Warning: Permanently added '10.128.1.143' (ED25519) to the list of known hosts.
1970/01/01 00:00:43 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:44 parsed 1 programs
[   47.002597][ T4031] cgroup: Unknown subsys name 'net'
[   47.265746][ T4031] cgroup: Unknown subsys name 'rlimit'
[   47.609255][ T4031] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   54.903712][ T4043] chnl_net:caif_netlink_parms(): no params data found
[   54.944645][ T4043] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.946762][ T4043] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.949773][ T4043] device bridge_slave_0 entered promiscuous mode
[   54.954553][ T4043] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.956678][ T4043] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.959480][ T4043] device bridge_slave_1 entered promiscuous mode
[   54.975868][ T4043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.981369][ T4043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.997244][ T4043] team0: Port device team_slave_0 added
[   55.000608][ T4043] team0: Port device team_slave_1 added
[   55.015290][ T4043] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.017537][ T4043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.024997][ T4043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.029960][ T4043] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.031934][ T4043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.039432][ T4043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.131262][ T4043] device hsr_slave_0 entered promiscuous mode
[   55.169123][ T4043] device hsr_slave_1 entered promiscuous mode
[   55.309533][ T4043] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.362656][ T4043] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   55.400987][ T4043] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   55.452108][ T4043] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.529514][ T4043] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.531806][ T4043] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.534269][ T4043] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.536229][ T4043] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.580184][ T4043] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.587998][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.593673][  T136] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.597237][  T136] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.600609][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   55.608011][ T4043] 8021q: adding VLAN 0 to HW filter on device team0
[   55.614540][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.617486][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.619525][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.627898][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.631141][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.633042][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.646397][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   55.649396][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   55.655601][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   55.663123][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.670322][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.675225][ T4043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   55.757613][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   55.759950][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   55.766683][ T4043] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.782500][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   55.795812][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   55.799681][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   55.802364][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   55.807099][ T4043] device veth0_vlan entered promiscuous mode
[   55.814944][ T4043] device veth1_vlan entered promiscuous mode
[   55.831941][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   55.834700][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   55.837934][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   55.844224][ T4043] device veth0_macvtap entered promiscuous mode
[   55.849389][ T4043] device veth1_macvtap entered promiscuous mode
[   55.862596][ T4043] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.865153][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   55.869365][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   55.875685][ T4043] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.877761][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   55.881758][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   55.886718][ T4043] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.890192][ T4043] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.892491][ T4043] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.894707][ T4043] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.290160][  T576] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.776304][  T576] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.015965][  T576] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.079534][  T576] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.564806][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.567149][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.572348][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   61.593309][  T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.595717][  T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.598968][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   62.461266][  T576] device hsr_slave_0 left promiscuous mode
