Warning: Permanently added '10.128.0.219' (ED25519) to the list of known hosts.
1970/01/01 00:00:43 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:44 parsed 1 programs
[   46.671268][ T4039] cgroup: Unknown subsys name 'net'
[   46.964860][ T4039] cgroup: Unknown subsys name 'rlimit'
[   47.343367][ T4039] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   54.219099][ T1604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   54.221276][ T1604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   54.225336][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   54.241344][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   54.243546][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   54.246394][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   55.566195][ T4106] chnl_net:caif_netlink_parms(): no params data found
[   55.607835][ T4106] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.611650][ T4106] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.614593][ T4106] device bridge_slave_0 entered promiscuous mode
[   55.619280][ T4106] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.621319][ T4106] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.623951][ T4106] device bridge_slave_1 entered promiscuous mode
[   55.642309][ T4106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.646948][ T4106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.666018][ T4106] team0: Port device team_slave_0 added
[   55.671148][ T4106] team0: Port device team_slave_1 added
[   55.686294][ T4106] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.688158][ T4106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.695714][ T4106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.700606][ T4106] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.702531][ T4106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.709812][ T4106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.780777][ T4106] device hsr_slave_0 entered promiscuous mode
[   55.828754][ T4106] device hsr_slave_1 entered promiscuous mode
[   55.944044][ T4106] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.971775][ T4106] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   56.020894][ T4106] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   56.060449][ T4106] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   56.131938][ T4106] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.134132][ T4106] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.136493][ T4106] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.138587][ T4106] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.181334][ T4106] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.189248][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.193346][  T136] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.201084][  T136] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.251747][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   56.267750][ T4106] 8021q: adding VLAN 0 to HW filter on device team0
[   56.276577][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   56.280459][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.282291][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.287219][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   56.290470][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.292415][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.305155][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   56.307994][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   56.314656][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   56.325119][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   56.333060][ T4106] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   56.336907][ T4106] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   56.340975][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   56.417360][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   56.421010][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   56.428119][ T4106] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.441037][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.454999][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.458052][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.460851][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.465141][ T4106] device veth0_vlan entered promiscuous mode
[   56.473229][ T4106] device veth1_vlan entered promiscuous mode
[   56.486692][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   56.489851][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   56.492782][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.497335][ T4106] device veth0_macvtap entered promiscuous mode
[   56.505138][ T4106] device veth1_macvtap entered promiscuous mode
[   56.516893][ T4106] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.519705][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.522940][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   56.529745][ T4106] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.532018][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.536850][ T4106] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.539367][ T4106] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.541712][ T4106] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.544092][ T4106] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
1970/01/01 00:00:56 executed programs: 0
[   56.997403][ T4144] chnl_net:caif_netlink_parms(): no params data found
[   57.070145][ T4144] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.072217][ T4144] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.074747][ T4144] device bridge_slave_0 entered promiscuous mode
[   57.078246][ T4144] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.081492][ T4144] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.084182][ T4144] device bridge_slave_1 entered promiscuous mode
[   57.102831][ T4144] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.107388][ T4144] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.123071][ T4144] team0: Port device team_slave_0 added
[   57.126300][ T4144] team0: Port device team_slave_1 added
[   57.141423][ T4144] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.143406][ T4144] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.152164][ T4144] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.157663][ T4144] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.159977][ T4144] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.167067][ T4144] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.231471][ T4144] device hsr_slave_0 entered promiscuous mode
