Warning: Permanently added '10.128.1.37' (ED25519) to the list of known hosts.
2025/10/11 02:18:14 parsed 1 programs
[ 85.186511][ T4189] cgroup: Unknown subsys name 'net'
[ 85.332429][ T4189] cgroup: Unknown subsys name 'rlimit'
[ 86.898546][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 91.124658][ T4272] chnl_net:caif_netlink_parms(): no params data found
[ 91.174211][ T4272] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.184032][ T4272] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.193178][ T4272] device bridge_slave_0 entered promiscuous mode
[ 91.203131][ T4272] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.211399][ T4272] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.220807][ T4272] device bridge_slave_1 entered promiscuous mode
[ 91.244860][ T4272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 91.256769][ T4272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 91.284094][ T4272] team0: Port device team_slave_0 added
[ 91.292660][ T4272] team0: Port device team_slave_1 added
[ 91.314622][ T4272] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 91.322811][ T4272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.350543][ T4272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 91.365032][ T4272] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 91.372569][ T4272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.400085][ T4272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 91.455677][ T4272] device hsr_slave_0 entered promiscuous mode
[ 91.463117][ T4272] device hsr_slave_1 entered promiscuous mode
[ 91.621874][ T4272] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 91.638373][ T4272] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 91.649623][ T4272] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 91.683413][ T4272] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 91.765039][ T4272] 8021q: adding VLAN 0 to HW filter on device bond0
[ 91.800015][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 91.810546][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 91.823617][ T4272] 8021q: adding VLAN 0 to HW filter on device team0
[ 91.858600][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 91.868858][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 91.880834][ T140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.890024][ T140] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.902253][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 91.913645][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 91.923920][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 91.932974][ T140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.940810][ T140] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.951667][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 91.978505][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 91.992138][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 92.003636][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 92.012640][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 92.044946][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 92.056190][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 92.068615][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 92.078446][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 92.092756][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 92.102665][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 92.114255][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 92.260339][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 92.269617][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 92.286635][ T4272] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 92.311808][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 92.321391][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 92.343662][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 92.353445][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 92.364219][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 92.374460][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 92.386319][ T4272] device veth0_vlan entered promiscuous mode
[ 92.400809][ T4272] device veth1_vlan entered promiscuous mode
[ 92.424331][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 92.434892][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 92.445067][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 92.456661][ T4272] device veth0_macvtap entered promiscuous mode
[ 92.468103][ T4272] device veth1_macvtap entered promiscuous mode
[ 92.490326][ T4272] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 92.500100][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 92.509958][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 92.519084][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 92.532993][ T4272] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 92.541858][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 92.552572][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 92.567183][ T4272] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.576746][ T4272] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.586278][ T4272] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.596563][ T4272] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.712371][ T4272] syz-executor (4272) used greatest stack depth: 21024 bytes left
[ 92.828861][ T1225] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.855622][ T1225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.863793][ T140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.865331][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 92.897541][ T140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.916902][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/10/11 02:18:25 executed programs: 0