[   62.499700][  T576] device hsr_slave_1 left promiscuous mode
[   62.599053][  T576] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.601272][  T576] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.604252][  T576] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.606387][  T576] batman_adv: batadv0: Removing interface: batadv_slave_1
[   62.609664][  T576] device bridge_slave_1 left promiscuous mode
[   62.612040][  T576] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.672110][  T576] device bridge_slave_0 left promiscuous mode
[   62.674135][  T576] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.809325][  T576] device veth1_macvtap left promiscuous mode
[   62.811266][  T576] device veth0_macvtap left promiscuous mode
[   62.813000][  T576] device veth1_vlan left promiscuous mode
[   62.814766][  T576] device veth0_vlan left promiscuous mode
[   63.030211][  T576] team0 (unregistering): Port device team_slave_1 removed
[   63.042924][  T576] team0 (unregistering): Port device team_slave_0 removed
[   63.052331][  T576] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   63.096406][  T576] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   63.230378][  T576] bond0 (unregistering): Released all slaves
1970/01/01 00:01:03 executed programs: 0
[   63.992809][ T4189] chnl_net:caif_netlink_parms(): no params data found
[   64.040748][ T4189] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.042742][ T4189] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.046317][ T4189] device bridge_slave_0 entered promiscuous mode
[   64.050282][ T4189] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.052323][ T4189] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.055192][ T4189] device bridge_slave_1 entered promiscuous mode
[   64.073689][ T4189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.078531][ T4189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.106086][ T4189] team0: Port device team_slave_0 added
[   64.113820][ T4189] team0: Port device team_slave_1 added
[   64.130666][ T4189] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.132677][ T4189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.140112][ T4189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.144708][ T4189] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.146640][ T4189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.154332][ T4189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.271114][ T4189] device hsr_slave_0 entered promiscuous mode
[   64.279977][ T4189] device hsr_slave_1 entered promiscuous mode
[   65.146361][ T4189] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.182326][ T4189] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.241011][ T4189] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.282568][ T4189] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.414930][ T4189] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.430596][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.433223][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.437867][ T4189] 8021q: adding VLAN 0 to HW filter on device team0
[   65.444334][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.447259][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.452581][  T369] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.454564][  T369] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.457642][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.469500][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.472467][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.475299][  T148] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.477250][  T148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.480527][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.483709][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.502656][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.506423][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.511914][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.521531][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.524724][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.542553][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.545529][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.556819][ T4189] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.569528][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.572538][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.575461][  T369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.687692][  T576] ODEBUG: Out of memory. ODEBUG disabled
