Warning: Permanently added '10.128.0.45' (ED25519) to the list of known hosts.
2026/02/19 02:10:21 parsed 1 programs
[ 52.723853][ T4188] cgroup: Unknown subsys name 'net'
[ 52.858775][ T4188] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 54.077041][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 55.501993][ T4201] chnl_net:caif_netlink_parms(): no params data found
[ 55.545308][ T4201] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.552423][ T4201] bridge0: port 1(bridge_slave_0) entered disabled state
[ 55.560618][ T4201] device bridge_slave_0 entered promiscuous mode
[ 55.569344][ T4201] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.576573][ T4201] bridge0: port 2(bridge_slave_1) entered disabled state
[ 55.584614][ T4201] device bridge_slave_1 entered promiscuous mode
[ 55.603137][ T4201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 55.613820][ T4201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 55.632883][ T4201] team0: Port device team_slave_0 added
[ 55.642917][ T4201] team0: Port device team_slave_1 added
[ 55.657336][ T4201] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 55.664403][ T4201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 55.690431][ T4201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 55.705632][ T4201] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 55.712567][ T4201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 55.738541][ T4201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 55.767027][ T4201] device hsr_slave_0 entered promiscuous mode
[ 55.773553][ T4201] device hsr_slave_1 entered promiscuous mode
[ 55.852869][ T4201] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 55.865165][ T4201] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 55.873604][ T4201] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 55.882525][ T4201] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 55.905961][ T4201] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.913174][ T4201] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.921017][ T4201] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.928097][ T4201] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.968284][ T4201] 8021q: adding VLAN 0 to HW filter on device bond0
[ 55.983484][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 55.996156][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 56.004615][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 56.012314][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 56.037770][ T4201] 8021q: adding VLAN 0 to HW filter on device team0
[ 56.049559][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 56.061172][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 56.068292][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 56.087999][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 56.097867][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 56.104974][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 56.128168][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 56.138041][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 56.146949][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 56.162170][ T4201] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 56.174597][ T4201] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 56.188200][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 56.198725][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 56.211565][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 56.320267][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 56.329285][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 56.345312][ T4201] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 56.367989][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 56.390970][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 56.402165][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 56.413185][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 56.425576][ T4201] device veth0_vlan entered promiscuous mode
[ 56.438504][ T4201] device veth1_vlan entered promiscuous mode
[ 56.460763][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 56.469575][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 56.479372][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 56.491693][ T4201] device veth0_macvtap entered promiscuous mode
[ 56.502761][ T4201] device veth1_macvtap entered promiscuous mode
