Warning: Permanently added '10.128.0.23' (ED25519) to the list of known hosts.
2026/03/11 01:34:48 parsed 1 programs
[ 53.942362][ T4189] cgroup: Unknown subsys name 'net'
[ 54.129151][ T4189] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 55.415487][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 56.875958][ T4206] chnl_net:caif_netlink_parms(): no params data found
[ 56.917278][ T4206] bridge0: port 1(bridge_slave_0) entered blocking state
[ 56.924968][ T4206] bridge0: port 1(bridge_slave_0) entered disabled state
[ 56.932644][ T4206] device bridge_slave_0 entered promiscuous mode
[ 56.941454][ T4206] bridge0: port 2(bridge_slave_1) entered blocking state
[ 56.948749][ T4206] bridge0: port 2(bridge_slave_1) entered disabled state
[ 56.957970][ T4206] device bridge_slave_1 entered promiscuous mode
[ 56.980219][ T4206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 56.991440][ T4206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 57.014535][ T4206] team0: Port device team_slave_0 added
[ 57.021458][ T4206] team0: Port device team_slave_1 added
[ 57.040008][ T4206] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 57.047043][ T4206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 57.073237][ T4206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 57.086102][ T4206] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 57.093069][ T4206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 57.119418][ T4206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 57.149369][ T4206] device hsr_slave_0 entered promiscuous mode
[ 57.156428][ T4206] device hsr_slave_1 entered promiscuous mode
[ 57.248235][ T4206] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 57.259953][ T4206] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 57.271738][ T4206] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 57.282303][ T4206] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 57.313969][ T4206] bridge0: port 2(bridge_slave_1) entered blocking state
[ 57.321842][ T4206] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 57.330178][ T4206] bridge0: port 1(bridge_slave_0) entered blocking state
[ 57.337294][ T4206] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 57.401728][ T4206] 8021q: adding VLAN 0 to HW filter on device bond0
[ 57.420878][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 57.432769][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 57.442308][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 57.457391][ T4206] 8021q: adding VLAN 0 to HW filter on device team0
[ 57.470289][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 57.480436][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 57.487543][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 57.504821][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 57.516589][ T153] bridge0: port 2(bridge_slave_1) entered blocking state
[ 57.523670][ T153] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 57.544670][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 57.554367][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 57.562813][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 57.571689][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 57.584998][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 57.598114][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 57.717138][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 57.725493][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 57.739273][ T4206] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 57.763905][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 57.793353][ T4206] device veth0_vlan entered promiscuous mode
[ 57.803617][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 57.813505][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 57.823706][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 57.839923][ T4206] device veth1_vlan entered promiscuous mode
[ 57.849474][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 57.875190][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 57.885629][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 57.896480][ T4206] device veth0_macvtap entered promiscuous mode
[ 57.907950][ T4206] device veth1_macvtap entered promiscuous mode