[ 93.943717][ T4300] chnl_net:caif_netlink_parms(): no params data found
[ 94.017264][ T4300] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.024863][ T4300] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.033768][ T4300] device bridge_slave_0 entered promiscuous mode
[ 94.051324][ T4300] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.061113][ T4300] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.075830][ T4300] device bridge_slave_1 entered promiscuous mode
[ 94.110168][ T4300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 94.128895][ T4300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 94.164167][ T154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.189802][ T4300] team0: Port device team_slave_0 added
[ 94.201646][ T4300] team0: Port device team_slave_1 added
[ 94.222759][ T4300] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 94.231166][ T4300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.259866][ T4300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 94.273562][ T4300] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 94.281316][ T4300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.309067][ T4300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 94.346284][ T4300] device hsr_slave_0 entered promiscuous mode
[ 94.353516][ T4300] device hsr_slave_1 entered promiscuous mode
[ 94.361504][ T4300] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 94.371147][ T4300] Cannot create hsr debugfs directory
[ 95.836861][ T4267] Bluetooth: hci0: command 0x0409 tx timeout
[ 96.913017][ T154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.380164][ T154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.424091][ T154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.926579][ T4273] Bluetooth: hci0: command 0x041b tx timeout
[ 98.008403][ T1108] cfg80211: failed to load regulatory.db
[ 98.337041][ T4300] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 98.348098][ T4300] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 98.358584][ T4300] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 98.368448][ T4300] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 98.460232][ T4300] 8021q: adding VLAN 0 to HW filter on device bond0
[ 98.473151][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 98.481469][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 98.492820][ T4300] 8021q: adding VLAN 0 to HW filter on device team0
[ 98.521697][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 98.531341][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 98.540462][ T140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.548114][ T140] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 98.557520][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 98.575648][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 98.586822][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 98.596480][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.604544][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 98.613172][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 98.650784][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 98.661265][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 98.671997][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 98.681207][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 98.690715][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 98.699866][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 98.709024][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 98.718536][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 98.738887][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 98.748018][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 98.759578][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 98.801382][ T154] device hsr_slave_0 left promiscuous mode
[ 98.808324][ T154] device hsr_slave_1 left promiscuous mode
[ 98.815321][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 98.823781][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 98.833782][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 98.841738][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 98.850806][ T154] device bridge_slave_1 left promiscuous mode
[ 98.860007][ T154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.878229][ T154] device bridge_slave_0 left promiscuous mode
[ 98.884996][ T154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.906304][ T154] device veth1_macvtap left promiscuous mode
[ 98.912839][ T154] device veth0_macvtap left promiscuous mode
[ 98.920279][ T154] device veth1_vlan left promiscuous mode
[ 98.927145][ T154] device veth0_vlan left promiscuous mode
[ 99.092609][ T154] team0 (unregistering): Port device team_slave_1 removed
[ 99.112381][ T154] team0 (unregistering): Port device team_slave_0 removed
[ 99.125197][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 99.141087][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 99.204515][ T154] bond0 (unregistering): Released all slaves
[ 99.323240][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 99.333343][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 99.343808][ T4300] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 99.370831][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 99.381546][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 99.401480][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 99.413101][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 99.424232][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 99.434226][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 99.447109][ T4300] device veth0_vlan entered promiscuous mode