[ 56.520272][ T4201] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 56.528792][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 56.539354][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 56.550793][ T4201] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 56.558707][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 56.569377][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 56.582107][ T4201] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.600338][ T4201] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.609163][ T4201] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.617910][ T4201] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 56.755114][ T4201] syz-executor (4201) used greatest stack depth: 20432 bytes left
[ 56.957917][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 56.969467][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 56.980776][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 57.002665][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 57.011162][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 57.021596][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 57.221584][ T155] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 59.619664][ T155] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 62.048552][ T155] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 62.090358][ T155] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 63.203245][ T155] device hsr_slave_0 left promiscuous mode
[ 63.235625][ T155] device hsr_slave_1 left promiscuous mode
[ 63.246395][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 63.253816][ T155] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 63.263647][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 63.271336][ T155] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 63.281117][ T155] device bridge_slave_1 left promiscuous mode
[ 63.288459][ T155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 63.308181][ T155] device bridge_slave_0 left promiscuous mode
[ 63.315480][ T155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 63.336892][ T155] device veth1_macvtap left promiscuous mode
[ 63.343631][ T155] device veth0_macvtap left promiscuous mode
[ 63.350833][ T155] device veth1_vlan left promiscuous mode
[ 63.357870][ T155] device veth0_vlan left promiscuous mode
[ 63.513274][ T155] team0 (unregistering): Port device team_slave_1 removed
[ 63.528955][ T155] team0 (unregistering): Port device team_slave_0 removed
[ 63.540680][ T155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 63.553162][ T155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 63.597987][ T155] bond0 (unregistering): Released all slaves
2026/02/19 02:10:34 executed programs: 0
[ 65.206860][ T4372] chnl_net:caif_netlink_parms(): no params data found
[ 65.300554][ T4372] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.312171][ T4372] bridge0: port 1(bridge_slave_0) entered disabled state
[ 65.320664][ T4372] device bridge_slave_0 entered promiscuous mode
[ 65.343481][ T4372] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.350702][ T4372] bridge0: port 2(bridge_slave_1) entered disabled state
[ 65.376116][ T4372] device bridge_slave_1 entered promiscuous mode
[ 65.414520][ T4372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 65.436534][ T4372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 65.479867][ T4372] team0: Port device team_slave_0 added
[ 65.506255][ T4372] team0: Port device team_slave_1 added
[ 65.545117][ T4372] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 65.552085][ T4372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 65.578092][ T4372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 65.590739][ T4372] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 65.597910][ T4372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 65.624228][ T4372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 65.657852][ T4372] device hsr_slave_0 entered promiscuous mode
[ 65.664846][ T4372] device hsr_slave_1 entered promiscuous mode
[ 66.351463][ T4372] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 66.360847][ T4372] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 66.370781][ T4372] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 66.380643][ T4372] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 66.503699][ T4372] 8021q: adding VLAN 0 to HW filter on device bond0
[ 66.553498][ T4372] 8021q: adding VLAN 0 to HW filter on device team0
[ 66.560991][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 66.570086][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 66.590396][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 66.600722][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 66.609568][ T1177] bridge0: port 1(bridge_slave_0) entered blocking state
[ 66.616677][ T1177] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 66.628075][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 66.636890][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 66.647089][ T1177] bridge0: port 2(bridge_slave_1) entered blocking state
