan_slab_free+0xd5/0x110
[   67.327048][ T4447]  slab_free_freelist_hook+0xea/0x170
[   67.332442][ T4447]  kmem_cache_free+0x8f/0x210
[   67.337119][ T4447]  exit_mmap+0x4d8/0x5f0
[   67.341349][ T4447]  __mmput+0x115/0x3b0
[   67.345424][ T4447]  exit_mm+0x567/0x6c0
[   67.349489][ T4447]  do_exit+0x5a1/0x20a0
[   67.353644][ T4447]  do_group_exit+0x12e/0x300
[   67.358227][ T4447]  __x64_sys_exit_group+0x3b/0x40
[   67.363239][ T4447]  do_syscall_64+0x4c/0xa0
[   67.367642][ T4447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.373514][ T4447] 
[   67.375823][ T4447] The buggy address belongs to the object at ffff8880744ed000
[   67.375823][ T4447]  which belongs to the cache vm_area_struct of size 200
[   67.390112][ T4447] The buggy address is located 0 bytes inside of
[   67.390112][ T4447]  200-byte region [ffff8880744ed000, ffff8880744ed0c8)
[   67.403188][ T4447] The buggy address belongs to the page:
[   67.408807][ T4447] page:ffffea0001d13b40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x744ed
[   67.419024][ T4447] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[   67.426551][ T4447] raw: 00fff00000000200 0000000000000000 0000000100000001 ffff888140007a00
[   67.435121][ T4447] raw: 0000000000000000 00000000000f000f 00000001ffffffff 0000000000000000
[   67.443674][ T4447] page dumped because: kasan: bad access detected
[   67.450086][ T4447] page_owner tracks the page as allocated
[   67.455774][ T4447] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 4128, ts 39416112963, free_ts 37471345141
[   67.471902][ T4447]  get_page_from_freelist+0x1b77/0x1c60
[   67.477429][ T4447]  __alloc_pages+0x1e1/0x470
[   67.481995][ T4447]  new_slab+0xc0/0x4b0
[   67.486042][ T4447]  ___slab_alloc+0x81e/0xdf0
[   67.490606][ T4447]  kmem_cache_alloc+0x195/0x290
[   67.495432][ T4447]  copy_mm+0x8b1/0x1380
[   67.499565][ T4447]  copy_process+0x17c6/0x3e00
[   67.504301][ T4447]  kernel_clone+0x219/0x930
[   67.508778][ T4447]  __x64_sys_clone+0x170/0x1c0
[   67.513524][ T4447]  do_syscall_64+0x4c/0xa0
[   67.517917][ T4447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.523873][ T4447] page last free stack trace:
[   67.528519][ T4447]  free_unref_page_prepare+0x637/0x6c0
[   67.534052][ T4447]  free_unref_page+0x94/0x280
[   67.538723][ T4447]  pipe_read+0x678/0x1210
[   67.543029][ T4447]  vfs_read+0x725/0xcf0
[   67.547216][ T4447]  ksys_read+0x14d/0x250
[   67.551534][ T4447]  do_syscall_64+0x4c/0xa0
[   67.555929][ T4447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.561811][ T4447] 
[   67.564129][ T4447] Memory state around the buggy address:
[   67.569787][ T4447]  ffff8880744ecf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   67.577839][ T4447]  ffff8880744ecf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   67.585979][ T4447] >ffff8880744ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   67.594027][ T4447]                    ^
[   67.598078][ T4447]  ffff8880744ed080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc
[   67.606125][ T4447]  ffff8880744ed100: fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   67.614160][ T4447] ==================================================================
[   67.622196][ T4447] Disabling lock debugging due to kernel taint
[   67.630028][ T4208] Bluetooth: hci0: command 0x0409 tx timeout
[   67.649303][ T4447] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   67.656621][ T4447] CPU: 0 PID: 4447 Comm: syz-executor.0 Tainted: G    B             syzkaller #0
[   67.665735][ T4447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.675794][ T4447] Call Trace:
[   67.679076][ T4447]  <TASK>
[   67.682007][ T4447]  dump_stack_lvl+0x168/0x230
[   67.686702][ T4447]  ? show_regs_print_info+0x20/0x20
[   67.691908][ T4447]  ? load_image+0x3b0/0x3b0
[   67.696425][ T4447]  panic+0x2c9/0x7f0
[   67.700327][ T4447]  ? bpf_jit_dump+0xd0/0xd0
[   67.704839][ T4447]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[   67.710778][ T4447]  ? _raw_spin_unlock+0x40/0x40
[   67.715641][ T4447]  ? crc_itu_t+0x1f5/0x280
[   67.720078][ T4447]  check_panic_on_warn+0x80/0xa0
[   67.725022][ T4447]  ? crc_itu_t+0x1f5/0x280
[   67.729443][ T4447]  end_report+0x6d/0xf0
[   67.733692][ T4447]  kasan_report+0x102/0x130
[   67.738206][ T4447]  ? crc_itu_t+0x1f5/0x280
[   67.742627][ T4447]  crc_itu_t+0x1f5/0x280
[   67.746875][ T4447]  udf_close_lvid+0x543/0x990
[   67.751573][ T4447]  ? udf_open_lvid+0x5a0/0x5a0
[   67.756349][ T4447]  ? iput+0x333/0x8a0
[   67.760332][ T4447]  ? clear_inode+0x150/0x150
[   67.764930][ T4447]  udf_put_super+0xc8/0x160
[   67.769434][ T4447]  ? udf_free_in_core_inode+0x20/0x20
[   67.774811][ T4447]  generic_shutdown_super+0x130/0x300
[   67.780298][ T4447]  kill_block_super+0x7c/0xe0
[   67.784984][ T4447]  deactivate_locked_super+0x93/0xf0
[   67.790282][ T4447]  cleanup_mnt+0x418/0x4d0
[   67.794716][ T4447]  ? lockdep_hardirqs_on+0x94/0x140
[   67.799928][ T4447]  task_work_run+0x125/0x1a0
[   67.804538][ T4447]  exit_to_user_mode_loop+0x10f/0x130
[   67.809925][ T4447]  exit_to_user_mode_prepare+0xee/0x180
[   67.815484][ T4447]  syscall_exit_to_user_mode+0x16/0x40
[   67.820959][ T4447]  do_syscall_64+0x58/0xa0
[   67.825469][ T4447]  ? clear_bhb_loop+0x30/0x80
[   67.830155][ T4447]  ? clear_bhb_loop+0x30/0x80
[   67.834847][ T4447]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.840748][ T4447] RIP: 0033:0x7fc28f656c87
[   67.845166][ T4447] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   67.864773][ T4447] RSP: 002b:00007ffe8213e418 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   67.873295][ T4447] RAX: 0000000000000000 RBX: 00007fc28f6b0c5a RCX: 00007fc28f656c87
[   67.881369][ T4447] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007ffe8213e4d0
[   67.889347][ T4447] RBP: 00007ffe8213e4d0 R08: 0000000000000000 R09: 0000000000000000
[   67.897414][ T4447] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe8213f590
[   67.905391][ T4447] R13: 00007fc28f6b0c5a R14: 0000000000010488 R15: 0000000000000006
[   67.913379][ T4447]  </TASK>
[   67.916613][ T4447] Kernel Offset: disabled
[   67.921072][ T4447] Rebooting in 86400 seconds..