[ 57.925089][ T4206] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 57.932562][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 57.941769][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 57.951786][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 57.960988][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 57.974717][ T4206] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 57.983313][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 57.992330][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 58.004070][ T4206] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 58.012914][ T4206] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 58.024372][ T4206] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 58.033087][ T4206] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 58.530266][ T723] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 60.590025][ T723] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 62.888636][ T723] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 62.961036][ T723] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 63.909769][ T723] device hsr_slave_0 left promiscuous mode
[ 63.928371][ T723] device hsr_slave_1 left promiscuous mode
[ 63.947113][ T723] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 63.968831][ T723] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 63.982877][ T723] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 63.990685][ T723] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 63.999856][ T723] device bridge_slave_1 left promiscuous mode
[ 64.007157][ T723] bridge0: port 2(bridge_slave_1) entered disabled state
[ 64.023565][ T723] device bridge_slave_0 left promiscuous mode
[ 64.031354][ T723] bridge0: port 1(bridge_slave_0) entered disabled state
[ 64.055545][ T723] device veth1_macvtap left promiscuous mode
[ 64.061962][ T723] device veth0_macvtap left promiscuous mode
[ 64.068086][ T723] device veth1_vlan left promiscuous mode
[ 64.074668][ T723] device veth0_vlan left promiscuous mode
[ 64.203745][ T723] team0 (unregistering): Port device team_slave_1 removed
[ 64.216368][ T723] team0 (unregistering): Port device team_slave_0 removed
[ 64.228428][ T723] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 64.243560][ T723] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 64.289513][ T723] bond0 (unregistering): Released all slaves
[ 64.427587][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 64.446476][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 64.471942][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 64.510739][ T1277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 64.519189][ T1277] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 64.528297][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2026/03/11 01:35:02 executed programs: 0
[ 66.398890][ T4362] chnl_net:caif_netlink_parms(): no params data found
[ 66.498622][ T4362] bridge0: port 1(bridge_slave_0) entered blocking state
[ 66.507378][ T4362] bridge0: port 1(bridge_slave_0) entered disabled state
[ 66.515907][ T4362] device bridge_slave_0 entered promiscuous mode
[ 66.525929][ T4362] bridge0: port 2(bridge_slave_1) entered blocking state
[ 66.537170][ T4362] bridge0: port 2(bridge_slave_1) entered disabled state
[ 66.540077][ T723] ODEBUG: Out of memory. ODEBUG disabled
[ 66.545389][ T4362] device bridge_slave_1 entered promiscuous mode
[ 66.581480][ T4362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 66.592848][ T4362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 66.617182][ T4362] team0: Port device team_slave_0 added
[ 66.627418][ T4362] team0: Port device team_slave_1 added
[ 66.648003][ T4362] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 66.656338][ T4362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 66.687426][ T4362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 66.700433][ T4362] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 66.707889][ T4362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 66.736200][ T4362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 66.861942][ T4362] device hsr_slave_0 entered promiscuous mode
[ 66.882273][ T4362] device hsr_slave_1 entered promiscuous mode
[ 67.520730][ T4362] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 67.530242][ T4362] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 67.541707][ T4362] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 67.551843][ T4362] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 67.676239][ T4362] 8021q: adding VLAN 0 to HW filter on device bond0