[ 66.654201][ T1177] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 66.661905][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 66.718707][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 66.727382][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 66.736703][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 66.745578][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 66.755154][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 66.763536][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 66.772130][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 66.780601][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 66.789773][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 66.805058][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 66.816452][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 66.827130][ T4372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 67.026845][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 67.036453][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 67.051011][ T4372] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 67.074787][ T4420] Bluetooth: hci0: command 0x0409 tx timeout
[ 67.105421][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 67.116579][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 67.135209][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 67.149846][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 67.161166][ T4372] device veth0_vlan entered promiscuous mode
[ 67.191585][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 67.200342][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 67.213341][ T4372] device veth1_vlan entered promiscuous mode
[ 67.269294][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 67.278554][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 67.292679][ T4372] device veth0_macvtap entered promiscuous mode
[ 67.303040][ T4372] device veth1_macvtap entered promiscuous mode
[ 67.338103][ T4372] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 67.349021][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 67.364816][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 67.384446][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 67.406490][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 67.428656][ T4372] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 67.438293][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 67.447962][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 67.461861][ T4372] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 67.485496][ T4372] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 67.503976][ T4372] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 67.512707][ T4372] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 67.624833][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 67.632947][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 67.647519][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 67.686260][ T4522] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 67.704322][ T4522] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 67.711887][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 67.786614][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[ 67.883805][ T4533] ==================================================================
[ 67.892362][ T4533] BUG: KASAN: use-after-free in ax25_fillin_cb+0x459/0x640
[ 67.899585][ T4533] Read of size 4 at addr ffff8880212aa638 by task syz.0.19/4533
[ 67.907215][ T4533]
[ 67.909553][ T4533] CPU: 0 PID: 4533 Comm: syz.0.19 Not tainted syzkaller #0
[ 67.916830][ T4533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 67.926897][ T4533] Call Trace:
[ 67.930178][ T4533]
[ 67.933098][ T4533] dump_stack_lvl+0x188/0x250
[ 67.937784][ T4533] ? show_regs_print_info+0x20/0x20
[ 67.942998][ T4533] ? _printk+0xda/0x130
[ 67.947160][ T4533] ? ax25_fillin_cb+0x459/0x640
[ 67.952016][ T4533] ? load_image+0x400/0x400
[ 67.956524][ T4533] print_address_description+0x60/0x2d0
[ 67.962070][ T4533] ? ax25_fillin_cb+0x459/0x640
[ 67.966917][ T4533] kasan_report+0xdf/0x130
[ 67.971334][ T4533] ? ax25_fillin_cb+0x459/0x640
[ 67.976186][ T4533] ax25_fillin_cb+0x459/0x640
[ 67.980875][ T4533] ax25_setsockopt+0x8c9/0xa60
[ 67.985828][ T4533] ? ax25_shutdown+0x10/0x10
[ 67.990417][ T4533] ? aa_sock_opt_perm+0x74/0x100
[ 67.995355][ T4533] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 68.000902][ T4533] ? security_socket_setsockopt+0x7a/0xa0
[ 68.006618][ T4533] ? ax25_shutdown+0x10/0x10
[ 68.011208][ T4533] __sys_setsockopt+0x2bf/0x3d0
[ 68.016060][ T4533] __x64_sys_setsockopt+0xb1/0xc0
[ 68.021171][ T4533] do_syscall_64+0x4c/0xa0
[ 68.025587][ T4533] ? clear_bhb_loop+0x30/0x80
[ 68.030270][ T4533] ? clear_bhb_loop+0x30/0x80
[ 68.034942][ T4533] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 68.040843][ T4533] RIP: 0033:0x7fa98206c629