[ 99.467612][ T4300] device veth1_vlan entered promiscuous mode
[ 99.487018][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 99.495319][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 99.514198][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 99.523465][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 99.535884][ T4300] device veth0_macvtap entered promiscuous mode
[ 99.549690][ T4300] device veth1_macvtap entered promiscuous mode
[ 99.569097][ T4300] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 99.578822][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 99.589231][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 99.598283][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 99.608074][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 99.624019][ T4300] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 99.636981][ T4300] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.647049][ T4300] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.656629][ T4300] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.666471][ T4300] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 99.677049][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 99.686165][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 99.762829][ T140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 99.788516][ T140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 99.797260][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 99.809116][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 99.818121][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 99.829615][ T1225] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/10/11 02:18:31 executed programs: 2
[ 99.960427][ T4352] ==================================================================
[ 99.968804][ T4352] BUG: KASAN: use-after-free in ax25_fillin_cb+0x459/0x640
[ 99.976047][ T4352] Read of size 4 at addr ffff8880299b0c38 by task syz.0.19/4352
[ 99.983791][ T4352]
[ 99.986240][ T4352] CPU: 1 PID: 4352 Comm: syz.0.19 Not tainted syzkaller #0
[ 99.993763][ T4352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 100.004131][ T4352] Call Trace:
[ 100.007446][ T4352]
[ 100.010490][ T4352] dump_stack_lvl+0x168/0x230
[ 100.015202][ T4352] ? show_regs_print_info+0x20/0x20
[ 100.020515][ T4352] ? _printk+0xcc/0x110
[ 100.024812][ T4352] ? ax25_fillin_cb+0x459/0x640
[ 100.030137][ T4352] ? load_image+0x3b0/0x3b0
[ 100.034797][ T4352] print_address_description+0x60/0x2d0
[ 100.035549][ T4267] Bluetooth: hci0: command 0x040f tx timeout
[ 100.040368][ T4352] ? ax25_fillin_cb+0x459/0x640
[ 100.052634][ T4352] kasan_report+0xdf/0x130
[ 100.057429][ T4352] ? ax25_fillin_cb+0x459/0x640
[ 100.062323][ T4352] ax25_fillin_cb+0x459/0x640
[ 100.067943][ T4352] ax25_setsockopt+0x8a2/0xa40
[ 100.073117][ T4352] ? ax25_shutdown+0x10/0x10
[ 100.078089][ T4352] ? aa_sock_opt_perm+0x74/0x100
[ 100.083315][ T4352] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 100.089008][ T4352] ? security_socket_setsockopt+0x7a/0xa0
[ 100.094752][ T4352] ? ax25_shutdown+0x10/0x10
[ 100.099474][ T4352] __sys_setsockopt+0x2bf/0x3d0
[ 100.104456][ T4352] __x64_sys_setsockopt+0xb1/0xc0
[ 100.109599][ T4352] do_syscall_64+0x4c/0xa0
[ 100.114137][ T4352] ? clear_bhb_loop+0x30/0x80
[ 100.118883][ T4352] ? clear_bhb_loop+0x30/0x80
[ 100.123885][ T4352] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.130109][ T4352] RIP: 0033:0x7f79621faec9
[ 100.134555][ T4352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 100.154937][ T4352] RSP: 002b:00007ffeb5d2e4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 100.163479][ T4352] RAX: ffffffffffffffda RBX: 00007f7962451fa0 RCX: 00007f79621faec9
[ 100.171564][ T4352] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000007
[ 100.179769][ T4352] RBP: 00007f796227df91 R08: 0000000000000010 R09: 0000000000000000
[ 100.188737][ T4352] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000
[ 100.198077][ T4352] R13: 00007f7962451fa0 R14: 00007f7962451fa0 R15: 0000000000000005
[ 100.206503][ T4352]
[ 100.209736][ T4352]
[ 100.212762][ T4352] Allocated by task 4350:
[ 100.217130][ T4352] __kasan_kmalloc+0xb5/0xf0
[ 100.222161][ T4352] ax25_dev_device_up+0x50/0x580
[ 100.227133][ T4352] ax25_device_event+0x483/0x4f0
[ 100.232285][ T4352] raw_notifier_call_chain+0xcb/0x160
[ 100.238847][ T4352] __dev_notify_flags+0x178/0x2d0
[ 100.243978][ T4352] dev_change_flags+0xe3/0x1a0
[ 100.248762][ T4352] dev_ifsioc+0x147/0xe70
[ 100.253203][ T4352] dev_ioctl+0x55f/0xe50
[ 100.257472][ T4352] sock_do_ioctl+0x222/0x2f0
[ 100.262171][ T4352] sock_ioctl+0x4ed/0x6e0
[ 100.267615][ T4352] __se_sys_ioctl+0xfa/0x170
[ 100.272252][ T4352] do_syscall_64+0x4c/0xa0
[ 100.276691][ T4352] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.282865][ T4352]
[ 100.285309][ T4352] Freed by task 4351:
[ 100.289311][ T4352] kasan_set_track+0x4b/0x70
[ 100.294065][ T4352] kasan_set_free_info+0x1f/0x40
[ 100.299068][ T4352] ____kasan_slab_free+0xd5/0x110
[ 100.304918][ T4352] slab_free_freelist_hook+0xea/0x170
[ 100.312513][ T4352] kfree+0xef/0x2a0
[ 100.316994][ T4352] ax25_release+0x661/0x870
[ 100.321702][ T4352] sock_close+0xd5/0x240
[ 100.326196][ T4352] __fput+0x234/0x930
[ 100.330405][ T4352] task_work_run+0x125/0x1a0
[ 100.335283][ T4352] exit_to_user_mode_loop+0x10f/0x130
[ 100.340775][ T4352] exit_to_user_mode_prepare+0xee/0x180
[ 100.346702][ T4352] syscall_exit_to_user_mode+0x16/0x40
