Warning: Permanently added '10.128.0.227' (ED25519) to the list of known hosts.
2026/02/09 02:35:03 parsed 1 programs
[  310.792217][ T5867] cgroup: Unknown subsys name 'net'
[  310.916649][ T5867] cgroup: Unknown subsys name 'cpuset'
[  310.925638][ T5867] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  312.662868][ T5867] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  315.606269][ T5881] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  316.741018][ T5899] chnl_net:caif_netlink_parms(): no params data found
[  316.833981][ T5899] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.841834][ T5899] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.849468][ T5899] bridge_slave_0: entered allmulticast mode
[  316.857573][ T5899] bridge_slave_0: entered promiscuous mode
[  316.867229][ T5899] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.874637][ T5899] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.881892][ T5899] bridge_slave_1: entered allmulticast mode
[  316.889256][ T5899] bridge_slave_1: entered promiscuous mode
[  316.922434][ T5899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  316.935761][ T5899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  316.967609][ T5899] team0: Port device team_slave_0 added
[  316.975823][ T5899] team0: Port device team_slave_1 added
[  316.998923][ T5899] batman_adv: batadv0: Adding interface: batadv_slave_0
[  317.005953][ T5899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  317.031917][ T5899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  317.045298][ T5899] batman_adv: batadv0: Adding interface: batadv_slave_1
[  317.052380][ T5899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  317.078856][ T5899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  317.118341][ T5899] hsr_slave_0: entered promiscuous mode
[  317.124803][ T5899] hsr_slave_1: entered promiscuous mode
[  317.257974][ T5899] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  317.271276][ T5899] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  317.281998][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  317.289117][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  317.294171][ T5899] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  317.307152][ T5899] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  317.337963][ T5899] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.345263][ T5899] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.353558][ T5899] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.360646][ T5899] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.414007][ T5899] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.431113][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.440685][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.457779][ T5899] 8021q: adding VLAN 0 to HW filter on device team0
[  317.470733][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.477973][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.491177][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.498358][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.671597][ T5899] 8021q: adding VLAN 0 to HW filter on device batadv0
[  317.711430][ T5899] veth0_vlan: entered promiscuous mode
[  317.724864][ T5899] veth1_vlan: entered promiscuous mode
[  317.753735][ T5899] veth0_macvtap: entered promiscuous mode
[  317.762555][ T5899] veth1_macvtap: entered promiscuous mode
[  317.779621][ T5899] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.793904][ T5899] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.808318][   T79] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.818871][   T79] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.829069][   T79] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.839117][   T79] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.999854][ T1110] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.061108][ T1110] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.128225][ T1110] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.215238][ T1110] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.233462][ T5930] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  318.241387][ T5930] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  318.249589][ T5930] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  318.258292][ T5930] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  318.266407][ T5930] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  319.949610][ T3570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.960005][ T3570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.989647][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.998018][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/02/09 02:35:15 executed programs: 0
