program:
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b708"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x2, 0x6, 0x5}, 0x14}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24)
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ENCODING_SA={0x5}, @IFLA_MACSEC_ENCRYPT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r2, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x20, 0x1401, 0x200, 0x70bd28, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f1b"], 0x22)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
accept4(r3, &(0x7f0000000240)=@llc, &(0x7f0000000080)=0x80, 0x80800)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0xfffc}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8, 0x4, 0x1, 0x0, 0xa}, @NFTA_DYNSET_FLAGS={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0)

[   75.207644][ T4685] Bluetooth: hci0: command tx timeout
[   75.328227][ T4685] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585
[   75.331808][ T4685] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 4685, name: kworker/u5:1
[   75.335238][ T4685] preempt_count: 0, expected: 0
[   75.337801][ T4685] RCU nest depth: 1, expected: 0
[   75.339750][ T4685] 4 locks held by kworker/u5:1/4685:
[   75.341976][ T4685]  #0: ffff888043a41948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[   75.346457][ T4685]  #1: ffffc9000da67d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[   75.350742][ T4685]  #2: ffff88804304c078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0
[   75.354736][ T4685]  #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0
[   75.360195][ T4685] CPU: 0 UID: 0 PID: 4685 Comm: kworker/u5:1 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[   75.364391][ T4685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.368358][ T4685] Workqueue: hci0 hci_rx_work
[   75.370144][ T4685] Call Trace:
[   75.371419][ T4685]  <TASK>
[   75.372575][ T4685]  dump_stack_lvl+0x241/0x360
[   75.374425][ T4685]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.376374][ T4685]  ? __pfx__printk+0x10/0x10
[   75.378161][ T4685]  __might_resched+0x5d4/0x780
[   75.380041][ T4685]  ? __mutex_lock+0x112/0xd70
[   75.381810][ T4685]  ? __pfx___might_resched+0x10/0x10
[   75.383883][ T4685]  __mutex_lock+0xc1/0xd70
[   75.385612][ T4685]  ? __pfx_lock_acquire+0x10/0x10
[   75.387640][ T4685]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[   75.390040][ T4685]  ? __pfx_lock_release+0x10/0x10
[   75.391974][ T4685]  ? __pfx___mutex_lock+0x10/0x10
[   75.393929][ T4685]  ? trace_contention_end+0x3c/0x120
[   75.396088][ T4685]  ? skb_pull_data+0x112/0x230
[   75.397933][ T4685]  ? hci_conn_set_handle+0x9a/0x270
[   75.400030][ T4685]  hci_le_create_big_complete_evt+0x3d9/0xae0
[   75.402521][ T4685]  ? __copy_skb_header+0x437/0x5b0
[   75.404580][ T4685]  ? hci_le_create_big_complete_evt+0xdb/0xae0
[   75.407182][ T4685]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[   75.409928][ T4685]  ? hci_le_meta_evt+0x366/0x580
[   75.411803][ T4685]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[   75.414232][ T4685]  hci_event_packet+0xa55/0x1540
[   75.416144][ T4685]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.418162][ T4685]  ? __pfx_hci_event_packet+0x10/0x10
[   75.420165][ T4685]  ? set_advertising_complete+0x420/0x6f0
[   75.422370][ T4685]  ? kcov_remote_start+0x97/0x7d0
[   75.424305][ T4685]  hci_rx_work+0x3fe/0xd80
[   75.426011][ T4685]  ? process_scheduled_works+0x976/0x1850
[   75.428141][ T4685]  process_scheduled_works+0xa63/0x1850
[   75.430190][ T4685]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.432530][ T4685]  ? assign_work+0x364/0x3d0
[   75.434312][ T4685]  worker_thread+0x870/0xd30
[   75.436057][ T4685]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   75.438286][ T4685]  ? __kthread_parkme+0x169/0x1d0
[   75.440332][ T4685]  ? __pfx_worker_thread+0x10/0x10
[   75.442288][ T4685]  kthread+0x2f0/0x390
[   75.443888][ T4685]  ? __pfx_worker_thread+0x10/0x10
[   75.445915][ T4685]  ? __pfx_kthread+0x10/0x10
