Warning: Permanently added '10.128.1.82' (ED25519) to the list of known hosts.
2025/12/01 11:27:41 parsed 1 programs
[ 61.501079][ T4188] cgroup: Unknown subsys name 'net'
[ 61.633220][ T4188] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 63.072784][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 65.056753][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 65.067526][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 65.079301][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 65.097309][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 65.106141][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 65.116601][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 65.570930][ T4226] chnl_net:caif_netlink_parms(): no params data found
[ 65.643318][ T4226] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.651149][ T4226] bridge0: port 1(bridge_slave_0) entered disabled state
[ 65.661014][ T4226] device bridge_slave_0 entered promiscuous mode
[ 65.671758][ T4226] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.680781][ T4226] bridge0: port 2(bridge_slave_1) entered disabled state
[ 65.689137][ T4226] device bridge_slave_1 entered promiscuous mode
[ 65.722420][ T4226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 65.734172][ T4226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 65.769322][ T4226] team0: Port device team_slave_0 added
[ 65.779294][ T4226] team0: Port device team_slave_1 added
[ 65.806324][ T4226] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 65.813411][ T4226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 65.839490][ T4226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 65.852652][ T4226] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 65.859706][ T4226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 65.888308][ T4226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 65.931226][ T4226] device hsr_slave_0 entered promiscuous mode
[ 65.938462][ T4226] device hsr_slave_1 entered promiscuous mode
[ 66.083557][ T4226] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 66.097245][ T4226] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 66.108119][ T4226] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 66.118700][ T4226] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 66.205375][ T4226] 8021q: adding VLAN 0 to HW filter on device bond0
[ 66.223202][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 66.234271][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 66.246126][ T4226] 8021q: adding VLAN 0 to HW filter on device team0
[ 66.258829][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 66.268252][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 66.277469][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 66.284781][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 66.293971][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 66.314279][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 66.323193][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 66.332211][ T4216] bridge0: port 2(bridge_slave_1) entered blocking state
[ 66.339674][ T4216] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 66.348805][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 66.368670][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 66.379010][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 66.389410][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 66.400168][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 66.411117][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 66.431003][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 66.439160][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 66.449892][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 66.459664][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 66.468538][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 66.479237][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 66.582711][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 66.593948][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 66.621455][ T4226] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 66.652660][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 66.663074][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 66.696140][ T4226] device veth0_vlan entered promiscuous mode
[ 66.711384][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 66.720512][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 66.735031][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 66.743597][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 66.758785][ T4226] device veth1_vlan entered promiscuous mode
[ 66.777005][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 66.785407][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 66.795277][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 66.804048][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 66.815316][ T4226] device veth0_macvtap entered promiscuous mode
