Warning: Permanently added '10.128.1.72' (ED25519) to the list of known hosts.
2025/08/29 22:43:21 parsed 1 programs
[   78.076994][ T5869] cgroup: Unknown subsys name 'net'
[   78.194397][ T5869] cgroup: Unknown subsys name 'cpuset'
[   78.202861][ T5869] cgroup: Unknown subsys name 'rlimit'
[   79.747517][ T5869] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   82.774012][ T5881] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   84.589435][ T5921] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   84.599017][ T5921] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   84.606870][ T5921] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.615712][ T5921] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.624426][ T5921] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   85.033786][  T347] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.045413][  T347] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.077675][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.086852][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.796150][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   85.917356][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.925360][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.932672][ T5943] bridge_slave_0: entered allmulticast mode
[   85.939744][ T5943] bridge_slave_0: entered promiscuous mode
[   85.948545][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.956487][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.964019][ T5943] bridge_slave_1: entered allmulticast mode
[   85.971155][ T5943] bridge_slave_1: entered promiscuous mode
[   86.002715][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.015393][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.054885][ T5943] team0: Port device team_slave_0 added
[   86.062926][ T5943] team0: Port device team_slave_1 added
[   86.087695][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.095160][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.121119][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.133675][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.140672][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.166591][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.207153][ T5943] hsr_slave_0: entered promiscuous mode
[   86.214517][ T5943] hsr_slave_1: entered promiscuous mode
[   86.346485][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   86.358310][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   86.369018][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.379382][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   86.409238][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.416445][ T5943] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.424264][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.431417][ T5943] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.485463][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.503309][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.513175][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.529458][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   86.543396][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.551167][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.564096][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.571278][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.736535][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.775282][ T5943] veth0_vlan: entered promiscuous mode
[   86.786526][ T5943] veth1_vlan: entered promiscuous mode
[   86.813023][ T1213] cfg80211: failed to load regulatory.db
[   86.818836][ T5943] veth0_macvtap: entered promiscuous mode
[   86.833035][ T5943] veth1_macvtap: entered promiscuous mode
[   86.850151][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.866001][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.882871][  T347] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.892960][  T347] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.907954][  T347] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.917477][  T347] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.044364][  T347] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.106092][  T347] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.188770][  T347] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.256111][  T347] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/08/29 22:43:32 executed programs: 0
[   87.652034][ T5921] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.660720][ T5921] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.668550][ T5921] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.677909][ T5921] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.686709][ T5921] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   87.834155][ T5978] chnl_net:caif_netlink_parms(): no params data found