[ 100.352187][ T4352] do_syscall_64+0x58/0xa0
[ 100.356729][ T4352] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.362849][ T4352]
[ 100.365279][ T4352] The buggy address belongs to the object at ffff8880299b0c00
[ 100.365279][ T4352] which belongs to the cache kmalloc-192 of size 192
[ 100.379612][ T4352] The buggy address is located 56 bytes inside of
[ 100.379612][ T4352] 192-byte region [ffff8880299b0c00, ffff8880299b0cc0)
[ 100.395770][ T4352] The buggy address belongs to the page:
[ 100.401519][ T4352] page:ffffea0000a66c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x299b0
[ 100.412140][ T4352] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 100.422678][ T4352] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888016841a00
[ 100.432269][ T4352] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 100.443999][ T4352] page dumped because: kasan: bad access detected
[ 100.450553][ T4352] page_owner tracks the page as allocated
[ 100.457056][ T4352] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 4300, ts 99864022868, free_ts 99863778674
[ 100.473761][ T4352] get_page_from_freelist+0x1b77/0x1c60
[ 100.479668][ T4352] __alloc_pages+0x1e1/0x470
[ 100.484532][ T4352] new_slab+0xb6/0x4b0
[ 100.489015][ T4352] ___slab_alloc+0x81e/0xdf0
[ 100.494171][ T4352] __kmalloc_node+0x200/0x3b0
[ 100.498995][ T4352] memcg_alloc_page_obj_cgroups+0x81/0x120
[ 100.505418][ T4352] new_slab+0x100/0x4b0
[ 100.510047][ T4352] ___slab_alloc+0x81e/0xdf0
[ 100.514660][ T4352] kmem_cache_alloc+0x195/0x290
[ 100.519642][ T4352] __d_alloc+0x2a/0x6f0
[ 100.523975][ T4352] d_alloc_pseudo+0x19/0x70
[ 100.528676][ T4352] alloc_file_pseudo+0xc8/0x1f0
[ 100.534788][ T4352] sock_alloc_file+0xb3/0x240
[ 100.539839][ T4352] __sys_socket+0x11d/0x170
[ 100.544821][ T4352] __x64_sys_socket+0x76/0x80
[ 100.549802][ T4352] do_syscall_64+0x4c/0xa0
[ 100.555222][ T4352] page last free stack trace:
[ 100.560383][ T4352] free_unref_page_prepare+0x637/0x6c0
[ 100.566056][ T4352] free_unref_page+0x94/0x280
[ 100.570896][ T4352] __vunmap+0x8ab/0xa40
[ 100.575898][ T4352] do_ipt_get_ctl+0xe07/0x1070
[ 100.580959][ T4352] nf_getsockopt+0x25e/0x280
[ 100.585989][ T4352] ip_getsockopt+0x115a/0x1590
[ 100.590996][ T4352] tcp_getsockopt+0x1e3/0x2390
[ 100.596565][ T4352] __sys_getsockopt+0x1b0/0x230
[ 100.601939][ T4352] __x64_sys_getsockopt+0xb1/0xc0
[ 100.607296][ T4352] do_syscall_64+0x4c/0xa0
[ 100.611934][ T4352] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.618360][ T4352]
[ 100.620929][ T4352] Memory state around the buggy address:
[ 100.626659][ T4352] ffff8880299b0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 100.635214][ T4352] ffff8880299b0b80: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 100.644202][ T4352] >ffff8880299b0c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 100.652947][ T4352] ^
[ 100.658953][ T4352] ffff8880299b0c80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 100.667128][ T4352] ffff8880299b0d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 100.675588][ T4352] ==================================================================
[ 100.684406][ T4352] Disabling lock debugging due to kernel taint
[ 100.698124][ T4352] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 100.705702][ T4352] CPU: 1 PID: 4352 Comm: syz.0.19 Tainted: G B syzkaller #0
[ 100.714498][ T4352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 100.725361][ T4352] Call Trace:
[ 100.728827][ T4352]
[ 100.731880][ T4352] dump_stack_lvl+0x168/0x230
[ 100.736846][ T4352] ? show_regs_print_info+0x20/0x20
[ 100.742078][ T4352] ? load_image+0x3b0/0x3b0
[ 100.746799][ T4352] panic+0x2c9/0x7f0
[ 100.751106][ T4352] ? bpf_jit_dump+0xd0/0xd0
[ 100.755644][ T4352] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 100.761966][ T4352] ? _raw_spin_unlock+0x40/0x40
[ 100.766846][ T4352] ? print_memory_metadata+0x314/0x400
[ 100.772644][ T4352] ? ax25_fillin_cb+0x459/0x640
[ 100.777796][ T4352] check_panic_on_warn+0x80/0xa0
[ 100.783351][ T4352] ? ax25_fillin_cb+0x459/0x640
[ 100.788976][ T4352] end_report+0x6d/0xf0
[ 100.793349][ T4352] kasan_report+0x102/0x130
[ 100.798180][ T4352] ? ax25_fillin_cb+0x459/0x640
[ 100.803649][ T4352] ax25_fillin_cb+0x459/0x640
[ 100.808560][ T4352] ax25_setsockopt+0x8a2/0xa40
[ 100.814063][ T4352] ? ax25_shutdown+0x10/0x10
[ 100.818994][ T4352] ? aa_sock_opt_perm+0x74/0x100
[ 100.824303][ T4352] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 100.830295][ T4352] ? security_socket_setsockopt+0x7a/0xa0
[ 100.836038][ T4352] ? ax25_shutdown+0x10/0x10
[ 100.840641][ T4352] __sys_setsockopt+0x2bf/0x3d0
[ 100.845703][ T4352] __x64_sys_setsockopt+0xb1/0xc0
[ 100.850847][ T4352] do_syscall_64+0x4c/0xa0
[ 100.855269][ T4352] ? clear_bhb_loop+0x30/0x80
[ 100.860130][ T4352] ? clear_bhb_loop+0x30/0x80
[ 100.864895][ T4352] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.871221][ T4352] RIP: 0033:0x7f79621faec9
[ 100.875811][ T4352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 100.896153][ T4352] RSP: 002b:00007ffeb5d2e4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 100.905317][ T4352] RAX: ffffffffffffffda RBX: 00007f7962451fa0 RCX: 00007f79621faec9
[ 100.913943][ T4352] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000007
[ 100.922293][ T4352] RBP: 00007f796227df91 R08: 0000000000000010 R09: 0000000000000000
[ 100.931081][ T4352] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000
[ 100.940188][ T4352] R13: 00007f7962451fa0 R14: 00007f7962451fa0 R15: 0000000000000005
[ 100.948475][ T4352]
[ 100.952011][ T4352] Kernel Offset: disabled
[ 100.956976][ T4352] Rebooting in 86400 seconds..