[ 66.826162][ T4226] device veth1_macvtap entered promiscuous mode
[ 66.841923][ T4226] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 66.850981][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 66.860381][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 66.868943][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 66.879025][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 66.891224][ T4226] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 66.898987][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 66.908236][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 66.919325][ T4226] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 66.930418][ T4226] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 66.939442][ T4226] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 66.948562][ T4226] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 67.054762][ T4226] syz-executor (4226) used greatest stack depth: 20864 bytes left
2025/12/01 11:27:50 executed programs: 0
[ 69.072792][ T4293] chnl_net:caif_netlink_parms(): no params data found
[ 69.135169][ T4293] bridge0: port 1(bridge_slave_0) entered blocking state
[ 69.142439][ T4293] bridge0: port 1(bridge_slave_0) entered disabled state
[ 69.151121][ T4293] device bridge_slave_0 entered promiscuous mode
[ 69.160152][ T4293] bridge0: port 2(bridge_slave_1) entered blocking state
[ 69.167740][ T4293] bridge0: port 2(bridge_slave_1) entered disabled state
[ 69.176254][ T4293] device bridge_slave_1 entered promiscuous mode
[ 69.204488][ T4293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 69.217550][ T4293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 69.247782][ T4293] team0: Port device team_slave_0 added
[ 69.255747][ T4293] team0: Port device team_slave_1 added
[ 69.281728][ T4293] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 69.289173][ T4293] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 69.318660][ T4293] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 69.331681][ T4293] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 69.341378][ T4293] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 69.367933][ T4293] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 69.401576][ T4293] device hsr_slave_0 entered promiscuous mode
[ 69.409016][ T4293] device hsr_slave_1 entered promiscuous mode
[ 69.416120][ T4293] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 69.424036][ T4293] Cannot create hsr debugfs directory
[ 69.513359][ T4293] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.957697][ T4308] Bluetooth: hci0: command 0x0409 tx timeout
[ 71.519652][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.526055][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.923831][ T4293] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 71.973628][ T4293] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 72.023384][ T4293] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 72.130161][ T4293] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 72.154423][ T4293] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 72.165058][ T4293] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 72.174725][ T4293] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 72.232230][ T4293] 8021q: adding VLAN 0 to HW filter on device bond0
[ 72.261855][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 72.270577][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 72.281978][ T4293] 8021q: adding VLAN 0 to HW filter on device team0
[ 72.292927][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 72.301907][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 72.311052][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.318306][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 72.351133][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 72.359144][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 72.369304][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 72.378681][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.385965][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 72.393884][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 72.404984][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 72.435454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 72.445455][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 72.454302][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 72.464867][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 72.475438][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 72.505253][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 72.514581][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 72.525470][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 72.534414][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 72.547872][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 72.617524][ T590] device hsr_slave_0 left promiscuous mode