[  320.480305][ T5930] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  320.489356][ T5930] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  320.497532][ T5930] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  320.509981][ T5930] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  320.518994][ T5930] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  320.677673][ T5980] chnl_net:caif_netlink_parms(): no params data found
[  320.783173][ T1110] bridge_slave_1: left allmulticast mode
[  320.788934][ T1110] bridge_slave_1: left promiscuous mode
[  320.795895][ T1110] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.806826][ T1110] bridge_slave_0: left allmulticast mode
[  320.812466][ T1110] bridge_slave_0: left promiscuous mode
[  320.819433][ T1110] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.024608][ T1110] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  321.038677][ T1110] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  321.048822][ T1110] bond0 (unregistering): Released all slaves
[  321.109491][ T5980] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.124278][ T5980] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.132379][ T5980] bridge_slave_0: entered allmulticast mode
[  321.141084][ T5980] bridge_slave_0: entered promiscuous mode
[  321.151037][ T5980] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.161280][ T5980] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.168798][ T5980] bridge_slave_1: entered allmulticast mode
[  321.176754][ T5980] bridge_slave_1: entered promiscuous mode
[  321.193177][ T1110] hsr_slave_0: left promiscuous mode
[  321.199422][ T1110] hsr_slave_1: left promiscuous mode
[  321.205779][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  321.213256][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_0
[  321.222251][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  321.229764][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_1
[  321.253413][ T1110] veth1_macvtap: left promiscuous mode
[  321.259111][ T1110] veth0_macvtap: left promiscuous mode
[  321.264866][ T1110] veth1_vlan: left promiscuous mode
[  321.270843][ T1110] veth0_vlan: left promiscuous mode
[  321.766497][ T1110] team0 (unregistering): Port device team_slave_1 removed
[  321.796600][ T1110] team0 (unregistering): Port device team_slave_0 removed
[  322.047151][ T5980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  322.059673][ T5980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  322.101235][ T5980] team0: Port device team_slave_0 added
[  322.117401][ T5980] team0: Port device team_slave_1 added
[  322.148048][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.156168][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  322.183073][ T5980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.200390][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.207469][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  322.233925][ T5980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.286052][ T5980] hsr_slave_0: entered promiscuous mode
[  322.292344][ T5980] hsr_slave_1: entered promiscuous mode
[  322.556183][   T52] Bluetooth: hci0: command tx timeout
[  323.554428][ T5980] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  323.571246][ T5980] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  323.583382][ T5980] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  323.605542][ T5980] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  323.934665][ T5980] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.977436][ T5980] 8021q: adding VLAN 0 to HW filter on device team0
[  324.016882][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.024262][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.058059][ T3519] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.065406][ T3519] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.381009][ T5980] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.441868][ T5980] veth0_vlan: entered promiscuous mode