[   75.447584][ T4685]  ret_from_fork+0x4b/0x80
[   75.449258][ T4685]  ? __pfx_kthread+0x10/0x10
[   75.451085][ T4685]  ret_from_fork_asm+0x1a/0x30
[   75.452955][ T4685]  </TASK>
[   75.461465][ T4685] 
[   75.462461][ T4685] =============================
[   75.464240][ T4685] [ BUG: Invalid wait context ]
[   75.466070][ T4685] 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 Tainted: G        W         
[   75.469202][ T4685] -----------------------------
[   75.471004][ T4685] kworker/u5:1/4685 is trying to lock:
[   75.473067][ T4685] ffffffff8fe402a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x3d9/0xae0
[   75.476830][ T4685] other info that might help us debug this:
[   75.478902][ T4685] context-{4:4}
[   75.480180][ T4685] 4 locks held by kworker/u5:1/4685:
[   75.482049][ T4685]  #0: ffff888043a41948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[   75.486174][ T4685]  #1: ffffc9000da67d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[   75.490847][ T4685]  #2: ffff88804304c078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0
[   75.494596][ T4685]  #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0
[   75.498661][ T4685] stack backtrace:
[   75.500103][ T4685] CPU: 0 UID: 0 PID: 4685 Comm: kworker/u5:1 Tainted: G        W          6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[   75.504489][ T4685] Tainted: [W]=WARN
[   75.505940][ T4685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.510012][ T4685] Workqueue: hci0 hci_rx_work
[   75.511857][ T4685] Call Trace:
[   75.513177][ T4685]  <TASK>
[   75.514313][ T4685]  dump_stack_lvl+0x241/0x360
[   75.516119][ T4685]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.518113][ T4685]  ? __pfx__printk+0x10/0x10
[   75.519871][ T4685]  __lock_acquire+0x154a/0x2050
[   75.521736][ T4685]  lock_acquire+0x1ed/0x550
[   75.523352][ T4685]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[   75.525507][ T4685]  ? __pfx_lock_acquire+0x10/0x10
[   75.527258][ T4685]  ? __mutex_lock+0x112/0xd70
[   75.528863][ T4685]  ? __pfx___might_resched+0x10/0x10
[   75.530648][ T4685]  __mutex_lock+0x136/0xd70
[   75.532259][ T4685]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[   75.534323][ T4685]  ? __pfx_lock_acquire+0x10/0x10
[   75.536118][ T4685]  ? hci_le_create_big_complete_evt+0x3d9/0xae0
[   75.538278][ T4685]  ? __pfx_lock_release+0x10/0x10
[   75.540033][ T4685]  ? __pfx___mutex_lock+0x10/0x10
[   75.541912][ T4685]  ? trace_contention_end+0x3c/0x120
[   75.543976][ T4685]  ? skb_pull_data+0x112/0x230
[   75.545770][ T4685]  ? hci_conn_set_handle+0x9a/0x270
[   75.547782][ T4685]  hci_le_create_big_complete_evt+0x3d9/0xae0
[   75.550064][ T4685]  ? __copy_skb_header+0x437/0x5b0
[   75.552030][ T4685]  ? hci_le_create_big_complete_evt+0xdb/0xae0
[   75.554387][ T4685]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[   75.556843][ T4685]  ? hci_le_meta_evt+0x366/0x580
[   75.558812][ T4685]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[   75.561183][ T4685]  hci_event_packet+0xa55/0x1540
[   75.563083][ T4685]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.565109][ T4685]  ? __pfx_hci_event_packet+0x10/0x10
[   75.567134][ T4685]  ? set_advertising_complete+0x420/0x6f0
[   75.569308][ T4685]  ? kcov_remote_start+0x97/0x7d0
[   75.571213][ T4685]  hci_rx_work+0x3fe/0xd80
[   75.572835][ T4685]  ? process_scheduled_works+0x976/0x1850
[   75.575077][ T4685]  process_scheduled_works+0xa63/0x1850
[   75.577165][ T4685]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.579388][ T4685]  ? assign_work+0x364/0x3d0
[   75.581116][ T4685]  worker_thread+0x870/0xd30
[   75.582815][ T4685]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   75.584999][ T4685]  ? __kthread_parkme+0x169/0x1d0
[   75.586934][ T4685]  ? __pfx_worker_thread+0x10/0x10
[   75.588879][ T4685]  kthread+0x2f0/0x390
[   75.590402][ T4685]  ? __pfx_worker_thread+0x10/0x10
[   75.592340][ T4685]  ? __pfx_kthread+0x10/0x10
[   75.594102][ T4685]  ret_from_fork+0x4b/0x80
[   75.595841][ T4685]  ? __pfx_kthread+0x10/0x10
