Warning: Permanently added '10.128.0.136' (ED25519) to the list of known hosts.
1970/01/01 00:00:41 ignoring optional flag "sandboxArg"="0"
1970/01/01 00:00:42 parsed 1 programs
[   45.016739][ T4040] cgroup: Unknown subsys name 'net'
[   45.269480][ T4040] cgroup: Unknown subsys name 'rlimit'
[   45.590170][ T4040] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   55.470267][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.472519][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.476435][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   55.487856][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.490162][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.492802][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   55.691937][ T4087] chnl_net:caif_netlink_parms(): no params data found
[   55.726973][ T4087] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.729075][ T4087] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.731671][ T4087] device bridge_slave_0 entered promiscuous mode
[   55.736245][ T4087] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.738300][ T4087] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.740819][ T4087] device bridge_slave_1 entered promiscuous mode
[   55.758003][ T4087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.762402][ T4087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.778267][ T4087] team0: Port device team_slave_0 added
[   55.781925][ T4087] team0: Port device team_slave_1 added
[   55.794496][ T4087] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.796645][ T4087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.804270][ T4087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.808697][ T4087] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.810589][ T4087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.818159][ T4087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.915763][ T4087] device hsr_slave_0 entered promiscuous mode
[   55.975249][ T4087] device hsr_slave_1 entered promiscuous mode
[   56.096026][ T4087] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   56.146283][ T4087] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   56.185718][ T4087] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   56.225644][ T4087] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   56.300474][ T4087] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.302705][ T4087] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.305137][ T4087] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.307115][ T4087] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.348397][ T4087] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.356466][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.359740][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.362340][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.372281][ T4087] 8021q: adding VLAN 0 to HW filter on device team0
[   56.380220][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   56.382758][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.384804][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.406724][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   56.409331][  T148] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.411258][  T148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.415903][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   56.418775][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   56.421633][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   56.426453][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   56.432974][ T4087] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   56.436755][ T4087] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   56.439517][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   56.516150][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   56.518500][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   56.525245][ T4087] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.537250][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   56.540155][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.556780][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   56.559385][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.562640][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.566432][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.570741][ T4087] device veth0_vlan entered promiscuous mode
[   56.579985][ T4087] device veth1_vlan entered promiscuous mode
[   56.596118][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   56.598747][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   56.601322][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   56.605886][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.610391][ T4087] device veth0_macvtap entered promiscuous mode
[   56.615239][ T4087] device veth1_macvtap entered promiscuous mode
[   56.627268][ T4087] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.629549][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   56.632210][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   56.636265][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   56.639372][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.644491][ T4087] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.648676][ T4087] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.651139][ T4087] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.653651][ T4087] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.656166][ T4087] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.659997][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   56.662725][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   57.196337][  T136] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
1970/01/01 00:00:57 executed programs: 0
[   57.906415][ T4133] chnl_net:caif_netlink_parms(): no params data found
[   57.939759][ T4133] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.941708][ T4133] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.945103][ T4133] device bridge_slave_0 entered promiscuous mode
[   57.948643][ T4133] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.950690][ T4133] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.953261][ T4133] device bridge_slave_1 entered promiscuous mode
[   57.969059][ T4133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.973353][ T4133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.988292][ T4133] team0: Port device team_slave_0 added
[   57.991345][ T4133] team0: Port device team_slave_1 added