[   87.904530][ T5978] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.911861][ T5978] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.918992][ T5978] bridge_slave_0: entered allmulticast mode
[   87.926257][ T5978] bridge_slave_0: entered promiscuous mode
[   87.936003][ T5978] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.944236][ T5978] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.952070][ T5978] bridge_slave_1: entered allmulticast mode
[   87.959649][ T5978] bridge_slave_1: entered promiscuous mode
[   87.993646][ T5978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.005581][ T5978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.045631][ T5978] team0: Port device team_slave_0 added
[   88.054968][ T5978] team0: Port device team_slave_1 added
[   88.089492][ T5978] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.097117][ T5978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.123509][ T5978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.138027][ T5978] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.145092][ T5978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.171086][ T5978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.223275][ T5978] hsr_slave_0: entered promiscuous mode
[   88.229638][ T5978] hsr_slave_1: entered promiscuous mode
[   88.237515][ T5978] debugfs: 'hsr0' already exists in 'hsr'
[   88.243495][ T5978] Cannot create hsr debugfs directory
[   89.771411][ T5921] Bluetooth: hci0: command tx timeout
[   89.864952][  T347] bridge_slave_1: left allmulticast mode
[   89.874260][  T347] bridge_slave_1: left promiscuous mode
[   89.882307][  T347] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.894876][  T347] bridge_slave_0: left allmulticast mode
[   89.901762][  T347] bridge_slave_0: left promiscuous mode
[   89.908225][  T347] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.291303][  T347] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   90.305369][  T347] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   90.316126][  T347] bond0 (unregistering): Released all slaves
[   90.425481][  T347] hsr_slave_0: left promiscuous mode
[   90.431746][  T347] hsr_slave_1: left promiscuous mode
[   90.437549][  T347] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.450677][  T347] batman_adv: batadv0: Removing interface: batadv_slave_0
[   90.459850][  T347] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.467547][  T347] batman_adv: batadv0: Removing interface: batadv_slave_1
[   90.482351][  T347] veth1_macvtap: left promiscuous mode
[   90.487998][  T347] veth0_macvtap: left promiscuous mode
[   90.493788][  T347] veth1_vlan: left promiscuous mode
[   90.499195][  T347] veth0_vlan: left promiscuous mode
[   90.795728][  T347] team0 (unregistering): Port device team_slave_1 removed
[   90.825997][  T347] team0 (unregistering): Port device team_slave_0 removed
[   91.349022][ T5978] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.364269][ T5978] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.377391][ T5978] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.394955][ T5978] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.676360][ T5978] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.712785][ T5978] 8021q: adding VLAN 0 to HW filter on device team0
[   91.735532][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.742743][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.773878][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.781059][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.851873][ T5921] Bluetooth: hci0: command tx timeout
[   92.110441][ T5978] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.173230][ T5978] veth0_vlan: entered promiscuous mode
[   92.195351][ T5978] veth1_vlan: entered promiscuous mode
[   92.233711][ T5978] veth0_macvtap: entered promiscuous mode
[   92.244272][ T5978] veth1_macvtap: entered promiscuous mode
[   92.265973][ T5978] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.289112][ T5978] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.312013][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.325883][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.336626][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.349751][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.405386][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.414384][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.447944][  T347] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.456800][  T347] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.731928][ T6037] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   92.903881][ T6037] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[   92.912260][ T6037] usb 1-1: config 0 has no interface number 0
[   92.918360][ T6037] usb 1-1: config 0 interface 8 has no altsetting 0
[   92.928506][ T6037] usb 1-1: New USB device found, idVendor=0424, idProduct=cf19, bcdDevice=e8.b6
[   92.937624][ T6037] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.946057][ T6037] usb 1-1: Product: syz
