Warning: Permanently added '10.128.1.24' (ED25519) to the list of known hosts.
1970/01/01 00:00:38 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:39 parsed 1 programs
[   42.086749][ T4041] cgroup: Unknown subsys name 'net'
[   42.349570][ T4041] cgroup: Unknown subsys name 'rlimit'
[   42.691667][ T4041] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   53.466670][ T4063] chnl_net:caif_netlink_parms(): no params data found
[   53.506210][ T4063] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.508461][ T4063] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.511137][ T4063] device bridge_slave_0 entered promiscuous mode
[   53.515780][ T4063] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.517730][ T4063] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.520167][ T4063] device bridge_slave_1 entered promiscuous mode
[   53.537909][ T4063] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.542052][ T4063] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.556391][ T4063] team0: Port device team_slave_0 added
[   53.559525][ T4063] team0: Port device team_slave_1 added
[   53.572096][ T4063] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.574183][ T4063] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.581188][ T4063] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.588279][ T4063] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.590139][ T4063] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.597451][ T4063] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.655716][ T4063] device hsr_slave_0 entered promiscuous mode
[   53.703830][ T4063] device hsr_slave_1 entered promiscuous mode
[   53.814458][ T4063] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   53.845955][ T4063] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   53.900672][ T4063] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   53.935444][ T4063] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   54.014712][ T4063] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.016847][ T4063] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.019104][ T4063] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.020993][ T4063] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.056542][ T4063] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.063097][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.067491][  T136] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.070224][  T136] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.073259][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   54.084561][ T4063] 8021q: adding VLAN 0 to HW filter on device team0
[   54.089659][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.092737][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.094792][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.101431][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.104843][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.106733][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.118431][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   54.121280][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   54.131740][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   54.137862][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.143218][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.148437][ T4063] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.264142][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   54.266351][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   54.272899][ T4063] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.286300][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   54.297957][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   54.301122][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   54.303860][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   54.308023][ T4063] device veth0_vlan entered promiscuous mode
[   54.314543][ T4063] device veth1_vlan entered promiscuous mode
[   54.329209][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   54.331904][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   54.336825][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   54.340834][ T4063] device veth0_macvtap entered promiscuous mode
[   54.346610][ T4063] device veth1_macvtap entered promiscuous mode
[   54.359335][ T4063] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.361519][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   54.365289][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   54.371171][ T4063] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.374088][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   54.379525][ T4063] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.381952][ T4063] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.384609][ T4063] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.386964][ T4063] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.664897][  T153] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.439868][  T153] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.619199][  T153] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.690261][  T153] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.265175][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.267530][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.271225][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   60.299452][  T612] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.301680][  T612] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.304931][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:00 executed programs: 0
[   61.136476][ T4187] chnl_net:caif_netlink_parms(): no params data found
[   61.168674][ T4187] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.170804][ T4187] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.177585][ T4187] device bridge_slave_0 entered promiscuous mode
[   61.181268][ T4187] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.183308][ T4187] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.187138][ T4187] device bridge_slave_1 entered promiscuous mode
[   61.202833][ T4187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.210589][ T4187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.228708][ T4187] team0: Port device team_slave_0 added
[   61.232005][ T4187] team0: Port device team_slave_1 added