[  324.461153][ T5980] veth1_vlan: entered promiscuous mode
[  324.492655][ T5980] veth0_macvtap: entered promiscuous mode
[  324.501599][ T5980] veth1_macvtap: entered promiscuous mode
[  324.518310][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.532184][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.546974][   T79] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.557208][   T79] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.567742][   T79] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.576712][   T79] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.630754][ T3519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.639559][   T52] Bluetooth: hci0: command tx timeout
[  324.647208][ T3519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.670737][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.678732][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.851830][ T6054] infiniband 
: set down
[  324.856786][ T6054] infiniband 
: added ipvlan0
[  324.889344][ T6054] RDS/IB: 
: added
[  324.893836][ T6054] smc: adding ib device 
 with port count 1
[  324.899887][ T6054] smc:    ib device 
 port 1 has no pnetid
[  325.070822][ T6056] 
: rxe_newlink: already configured on ipvlan0
[  325.115478][ T6057] 
: rxe_newlink: already configured on ipvlan0
[  325.149301][ T6058] 
: rxe_newlink: already configured on ipvlan0
[  325.192752][ T6059] 
: rxe_newlink: already configured on ipvlan0
[  325.225582][ T6060] 
: rxe_newlink: already configured on ipvlan0
[  325.260749][ T6061] 
: rxe_newlink: already configured on ipvlan0
[  325.305387][ T6062] 
: rxe_newlink: already configured on ipvlan0
[  325.347940][ T6063] 
: rxe_newlink: already configured on ipvlan0
[  325.397393][ T6064] 
: rxe_newlink: already configured on ipvlan0
[  325.432714][ T6065] 
: rxe_newlink: already configured on ipvlan0
2026/02/09 02:35:20 executed programs: 13
[  326.713309][   T52] Bluetooth: hci0: command tx timeout
[  328.795771][   T52] Bluetooth: hci0: command tx timeout
[  330.091730][ T6268] rxe_newlink: 202 callbacks suppressed
[  330.091747][ T6268] 
: rxe_newlink: already configured on ipvlan0
[  330.119011][ T6269] 
: rxe_newlink: already configured on ipvlan0
[  330.137581][ T6270] 
: rxe_newlink: already configured on ipvlan0
[  330.158887][ T6271] 
: rxe_newlink: already configured on ipvlan0
[  330.179114][ T6272] 
: rxe_newlink: already configured on ipvlan0
[  330.197119][ T6273] 
: rxe_newlink: already configured on ipvlan0
[  330.219534][ T6274] 
: rxe_newlink: already configured on ipvlan0
[  330.240977][ T6275] 
: rxe_newlink: already configured on ipvlan0
[  330.258847][ T6276] 
: rxe_newlink: already configured on ipvlan0
[  330.279851][ T6277] 
: rxe_newlink: already configured on ipvlan0
2026/02/09 02:35:25 executed programs: 237
[  335.093370][ T6528] rxe_newlink: 250 callbacks suppressed
[  335.093386][ T6528] 
: rxe_newlink: already configured on ipvlan0
[  335.117445][ T6529] 
: rxe_newlink: already configured on ipvlan0
[  335.138741][ T6530] 
: rxe_newlink: already configured on ipvlan0
[  335.157205][ T6531] 
: rxe_newlink: already configured on ipvlan0
[  335.176739][ T6532] 
: rxe_newlink: already configured on ipvlan0
[  335.200164][ T6533] 
: rxe_newlink: already configured on ipvlan0
[  335.221216][ T6534] 
: rxe_newlink: already configured on ipvlan0
[  335.239457][ T6535] 
: rxe_newlink: already configured on ipvlan0
[  335.258845][ T6536] 
: rxe_newlink: already configured on ipvlan0
[  335.278292][ T6537] 
: rxe_newlink: already configured on ipvlan0
2026/02/09 02:35:30 executed programs: 499
[  337.479438][ T5930] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  337.488542][ T5930] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  337.497012][ T5930] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  337.506128][ T5930] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  337.514106][ T5930] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  337.716972][ T3492] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.790572][ T3492] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.859071][ T3492] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.874727][ T6656] chnl_net:caif_netlink_parms(): no params data found