[   58.003294][ T4133] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.005880][ T4133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.013001][ T4133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.017573][ T4133] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.019517][ T4133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.027001][ T4133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.085476][ T4133] device hsr_slave_0 entered promiscuous mode
[   58.143981][ T4133] device hsr_slave_1 entered promiscuous mode
[   58.193779][ T4133] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.196045][ T4133] Cannot create hsr debugfs directory
[   59.599373][  T136] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.894147][ T4043] Bluetooth: hci0: command 0x0409 tx timeout
[   61.984534][    T7] Bluetooth: hci0: command 0x041b tx timeout
[   62.169049][  T136] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.230410][  T136] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.200034][ T4133] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.250431][ T4133] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.285719][ T4133] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.326060][ T4133] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.418856][ T4133] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.426487][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.429217][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.432761][ T4133] 8021q: adding VLAN 0 to HW filter on device team0
[   63.438656][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   63.442326][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.448077][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.450052][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.452891][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.459066][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   63.462068][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.465427][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.467392][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.472078][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   63.477368][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   63.482361][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   63.486843][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   63.490388][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   63.494865][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   63.497826][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   63.502694][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   63.506977][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   63.511839][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   63.515886][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   63.520158][ T4133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   63.619708][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   63.621888][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   63.629229][ T4133] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.641178][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   63.644512][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   63.656000][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   63.658657][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   63.662004][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   63.666078][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   63.669324][ T4133] device veth0_vlan entered promiscuous mode
[   63.676291][ T4133] device veth1_vlan entered promiscuous mode
[   63.688724][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   63.691483][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   63.695144][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   63.698361][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   63.702970][ T4133] device veth0_macvtap entered promiscuous mode
[   63.708140][ T4133] device veth1_macvtap entered promiscuous mode
[   63.716693][ T4133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.719528][ T4133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.723006][ T4133] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.725508][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   63.728221][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   63.730910][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   63.734555][  T478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.738635][ T4133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.741559][ T4133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.745285][ T4133] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.748041][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   63.750823][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.756404][ T4133] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.758978][ T4133] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.761381][ T4133] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.764043][ T4133] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.797850][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.800216][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.803061][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.814859][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.817091][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.819815][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:03 executed programs: 2
[   63.853376][ T4192] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[   63.887657][ T4194] ==================================================================
[   63.889950][ T4194] BUG: KASAN: use-after-free in ax25_fillin_cb+0x394/0x568
[   63.892052][ T4194] Read of size 4 at addr ffff0000cada1238 by task syz.0.18/4194
[   63.894163][ T4194] 
[   63.894781][ T4194] CPU: 0 PID: 4194 Comm: syz.0.18 Not tainted 5.15.189-syzkaller #0
[   63.897102][ T4194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.899928][ T4194] Call trace:
[   63.900859][ T4194]  dump_backtrace+0x0/0x43c
[   63.902202][ T4194]  show_stack+0x2c/0x3c
[   63.903383][ T4194]  __dump_stack+0x30/0x40
[   63.904601][ T4194]  dump_stack_lvl+0xf8/0x160
[   63.905929][ T4194]  print_address_description+0x78/0x30c
[   63.907544][ T4194]  kasan_report+0xec/0x15c
[   63.908820][ T4194]  __asan_report_load4_noabort+0x44/0x50
[   63.910434][ T4194]  ax25_fillin_cb+0x394/0x568
[   63.911691][ T4194]  ax25_setsockopt+0x8d0/0xa5c
[   63.912992][ T4194]  __sys_setsockopt+0x260/0x36c
[   63.914337][ T4194]  __arm64_sys_setsockopt+0xb8/0xd4