[ 68.045255][ T4533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 68.064854][ T4533] RSP: 002b:00007ffde48cb3e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 68.073263][ T4533] RAX: ffffffffffffffda RBX: 00007fa9822e5fa0 RCX: 00007fa98206c629
[ 68.081232][ T4533] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000004
[ 68.089209][ T4533] RBP: 00007fa982102b39 R08: 0000000000000010 R09: 0000000000000000
[ 68.097186][ T4533] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[ 68.105160][ T4533] R13: 00007fa9822e5fac R14: 00007fa9822e5fa0 R15: 00007fa9822e5fa0
[ 68.113157][ T4533]
[ 68.116173][ T4533]
[ 68.118493][ T4533] Allocated by task 4528:
[ 68.122814][ T4533] __kasan_kmalloc+0xb5/0xf0
[ 68.127409][ T4533] ax25_dev_device_up+0x50/0x580
[ 68.132349][ T4533] ax25_device_event+0x483/0x4f0
[ 68.137296][ T4533] raw_notifier_call_chain+0xcb/0x160
[ 68.142672][ T4533] __dev_notify_flags+0x194/0x300
[ 68.147699][ T4533] dev_change_flags+0xe3/0x1a0
[ 68.152460][ T4533] dev_ifsioc+0x130/0xd50
[ 68.156786][ T4533] dev_ioctl+0x545/0xe30
[ 68.161018][ T4533] sock_do_ioctl+0x245/0x320
[ 68.165599][ T4533] sock_ioctl+0x4d2/0x710
[ 68.169932][ T4533] __se_sys_ioctl+0xfa/0x170
[ 68.174523][ T4533] do_syscall_64+0x4c/0xa0
[ 68.178937][ T4533] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 68.184822][ T4533]
[ 68.187138][ T4533] Freed by task 4530:
[ 68.191117][ T4533] kasan_set_track+0x4b/0x70
[ 68.195709][ T4533] kasan_set_free_info+0x1f/0x40
[ 68.200649][ T4533] ____kasan_slab_free+0xd5/0x110
[ 68.205668][ T4533] slab_free_freelist_hook+0xea/0x170
[ 68.211043][ T4533] kfree+0xef/0x2a0
[ 68.214874][ T4533] ax25_release+0x661/0x870
[ 68.219375][ T4533] sock_close+0xd5/0x240
[ 68.223619][ T4533] __fput+0x234/0x930
[ 68.227606][ T4533] task_work_run+0x125/0x1a0
[ 68.232203][ T4533] exit_to_user_mode_loop+0x10f/0x130
[ 68.237579][ T4533] exit_to_user_mode_prepare+0xee/0x180
[ 68.243133][ T4533] syscall_exit_to_user_mode+0x16/0x40
[ 68.248598][ T4533] do_syscall_64+0x58/0xa0
[ 68.253018][ T4533] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 68.258907][ T4533]
[ 68.261226][ T4533] Last potentially related work creation:
[ 68.266946][ T4533] kasan_save_stack+0x35/0x60
[ 68.271731][ T4533] kasan_record_aux_stack+0xb8/0x100
[ 68.277033][ T4533] insert_work+0x54/0x3d0
[ 68.281365][ T4533] __queue_work+0x9c5/0xd50
[ 68.285864][ T4533] queue_work_on+0x124/0x1f0
[ 68.290450][ T4533] inet6addr_event+0x9c/0xc0
[ 68.295036][ T4533] atomic_notifier_call_chain+0x15d/0x280
[ 68.300756][ T4533] ipv6_add_addr+0xb57/0xe10
[ 68.305341][ T4533] addrconf_add_linklocal+0x26a/0x6c0
[ 68.310710][ T4533] addrconf_addr_gen+0x559/0x6b0
[ 68.315645][ T4533] addrconf_init_auto_addrs+0x747/0xb00
[ 68.321184][ T4533] addrconf_notify+0xa6b/0xf00
[ 68.325943][ T4533] raw_notifier_call_chain+0xcb/0x160
[ 68.331317][ T4533] __dev_notify_flags+0x194/0x300
[ 68.336342][ T4533] dev_change_flags+0xe3/0x1a0
[ 68.341116][ T4533] do_setlink+0xcdb/0x3d60
[ 68.345719][ T4533] rtnl_newlink+0x1658/0x1a50
[ 68.350395][ T4533] rtnetlink_rcv_msg+0x844/0xf30
[ 68.355339][ T4533] netlink_rcv_skb+0x1f5/0x440
[ 68.360104][ T4533] netlink_unicast+0x774/0x920
[ 68.364869][ T4533] netlink_sendmsg+0x8ba/0xbe0
[ 68.369666][ T4533] __sys_sendto+0x46d/0x620
[ 68.374170][ T4533] __x64_sys_sendto+0xda/0xf0
[ 68.378853][ T4533] do_syscall_64+0x4c/0xa0
[ 68.383443][ T4533] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 68.389336][ T4533]
[ 68.391651][ T4533] Second to last potentially related work creation:
[ 68.398217][ T4533] kasan_save_stack+0x35/0x60
[ 68.402886][ T4533] kasan_record_aux_stack+0xb8/0x100
[ 68.408165][ T4533] insert_work+0x54/0x3d0
[ 68.412494][ T4533] __queue_work+0x9c5/0xd50
[ 68.417101][ T4533] queue_work_on+0x124/0x1f0
[ 68.421696][ T4533] call_usermodehelper_exec+0x2e3/0x520
[ 68.427244][ T4533] kobject_uevent_env+0x681/0x890
[ 68.432265][ T4533] driver_register+0x3e2/0x430
[ 68.437024][ T4533] init_st+0xfa/0x180
[ 68.441010][ T4533] do_one_initcall+0x272/0x730
[ 68.445772][ T4533] do_initcall_level+0x137/0x1f0
[ 68.450706][ T4533] do_initcalls+0x4b/0x90
[ 68.455028][ T4533] kernel_init_freeable+0x3e9/0x570
[ 68.460223][ T4533] kernel_init+0x19/0x1b0
[ 68.464548][ T4533] ret_from_fork+0x1f/0x30
[ 68.468959][ T4533]
[ 68.471275][ T4533] The buggy address belongs to the object at ffff8880212aa600
[ 68.471275][ T4533] which belongs to the cache kmalloc-192 of size 192
[ 68.485319][ T4533] The buggy address is located 56 bytes inside of
[ 68.485319][ T4533] 192-byte region [ffff8880212aa600, ffff8880212aa6c0)
[ 68.498594][ T4533] The buggy address belongs to the page:
[ 68.504225][ T4533] page:ffffea000084aa80 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880212aa300 pfn:0x212aa