[   57.288679][ T4144] device hsr_slave_1 entered promiscuous mode
[   57.348514][ T4144] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   57.350795][ T4144] Cannot create hsr debugfs directory
[   57.413111][ T4144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.909137][ T4119] Bluetooth: hci0: command 0x0409 tx timeout
[   59.526347][ T4144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.988911][ T4128] Bluetooth: hci0: command 0x041b tx timeout
[   61.665269][ T4144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.724925][ T4144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.417245][ T4144] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   62.470381][ T4144] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   62.521911][ T4144] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   62.560331][ T4144] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   62.671549][ T4144] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.682960][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.685423][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.694782][ T4144] 8021q: adding VLAN 0 to HW filter on device team0
[   62.700635][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   62.703403][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.705949][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.707850][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.721087][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.724070][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   62.726776][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.732430][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.734389][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.736714][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   62.750920][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   62.754161][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   62.757505][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   62.763013][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   62.765931][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   62.769278][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   62.772055][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.780590][ T4144] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   62.784082][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   62.786766][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   62.789866][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   62.792934][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.879468][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   62.881692][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   62.888751][ T4144] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.902004][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   62.904850][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.918143][ T4144] device veth0_vlan entered promiscuous mode
[   62.922138][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   62.924889][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   62.928217][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   62.931817][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.942410][ T4144] device veth1_vlan entered promiscuous mode
[   62.958024][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   62.960874][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   62.963319][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.965948][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.973464][ T4144] device veth0_macvtap entered promiscuous mode
[   62.981008][ T4144] device veth1_macvtap entered promiscuous mode
[   62.997929][ T4144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.001201][ T4144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.004929][ T4144] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.007108][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   63.012921][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   63.015452][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   63.020789][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.025610][ T4144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.031074][ T4144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.034745][ T4144] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.037098][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   63.040164][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.045633][ T4144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.048082][ T4144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.053898][ T4144] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.056301][ T4144] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.068553][ T4133] Bluetooth: hci0: command 0x040f tx timeout
[   63.122282][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.124510][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.127437][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.149454][ T1604] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.151870][ T1604] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.154795][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:03 executed programs: 2
[   63.197965][ T4162] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[   63.258226][ T4164] ==================================================================
[   63.260661][ T4164] BUG: KASAN: use-after-free in ax25_fillin_cb+0x394/0x568
[   63.262794][ T4164] Read of size 4 at addr ffff0000d1bb8038 by task syz.0.18/4164
[   63.264918][ T4164] 
[   63.265541][ T4164] CPU: 1 PID: 4164 Comm: syz.0.18 Not tainted 5.15.189-syzkaller #0
[   63.267675][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.270434][ T4164] Call trace:
[   63.271351][ T4164]  dump_backtrace+0x0/0x43c
[   63.272602][ T4164]  show_stack+0x2c/0x3c
[   63.273749][ T4164]  __dump_stack+0x30/0x40
[   63.274891][ T4164]  dump_stack_lvl+0xf8/0x160
[   63.276135][ T4164]  print_address_description+0x78/0x30c
[   63.277661][ T4164]  kasan_report+0xec/0x15c
[   63.278822][ T4164]  __asan_report_load4_noabort+0x44/0x50
[   63.280295][ T4164]  ax25_fillin_cb+0x394/0x568
[   63.281512][ T4164]  ax25_setsockopt+0x8d0/0xa5c
[   63.282764][ T4164]  __sys_setsockopt+0x260/0x36c
[   63.284029][ T4164]  __arm64_sys_setsockopt+0xb8/0xd4
[   63.285404][ T4164]  invoke_syscall+0x98/0x2b8