[   75.597616][ T4685]  ret_from_fork_asm+0x1a/0x30
[   75.599532][ T4685]  </TASK>
[   75.605640][ T5326] syz.0.0 (5326) used greatest stack depth: 18992 bytes left
[   75.608323][ T4685] ==================================================================
[   75.611101][ T4685] BUG: KASAN: slab-use-after-free in hci_le_create_big_complete_evt+0x383/0xae0
[   75.614163][ T4685] Read of size 8 at addr ffff888043030000 by task kworker/u5:1/4685
[   75.617196][ T4685] 
[   75.618158][ T4685] CPU: 0 UID: 0 PID: 4685 Comm: kworker/u5:1 Tainted: G        W          6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[   75.622894][ T4685] Tainted: [W]=WARN
[   75.624344][ T4685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.628454][ T4685] Workqueue: hci0 hci_rx_work
[   75.630334][ T4685] Call Trace:
[   75.631663][ T4685]  <TASK>
[   75.632755][ T4685]  dump_stack_lvl+0x241/0x360
[   75.634594][ T4685]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.636576][ T4685]  ? __pfx__printk+0x10/0x10
[   75.638303][ T4685]  ? _printk+0xd5/0x120
[   75.639876][ T4685]  ? __virt_addr_valid+0x183/0x530
[   75.641805][ T4685]  ? __virt_addr_valid+0x183/0x530
[   75.643746][ T4685]  print_report+0x169/0x550
[   75.645508][ T4685]  ? __virt_addr_valid+0x183/0x530
[   75.647607][ T4685]  ? __virt_addr_valid+0x183/0x530
[   75.649680][ T4685]  ? __virt_addr_valid+0x45f/0x530
[   75.651598][ T4685]  ? __phys_addr+0xba/0x170
[   75.653349][ T4685]  ? hci_le_create_big_complete_evt+0x383/0xae0
[   75.655716][ T4685]  kasan_report+0x143/0x180
[   75.657442][ T4685]  ? hci_le_create_big_complete_evt+0x383/0xae0
[   75.659809][ T4685]  hci_le_create_big_complete_evt+0x383/0xae0
[   75.662135][ T4685]  ? __copy_skb_header+0x437/0x5b0
[   75.664151][ T4685]  ? hci_le_create_big_complete_evt+0xdb/0xae0
[   75.666748][ T4685]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[   75.669215][ T4685]  ? hci_le_meta_evt+0x366/0x580
[   75.671094][ T4685]  ? __pfx_hci_le_create_big_complete_evt+0x10/0x10
[   75.673535][ T4685]  hci_event_packet+0xa55/0x1540
[   75.675469][ T4685]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.677927][ T4685]  ? __pfx_hci_event_packet+0x10/0x10
[   75.679997][ T4685]  ? set_advertising_complete+0x420/0x6f0
[   75.682019][ T4685]  ? kcov_remote_start+0x97/0x7d0
[   75.683982][ T4685]  hci_rx_work+0x3fe/0xd80
[   75.685707][ T4685]  ? process_scheduled_works+0x976/0x1850
[   75.687899][ T4685]  process_scheduled_works+0xa63/0x1850
[   75.689976][ T4685]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.692391][ T4685]  ? assign_work+0x364/0x3d0
[   75.694085][ T4685]  worker_thread+0x870/0xd30
[   75.695972][ T4685]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   75.698113][ T4685]  ? __kthread_parkme+0x169/0x1d0
[   75.700057][ T4685]  ? __pfx_worker_thread+0x10/0x10
[   75.702182][ T4685]  kthread+0x2f0/0x390
[   75.703726][ T4685]  ? __pfx_worker_thread+0x10/0x10
[   75.705782][ T4685]  ? __pfx_kthread+0x10/0x10
[   75.707539][ T4685]  ret_from_fork+0x4b/0x80
[   75.709442][ T4685]  ? __pfx_kthread+0x10/0x10
[   75.711235][ T4685]  ret_from_fork_asm+0x1a/0x30
[   75.713238][ T4685]  </TASK>
[   75.714397][ T4685] 
[   75.715336][ T4685] Allocated by task 4685:
[   75.716866][ T4685]  kasan_save_track+0x3f/0x80
[   75.718592][ T4685]  __kasan_kmalloc+0x98/0xb0
[   75.720250][ T4685]  __kmalloc_cache_noprof+0x19c/0x2c0
[   75.722216][ T4685]  __hci_conn_add+0x2f9/0x1850
[   75.724108][ T4685]  hci_le_big_sync_established_evt+0x414/0xc20
[   75.726382][ T4685]  hci_event_packet+0xa55/0x1540
[   75.728376][ T4685]  hci_rx_work+0x3fe/0xd80
[   75.730095][ T4685]  process_scheduled_works+0xa63/0x1850
[   75.732117][ T4685]  worker_thread+0x870/0xd30
[   75.733929][ T4685]  kthread+0x2f0/0x390
[   75.735476][ T4685]  ret_from_fork+0x4b/0x80
[   75.737228][ T4685]  ret_from_fork_asm+0x1a/0x30
[   75.739065][ T4685] 
[   75.740177][ T4685] Freed by task 4685:
[   75.741620][ T4685]  kasan_save_track+0x3f/0x80
[   75.743462][ T4685]  kasan_save_free_info+0x40/0x50
[   75.745309][ T4685]  __kasan_slab_free+0x59/0x70