[ 72.624378][ T590] device hsr_slave_1 left promiscuous mode
[ 72.635259][ T590] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 72.643242][ T590] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 72.653422][ T590] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 72.661443][ T590] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 72.669880][ T590] device bridge_slave_1 left promiscuous mode
[ 72.677034][ T590] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.691813][ T590] device bridge_slave_0 left promiscuous mode
[ 72.698858][ T590] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.714226][ T590] device veth1_macvtap left promiscuous mode
[ 72.720953][ T590] device veth0_macvtap left promiscuous mode
[ 72.727989][ T590] device veth1_vlan left promiscuous mode
[ 72.734262][ T590] device veth0_vlan left promiscuous mode
[ 72.886668][ T590] team0 (unregistering): Port device team_slave_1 removed
[ 72.900604][ T590] team0 (unregistering): Port device team_slave_0 removed
[ 72.912740][ T590] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 72.925542][ T590] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 72.980364][ T590] bond0 (unregistering): Released all slaves
[ 73.037340][ T4306] Bluetooth: hci0: command 0x041b tx timeout
[ 73.053061][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 73.061070][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 73.078457][ T4293] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 73.095210][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 73.104257][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 73.126636][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 73.135259][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 73.147787][ T4293] device veth0_vlan entered promiscuous mode
[ 73.155335][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 73.166627][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 73.179232][ T4293] device veth1_vlan entered promiscuous mode
[ 73.195979][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 73.205279][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 73.213677][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 73.222303][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 73.234379][ T4293] device veth0_macvtap entered promiscuous mode
[ 73.250919][ T4293] device veth1_macvtap entered promiscuous mode
[ 73.265699][ T4293] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 73.274485][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 73.283012][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 73.291573][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 73.300682][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 73.314208][ T4293] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 73.323251][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 73.332220][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 73.344111][ T4293] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.353458][ T4293] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.363317][ T4293] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.372282][ T4293] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.438515][ T4216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.446857][ T4216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.459922][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.471855][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 73.473842][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.488494][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 73.551158][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[ 73.626229][ T4326] ==================================================================
[ 73.634515][ T4326] BUG: KASAN: use-after-free in ax25_fillin_cb+0x459/0x640
[ 73.641740][ T4326] Read of size 4 at addr ffff88802bf86538 by task syz.0.19/4326
[ 73.649388][ T4326]
[ 73.651737][ T4326] CPU: 0 PID: 4326 Comm: syz.0.19 Not tainted syzkaller #0
[ 73.658955][ T4326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 73.669041][ T4326] Call Trace:
[ 73.672433][ T4326]
[ 73.675418][ T4326] dump_stack_lvl+0x168/0x230
[ 73.680128][ T4326] ? show_regs_print_info+0x20/0x20
[ 73.685342][ T4326] ? _printk+0xcc/0x110
[ 73.689522][ T4326] ? ax25_fillin_cb+0x459/0x640
[ 73.694509][ T4326] ? load_image+0x3b0/0x3b0
[ 73.699043][ T4326] print_address_description+0x60/0x2d0
[ 73.704703][ T4326] ? ax25_fillin_cb+0x459/0x640
[ 73.709754][ T4326] kasan_report+0xdf/0x130
[ 73.714282][ T4326] ? ax25_fillin_cb+0x459/0x640
[ 73.719240][ T4326] ax25_fillin_cb+0x459/0x640
[ 73.723936][ T4326] ax25_setsockopt+0x8a2/0xa40
[ 73.728839][ T4326] ? ax25_shutdown+0x10/0x10
[ 73.733504][ T4326] ? aa_sock_opt_perm+0x74/0x100
[ 73.738616][ T4326] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 73.744200][ T4326] ? security_socket_setsockopt+0x7a/0xa0
