Warning: Permanently added '10.128.1.250' (ED25519) to the list of known hosts.
1970/01/01 00:00:43 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:44 parsed 1 programs
[   47.411583][ T4038] cgroup: Unknown subsys name 'net'
[   47.754692][ T4038] cgroup: Unknown subsys name 'rlimit'
[   48.114495][ T4038] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   57.269089][ T4077] chnl_net:caif_netlink_parms(): no params data found
[   57.316803][ T4077] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.319279][ T4077] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.321994][ T4077] device bridge_slave_0 entered promiscuous mode
[   57.369204][ T4077] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.371297][ T4077] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.374019][ T4077] device bridge_slave_1 entered promiscuous mode
[   57.390698][ T4077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.395706][ T4077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.414491][ T4077] team0: Port device team_slave_0 added
[   57.418744][ T4077] team0: Port device team_slave_1 added
[   57.433060][ T4077] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.435034][ T4077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.442598][ T4077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.447736][ T4077] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.450239][ T4077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.457376][ T4077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.540744][ T4077] device hsr_slave_0 entered promiscuous mode
[   57.589970][ T4077] device hsr_slave_1 entered promiscuous mode
[   57.753771][ T4077] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   57.821514][ T4077] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   57.860874][ T4077] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   57.920885][ T4077] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.991324][ T4077] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.993469][ T4077] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.996093][ T4077] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.998276][ T4077] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.052303][ T4077] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.061943][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.066825][  T136] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.070755][  T136] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.073914][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   58.083687][ T4077] 8021q: adding VLAN 0 to HW filter on device team0
[   58.091890][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.094652][  T384] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.096665][  T384] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.105189][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.108770][  T384] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.110776][  T384] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.130738][  T303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   58.133788][  T303] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   58.145890][  T303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   58.152118][  T303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.157441][  T303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.164544][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   58.252628][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   58.254844][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   58.264872][ T4077] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.281037][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   58.283970][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.297796][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   58.301713][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.305348][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.307964][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.319935][ T4077] device veth0_vlan entered promiscuous mode
[   58.328086][ T4077] device veth1_vlan entered promiscuous mode
[   58.346225][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   58.352567][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   58.355426][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   58.358145][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.363407][ T4077] device veth0_macvtap entered promiscuous mode
[   58.368153][ T4077] device veth1_macvtap entered promiscuous mode
[   58.380678][ T4077] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.384515][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   58.387263][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   58.391514][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   58.394443][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.403270][ T4077] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.407669][ T4077] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.411868][ T4077] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.416707][ T4077] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.420961][ T4077] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.425739][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.432587][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.717872][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.723265][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.727183][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   58.735833][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.738049][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.744004][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:00:59 executed programs: 0