[ 67.698378][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 67.707268][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 67.741898][ T4362] 8021q: adding VLAN 0 to HW filter on device team0
[ 67.752446][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 67.762507][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 67.771989][ T4301] bridge0: port 1(bridge_slave_0) entered blocking state
[ 67.779124][ T4301] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 67.835262][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 67.843666][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 67.853418][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 67.862932][ T4301] bridge0: port 2(bridge_slave_1) entered blocking state
[ 67.870084][ T4301] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 67.879193][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 67.889475][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 67.899185][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 67.909433][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 67.918511][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 67.927585][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 67.936458][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 67.945505][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 67.958214][ T4362] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 67.969974][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 67.978663][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 67.989795][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 67.998809][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 68.173680][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 68.183179][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 68.196045][ T4362] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 68.214863][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 68.223468][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 68.244762][ T4405] Bluetooth: hci0: command 0x0409 tx timeout
[ 68.245266][ T4362] device veth0_vlan entered promiscuous mode
[ 68.260165][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 68.269086][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 68.281656][ T4362] device veth1_vlan entered promiscuous mode
[ 68.290331][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 68.299028][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 68.307565][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 68.346354][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 68.355435][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 68.367076][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 68.378487][ T4362] device veth0_macvtap entered promiscuous mode
[ 68.393276][ T4362] device veth1_macvtap entered promiscuous mode
[ 68.427432][ T4362] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 68.437290][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 68.446609][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 68.458280][ T4362] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 68.467061][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 68.476135][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 68.488057][ T4362] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 68.497368][ T4362] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 68.506345][ T4362] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 68.515566][ T4362] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 68.630536][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 68.652143][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 68.665398][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 68.705682][ T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 68.715101][ T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 68.722610][ T1277] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 68.802010][ T4502] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[ 68.908602][ T4506] ==================================================================
[ 68.916914][ T4506] BUG: KASAN: use-after-free in ax25_fillin_cb+0x459/0x640
[ 68.924156][ T4506] Read of size 4 at addr ffff88807eb15338 by task syz.0.19/4506
[ 68.931802][ T4506]
[ 68.934158][ T4506] CPU: 0 PID: 4506 Comm: syz.0.19 Not tainted syzkaller #0
[ 68.941368][ T4506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 68.951465][ T4506] Call Trace:
[ 68.954758][ T4506]
[ 68.957696][ T4506] dump_stack_lvl+0x188/0x250
[ 68.962383][ T4506] ? show_regs_print_info+0x20/0x20
[ 68.967586][ T4506] ? _printk+0xda/0x130
[ 68.971753][ T4506] ? ax25_fillin_cb+0x459/0x640
[ 68.976626][ T4506] ? load_image+0x400/0x400
[ 68.981165][ T4506] print_address_description+0x60/0x2d0
[ 68.986731][ T4506] ? ax25_fillin_cb+0x459/0x640
[ 68.991591][ T4506] kasan_report+0xdf/0x130
[ 68.996018][ T4506] ? ax25_fillin_cb+0x459/0x640
[ 69.000886][ T4506] ax25_fillin_cb+0x459/0x640
[ 69.005586][ T4506] ax25_setsockopt+0x8c9/0xa60
[ 69.010374][ T4506] ? ax25_shutdown+0x10/0x10
[ 69.015187][ T4506] ? aa_sock_opt_perm+0x74/0x100
[ 69.020253][ T4506] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 69.025904][ T4506] ? security_socket_setsockopt+0x7a/0xa0
[ 69.031635][ T4506] ? ax25_shutdown+0x10/0x10
[ 69.036247][ T4506] __sys_setsockopt+0x2bf/0x3d0
[ 69.041112][ T4506] __x64_sys_setsockopt+0xb1/0xc0
[ 69.046147][ T4506] do_syscall_64+0x4c/0xa0
[ 69.051108][ T4506] ? clear_bhb_loop+0x30/0x80
[ 69.055801][ T4506] ? clear_bhb_loop+0x30/0x80
[ 69.060490][ T4506] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 69.066401][ T4506] RIP: 0033:0x7f988121d799
[ 69.070828][ T4506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 69.090622][ T4506] RSP: 002b:00007ffdfcb867c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 69.099061][ T4506] RAX: ffffffffffffffda RBX: 00007f9881496fa0 RCX: 00007f988121d799
[ 69.107044][ T4506] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000004
[ 69.115136][ T4506] RBP: 00007f98812b3c99 R08: 0000000000000010 R09: 0000000000000000
[ 69.123122][ T4506] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[ 69.131114][ T4506] R13: 00007f9881496fac R14: 00007f9881496fa0 R15: 00007f9881496fa0
[ 69.139128][ T4506]
[ 69.142185][ T4506]
[ 69.144508][ T4506] Allocated by task 4502:
[ 69.148824][ T4506] __kasan_kmalloc+0xb5/0xf0
[ 69.153414][ T4506] ax25_dev_device_up+0x50/0x580
[ 69.158346][ T4506] ax25_device_event+0x483/0x4f0
[ 69.163277][ T4506] raw_notifier_call_chain+0xcb/0x160
[ 69.168643][ T4506] __dev_notify_flags+0x194/0x300
[ 69.173668][ T4506] dev_change_flags+0xe3/0x1a0
[ 69.178429][ T4506] dev_ifsioc+0x130/0xd50
[ 69.182754][ T4506] dev_ioctl+0x545/0xe30
[ 69.187005][ T4506] sock_do_ioctl+0x245/0x320
[ 69.191589][ T4506] sock_ioctl+0x4d2/0x710
[ 69.195915][ T4506] __se_sys_ioctl+0xfa/0x170
[ 69.200505][ T4506] do_syscall_64+0x4c/0xa0
[ 69.205017][ T4506] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 69.210924][ T4506]
[ 69.213242][ T4506] Freed by task 4504:
[ 69.217208][ T4506] kasan_set_track+0x4b/0x70
[ 69.221803][ T4506] kasan_set_free_info+0x1f/0x40
[ 69.226746][ T4506] ____kasan_slab_free+0xd5/0x110
[ 69.231885][ T4506] slab_free_freelist_hook+0xea/0x170
[ 69.237267][ T4506] kfree+0xef/0x2a0
[ 69.241160][ T4506] ax25_release+0x661/0x870
[ 69.245749][ T4506] sock_close+0xd5/0x240
[ 69.249987][ T4506] __fput+0x234/0x930
[ 69.253962][ T4506] task_work_run+0x125/0x1a0
[ 69.258548][ T4506] exit_to_user_mode_loop+0x10f/0x130
[ 69.263914][ T4506] exit_to_user_mode_prepare+0xee/0x180
[ 69.269547][ T4506] syscall_exit_to_user_mode+0x16/0x40
[ 69.275004][ T4506] do_syscall_64+0x58/0xa0
[ 69.279419][ T4506] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 69.285494][ T4506]
[ 69.287809][ T4506] The buggy address belongs to the object at ffff88807eb15300
[ 69.287809][ T4506] which belongs to the cache kmalloc-192 of size 192
[ 69.301859][ T4506] The buggy address is located 56 bytes inside of
[ 69.301859][ T4506] 192-byte region [ffff88807eb15300, ffff88807eb153c0)
[ 69.315046][ T4506] The buggy address belongs to the page:
[ 69.320682][ T4506] page:ffffea0001fac540 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7eb15
[ 69.330833][ T4506] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 69.338585][ T4506] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888016c41a00
[ 69.347519][ T4506] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 69.356192][ T4506] page dumped because: kasan: bad access detected
[ 69.362902][ T4506] page_owner tracks the page as allocated
[ 69.368723][ T4506] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 153, ts 68761824680, free_ts 67635746459
[ 69.384748][ T4506] get_page_from_freelist+0x1bbd/0x1ca0
[ 69.390402][ T4506] __alloc_pages+0x1ee/0x480
[ 69.395601][ T4506] new_slab+0xb6/0x4b0
[ 69.400032][ T4506] ___slab_alloc+0x80a/0xdd0