[  337.929470][ T3492] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.965989][ T6656] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.973621][ T6656] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.980783][ T6656] bridge_slave_0: entered allmulticast mode
[  337.988718][ T6656] bridge_slave_0: entered promiscuous mode
[  337.996949][ T6656] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.004321][ T6656] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.011584][ T6656] bridge_slave_1: entered allmulticast mode
[  338.018667][ T6656] bridge_slave_1: entered promiscuous mode
[  338.052664][ T6656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  338.084723][ T6656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  338.125650][ T6656] team0: Port device team_slave_0 added
[  338.143986][ T6656] team0: Port device team_slave_1 added
[  338.179387][ T6656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  338.189232][ T6656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  338.215590][ T6656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  338.228383][ T6656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  338.236221][ T6656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  338.262753][ T6656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  338.283177][ T3492] bridge_slave_1: left allmulticast mode
[  338.288953][ T3492] bridge_slave_1: left promiscuous mode
[  338.295146][ T3492] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.305207][ T3492] bridge_slave_0: left allmulticast mode
[  338.310948][ T3492] bridge_slave_0: left promiscuous mode
[  338.316968][ T3492] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.514648][ T3492] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.526056][ T3492] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.536007][ T3492] bond0 (unregistering): Released all slaves
[  338.581058][ T6656] hsr_slave_0: entered promiscuous mode
[  338.588019][ T6656] hsr_slave_1: entered promiscuous mode
[  338.597776][ T6656] debugfs: 'hsr0' already exists in 'hsr'
[  338.611390][ T6656] Cannot create hsr debugfs directory
[  339.106668][ T3492] hsr_slave_0: left promiscuous mode
[  339.113784][ T3492] hsr_slave_1: left promiscuous mode
[  339.120066][ T3492] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.130232][ T3492] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.142245][ T3492] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.150030][ T3492] batman_adv: batadv0: Removing interface: batadv_slave_1
[  339.170681][ T3492] veth1_macvtap: left promiscuous mode
[  339.176480][ T3492] veth0_macvtap: left promiscuous mode
[  339.182182][ T3492] veth1_vlan: left promiscuous mode
[  339.188192][ T3492] veth0_vlan: left promiscuous mode
[  339.380565][   T79] smc: removing ib device 

[  339.575490][ T3492] team0 (unregistering): Port device team_slave_1 removed
[  339.593319][ T5930] Bluetooth: hci1: command tx timeout
[  339.604916][ T3492] team0 (unregistering): Port device team_slave_0 removed
[  339.889307][ T5913] ==================================================================
[  339.897418][ T5913] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x5e/0x170
[  339.906194][ T5913] Read of size 8 at addr ffff88806da7e2e8 by task kworker/0:3/5913
[  339.914086][ T5913] 
[  339.916419][ T5913] CPU: 0 UID: 0 PID: 5913 Comm: kworker/0:3 Not tainted syzkaller #0 PREEMPT(full) 
[  339.916436][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  339.916446][ T5913] Workqueue: events smc_ib_port_event_work
[  339.916473][ T5913] Call Trace:
[  339.916480][ T5913]  <TASK>
[  339.916487][ T5913]  dump_stack_lvl+0xe8/0x150
[  339.916506][ T5913]  print_report+0xba/0x230
[  339.916521][ T5913]  ? __ethtool_get_link_ksettings+0x5e/0x170
[  339.916538][ T5913]  kasan_report+0x117/0x150
[  339.916554][ T5913]  ? __ethtool_get_link_ksettings+0x5e/0x170
[  339.916574][ T5913]  __ethtool_get_link_ksettings+0x5e/0x170
[  339.916592][ T5913]  ib_get_eth_speed+0x180/0x7f0
[  339.916610][ T5913]  ? rxe_query_port+0x7e/0x3d0
[  339.916625][ T5913]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  339.916645][ T5913]  ? do_raw_spin_unlock+0xf5/0x210
[  339.916665][ T5913]  rxe_query_port+0x93/0x3d0
[  339.916680][ T5913]  ib_query_port+0x170/0x830
[  339.916701][ T5913]  smc_ib_port_event_work+0x15a/0x940
[  339.916725][ T5913]  ? process_scheduled_works+0xa0f/0x17a0