[   63.915742][ T4194]  invoke_syscall+0x98/0x2b8
[   63.917099][ T4194]  el0_svc_common+0x138/0x258
[   63.918419][ T4194]  do_el0_svc+0x58/0x14c
[   63.919627][ T4194]  el0_svc+0x78/0x1e0
[   63.920742][ T4194]  el0t_64_sync_handler+0xcc/0xe4
[   63.922249][ T4194]  el0t_64_sync+0x1a0/0x1a4
[   63.923475][ T4194] 
[   63.924136][ T4194] Allocated by task 4192:
[   63.925326][ T4194]  __kasan_kmalloc+0xb0/0xf0
[   63.926637][ T4194]  kmem_cache_alloc_trace+0x274/0x3fc
[   63.928145][ T4194]  ax25_dev_device_up+0x5c/0x540
[   63.929478][ T4194]  ax25_device_event+0x504/0x590
[   63.930901][ T4194]  raw_notifier_call_chain+0xd4/0x164
[   63.932326][ T4194]  __dev_notify_flags+0x250/0x46c
[   63.933724][ T4194]  dev_change_flags+0xc8/0x154
[   63.935074][ T4194]  dev_ifsioc+0x504/0xef4
[   63.936251][ T4194]  dev_ioctl+0x4d0/0xc94
[   63.937419][ T4194]  sock_do_ioctl+0x18c/0x240
[   63.938698][ T4194]  sock_ioctl+0x5c8/0x87c
[   63.939949][ T4194]  __arm64_sys_ioctl+0x14c/0x1c8
[   63.941276][ T4194]  invoke_syscall+0x98/0x2b8
[   63.942515][ T4194]  el0_svc_common+0x138/0x258
[   63.943762][ T4194]  do_el0_svc+0x58/0x14c
[   63.944954][ T4194]  el0_svc+0x78/0x1e0
[   63.946079][ T4194]  el0t_64_sync_handler+0xcc/0xe4
[   63.947478][ T4194]  el0t_64_sync+0x1a0/0x1a4
[   63.948769][ T4194] 
[   63.949404][ T4194] Freed by task 4193:
[   63.950488][ T4194]  kasan_set_track+0x4c/0x84
[   63.951820][ T4194]  kasan_set_free_info+0x28/0x4c
[   63.953228][ T4194]  ____kasan_slab_free+0x118/0x164
[   63.954696][ T4194]  __kasan_slab_free+0x18/0x28
[   63.956023][ T4194]  slab_free_freelist_hook+0x128/0x1e8
[   63.957494][ T4194]  kfree+0x170/0x40c
[   63.958545][ T4194]  ax25_release+0x564/0x814
[   63.959749][ T4194]  sock_close+0xb4/0x1f8
[   63.961012][ T4194]  __fput+0x1c0/0x7f8
[   63.962106][ T4194]  ____fput+0x20/0x30
[   63.963193][ T4194]  task_work_run+0x12c/0x1e0
[   63.964462][ T4194]  do_notify_resume+0x24b4/0x3128
[   63.965811][ T4194]  el0_svc+0xf0/0x1e0
[   63.966908][ T4194]  el0t_64_sync_handler+0xcc/0xe4
[   63.968288][ T4194]  el0t_64_sync+0x1a0/0x1a4
[   63.969500][ T4194] 
[   63.970161][ T4194] The buggy address belongs to the object at ffff0000cada1200
[   63.970161][ T4194]  which belongs to the cache kmalloc-256 of size 256
[   63.974082][ T4194] The buggy address is located 56 bytes inside of
[   63.974082][ T4194]  256-byte region [ffff0000cada1200, ffff0000cada1300)
[   63.977764][ T4194] The buggy address belongs to the page:
[   63.979567][ T4194] page:00000000ef093dcf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ada0
[   63.982461][ T4194] head:00000000ef093dcf order:1 compound_mapcount:0
[   63.984256][ T4194] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   63.986396][ T4194] raw: 05ffc00000010200 0000000000000000 dead000000000122 ffff0000c0002480
[   63.988777][ T4194] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   63.991138][ T4194] page dumped because: kasan: bad access detected
[   63.992807][ T4194] 
[   63.993453][ T4194] Memory state around the buggy address:
[   63.994976][ T4194]  ffff0000cada1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   63.997227][ T4194]  ffff0000cada1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   63.999404][ T4194] >ffff0000cada1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   64.001536][ T4194]                                         ^
[   64.003118][ T4194]  ffff0000cada1280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   64.005312][ T4194]  ffff0000cada1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   64.007453][ T4194] ==================================================================
[   64.009610][ T4194] Disabling lock debugging due to kernel taint
[   64.016738][ T4194] Unable to handle kernel paging request at virtual address 8ae002c000001609
[   64.019152][ T4194] Mem abort info:
[   64.020155][ T4194]   ESR = 0x0000000096000021
[   64.021393][ T4194]   EC = 0x25: DABT (current EL), IL = 32 bits
[   64.023040][ T4194]   SET = 0, FnV = 0
[   64.024124][ T4194]   EA = 0, S1PTW = 0
[   64.025169][ T4194]   FSC = 0x21: alignment fault
[   64.026423][ T4194] Data abort info:
[   64.027408][ T4194]   ISV = 0, ISS = 0x00000021
[   64.028613][ T4194]   CM = 0, WnR = 0
[   64.029579][ T4194] [8ae002c000001609] address between user and kernel address ranges
[   64.031670][ T4194] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP
[   64.033568][ T4194] Modules linked in:
[   64.034601][ T4194] CPU: 0 PID: 4194 Comm: syz.0.18 Tainted: G    B             5.15.189-syzkaller #0
[   64.037122][ T4194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.039778][ T4194] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   64.041932][ T4194] pc : ax25_release+0x4f4/0x814
[   64.043225][ T4194] lr : ax25_release+0x4ec/0x814
[   64.044507][ T4194] sp : ffff80001f6e7a00
[   64.045612][ T4194] x29: ffff80001f6e7a20 x28: dfff800000000000 x27: ffff0000d4dbe080
[   64.047725][ T4194] x26: ffff0000cc5f9028 x25: ffff0000cc5f9031 x24: 00000000ffffffff
[   64.049938][ T4194] x23: 8ae002c000001609 x22: ffff0000cada1200 x21: ffff0000ed036618
[   64.052160][ T4194] x20: ffff0000d4dbe000 x19: 1fffe000198bf205 x18: 0000000000000000
[   64.054375][ T4194] x17: 0000000000000000 x16: ffff8000082d6448 x15: 0000000000000004
[   64.056507][ T4194] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000ff0100
[   64.058645][ T4194] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff80001045ef30
[   64.060749][ T4194] x8 : ffff0000ccd13680 x7 : 0000000000000000 x6 : ffff80000837b9bc
[   64.062848][ T4194] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80001045ef24
[   64.065016][ T4194] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
[   64.067180][ T4194] Call trace:
[   64.068059][ T4194]  ax25_release+0x4f4/0x814
[   64.069230][ T4194]  sock_close+0xb4/0x1f8
[   64.070346][ T4194]  __fput+0x1c0/0x7f8
[   64.071388][ T4194]  ____fput+0x20/0x30
[   64.072419][ T4194]  task_work_run+0x12c/0x1e0
[   64.073639][ T4194]  do_notify_resume+0x24b4/0x3128
[   64.074980][ T4194]  el0_svc+0xf0/0x1e0
[   64.076065][ T4194]  el0t_64_sync_handler+0xcc/0xe4
[   64.077410][ T4194]  el0t_64_sync+0x1a0/0x1a4
[   64.078596][ T4194] Code: d503201f 96006935 52800038 4b1803f8 (b87802f8) 
[   64.080440][ T4194] ---[ end trace 2f73fdccf6728548 ]---
[   64.434074][ T4194] Kernel panic - not syncing: Oops: Fatal exception
[   64.435901][ T4194] SMP: stopping secondary CPUs
[   64.437186][ T4194] Kernel Offset: disabled
[   64.438301][ T4194] CPU features: 0x8,000081c1,21302e40
[   64.439686][ T4194] Memory Limit: none
[   64.808645][ T4194] Rebooting in 86400 seconds..