[   61.284358][ T4187] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.286485][ T4187] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.296444][ T4187] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.320295][ T4187] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.322284][ T4187] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.330425][ T4187] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.376190][ T4187] device hsr_slave_0 entered promiscuous mode
[   61.423761][ T4187] device hsr_slave_1 entered promiscuous mode
[   61.463661][ T4187] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   61.465911][ T4187] Cannot create hsr debugfs directory
[   62.107573][ T4187] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   62.177702][ T4187] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   62.237009][ T4187] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   62.286030][ T4187] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   62.390541][ T4187] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.398109][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.400703][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.409098][ T4187] 8021q: adding VLAN 0 to HW filter on device team0
[   62.416109][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   62.418946][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.421495][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.423436][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.429365][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.436998][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   62.440112][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.442714][  T612] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.444709][  T612] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.450362][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   62.464081][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   62.467150][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   62.470690][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   62.474569][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   62.478329][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   62.481131][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   62.484262][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.486952][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   62.492450][ T4187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   62.496447][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   62.499223][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   62.502276][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.592192][ T4187] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.595548][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   62.597720][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   62.611519][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   62.615683][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.629036][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   62.631675][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   62.634940][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   62.637823][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.642114][ T4187] device veth0_vlan entered promiscuous mode
[   62.653849][ T4187] device veth1_vlan entered promiscuous mode
[   62.671130][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   62.674435][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   62.678643][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.681355][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.696389][ T4187] device veth0_macvtap entered promiscuous mode
[   62.700696][ T4187] device veth1_macvtap entered promiscuous mode
[   62.714918][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.717924][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.721823][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.725106][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.727823][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   62.730447][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   62.733195][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.741055][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.744305][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.748020][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.750934][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.754279][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.766099][ T4187] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.768438][ T4187] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.770614][ T4187] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.773006][ T4187] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.818386][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.820804][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.826905][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   62.862196][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.865329][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.868667][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   62.912021][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[   62.972243][ T4299] ==================================================================
[   62.974605][ T4299] BUG: KASAN: use-after-free in ax25_fillin_cb+0x394/0x568
[   62.976589][ T4299] Read of size 4 at addr ffff0000d879a438 by task syz.0.18/4299
[   62.978628][ T4299] 
[   62.979260][ T4299] CPU: 0 PID: 4299 Comm: syz.0.18 Not tainted 5.15.189-syzkaller #0
[   62.981464][ T4299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   62.984318][ T4299] Call trace:
[   62.985189][ T4299]  dump_backtrace+0x0/0x43c
[   62.986419][ T4299]  show_stack+0x2c/0x3c
[   62.987514][ T4299]  __dump_stack+0x30/0x40
[   62.988659][ T4299]  dump_stack_lvl+0xf8/0x160
[   62.989934][ T4299]  print_address_description+0x78/0x30c
[   62.991498][ T4299]  kasan_report+0xec/0x15c
[   62.992718][ T4299]  __asan_report_load4_noabort+0x44/0x50
[   62.994329][ T4299]  ax25_fillin_cb+0x394/0x568
[   62.995564][ T4299]  ax25_setsockopt+0x8d0/0xa5c
[   62.996899][ T4299]  __sys_setsockopt+0x260/0x36c
[   62.998218][ T4299]  __arm64_sys_setsockopt+0xb8/0xd4
[   62.999659][ T4299]  invoke_syscall+0x98/0x2b8
[   63.000932][ T4299]  el0_svc_common+0x138/0x258
[   63.002296][ T4299]  do_el0_svc+0x58/0x14c
[   63.003427][ T4299]  el0_svc+0x78/0x1e0
[   63.004542][ T4299]  el0t_64_sync_handler+0xcc/0xe4