[   63.286614][ T4164]  el0_svc_common+0x138/0x258
[   63.287838][ T4164]  do_el0_svc+0x58/0x14c
[   63.288977][ T4164]  el0_svc+0x78/0x1e0
[   63.290037][ T4164]  el0t_64_sync_handler+0xcc/0xe4
[   63.291407][ T4164]  el0t_64_sync+0x1a0/0x1a4
[   63.292627][ T4164] 
[   63.293202][ T4164] Allocated by task 4162:
[   63.294402][ T4164]  __kasan_kmalloc+0xb0/0xf0
[   63.295638][ T4164]  kmem_cache_alloc_trace+0x274/0x3fc
[   63.297095][ T4164]  ax25_dev_device_up+0x5c/0x540
[   63.298434][ T4164]  ax25_device_event+0x504/0x590
[   63.299764][ T4164]  raw_notifier_call_chain+0xd4/0x164
[   63.301174][ T4164]  __dev_notify_flags+0x250/0x46c
[   63.302529][ T4164]  dev_change_flags+0xc8/0x154
[   63.303858][ T4164]  dev_ifsioc+0x504/0xef4
[   63.305019][ T4164]  dev_ioctl+0x4d0/0xc94
[   63.306104][ T4164]  sock_do_ioctl+0x18c/0x240
[   63.307316][ T4164]  sock_ioctl+0x5c8/0x87c
[   63.308524][ T4164]  __arm64_sys_ioctl+0x14c/0x1c8
[   63.309930][ T4164]  invoke_syscall+0x98/0x2b8
[   63.311153][ T4164]  el0_svc_common+0x138/0x258
[   63.312487][ T4164]  do_el0_svc+0x58/0x14c
[   63.313605][ T4164]  el0_svc+0x78/0x1e0
[   63.314691][ T4164]  el0t_64_sync_handler+0xcc/0xe4
[   63.316061][ T4164]  el0t_64_sync+0x1a0/0x1a4
[   63.317280][ T4164] 
[   63.317917][ T4164] Freed by task 4163:
[   63.318962][ T4164]  kasan_set_track+0x4c/0x84
[   63.320257][ T4164]  kasan_set_free_info+0x28/0x4c
[   63.321613][ T4164]  ____kasan_slab_free+0x118/0x164
[   63.323157][ T4164]  __kasan_slab_free+0x18/0x28
[   63.324431][ T4164]  slab_free_freelist_hook+0x128/0x1e8
[   63.325909][ T4164]  kfree+0x170/0x40c
[   63.326955][ T4164]  ax25_release+0x564/0x814
[   63.328145][ T4164]  sock_close+0xb4/0x1f8
[   63.329272][ T4164]  __fput+0x1c0/0x7f8
[   63.330363][ T4164]  ____fput+0x20/0x30
[   63.331438][ T4164]  task_work_run+0x12c/0x1e0
[   63.332679][ T4164]  do_notify_resume+0x24b4/0x3128
[   63.334019][ T4164]  el0_svc+0xf0/0x1e0
[   63.335120][ T4164]  el0t_64_sync_handler+0xcc/0xe4
[   63.336527][ T4164]  el0t_64_sync+0x1a0/0x1a4
[   63.337739][ T4164] 
[   63.338347][ T4164] The buggy address belongs to the object at ffff0000d1bb8000
[   63.338347][ T4164]  which belongs to the cache kmalloc-256 of size 256
[   63.342156][ T4164] The buggy address is located 56 bytes inside of
[   63.342156][ T4164]  256-byte region [ffff0000d1bb8000, ffff0000d1bb8100)
[   63.345752][ T4164] The buggy address belongs to the page:
[   63.347252][ T4164] page:0000000001730ccc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111bb8
[   63.350079][ T4164] head:0000000001730ccc order:1 compound_mapcount:0
[   63.351818][ T4164] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   63.354116][ T4164] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c0002480
[   63.356495][ T4164] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   63.358915][ T4164] page dumped because: kasan: bad access detected
[   63.360636][ T4164] 
[   63.361275][ T4164] Memory state around the buggy address:
[   63.362705][ T4164]  ffff0000d1bb7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   63.365076][ T4164]  ffff0000d1bb7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   63.367370][ T4164] >ffff0000d1bb8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   63.369582][ T4164]                                         ^
[   63.371124][ T4164]  ffff0000d1bb8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   63.373363][ T4164]  ffff0000d1bb8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   63.375628][ T4164] ==================================================================
[   63.377845][ T4164] Disabling lock debugging due to kernel taint
[   63.381694][ T4164] Unable to handle kernel paging request at virtual address 00600323000015eb
[   63.384129][ T4164] Mem abort info:
[   63.385042][ T4164]   ESR = 0x0000000096000021
[   63.386290][ T4164]   EC = 0x25: DABT (current EL), IL = 32 bits
[   63.387882][ T4164]   SET = 0, FnV = 0
[   63.389481][ T4164]   EA = 0, S1PTW = 0
[   63.390572][ T4164]   FSC = 0x21: alignment fault
[   63.391832][ T4164] Data abort info:
[   63.392830][ T4164]   ISV = 0, ISS = 0x00000021
[   63.394077][ T4164]   CM = 0, WnR = 0
[   63.395088][ T4164] [00600323000015eb] address between user and kernel address ranges
[   63.397179][ T4164] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP
[   63.399023][ T4164] Modules linked in:
[   63.400079][ T4164] CPU: 1 PID: 4164 Comm: syz.0.18 Tainted: G    B             5.15.189-syzkaller #0
[   63.402639][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.405354][ T4164] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   63.407476][ T4164] pc : ax25_release+0x4f4/0x814
[   63.408963][ T4164] lr : ax25_release+0x4ec/0x814
[   63.410295][ T4164] sp : ffff80001fc17a00
[   63.411458][ T4164] x29: ffff80001fc17a20 x28: dfff800000000000 x27: ffff0000d71fc080
[   63.413743][ T4164] x26: ffff0000c989a028 x25: ffff0000c989a031 x24: 00000000ffffffff
[   63.416040][ T4164] x23: d6600323000015eb x22: ffff0000d1bb8000 x21: ffff0000dd76d418
[   63.418297][ T4164] x20: ffff0000d71fc000 x19: 1fffe00019313405 x18: 0000000000000000
[   63.420455][ T4164] x17: 0000000000000000 x16: ffff8000082d6448 x15: 0000000000000004
[   63.422573][ T4164] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000ff0100
[   63.424738][ T4164] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff80001045ef30
[   63.426917][ T4164] x8 : ffff0000cea951c0 x7 : 0000000000000000 x6 : ffff80000837b9bc
[   63.429151][ T4164] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80001045ef24
[   63.431358][ T4164] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
[   63.433548][ T4164] Call trace:
[   63.434452][ T4164]  ax25_release+0x4f4/0x814
[   63.435684][ T4164]  sock_close+0xb4/0x1f8
[   63.436842][ T4164]  __fput+0x1c0/0x7f8
[   63.437926][ T4164]  ____fput+0x20/0x30
[   63.439013][ T4164]  task_work_run+0x12c/0x1e0
[   63.440248][ T4164]  do_notify_resume+0x24b4/0x3128
[   63.441589][ T4164]  el0_svc+0xf0/0x1e0
[   63.442710][ T4164]  el0t_64_sync_handler+0xcc/0xe4
[   63.444036][ T4164]  el0t_64_sync+0x1a0/0x1a4
[   63.445251][ T4164] Code: d503201f 96006935 52800038 4b1803f8 (b87802f8) 
[   63.447134][ T4164] ---[ end trace 7b4e9028cbeff187 ]---
[   63.794169][ T4164] Kernel panic - not syncing: Oops: Fatal exception
[   63.795973][ T4164] SMP: stopping secondary CPUs
[   63.797314][ T4164] Kernel Offset: disabled
[   63.798474][ T4164] CPU features: 0x8,000081c1,21302e40
[   63.800017][ T4164] Memory Limit: none
[   64.131623][ T4164] Rebooting in 86400 seconds..