[ 69.404627][ T4506] __kmalloc_node+0x200/0x3b0
[ 69.409328][ T4506] memcg_alloc_page_obj_cgroups+0x81/0x120
[ 69.415150][ T4506] new_slab+0x100/0x4b0
[ 69.419307][ T4506] ___slab_alloc+0x80a/0xdd0
[ 69.423979][ T4506] kmem_cache_alloc+0x195/0x290
[ 69.428826][ T4506] __d_alloc+0x2a/0x6f0
[ 69.432979][ T4506] d_alloc_parallel+0x7b/0x1330
[ 69.437826][ T4506] __lookup_slow+0x134/0x410
[ 69.442420][ T4506] lookup_one_len+0x19d/0x2d0
[ 69.447100][ T4506] start_creating+0x184/0x310
[ 69.451793][ T4506] __debugfs_create_file+0x6f/0x510
[ 69.457088][ T4506] sta_info_insert_rcu+0x196d/0x21c0
[ 69.462414][ T4506] page last free stack trace:
[ 69.467170][ T4506] free_unref_page_prepare+0x637/0x6c0
[ 69.472734][ T4506] free_unref_page+0x8f/0x2a0
[ 69.477504][ T4506] qlist_free_all+0x35/0x90
[ 69.482007][ T4506] kasan_quarantine_reduce+0x150/0x160
[ 69.487462][ T4506] __kasan_slab_alloc+0x2f/0xd0
[ 69.492326][ T4506] slab_post_alloc_hook+0x4c/0x380
[ 69.497482][ T4506] kmem_cache_alloc+0x100/0x290
[ 69.502424][ T4506] mm_alloc+0x1f/0xc0
[ 69.506404][ T4506] alloc_bprm+0x1a9/0x6a0
[ 69.510739][ T4506] do_execveat_common+0x193/0x6d0
[ 69.515757][ T4506] __x64_sys_execve+0x8e/0xa0
[ 69.520427][ T4506] do_syscall_64+0x4c/0xa0
[ 69.524839][ T4506] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 69.530730][ T4506]
[ 69.533052][ T4506] Memory state around the buggy address:
[ 69.538692][ T4506] ffff88807eb15200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 69.546747][ T4506] ffff88807eb15280: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[ 69.554806][ T4506] >ffff88807eb15300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 69.562868][ T4506] ^
[ 69.568759][ T4506] ffff88807eb15380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 69.576817][ T4506] ffff88807eb15400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 69.584965][ T4506] ==================================================================
[ 69.593101][ T4506] Disabling lock debugging due to kernel taint
[ 69.603909][ T4506] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 69.611121][ T4506] CPU: 1 PID: 4506 Comm: syz.0.19 Tainted: G B syzkaller #0
[ 69.619703][ T4506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 69.629761][ T4506] Call Trace:
[ 69.633275][ T4506]
[ 69.636306][ T4506] dump_stack_lvl+0x188/0x250
[ 69.640984][ T4506] ? show_regs_print_info+0x20/0x20
[ 69.646184][ T4506] ? load_image+0x400/0x400
[ 69.650685][ T4506] panic+0x2e5/0x810
[ 69.654578][ T4506] ? bpf_jit_dump+0xd0/0xd0
[ 69.659255][ T4506] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 69.665348][ T4506] ? _raw_spin_unlock+0x40/0x40
[ 69.670197][ T4506] ? print_memory_metadata+0x314/0x400
[ 69.675659][ T4506] ? ax25_fillin_cb+0x459/0x640
[ 69.680528][ T4506] check_panic_on_warn+0x80/0xa0
[ 69.685476][ T4506] ? ax25_fillin_cb+0x459/0x640
[ 69.690389][ T4506] end_report+0x6d/0xf0
[ 69.694554][ T4506] kasan_report+0x102/0x130
[ 69.699066][ T4506] ? ax25_fillin_cb+0x459/0x640
[ 69.703924][ T4506] ax25_fillin_cb+0x459/0x640
[ 69.708610][ T4506] ax25_setsockopt+0x8c9/0xa60
[ 69.713384][ T4506] ? ax25_shutdown+0x10/0x10
[ 69.717984][ T4506] ? aa_sock_opt_perm+0x74/0x100
[ 69.722951][ T4506] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 69.728501][ T4506] ? security_socket_setsockopt+0x7a/0xa0
[ 69.734224][ T4506] ? ax25_shutdown+0x10/0x10
[ 69.738814][ T4506] __sys_setsockopt+0x2bf/0x3d0
[ 69.743682][ T4506] __x64_sys_setsockopt+0xb1/0xc0
[ 69.748716][ T4506] do_syscall_64+0x4c/0xa0
[ 69.753134][ T4506] ? clear_bhb_loop+0x30/0x80
[ 69.757815][ T4506] ? clear_bhb_loop+0x30/0x80
[ 69.762646][ T4506] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 69.768657][ T4506] RIP: 0033:0x7f988121d799
[ 69.773078][ T4506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 69.792771][ T4506] RSP: 002b:00007ffdfcb867c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 69.801289][ T4506] RAX: ffffffffffffffda RBX: 00007f9881496fa0 RCX: 00007f988121d799
[ 69.809258][ T4506] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000004
[ 69.817386][ T4506] RBP: 00007f98812b3c99 R08: 0000000000000010 R09: 0000000000000000
[ 69.825516][ T4506] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[ 69.833476][ T4506] R13: 00007f9881496fac R14: 00007f9881496fa0 R15: 00007f9881496fa0
[ 69.841628][ T4506]
[ 69.844955][ T4506] Kernel Offset: disabled
[ 69.849394][ T4506] Rebooting in 86400 seconds..