[ 73.749935][ T4326] ? ax25_shutdown+0x10/0x10
[ 73.754553][ T4326] __sys_setsockopt+0x2bf/0x3d0
[ 73.759464][ T4326] __x64_sys_setsockopt+0xb1/0xc0
[ 73.764624][ T4326] do_syscall_64+0x4c/0xa0
[ 73.769068][ T4326] ? clear_bhb_loop+0x30/0x80
[ 73.773769][ T4326] ? clear_bhb_loop+0x30/0x80
[ 73.778470][ T4326] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 73.784386][ T4326] RIP: 0033:0x7f7e01ff0749
[ 73.788930][ T4326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 73.808721][ T4326] RSP: 002b:00007fffb5a08568 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 73.817185][ T4326] RAX: ffffffffffffffda RBX: 00007f7e02246fa0 RCX: 00007f7e01ff0749
[ 73.825303][ T4326] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000006
[ 73.833380][ T4326] RBP: 00007f7e02074f91 R08: 0000000000000010 R09: 0000000000000000
[ 73.841576][ T4326] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[ 73.849649][ T4326] R13: 00007f7e02246fa0 R14: 00007f7e02246fa0 R15: 0000000000000005
[ 73.857742][ T4326]
[ 73.860853][ T4326]
[ 73.863185][ T4326] Allocated by task 4324:
[ 73.867519][ T4326] __kasan_kmalloc+0xb5/0xf0
[ 73.872395][ T4326] ax25_dev_device_up+0x50/0x580
[ 73.877380][ T4326] ax25_device_event+0x483/0x4f0
[ 73.882432][ T4326] raw_notifier_call_chain+0xcb/0x160
[ 73.887831][ T4326] __dev_notify_flags+0x178/0x2d0
[ 73.892968][ T4326] dev_change_flags+0xe3/0x1a0
[ 73.897753][ T4326] dev_ifsioc+0x147/0xe70
[ 73.902098][ T4326] dev_ioctl+0x55f/0xe50
[ 73.906523][ T4326] sock_do_ioctl+0x222/0x2f0
[ 73.911128][ T4326] sock_ioctl+0x4ed/0x6e0
[ 73.915671][ T4326] __se_sys_ioctl+0xfa/0x170
[ 73.920275][ T4326] do_syscall_64+0x4c/0xa0
[ 73.924794][ T4326] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 73.930796][ T4326]
[ 73.933134][ T4326] Freed by task 4325:
[ 73.937123][ T4326] kasan_set_track+0x4b/0x70
[ 73.941733][ T4326] kasan_set_free_info+0x1f/0x40
[ 73.946856][ T4326] ____kasan_slab_free+0xd5/0x110
[ 73.951900][ T4326] slab_free_freelist_hook+0xea/0x170
[ 73.957295][ T4326] kfree+0xef/0x2a0
[ 73.961297][ T4326] ax25_release+0x661/0x870
[ 73.965811][ T4326] sock_close+0xd5/0x240
[ 73.970156][ T4326] __fput+0x234/0x930
[ 73.974163][ T4326] task_work_run+0x125/0x1a0
[ 73.978776][ T4326] exit_to_user_mode_loop+0x10f/0x130
[ 73.984349][ T4326] exit_to_user_mode_prepare+0xee/0x180
[ 73.989919][ T4326] syscall_exit_to_user_mode+0x16/0x40
[ 73.995484][ T4326] do_syscall_64+0x58/0xa0
[ 73.999922][ T4326] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 74.005860][ T4326]
[ 74.008711][ T4326] Last potentially related work creation:
[ 74.014655][ T4326] kasan_save_stack+0x35/0x60
[ 74.019360][ T4326] kasan_record_aux_stack+0xb8/0x100
[ 74.024929][ T4326] insert_work+0x54/0x3d0
[ 74.029285][ T4326] __queue_work+0x9c5/0xd50
[ 74.033894][ T4326] queue_work_on+0x11d/0x1d0
[ 74.038632][ T4326] inetaddr_event+0xe0/0x140
[ 74.043329][ T4326] blocking_notifier_call_chain+0x103/0x1b0
[ 74.049339][ T4326] __inet_insert_ifa+0x9e9/0xbc0
[ 74.054386][ T4326] inet_rtm_newaddr+0x940/0x1800
[ 74.059343][ T4326] rtnetlink_rcv_msg+0x7ff/0xe90
[ 74.064340][ T4326] netlink_rcv_skb+0x1e0/0x430
[ 74.069114][ T4326] netlink_unicast+0x774/0x920
[ 74.073895][ T4326] netlink_sendmsg+0x8ab/0xbc0
[ 74.078676][ T4326] ____sys_sendmsg+0x5a2/0x8c0
[ 74.083498][ T4326] ___sys_sendmsg+0x1f0/0x260
[ 74.088190][ T4326] __se_sys_sendmsg+0x190/0x250
[ 74.093058][ T4326] do_syscall_64+0x4c/0xa0
[ 74.097584][ T4326] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 74.103529][ T4326]
[ 74.105879][ T4326] Second to last potentially related work creation:
[ 74.112480][ T4326] kasan_save_stack+0x35/0x60
[ 74.117277][ T4326] kasan_record_aux_stack+0xb8/0x100
[ 74.122838][ T4326] insert_work+0x54/0x3d0
[ 74.127356][ T4326] __queue_work+0x9c5/0xd50
[ 74.132271][ T4326] queue_work_on+0x11d/0x1d0
[ 74.137399][ T4326] call_usermodehelper_exec+0x26b/0x460
[ 74.142974][ T4326] kobject_uevent_env+0x681/0x890
[ 74.148267][ T4326] netdev_queue_update_kobjects+0x1d7/0x3e0
[ 74.155508][ T4326] netdev_register_kobject+0x265/0x310
[ 74.162255][ T4326] register_netdevice+0x1019/0x16b0
[ 74.167489][ T4326] register_netdev+0x37/0x50
[ 74.172146][ T4326] rose_proto_init+0x180/0x730
[ 74.176928][ T4326] do_one_initcall+0x1ee/0x680
[ 74.181897][ T4326] do_initcall_level+0x137/0x1f0
[ 74.187135][ T4326] do_initcalls+0x4b/0x90
[ 74.191486][ T4326] kernel_init_freeable+0x3ce/0x560
[ 74.196700][ T4326] kernel_init+0x19/0x1b0
[ 74.201139][ T4326] ret_from_fork+0x1f/0x30
[ 74.205570][ T4326]
[ 74.207909][ T4326] The buggy address belongs to the object at ffff88802bf86500
[ 74.207909][ T4326] which belongs to the cache kmalloc-192 of size 192
[ 74.222408][ T4326] The buggy address is located 56 bytes inside of
[ 74.222408][ T4326] 192-byte region [ffff88802bf86500, ffff88802bf865c0)
[ 74.236858][ T4326] The buggy address belongs to the page:
[ 74.242978][ T4326] page:ffffea0000afe180 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2bf86
[ 74.253529][ T4326] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 74.261279][ T4326] raw: 00fff00000000200 0000000000000000 0000000100000001 ffff888016841a00
[ 74.269886][ T4326] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 74.278567][ T4326] page dumped because: kasan: bad access detected
[ 74.285179][ T4326] page_owner tracks the page as allocated
[ 74.291226][ T4326] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 15841674867, free_ts 15838092816
[ 74.307228][ T4326] get_page_from_freelist+0x1b77/0x1c60
[ 74.312803][ T4326] __alloc_pages+0x1e1/0x470
[ 74.317418][ T4326] alloc_page_interleave+0x24/0x1e0
[ 74.322663][ T4326] new_slab+0xc0/0x4b0
[ 74.326758][ T4326] ___slab_alloc+0x81e/0xdf0
[ 74.331366][ T4326] kmem_cache_alloc_trace+0x1a5/0x2a0
[ 74.337110][ T4326] call_usermodehelper_setup+0x8a/0x260
[ 74.342767][ T4326] kobject_uevent_env+0x65e/0x890
[ 74.347817][ T4326] netdev_queue_update_kobjects+0x1d7/0x3e0
[ 74.353841][ T4326] netdev_register_kobject+0x265/0x310
[ 74.359411][ T4326] register_netdevice+0x1019/0x16b0
[ 74.364633][ T4326] register_netdev+0x37/0x50
[ 74.369412][ T4326] rose_proto_init+0x180/0x730
[ 74.374210][ T4326] do_one_initcall+0x1ee/0x680
[ 74.379197][ T4326] do_initcall_level+0x137/0x1f0
[ 74.384244][ T4326] do_initcalls+0x4b/0x90
[ 74.388614][ T4326] page last free stack trace:
[ 74.393293][ T4326] free_unref_page_prepare+0x637/0x6c0
[ 74.398766][ T4326] free_unref_page+0x94/0x280
[ 74.403520][ T4326] __vunmap+0x8ab/0xa40
[ 74.407694][ T4326] free_work+0x56/0x80
[ 74.411780][ T4326] process_one_work+0x863/0x1000
[ 74.416730][ T4326] worker_thread+0xaa8/0x12a0
[ 74.421508][ T4326] kthread+0x436/0x520
[ 74.425589][ T4326] ret_from_fork+0x1f/0x30
[ 74.430031][ T4326]
[ 74.432387][ T4326] Memory state around the buggy address:
[ 74.438036][ T4326] ffff88802bf86400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 74.446298][ T4326] ffff88802bf86480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 74.454374][ T4326] >ffff88802bf86500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 74.462443][ T4326] ^
[ 74.468344][ T4326] ffff88802bf86580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 74.476588][ T4326] ffff88802bf86600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 74.484660][ T4326] ==================================================================
[ 74.492734][ T4326] Disabling lock debugging due to kernel taint
[ 74.503602][ T4326] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 74.511085][ T4326] CPU: 0 PID: 4326 Comm: syz.0.19 Tainted: G B syzkaller #0
[ 74.519670][ T4326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 74.529718][ T4326] Call Trace:
[ 74.533074][ T4326]
[ 74.536002][ T4326] dump_stack_lvl+0x168/0x230
[ 74.540683][ T4326] ? show_regs_print_info+0x20/0x20
[ 74.545874][ T4326] ? load_image+0x3b0/0x3b0
[ 74.550371][ T4326] panic+0x2c9/0x7f0
[ 74.554255][ T4326] ? bpf_jit_dump+0xd0/0xd0
[ 74.558751][ T4326] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 74.564674][ T4326] ? _raw_spin_unlock+0x40/0x40
[ 74.569528][ T4326] ? print_memory_metadata+0x314/0x400
[ 74.575090][ T4326] ? ax25_fillin_cb+0x459/0x640
[ 74.579960][ T4326] check_panic_on_warn+0x80/0xa0
[ 74.584916][ T4326] ? ax25_fillin_cb+0x459/0x640
[ 74.590005][ T4326] end_report+0x6d/0xf0
[ 74.594186][ T4326] kasan_report+0x102/0x130
[ 74.598768][ T4326] ? ax25_fillin_cb+0x459/0x640
[ 74.603613][ T4326] ax25_fillin_cb+0x459/0x640
[ 74.608281][ T4326] ax25_setsockopt+0x8a2/0xa40
[ 74.613047][ T4326] ? ax25_shutdown+0x10/0x10
[ 74.617633][ T4326] ? aa_sock_opt_perm+0x74/0x100
[ 74.622746][ T4326] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 74.628479][ T4326] ? security_socket_setsockopt+0x7a/0xa0
[ 74.634205][ T4326] ? ax25_shutdown+0x10/0x10
[ 74.638802][ T4326] __sys_setsockopt+0x2bf/0x3d0
[ 74.643643][ T4326] __x64_sys_setsockopt+0xb1/0xc0
[ 74.648658][ T4326] do_syscall_64+0x4c/0xa0
[ 74.653073][ T4326] ? clear_bhb_loop+0x30/0x80
[ 74.657735][ T4326] ? clear_bhb_loop+0x30/0x80
[ 74.662414][ T4326] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 74.668297][ T4326] RIP: 0033:0x7f7e01ff0749
[ 74.672706][ T4326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 74.692348][ T4326] RSP: 002b:00007fffb5a08568 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 74.700753][ T4326] RAX: ffffffffffffffda RBX: 00007f7e02246fa0 RCX: 00007f7e01ff0749
[ 74.708719][ T4326] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000006
[ 74.716683][ T4326] RBP: 00007f7e02074f91 R08: 0000000000000010 R09: 0000000000000000
[ 74.724663][ T4326] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[ 74.732630][ T4326] R13: 00007f7e02246fa0 R14: 00007f7e02246fa0 R15: 0000000000000005
[ 74.740767][ T4326]
[ 74.743997][ T4326] Kernel Offset: disabled
[ 74.748321][ T4326] Rebooting in 86400 seconds..