[  339.916746][ T5913]  ? process_scheduled_works+0xa0f/0x17a0
[  339.916766][ T5913]  process_scheduled_works+0xaec/0x17a0
[  339.916794][ T5913]  ? __pfx_process_scheduled_works+0x10/0x10
[  339.916813][ T5913]  ? do_raw_spin_lock+0x12b/0x2f0
[  339.916829][ T5913]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  339.916843][ T5913]  ? schedule+0x90/0x360
[  339.916860][ T5913]  worker_thread+0xda6/0x1360
[  339.916888][ T5913]  kthread+0x726/0x8b0
[  339.916904][ T5913]  ? __pfx_worker_thread+0x10/0x10
[  339.916923][ T5913]  ? __pfx_kthread+0x10/0x10
[  339.916939][ T5913]  ? _raw_spin_unlock_irq+0x23/0x50
[  339.916951][ T5913]  ? __pfx_kthread+0x10/0x10
[  339.916966][ T5913]  ret_from_fork+0x51b/0xa40
[  339.916979][ T5913]  ? __pfx_ret_from_fork+0x10/0x10
[  339.916997][ T5913]  ? __switch_to+0xc82/0x1410
[  339.917016][ T5913]  ? __pfx_kthread+0x10/0x10
[  339.917031][ T5913]  ret_from_fork_asm+0x1a/0x30
[  339.917054][ T5913]  </TASK>
[  339.917059][ T5913] 
[  340.109301][ T5913] Allocated by task 5980:
[  340.113630][ T5913]  kasan_save_track+0x3e/0x80
[  340.118308][ T5913]  __kasan_kmalloc+0x93/0xb0
[  340.122893][ T5913]  __kvmalloc_node_noprof+0x59a/0x8d0
[  340.128287][ T5913]  alloc_netdev_mqs+0xa6/0x11b0
[  340.133137][ T5913]  rtnl_create_link+0x31f/0xd70
[  340.137987][ T5913]  rtnl_newlink_create+0x277/0xb70
[  340.143100][ T5913]  rtnl_newlink+0x1666/0x1be0
[  340.147802][ T5913]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  340.152736][ T5913]  netlink_rcv_skb+0x232/0x4b0
[  340.157498][ T5913]  netlink_unicast+0x80f/0x9b0
[  340.162262][ T5913]  netlink_sendmsg+0x813/0xb40
[  340.167022][ T5913]  __sys_sendto+0x709/0x7a0
[  340.171527][ T5913]  __x64_sys_sendto+0xde/0x100
[  340.176290][ T5913]  do_syscall_64+0xe2/0xf80
[  340.180792][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.186686][ T5913] 
[  340.189005][ T5913] Freed by task 3492:
[  340.192980][ T5913]  kasan_save_track+0x3e/0x80
[  340.198086][ T5913]  kasan_save_free_info+0x46/0x50
[  340.203197][ T5913]  __kasan_slab_free+0x5c/0x80
[  340.207958][ T5913]  kfree+0x1be/0x650
[  340.211858][ T5913]  device_release+0x9e/0x1d0
[  340.217407][ T5913]  kobject_put+0x228/0x560
[  340.221832][ T5913]  netdev_run_todo+0xc75/0xde0
[  340.226599][ T5913]  default_device_exit_batch+0x986/0xa00
[  340.232229][ T5913]  ops_undo_list+0x52b/0x940
[  340.236911][ T5913]  cleanup_net+0x4df/0x7b0
[  340.241327][ T5913]  process_scheduled_works+0xaec/0x17a0
[  340.246883][ T5913]  worker_thread+0xda6/0x1360
[  340.251562][ T5913]  kthread+0x726/0x8b0
[  340.255635][ T5913]  ret_from_fork+0x51b/0xa40
[  340.260230][ T5913]  ret_from_fork_asm+0x1a/0x30
[  340.265003][ T5913] 
[  340.267324][ T5913] The buggy address belongs to the object at ffff88806da7e000
[  340.267324][ T5913]  which belongs to the cache kmalloc-cg-4k of size 4096
[  340.281639][ T5913] The buggy address is located 744 bytes inside of
[  340.281639][ T5913]  freed 4096-byte region [ffff88806da7e000, ffff88806da7f000)
[  340.295532][ T5913] 
[  340.297853][ T5913] The buggy address belongs to the physical page:
[  340.304254][ T5913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6da78
[  340.313011][ T5913] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  340.321501][ T5913] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  340.329044][ T5913] page_type: f5(slab)
[  340.333023][ T5913] raw: 00fff00000000040 ffff88813fe30500 ffffea0001953200 dead000000000002
[  340.341601][ T5913] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  340.350189][ T5913] head: 00fff00000000040 ffff88813fe30500 ffffea0001953200 dead000000000002
[  340.358854][ T5913] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  340.367520][ T5913] head: 00fff00000000003 ffffea0001b69e01 00000000ffffffff 00000000ffffffff
[  340.376187][ T5913] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  340.384863][ T5913] page dumped because: kasan: bad access detected
[  340.391268][ T5913] page_owner tracks the page as allocated
[  340.396975][ T5913] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5199, tgid 5199 (udevd), ts 50725588045, free_ts 27332613121
[  340.417736][ T5913]  post_alloc_hook+0x228/0x280
[  340.422522][ T5913]  get_page_from_freelist+0x24dc/0x2580
[  340.428087][ T5913]  __alloc_frozen_pages_noprof+0x18d/0x380
[  340.433913][ T5913]  alloc_pages_mpol+0x232/0x4a0