[   75.747035][ T4685]  kfree+0x1a0/0x440
[   75.748522][ T4685]  device_release+0x99/0x1c0
[   75.750482][ T4685]  kobject_put+0x22f/0x480
[   75.752163][ T4685]  hci_conn_del+0x8c4/0xc40
[   75.753840][ T4685]  hci_le_create_big_complete_evt+0x619/0xae0
[   75.756158][ T4685]  hci_event_packet+0xa55/0x1540
[   75.758074][ T4685]  hci_rx_work+0x3fe/0xd80
[   75.759669][ T4685]  process_scheduled_works+0xa63/0x1850
[   75.761786][ T4685]  worker_thread+0x870/0xd30
[   75.763683][ T4685]  kthread+0x2f0/0x390
[   75.765240][ T4685]  ret_from_fork+0x4b/0x80
[   75.766900][ T4685]  ret_from_fork_asm+0x1a/0x30
[   75.768590][ T4685] 
[   75.769514][ T4685] The buggy address belongs to the object at ffff888043030000
[   75.769514][ T4685]  which belongs to the cache kmalloc-8k of size 8192
[   75.774776][ T4685] The buggy address is located 0 bytes inside of
[   75.774776][ T4685]  freed 8192-byte region [ffff888043030000, ffff888043032000)
[   75.779823][ T4685] 
[   75.780722][ T4685] The buggy address belongs to the physical page:
[   75.783267][ T4685] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x43030
[   75.786569][ T4685] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   75.789769][ T4685] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[   75.792744][ T4685] page_type: f5(slab)
[   75.794226][ T4685] raw: 04fff00000000040 ffff88801ac42280 ffffea000102b600 0000000000000005
[   75.797321][ T4685] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000
[   75.800701][ T4685] head: 04fff00000000040 ffff88801ac42280 ffffea000102b600 0000000000000005
[   75.803819][ T4685] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000
[   75.807025][ T4685] head: 04fff00000000003 ffffea00010c0c01 ffffffffffffffff 0000000000000000
[   75.810339][ T4685] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   75.813457][ T4685] page dumped because: kasan: bad access detected
[   75.815865][ T4685] page_owner tracks the page as allocated
[   75.818033][ T4685] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5308, tgid 5308 (syz-executor), ts 64423471029, free_ts 64389526884
[   75.825580][ T4685]  post_alloc_hook+0x1f3/0x230
[   75.827413][ T4685]  get_page_from_freelist+0x3649/0x3790
[   75.829579][ T4685]  __alloc_pages_noprof+0x292/0x710
[   75.831573][ T4685]  alloc_pages_mpol_noprof+0x3e8/0x680
[   75.833595][ T4685]  alloc_slab_page+0x6a/0x140
[   75.835385][ T4685]  allocate_slab+0x5a/0x2f0
[   75.837147][ T4685]  ___slab_alloc+0xcd1/0x14b0
[   75.839079][ T4685]  __slab_alloc+0x58/0xa0
[   75.840681][ T4685]  __kmalloc_cache_noprof+0x1d5/0x2c0
[   75.842593][ T4685]  tomoyo_init_log+0x11cd/0x2050
[   75.844412][ T4685]  tomoyo_supervisor+0x38a/0x11f0
[   75.846391][ T4685]  tomoyo_env_perm+0x178/0x210
[   75.848447][ T4685]  tomoyo_find_next_domain+0x146e/0x1d40
[   75.850435][ T4685]  tomoyo_bprm_check_security+0x114/0x180
[   75.852439][ T4685]  security_bprm_check+0x86/0x250
[   75.854329][ T4685]  bprm_execve+0xa56/0x1770
[   75.856005][ T4685] page last free pid 5299 tgid 5299 stack trace:
[   75.858488][ T4685]  free_unref_page+0xcfb/0xf20
[   75.860377][ T4685]  vfree+0x186/0x2e0
[   75.861737][ T4685]  kcov_close+0x28/0x50
[   75.863174][ T4685]  __fput+0x23f/0x880
[   75.864636][ T4685]  __x64_sys_close+0x7f/0x110
[   75.866335][ T4685]  do_syscall_64+0xf3/0x230
[   75.868004][ T4685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.870153][ T4685] 
[   75.871063][ T4685] Memory state around the buggy address:
[   75.873067][ T4685]  ffff88804302ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   75.875904][ T4685]  ffff88804302ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   75.878978][ T4685] >ffff888043030000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   75.881861][ T4685]                    ^
[   75.883415][ T4685]  ffff888043030080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   75.886304][ T4685]  ffff888043030100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   75.889358][ T4685] ==================================================================