[ 68.515674][ T4533] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 68.523218][ T4533] raw: 00fff00000000200 ffffea00007fc340 0000000400000004 ffff888016c41a00
[ 68.531796][ T4533] raw: ffff8880212aa300 000000008010000d 00000001ffffffff 0000000000000000
[ 68.540375][ T4533] page dumped because: kasan: bad access detected
[ 68.546791][ T4533] page_owner tracks the page as allocated
[ 68.552495][ T4533] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 6455609759, free_ts 6370917342
[ 68.568113][ T4533] get_page_from_freelist+0x1bbd/0x1ca0
[ 68.573666][ T4533] __alloc_pages+0x1ee/0x480
[ 68.578252][ T4533] alloc_page_interleave+0x24/0x1e0
[ 68.583546][ T4533] new_slab+0xc0/0x4b0
[ 68.587656][ T4533] ___slab_alloc+0x80a/0xdd0
[ 68.592552][ T4533] kmem_cache_alloc_trace+0x1a5/0x2a0
[ 68.598983][ T4533] call_usermodehelper_setup+0x8a/0x260
[ 68.604806][ T4533] kobject_uevent_env+0x65e/0x890
[ 68.610556][ T4533] device_add+0x91c/0xfb0
[ 68.615162][ T4533] scsi_add_host_with_dma+0x364/0xb00
[ 68.620532][ T4533] virtscsi_probe+0x7ad/0xca0
[ 68.625216][ T4533] virtio_dev_probe+0x80d/0xa50
[ 68.630071][ T4533] really_probe+0x284/0xc80
[ 68.634575][ T4533] __driver_probe_device+0x18c/0x330
[ 68.639861][ T4533] driver_probe_device+0x4f/0x420
[ 68.644886][ T4533] __driver_attach+0x46b/0x670
[ 68.649659][ T4533] page last free stack trace:
[ 68.654322][ T4533] free_unref_page_prepare+0x637/0x6c0
[ 68.659783][ T4533] free_unref_page+0x8f/0x2a0
[ 68.664460][ T4533] __vunmap+0x8b9/0xa50
[ 68.668618][ T4533] free_work+0x56/0x80
[ 68.672696][ T4533] process_one_work+0x85f/0x1010
[ 68.677636][ T4533] worker_thread+0xaa6/0x1290
[ 68.682328][ T4533] kthread+0x436/0x520
[ 68.686404][ T4533] ret_from_fork+0x1f/0x30
[ 68.691002][ T4533]
[ 68.693325][ T4533] Memory state around the buggy address:
[ 68.698957][ T4533] ffff8880212aa500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 68.707016][ T4533] ffff8880212aa580: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 68.715080][ T4533] >ffff8880212aa600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 68.723312][ T4533] ^
[ 68.729202][ T4533] ffff8880212aa680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 68.737268][ T4533] ffff8880212aa700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 68.745329][ T4533] ==================================================================
[ 68.753386][ T4533] Disabling lock debugging due to kernel taint
[ 68.764802][ T4533] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 68.772004][ T4533] CPU: 1 PID: 4533 Comm: syz.0.19 Tainted: G B syzkaller #0
[ 68.780580][ T4533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 68.790628][ T4533] Call Trace:
[ 68.793910][ T4533]
[ 68.796848][ T4533] dump_stack_lvl+0x188/0x250
[ 68.801530][ T4533] ? show_regs_print_info+0x20/0x20
[ 68.806734][ T4533] ? load_image+0x400/0x400
[ 68.811241][ T4533] panic+0x2e5/0x810
[ 68.815131][ T4533] ? bpf_jit_dump+0xd0/0xd0
[ 68.819628][ T4533] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 68.825598][ T4533] ? _raw_spin_unlock+0x40/0x40
[ 68.830428][ T4533] ? print_memory_metadata+0x314/0x400
[ 68.835861][ T4533] ? ax25_fillin_cb+0x459/0x640
[ 68.840690][ T4533] check_panic_on_warn+0x80/0xa0
[ 68.845603][ T4533] ? ax25_fillin_cb+0x459/0x640
[ 68.850427][ T4533] end_report+0x6d/0xf0
[ 68.854557][ T4533] kasan_report+0x102/0x130
[ 68.859038][ T4533] ? ax25_fillin_cb+0x459/0x640
[ 68.863863][ T4533] ax25_fillin_cb+0x459/0x640
[ 68.868514][ T4533] ax25_setsockopt+0x8c9/0xa60
[ 68.873254][ T4533] ? ax25_shutdown+0x10/0x10
[ 68.877821][ T4533] ? aa_sock_opt_perm+0x74/0x100
[ 68.882734][ T4533] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 68.888255][ T4533] ? security_socket_setsockopt+0x7a/0xa0
[ 68.893957][ T4533] ? ax25_shutdown+0x10/0x10
[ 68.898534][ T4533] __sys_setsockopt+0x2bf/0x3d0
[ 68.903363][ T4533] __x64_sys_setsockopt+0xb1/0xc0
[ 68.908502][ T4533] do_syscall_64+0x4c/0xa0
[ 68.912908][ T4533] ? clear_bhb_loop+0x30/0x80
[ 68.917565][ T4533] ? clear_bhb_loop+0x30/0x80
[ 68.922226][ T4533] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 68.928105][ T4533] RIP: 0033:0x7fa98206c629
[ 68.932500][ T4533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 68.952084][ T4533] RSP: 002b:00007ffde48cb3e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 68.960478][ T4533] RAX: ffffffffffffffda RBX: 00007fa9822e5fa0 RCX: 00007fa98206c629
[ 68.968437][ T4533] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000004
[ 68.976396][ T4533] RBP: 00007fa982102b39 R08: 0000000000000010 R09: 0000000000000000
[ 68.984353][ T4533] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[ 68.992308][ T4533] R13: 00007fa9822e5fac R14: 00007fa9822e5fa0 R15: 00007fa9822e5fa0
[ 69.000268][ T4533]
[ 69.003673][ T4533] Kernel Offset: disabled
[ 69.007985][ T4533] Rebooting in 86400 seconds..