[  340.438787][ T5913]  allocate_slab+0x86/0x3a0
[  340.443290][ T5913]  ___slab_alloc+0xd82/0x1760
[  340.447974][ T5913]  __slab_alloc+0x65/0x100
[  340.452393][ T5913]  __kvmalloc_node_noprof+0x673/0x8d0
[  340.457761][ T5913]  seq_read_iter+0x202/0xe10
[  340.462358][ T5913]  vfs_read+0x582/0xa70
[  340.466514][ T5913]  ksys_read+0x150/0x270
[  340.470773][ T5913]  do_syscall_64+0xe2/0xf80
[  340.475370][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.481280][ T5913] page last free pid 1 tgid 1 stack trace:
[  340.487079][ T5913]  __free_frozen_pages+0xbf8/0xd70
[  340.492221][ T5913]  free_contig_range+0x1bd/0x480
[  340.497167][ T5913]  destroy_args+0x69/0x630
[  340.501591][ T5913]  debug_vm_pgtable+0x3f8/0x410
[  340.506530][ T5913]  do_one_initcall+0x250/0x840
[  340.511310][ T5913]  do_initcall_level+0x104/0x190
[  340.516248][ T5913]  do_initcalls+0x59/0xa0
[  340.520771][ T5913]  kernel_init_freeable+0x2a6/0x3d0
[  340.525972][ T5913]  kernel_init+0x1d/0x1d0
[  340.530302][ T5913]  ret_from_fork+0x51b/0xa40
[  340.534889][ T5913]  ret_from_fork_asm+0x1a/0x30
[  340.539663][ T5913] 
[  340.541986][ T5913] Memory state around the buggy address:
[  340.547788][ T5913]  ffff88806da7e180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  340.555850][ T5913]  ffff88806da7e200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  340.563922][ T5913] >ffff88806da7e280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  340.573190][ T5913]                                                           ^
[  340.580637][ T5913]  ffff88806da7e300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  340.588690][ T5913]  ffff88806da7e380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  340.596928][ T5913] ==================================================================
[  340.607316][ T5913] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  340.614548][ T5913] CPU: 0 UID: 0 PID: 5913 Comm: kworker/0:3 Not tainted syzkaller #0 PREEMPT(full) 
[  340.623933][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  340.633982][ T5913] Workqueue: events smc_ib_port_event_work
[  340.639818][ T5913] Call Trace:
[  340.643095][ T5913]  <TASK>
[  340.646019][ T5913]  vpanic+0x1e0/0x670
[  340.650082][ T5913]  panic+0xc5/0xd0
[  340.653793][ T5913]  ? __pfx_panic+0x10/0x10
[  340.658201][ T5913]  ? preempt_schedule_thunk+0x16/0x30
[  340.663567][ T5913]  ? preempt_schedule_thunk+0x16/0x30
[  340.668937][ T5913]  ? __ethtool_get_link_ksettings+0x5e/0x170
[  340.674908][ T5913]  check_panic_on_warn+0x89/0xb0
[  340.679841][ T5913]  ? __ethtool_get_link_ksettings+0x5e/0x170
[  340.685813][ T5913]  end_report+0x6f/0x140
[  340.690047][ T5913]  kasan_report+0x128/0x150
[  340.694538][ T5913]  ? __ethtool_get_link_ksettings+0x5e/0x170
[  340.700510][ T5913]  __ethtool_get_link_ksettings+0x5e/0x170
[  340.706306][ T5913]  ib_get_eth_speed+0x180/0x7f0
[  340.711260][ T5913]  ? rxe_query_port+0x7e/0x3d0
[  340.716013][ T5913]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  340.721395][ T5913]  ? do_raw_spin_unlock+0xf5/0x210
[  340.726509][ T5913]  rxe_query_port+0x93/0x3d0
[  340.731204][ T5913]  ib_query_port+0x170/0x830
[  340.735803][ T5913]  smc_ib_port_event_work+0x15a/0x940
[  340.741182][ T5913]  ? process_scheduled_works+0xa0f/0x17a0
[  340.746909][ T5913]  ? process_scheduled_works+0xa0f/0x17a0
[  340.752895][ T5913]  process_scheduled_works+0xaec/0x17a0
[  340.758476][ T5913]  ? __pfx_process_scheduled_works+0x10/0x10
[  340.764659][ T5913]  ? do_raw_spin_lock+0x12b/0x2f0
[  340.769716][ T5913]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  340.775100][ T5913]  ? schedule+0x90/0x360
[  340.779446][ T5913]  worker_thread+0xda6/0x1360
[  340.784150][ T5913]  kthread+0x726/0x8b0
[  340.788220][ T5913]  ? __pfx_worker_thread+0x10/0x10
[  340.793334][ T5913]  ? __pfx_kthread+0x10/0x10
[  340.797932][ T5913]  ? _raw_spin_unlock_irq+0x23/0x50
[  340.803231][ T5913]  ? __pfx_kthread+0x10/0x10
[  340.807837][ T5913]  ret_from_fork+0x51b/0xa40
[  340.812429][ T5913]  ? __pfx_ret_from_fork+0x10/0x10
[  340.817540][ T5913]  ? __switch_to+0xc82/0x1410
[  340.822221][ T5913]  ? __pfx_kthread+0x10/0x10
[  340.826822][ T5913]  ret_from_fork_asm+0x1a/0x30
[  340.831597][ T5913]  </TASK>
[  340.834785][ T5913] Kernel Offset: disabled
[  340.839101][ T5913] Rebooting in 86400 seconds..