[   65.703419][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   65.705661][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   65.711779][ T4189] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.724383][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   65.727236][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   65.747801][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   65.750850][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   65.757640][ T4189] device veth0_vlan entered promiscuous mode
[   65.770389][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   65.772905][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   65.778549][ T4189] device veth1_vlan entered promiscuous mode
[   65.802148][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   65.804813][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   65.807497][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   65.824381][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   65.828679][ T4189] device veth0_macvtap entered promiscuous mode
[   65.834063][ T4189] device veth1_macvtap entered promiscuous mode
[   65.853304][ T4189] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.855578][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   65.858361][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   65.862423][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   65.867946][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   65.873281][ T4189] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.875511][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   65.878382][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   65.884305][ T4189] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.886749][ T4189] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.889644][ T4189] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.892049][ T4189] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.956931][    T7] Bluetooth: hci0: command 0x0409 tx timeout
[   66.094243][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.096568][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.107204][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.115812][  T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.118009][  T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.122718][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   66.152345][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[   66.186323][ T4326] ==================================================================
[   66.188726][ T4326] BUG: KASAN: use-after-free in ax25_fillin_cb+0x394/0x568
[   66.190765][ T4326] Read of size 4 at addr ffff0000d1ddf638 by task syz.0.18/4326
[   66.192883][ T4326] 
[   66.193494][ T4326] CPU: 1 PID: 4326 Comm: syz.0.18 Not tainted 5.15.186-syzkaller #0
[   66.195632][ T4326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   66.198504][ T4326] Call trace:
[   66.199374][ T4326]  dump_backtrace+0x0/0x43c
[   66.200625][ T4326]  show_stack+0x2c/0x3c
[   66.201708][ T4326]  __dump_stack+0x30/0x40
[   66.202946][ T4326]  dump_stack_lvl+0xf8/0x160
[   66.204211][ T4326]  print_address_description+0x78/0x30c
[   66.205759][ T4326]  kasan_report+0xec/0x15c
[   66.206956][ T4326]  __asan_report_load4_noabort+0x44/0x50
[   66.208511][ T4326]  ax25_fillin_cb+0x394/0x568
[   66.209753][ T4326]  ax25_setsockopt+0x8d0/0xa5c
[   66.211114][ T4326]  __sys_setsockopt+0x2f8/0x4b0
[   66.212402][ T4326]  __arm64_sys_setsockopt+0xb8/0xd4
[   66.213794][ T4326]  invoke_syscall+0x98/0x2b8
[   66.215033][ T4326]  el0_svc_common+0x138/0x258
[   66.216309][ T4326]  do_el0_svc+0x58/0x14c
[   66.217461][ T4326]  el0_svc+0x78/0x1e0
[   66.218586][ T4326]  el0t_64_sync_handler+0xcc/0xe4
[   66.219938][ T4326]  el0t_64_sync+0x1a0/0x1a4
[   66.221208][ T4326] 
[   66.221841][ T4326] Allocated by task 4323:
[   66.223027][ T4326]  __kasan_kmalloc+0xb0/0xf0
[   66.224383][ T4326]  kmem_cache_alloc_trace+0x274/0x3fc
[   66.225842][ T4326]  ax25_dev_device_up+0x5c/0x540
[   66.227194][ T4326]  ax25_device_event+0x504/0x590
[   66.228562][ T4326]  raw_notifier_call_chain+0xd4/0x164
[   66.230212][ T4326]  __dev_notify_flags+0x250/0x46c
[   66.231592][ T4326]  dev_change_flags+0xc8/0x154
[   66.232923][ T4326]  dev_ifsioc+0x504/0xef4
[   66.234091][ T4326]  dev_ioctl+0x4d0/0xc94
[   66.235262][ T4326]  sock_do_ioctl+0x18c/0x240
[   66.236511][ T4326]  sock_ioctl+0x5c8/0x87c
[   66.237712][ T4326]  __arm64_sys_ioctl+0x14c/0x1c8
[   66.239041][ T4326]  invoke_syscall+0x98/0x2b8
[   66.240263][ T4326]  el0_svc_common+0x138/0x258
[   66.241530][ T4326]  do_el0_svc+0x58/0x14c
[   66.242677][ T4326]  el0_svc+0x78/0x1e0
[   66.243816][ T4326]  el0t_64_sync_handler+0xcc/0xe4
[   66.245180][ T4326]  el0t_64_sync+0x1a0/0x1a4
[   66.246380][ T4326] 
[   66.247049][ T4326] Freed by task 4325:
[   66.248130][ T4326]  kasan_set_track+0x4c/0x84
[   66.249345][ T4326]  kasan_set_free_info+0x28/0x4c
[   66.250689][ T4326]  ____kasan_slab_free+0x118/0x164