[   59.851070][ T4137] chnl_net:caif_netlink_parms(): no params data found
[   59.894832][ T4137] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.896895][ T4137] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.899652][ T4137] device bridge_slave_0 entered promiscuous mode
[   59.903638][ T4137] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.905754][ T4137] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.908852][ T4137] device bridge_slave_1 entered promiscuous mode
[   59.925564][ T4137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.930598][ T4137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.951667][ T4137] team0: Port device team_slave_0 added
[   59.972494][ T4137] team0: Port device team_slave_1 added
[   59.986396][ T4137] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.990553][ T4137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.997678][ T4137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.002458][ T4137] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.004433][ T4137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.012103][ T4137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.080671][ T4137] device hsr_slave_0 entered promiscuous mode
[   60.118717][ T4137] device hsr_slave_1 entered promiscuous mode
[   60.168859][ T4137] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.171202][ T4137] Cannot create hsr debugfs directory
[   60.247608][ T4137] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.779069][ T4097] Bluetooth: hci0: command 0x0409 tx timeout
[   63.248958][ T4137] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.466268][ T4137] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.507894][ T4137] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.668073][ T4137] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.701489][ T4137] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.760952][ T4137] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.800662][ T4137] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.858593][ T4056] Bluetooth: hci0: command 0x041b tx timeout
[   63.894390][ T4137] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.903577][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.906191][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.912705][ T4137] 8021q: adding VLAN 0 to HW filter on device team0
[   63.917843][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   63.921972][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.924616][  T384] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.926563][  T384] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.930396][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.936188][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   63.940446][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.943103][  T384] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.945083][  T384] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.951195][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   63.956621][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   63.964036][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   63.967082][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   63.972026][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   64.017732][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   64.021149][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.026871][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   64.034328][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.041177][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   64.043919][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.050188][ T4137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   64.131606][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   64.133943][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   64.141598][ T4137] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.154207][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   64.157097][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   64.170797][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   64.173656][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   64.176444][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   64.181386][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   64.186229][ T4137] device veth0_vlan entered promiscuous mode
[   64.194745][ T4137] device veth1_vlan entered promiscuous mode
[   64.210078][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   64.212791][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   64.215591][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   64.220690][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   64.225330][ T4137] device veth0_macvtap entered promiscuous mode
[   64.230555][ T4137] device veth1_macvtap entered promiscuous mode