[   63.005929][ T4299]  el0t_64_sync+0x1a0/0x1a4
[   63.007136][ T4299] 
[   63.007757][ T4299] Allocated by task 4293:
[   63.009001][ T4299]  __kasan_kmalloc+0xb0/0xf0
[   63.010300][ T4299]  kmem_cache_alloc_trace+0x274/0x3fc
[   63.011756][ T4299]  ax25_dev_device_up+0x5c/0x540
[   63.013104][ T4299]  ax25_device_event+0x504/0x590
[   63.014492][ T4299]  raw_notifier_call_chain+0xd4/0x164
[   63.015950][ T4299]  __dev_notify_flags+0x250/0x46c
[   63.017305][ T4299]  dev_change_flags+0xc8/0x154
[   63.018601][ T4299]  dev_ifsioc+0x504/0xef4
[   63.019786][ T4299]  dev_ioctl+0x4d0/0xc94
[   63.020964][ T4299]  sock_do_ioctl+0x18c/0x240
[   63.022179][ T4299]  sock_ioctl+0x5c8/0x87c
[   63.023329][ T4299]  __arm64_sys_ioctl+0x14c/0x1c8
[   63.024707][ T4299]  invoke_syscall+0x98/0x2b8
[   63.025957][ T4299]  el0_svc_common+0x138/0x258
[   63.027193][ T4299]  do_el0_svc+0x58/0x14c
[   63.028334][ T4299]  el0_svc+0x78/0x1e0
[   63.029394][ T4299]  el0t_64_sync_handler+0xcc/0xe4
[   63.030758][ T4299]  el0t_64_sync+0x1a0/0x1a4
[   63.032016][ T4299] 
[   63.032629][ T4299] Freed by task 4295:
[   63.033763][ T4299]  kasan_set_track+0x4c/0x84
[   63.035053][ T4299]  kasan_set_free_info+0x28/0x4c
[   63.036448][ T4299]  ____kasan_slab_free+0x118/0x164
[   63.037877][ T4299]  __kasan_slab_free+0x18/0x28
[   63.039149][ T4299]  slab_free_freelist_hook+0x128/0x1e8
[   63.040635][ T4299]  kfree+0x170/0x40c
[   63.041725][ T4299]  ax25_release+0x564/0x814
[   63.042984][ T4299]  sock_close+0xb4/0x1f8
[   63.044154][ T4299]  __fput+0x1c0/0x7f8
[   63.045191][ T4299]  ____fput+0x20/0x30
[   63.046253][ T4299]  task_work_run+0x12c/0x1e0
[   63.047529][ T4299]  do_notify_resume+0x24b4/0x3128
[   63.048893][ T4299]  el0_svc+0xf0/0x1e0
[   63.049997][ T4299]  el0t_64_sync_handler+0xcc/0xe4
[   63.051382][ T4299]  el0t_64_sync+0x1a0/0x1a4
[   63.052615][ T4299] 
[   63.053230][ T4299] The buggy address belongs to the object at ffff0000d879a400
[   63.053230][ T4299]  which belongs to the cache kmalloc-256 of size 256
[   63.056981][ T4299] The buggy address is located 56 bytes inside of
[   63.056981][ T4299]  256-byte region [ffff0000d879a400, ffff0000d879a500)
[   63.060602][ T4299] The buggy address belongs to the page:
[   63.062223][ T4299] page:00000000989f4a48 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11879a
[   63.064990][ T4299] head:00000000989f4a48 order:1 compound_mapcount:0
[   63.066798][ T4299] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   63.069021][ T4299] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c0002480
[   63.071309][ T4299] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   63.073644][ T4299] page dumped because: kasan: bad access detected
[   63.075422][ T4299] 
[   63.076077][ T4299] Memory state around the buggy address:
[   63.077587][ T4299]  ffff0000d879a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   63.079812][ T4299]  ffff0000d879a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   63.082043][ T4299] >ffff0000d879a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   63.084267][ T4299]                                         ^
[   63.085884][ T4299]  ffff0000d879a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   63.088058][ T4299]  ffff0000d879a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   63.090250][ T4299] ==================================================================
[   63.092439][ T4299] Disabling lock debugging due to kernel taint
[   63.096396][ T4122] Bluetooth: hci0: command 0x0409 tx timeout
[   63.102412][ T4299] Unable to handle kernel paging request at virtual address 006002cb0000166f
[   63.106490][ T4299] Mem abort info:
[   63.107525][ T4299]   ESR = 0x0000000096000021
[   63.108795][ T4299]   EC = 0x25: DABT (current EL), IL = 32 bits
[   63.110434][ T4299]   SET = 0, FnV = 0
[   63.111525][ T4299]   EA = 0, S1PTW = 0
[   63.112606][ T4299]   FSC = 0x21: alignment fault
[   63.115317][ T4299] Data abort info:
[   63.116311][ T4299]   ISV = 0, ISS = 0x00000021
[   63.117572][ T4299]   CM = 0, WnR = 0
[   63.118664][ T4299] [006002cb0000166f] address between user and kernel address ranges
[   63.120790][ T4299] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP
[   63.122718][ T4299] Modules linked in:
[   63.123838][ T4299] CPU: 0 PID: 4299 Comm: syz.0.18 Tainted: G    B             5.15.189-syzkaller #0
[   63.126321][ T4299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.129043][ T4299] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   63.131118][ T4299] pc : ax25_release+0x4f4/0x814
[   63.132477][ T4299] lr : ax25_release+0x4ec/0x814
[   63.133817][ T4299] sp : ffff80001fd57a00
[   63.134891][ T4299] x29: ffff80001fd57a20 x28: dfff800000000000 x27: ffff0000c16c2080
[   63.137031][ T4299] x26: ffff0000d8d4f828 x25: 0000000000000002 x24: 00000000ffffffff
[   63.139250][ T4299] x23: 8e6002cb0000166f x22: ffff0000d879a400 x21: ffff0000edc11e18
[   63.141456][ T4299] x20: ffff0000c16c2000 x19: 1fffe0001b1a9f05 x18: 0000000000000000
[   63.143639][ T4299] x17: 0000000000000000 x16: ffff8000082d6448 x15: 0000000000000002
[   63.145894][ T4299] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000ff0100
[   63.148044][ T4299] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff80001045ef30
[   63.150235][ T4299] x8 : ffff0000c88351c0 x7 : 0000000000000000 x6 : ffff80000837b9bc
[   63.152392][ T4299] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80001045ef24
[   63.154576][ T4299] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
[   63.156776][ T4299] Call trace:
[   63.157684][ T4299]  ax25_release+0x4f4/0x814
[   63.158897][ T4299]  sock_close+0xb4/0x1f8
[   63.160078][ T4299]  __fput+0x1c0/0x7f8
[   63.161164][ T4299]  ____fput+0x20/0x30
[   63.162237][ T4299]  task_work_run+0x12c/0x1e0
[   63.163428][ T4299]  do_notify_resume+0x24b4/0x3128
[   63.164771][ T4299]  el0_svc+0xf0/0x1e0
[   63.165822][ T4299]  el0t_64_sync_handler+0xcc/0xe4
[   63.167123][ T4299]  el0t_64_sync+0x1a0/0x1a4
[   63.168308][ T4299] Code: d503201f 96006935 52800038 4b1803f8 (b87802f8) 
[   63.170088][ T4299] ---[ end trace c3d7a9e39089c0eb ]---
[   63.522120][ T4299] Kernel panic - not syncing: Oops: Fatal exception
[   63.523887][ T4299] SMP: stopping secondary CPUs
[   63.525177][ T4299] Kernel Offset: disabled
[   63.526313][ T4299] CPU features: 0x8,000081c1,21302e40
[   63.527690][ T4299] Memory Limit: none
[   63.848702][ T4299] Rebooting in 86400 seconds..