[   66.252081][ T4326]  __kasan_slab_free+0x18/0x28
[   66.253353][ T4326]  slab_free_freelist_hook+0x128/0x1e8
[   66.254879][ T4326]  kfree+0x170/0x40c
[   66.255916][ T4326]  ax25_release+0x564/0x814
[   66.257130][ T4326]  sock_close+0xb4/0x1f8
[   66.258266][ T4326]  __fput+0x1c0/0x7f8
[   66.259357][ T4326]  ____fput+0x20/0x30
[   66.260452][ T4326]  task_work_run+0x12c/0x1e0
[   66.261731][ T4326]  do_notify_resume+0x24b4/0x3128
[   66.263149][ T4326]  el0_svc+0xf0/0x1e0
[   66.264222][ T4326]  el0t_64_sync_handler+0xcc/0xe4
[   66.265622][ T4326]  el0t_64_sync+0x1a0/0x1a4
[   66.266842][ T4326] 
[   66.267559][ T4326] The buggy address belongs to the object at ffff0000d1ddf600
[   66.267559][ T4326]  which belongs to the cache kmalloc-256 of size 256
[   66.271497][ T4326] The buggy address is located 56 bytes inside of
[   66.271497][ T4326]  256-byte region [ffff0000d1ddf600, ffff0000d1ddf700)
[   66.275287][ T4326] The buggy address belongs to the page:
[   66.276976][ T4326] page:0000000027a5f507 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111dde
[   66.279781][ T4326] head:0000000027a5f507 order:1 compound_mapcount:0
[   66.281677][ T4326] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   66.283986][ T4326] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c0002480
[   66.286521][ T4326] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   66.289028][ T4326] page dumped because: kasan: bad access detected
[   66.290810][ T4326] 
[   66.291437][ T4326] Memory state around the buggy address:
[   66.293092][ T4326]  ffff0000d1ddf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.295291][ T4326]  ffff0000d1ddf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.297528][ T4326] >ffff0000d1ddf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.299813][ T4326]                                         ^
[   66.301430][ T4326]  ffff0000d1ddf680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.303667][ T4326]  ffff0000d1ddf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   66.305883][ T4326] ==================================================================
[   66.308050][ T4326] Disabling lock debugging due to kernel taint
[   66.312423][ T4326] Unable to handle kernel paging request at virtual address b8c003250000168d
[   66.314862][ T4326] Mem abort info:
[   66.315781][ T4326]   ESR = 0x0000000096000021
[   66.317087][ T4326]   EC = 0x25: DABT (current EL), IL = 32 bits
[   66.320041][ T4326]   SET = 0, FnV = 0
[   66.321083][ T4326]   EA = 0, S1PTW = 0
[   66.322089][ T4326]   FSC = 0x21: alignment fault
[   66.323487][ T4326] Data abort info:
[   66.324475][ T4326]   ISV = 0, ISS = 0x00000021
[   66.325734][ T4326]   CM = 0, WnR = 0
[   66.326735][ T4326] [b8c003250000168d] address between user and kernel address ranges
[   66.329551][ T4326] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP
[   66.331610][ T4326] Modules linked in:
[   66.332732][ T4326] CPU: 1 PID: 4326 Comm: syz.0.18 Tainted: G    B             5.15.186-syzkaller #0
[   66.335408][ T4326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   66.338263][ T4326] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   66.340338][ T4326] pc : ax25_release+0x4f4/0x814
[   66.341661][ T4326] lr : ax25_release+0x4ec/0x814
[   66.342992][ T4326] sp : ffff80001fb77a00
[   66.344135][ T4326] x29: ffff80001fb77a20 x28: dfff800000000000 x27: ffff0000c1a59080
[   66.346354][ T4326] x26: ffff0000c1948828 x25: 0000000000000002 x24: 00000000ffffffff
[   66.348529][ T4326] x23: b8c003250000168d x22: ffff0000d1ddf600 x21: ffff0000e77eda18
[   66.350707][ T4326] x20: ffff0000c1a59000 x19: 1fffe00018329105 x18: 0000000000000000
[   66.352936][ T4326] x17: 0000000000000000 x16: ffff8000082d6448 x15: 0000000000000002
[   66.355074][ T4326] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000ff0100
[   66.357210][ T4326] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff8000104555f4
[   66.359342][ T4326] x8 : ffff0000d0f2d1c0 x7 : 0000000000000000 x6 : ffff80000837b9b0
[   66.361445][ T4326] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000104555e8
[   66.363767][ T4326] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
[   66.366100][ T4326] Call trace:
[   66.366991][ T4326]  ax25_release+0x4f4/0x814
[   66.368164][ T4326]  sock_close+0xb4/0x1f8
[   66.369329][ T4326]  __fput+0x1c0/0x7f8
[   66.370422][ T4326]  ____fput+0x20/0x30
[   66.371543][ T4326]  task_work_run+0x12c/0x1e0
[   66.372937][ T4326]  do_notify_resume+0x24b4/0x3128
[   66.374319][ T4326]  el0_svc+0xf0/0x1e0
[   66.375385][ T4326]  el0t_64_sync_handler+0xcc/0xe4
[   66.376912][ T4326]  el0t_64_sync+0x1a0/0x1a4
[   66.378131][ T4326] Code: d503201f 9600931b 52800038 4b1803f8 (b87802f8) 
[   66.380047][ T4326] ---[ end trace 40dfb2ff61330f51 ]---
[   66.700584][ T4326] Kernel panic - not syncing: Oops: Fatal exception
[   66.702366][ T4326] SMP: stopping secondary CPUs
[   66.703682][ T4326] Kernel Offset: disabled
[   66.704875][ T4326] CPU features: 0x8,000081c1,21302e40
[   66.706328][ T4326] Memory Limit: none
[   67.018856][ T4326] Rebooting in 86400 seconds..