[   64.240978][ T4137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.244145][ T4137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.247798][ T4137] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.250405][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   64.254245][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   64.257079][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   64.262515][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   64.268003][ T4137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.271319][ T4137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.274944][ T4137] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.277448][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   64.280871][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   64.286403][ T4137] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.290535][ T4137] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.292914][ T4137] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.295246][ T4137] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.343516][  T384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.345940][  T384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.359887][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   64.363829][  T384] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.366020][  T384] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.404663][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   64.444841][ T4170] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[   64.484478][ T4172] ==================================================================
[   64.486910][ T4172] BUG: KASAN: use-after-free in ax25_fillin_cb+0x394/0x568
[   64.488922][ T4172] Read of size 4 at addr ffff0000d2c66038 by task syz.0.18/4172
[   64.491152][ T4172] 
[   64.491808][ T4172] CPU: 1 PID: 4172 Comm: syz.0.18 Not tainted 5.15.189-syzkaller #0
[   64.494122][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.496856][ T4172] Call trace:
[   64.497758][ T4172]  dump_backtrace+0x0/0x43c
[   64.499020][ T4172]  show_stack+0x2c/0x3c
[   64.500190][ T4172]  __dump_stack+0x30/0x40
[   64.501454][ T4172]  dump_stack_lvl+0xf8/0x160
[   64.502785][ T4172]  print_address_description+0x78/0x30c
[   64.504381][ T4172]  kasan_report+0xec/0x15c
[   64.505603][ T4172]  __asan_report_load4_noabort+0x44/0x50
[   64.507224][ T4172]  ax25_fillin_cb+0x394/0x568
[   64.508530][ T4172]  ax25_setsockopt+0x8d0/0xa5c
[   64.509811][ T4172]  __sys_setsockopt+0x260/0x36c
[   64.511219][ T4172]  __arm64_sys_setsockopt+0xb8/0xd4
[   64.512723][ T4172]  invoke_syscall+0x98/0x2b8
[   64.514038][ T4172]  el0_svc_common+0x138/0x258
[   64.515312][ T4172]  do_el0_svc+0x58/0x14c
[   64.516489][ T4172]  el0_svc+0x78/0x1e0
[   64.517603][ T4172]  el0t_64_sync_handler+0xcc/0xe4
[   64.519096][ T4172]  el0t_64_sync+0x1a0/0x1a4
[   64.520326][ T4172] 
[   64.520929][ T4172] Allocated by task 4170:
[   64.522097][ T4172]  __kasan_kmalloc+0xb0/0xf0
[   64.523416][ T4172]  kmem_cache_alloc_trace+0x274/0x3fc
[   64.524968][ T4172]  ax25_dev_device_up+0x5c/0x540
[   64.526392][ T4172]  ax25_device_event+0x504/0x590
[   64.527725][ T4172]  raw_notifier_call_chain+0xd4/0x164
[   64.529223][ T4172]  __dev_notify_flags+0x250/0x46c
[   64.530747][ T4172]  dev_change_flags+0xc8/0x154
[   64.532111][ T4172]  dev_ifsioc+0x504/0xef4
[   64.533306][ T4172]  dev_ioctl+0x4d0/0xc94
[   64.534546][ T4172]  sock_do_ioctl+0x18c/0x240
[   64.535846][ T4172]  sock_ioctl+0x5c8/0x87c
[   64.537062][ T4172]  __arm64_sys_ioctl+0x14c/0x1c8
[   64.538423][ T4172]  invoke_syscall+0x98/0x2b8
[   64.539736][ T4172]  el0_svc_common+0x138/0x258
[   64.541058][ T4172]  do_el0_svc+0x58/0x14c
[   64.542254][ T4172]  el0_svc+0x78/0x1e0
[   64.543335][ T4172]  el0t_64_sync_handler+0xcc/0xe4
[   64.544749][ T4172]  el0t_64_sync+0x1a0/0x1a4
[   64.546049][ T4172] 
[   64.546677][ T4172] Freed by task 4171:
[   64.547797][ T4172]  kasan_set_track+0x4c/0x84
[   64.549090][ T4172]  kasan_set_free_info+0x28/0x4c
[   64.550476][ T4172]  ____kasan_slab_free+0x118/0x164
[   64.551969][ T4172]  __kasan_slab_free+0x18/0x28
[   64.553324][ T4172]  slab_free_freelist_hook+0x128/0x1e8
[   64.554914][ T4172]  kfree+0x170/0x40c
[   64.556001][ T4172]  ax25_release+0x564/0x814
[   64.557263][ T4172]  sock_close+0xb4/0x1f8
[   64.558460][ T4172]  __fput+0x1c0/0x7f8
[   64.559576][ T4172]  ____fput+0x20/0x30
[   64.560639][ T4172]  task_work_run+0x12c/0x1e0
[   64.561935][ T4172]  do_notify_resume+0x24b4/0x3128
[   64.563332][ T4172]  el0_svc+0xf0/0x1e0
[   64.564433][ T4172]  el0t_64_sync_handler+0xcc/0xe4
[   64.565803][ T4172]  el0t_64_sync+0x1a0/0x1a4
[   64.566900][ T4172] 
[   64.567467][ T4172] Last potentially related work creation:
[   64.568830][ T4172]  kasan_save_stack+0x38/0x68
[   64.570150][ T4172]  kasan_record_aux_stack+0xcc/0x114
[   64.571652][ T4172]  insert_work+0x64/0x388
[   64.572849][ T4172]  __queue_work+0xb30/0x1054
[   64.574086][ T4172]  queue_work_on+0xc4/0x17c
[   64.575308][ T4172]  call_usermodehelper_exec+0x22c/0x478
[   64.576797][ T4172]  kobject_uevent_env+0x670/0x888
[   64.578241][ T4172]  kobject_uevent+0x2c/0x3c
[   64.579501][ T4172]  device_add+0xa28/0xf94
[   64.580716][ T4172]  device_create_groups_vargs+0x1d4/0x26c
[   64.582372][ T4172]  device_create+0xe8/0x134
[   64.583652][ T4172]  sound_insert_unit+0x6c0/0x720
[   64.585084][ T4172]  register_sound_special_device+0x304/0x3a8
[   64.586861][ T4172]  snd_register_oss_device+0x2d4/0x448
[   64.588515][ T4172]  snd_mixer_oss_notify_handler+0x164/0xce4
[   64.590201][ T4172]  snd_card_register+0x49c/0x620
[   64.591578][ T4172]  snd_virmidi_probe+0x3b0/0x5c4
[   64.592963][ T4172]  platform_probe+0x13c/0x1b4
[   64.594335][ T4172]  really_probe+0x26c/0xaec
[   64.595628][ T4172]  __driver_probe_device+0x180/0x314
[   64.597079][ T4172]  driver_probe_device+0x78/0x34c
[   64.598511][ T4172]  __device_attach_driver+0x274/0x4c4
[   64.600075][ T4172]  bus_for_each_drv+0x150/0x1d8
[   64.601458][ T4172]  __device_attach+0x2a8/0x3d4
[   64.602852][ T4172]  device_initial_probe+0x24/0x34
[   64.604323][ T4172]  bus_probe_device+0xbc/0x1c4
[   64.605770][ T4172]  device_add+0xb04/0xf94
[   64.607046][ T4172]  platform_device_add+0x3f8/0x6ec
[   64.608455][ T4172]  platform_device_register_full+0x4f8/0x618
[   64.610171][ T4172]  alsa_card_virmidi_init+0x124/0x244
[   64.611704][ T4172]  do_one_initcall+0x228/0x8b0
[   64.613032][ T4172]  do_initcall_level+0x154/0x214
[   64.614452][ T4172]  do_initcalls+0x58/0xac
[   64.615707][ T4172]  do_basic_setup+0x8c/0xa0
[   64.617026][ T4172]  kernel_init_freeable+0x404/0x5fc
[   64.618592][ T4172]  kernel_init+0x24/0x1d0
[   64.619847][ T4172]  ret_from_fork+0x10/0x20
[   64.621103][ T4172] 
[   64.621836][ T4172] The buggy address belongs to the object at ffff0000d2c66000
[   64.621836][ T4172]  which belongs to the cache kmalloc-256 of size 256
[   64.625859][ T4172] The buggy address is located 56 bytes inside of
[   64.625859][ T4172]  256-byte region [ffff0000d2c66000, ffff0000d2c66100)
[   64.629690][ T4172] The buggy address belongs to the page:
[   64.631307][ T4172] page:0000000031468f8b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112c66
[   64.634346][ T4172] head:0000000031468f8b order:1 compound_mapcount:0
[   64.636264][ T4172] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   64.638620][ T4172] raw: 05ffc00000010200 dead000000000100 dead000000000122 ffff0000c0002480
[   64.641018][ T4172] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   64.643584][ T4172] page dumped because: kasan: bad access detected
[   64.645368][ T4172] 
[   64.646048][ T4172] Memory state around the buggy address:
[   64.647649][ T4172]  ffff0000d2c65f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   64.649851][ T4172]  ffff0000d2c65f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   64.652186][ T4172] >ffff0000d2c66000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   64.654521][ T4172]                                         ^
[   64.656232][ T4172]  ffff0000d2c66080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   64.658457][ T4172]  ffff0000d2c66100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   64.660638][ T4172] ==================================================================
[   64.662859][ T4172] Disabling lock debugging due to kernel taint
[   64.665769][ T4172] Unable to handle kernel paging request at virtual address 00000312000015f3
[   64.669317][ T4172] Mem abort info:
[   64.670317][ T4172]   ESR = 0x0000000096000021
[   64.671632][ T4172]   EC = 0x25: DABT (current EL), IL = 32 bits
[   64.673244][ T4172]   SET = 0, FnV = 0
[   64.674324][ T4172]   EA = 0, S1PTW = 0
[   64.675415][ T4172]   FSC = 0x21: alignment fault
[   64.677612][ T4172] Data abort info:
[   64.679093][ T4172]   ISV = 0, ISS = 0x00000021
[   64.680345][ T4172]   CM = 0, WnR = 0
[   64.681391][ T4172] user pgtable: 4k pages, 48-bit VAs, pgdp=000000012d525000
[   64.683339][ T4172] [00000312000015f3] pgd=0000000000000000, p4d=0000000000000000
[   64.685341][ T4172] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP
[   64.687253][ T4172] Modules linked in:
[   64.688307][ T4172] CPU: 1 PID: 4172 Comm: syz.0.18 Tainted: G    B             5.15.189-syzkaller #0
[   64.691057][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.693814][ T4172] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   64.696036][ T4172] pc : ax25_release+0x4f4/0x814
[   64.697358][ T4172] lr : ax25_release+0x4ec/0x814
[   64.698650][ T4172] sp : ffff80001fd67a00
[   64.699781][ T4172] x29: ffff80001fd67a20 x28: dfff800000000000 x27: ffff0000d769f080
[   64.702049][ T4172] x26: ffff0000d5052028 x25: 0000000000000002 x24: 00000000ffffffff
[   64.704253][ T4172] x23: ed000312000015f3 x22: ffff0000d2c66000 x21: ffff0000dcf3e018
[   64.706484][ T4172] x20: ffff0000d769f000 x19: 1fffe0001aa0a405 x18: 0000000000000000
[   64.708700][ T4172] x17: 0000000000000000 x16: ffff8000082d6448 x15: 0000000000000002
[   64.710977][ T4172] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000ff0100
[   64.713239][ T4172] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff80001045ef30
[   64.715451][ T4172] x8 : ffff0000c0f88000 x7 : 0000000000000000 x6 : ffff80000837b9bc
[   64.717626][ T4172] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80001045ef24
[   64.719795][ T4172] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
[   64.722015][ T4172] Call trace:
[   64.722917][ T4172]  ax25_release+0x4f4/0x814
[   64.724116][ T4172]  sock_close+0xb4/0x1f8
[   64.725315][ T4172]  __fput+0x1c0/0x7f8
[   64.726479][ T4172]  ____fput+0x20/0x30
[   64.727563][ T4172]  task_work_run+0x12c/0x1e0
[   64.728876][ T4172]  do_notify_resume+0x24b4/0x3128
[   64.730304][ T4172]  el0_svc+0xf0/0x1e0
[   64.731425][ T4172]  el0t_64_sync_handler+0xcc/0xe4
[   64.732782][ T4172]  el0t_64_sync+0x1a0/0x1a4
[   64.734050][ T4172] Code: d503201f 96006935 52800038 4b1803f8 (b87802f8) 
[   64.736017][ T4172] ---[ end trace 7494e79bc122d1b7 ]---
[   65.081647][ T4172] Kernel panic - not syncing: Oops: Fatal exception
[   65.083510][ T4172] SMP: stopping secondary CPUs
[   65.084873][ T4172] Kernel Offset: disabled
[   65.086069][ T4172] CPU features: 0x8,000081c1,21302e40
[   65.087633][ T4172] Memory Limit: none
[   65.443883][ T4172] Rebooting in 86400 seconds..