[   92.950249][ T6037] usb 1-1: Manufacturer: syz
[   92.955213][ T6037] usb 1-1: SerialNumber: syz
[   92.965030][ T6037] usb 1-1: config 0 descriptor??
[   93.196659][ T6037] usb 1-1: USB disconnect, device number 2
[   93.209590][ T6037] ==================================================================
[   93.217694][ T6037] BUG: KASAN: slab-use-after-free in hdm_disconnect+0x10d/0x1c0
[   93.225334][ T6037] Read of size 8 at addr ffff8880270218a0 by task kworker/1:3/6037
[   93.233251][ T6037] 
[   93.235573][ T6037] CPU: 1 UID: 0 PID: 6037 Comm: kworker/1:3 Not tainted syzkaller #0 PREEMPT(full) 
[   93.235584][ T6037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.235592][ T6037] Workqueue: usb_hub_wq hub_event
[   93.235615][ T6037] Call Trace:
[   93.235620][ T6037]  <TASK>
[   93.235625][ T6037]  dump_stack_lvl+0x189/0x250
[   93.235639][ T6037]  ? __kasan_check_byte+0x12/0x40
[   93.235652][ T6037]  ? __pfx_dump_stack_lvl+0x10/0x10
[   93.235663][ T6037]  ? lock_release+0x4b/0x3e0
[   93.235678][ T6037]  ? __virt_addr_valid+0x4a5/0x5c0
[   93.235691][ T6037]  print_report+0xca/0x240
[   93.235700][ T6037]  ? hdm_disconnect+0x10d/0x1c0
[   93.235710][ T6037]  kasan_report+0x118/0x150
[   93.235723][ T6037]  ? hdm_disconnect+0x10d/0x1c0
[   93.235735][ T6037]  hdm_disconnect+0x10d/0x1c0
[   93.235745][ T6037]  usb_unbind_interface+0x26b/0x910
[   93.235760][ T6037]  ? __pfx_usb_unbind_interface+0x10/0x10
[   93.235772][ T6037]  device_release_driver_internal+0x4d9/0x800
[   93.235785][ T6037]  bus_remove_device+0x34d/0x410
[   93.235800][ T6037]  device_del+0x511/0x8e0
[   93.235810][ T6037]  ? __pm_runtime_barrier+0x212/0x460
[   93.235822][ T6037]  ? __pfx_device_del+0x10/0x10
[   93.235831][ T6037]  ? __pfx___mutex_lock+0x10/0x10
[   93.235841][ T6037]  usb_disable_device+0x3e9/0x8a0
[   93.235854][ T6037]  usb_disconnect+0x330/0x950
[   93.235866][ T6037]  hub_event+0x1cf5/0x4a20
[   93.235882][ T6037]  ? do_raw_spin_lock+0x121/0x290
[   93.235893][ T6037]  ? register_lock_class+0x51/0x320
[   93.235909][ T6037]  ? __pfx_hub_event+0x10/0x10
[   93.235920][ T6037]  ? process_scheduled_works+0x9ef/0x17b0
[   93.235930][ T6037]  ? _raw_spin_unlock_irq+0x23/0x50
[   93.235942][ T6037]  ? process_scheduled_works+0x9ef/0x17b0
[   93.235950][ T6037]  ? process_scheduled_works+0x9ef/0x17b0
[   93.235959][ T6037]  process_scheduled_works+0xae1/0x17b0
[   93.235972][ T6037]  ? __pfx_process_scheduled_works+0x10/0x10
[   93.235984][ T6037]  worker_thread+0x8a0/0xda0
[   93.235993][ T6037]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   93.236007][ T6037]  ? __kthread_parkme+0x7b/0x200
[   93.236018][ T6037]  kthread+0x70e/0x8a0
[   93.236030][ T6037]  ? __pfx_worker_thread+0x10/0x10
[   93.236038][ T6037]  ? __pfx_kthread+0x10/0x10
[   93.236049][ T6037]  ? _raw_spin_unlock_irq+0x23/0x50
[   93.236061][ T6037]  ? lockdep_hardirqs_on+0x9c/0x150
[   93.236074][ T6037]  ? __pfx_kthread+0x10/0x10
[   93.236084][ T6037]  ret_from_fork+0x3f9/0x770
[   93.236095][ T6037]  ? __pfx_ret_from_fork+0x10/0x10
[   93.236105][ T6037]  ? __switch_to_asm+0x39/0x70
[   93.236116][ T6037]  ? __switch_to_asm+0x33/0x70
[   93.236127][ T6037]  ? __pfx_kthread+0x10/0x10
[   93.236138][ T6037]  ret_from_fork_asm+0x1a/0x30
[   93.236153][ T6037]  </TASK>
[   93.236156][ T6037] 
[   93.496329][ T6037] Allocated by task 6037:
[   93.500640][ T6037]  kasan_save_track+0x3e/0x80
[   93.505302][ T6037]  __kasan_kmalloc+0x93/0xb0
[   93.509888][ T6037]  __kmalloc_cache_noprof+0x230/0x3d0
[   93.515245][ T6037]  hdm_probe+0x96/0x1400
[   93.519472][ T6037]  usb_probe_interface+0x668/0xc30
[   93.524625][ T6037]  really_probe+0x26d/0x9e0
[   93.529120][ T6037]  __driver_probe_device+0x18c/0x2f0
[   93.534419][ T6037]  driver_probe_device+0x4f/0x430
[   93.539426][ T6037]  __device_attach_driver+0x2ce/0x530
[   93.544799][ T6037]  bus_for_each_drv+0x24e/0x2e0
[   93.549631][ T6037]  __device_attach+0x2b8/0x400
[   93.554376][ T6037]  bus_probe_device+0x185/0x260
[   93.559208][ T6037]  device_add+0x7b6/0xb50
[   93.563526][ T6037]  usb_set_configuration+0x1a87/0x20e0
[   93.568997][ T6037]  usb_generic_driver_probe+0x8d/0x150
[   93.574464][ T6037]  usb_probe_device+0x1c1/0x390
[   93.579305][ T6037]  really_probe+0x26d/0x9e0
[   93.583789][ T6037]  __driver_probe_device+0x18c/0x2f0
[   93.589054][ T6037]  driver_probe_device+0x4f/0x430
[   93.594060][ T6037]  __device_attach_driver+0x2ce/0x530
[   93.599432][ T6037]  bus_for_each_drv+0x24e/0x2e0
[   93.604274][ T6037]  __device_attach+0x2b8/0x400
[   93.609016][ T6037]  bus_probe_device+0x185/0x260
[   93.613859][ T6037]  device_add+0x7b6/0xb50
[   93.618173][ T6037]  usb_new_device+0xa39/0x16f0
[   93.622916][ T6037]  hub_event+0x2958/0x4a20
[   93.627337][ T6037]  process_scheduled_works+0xae1/0x17b0
[   93.632861][ T6037]  worker_thread+0x8a0/0xda0
[   93.637451][ T6037]  kthread+0x70e/0x8a0
[   93.641504][ T6037]  ret_from_fork+0x3f9/0x770
[   93.646084][ T6037]  ret_from_fork_asm+0x1a/0x30
[   93.650854][ T6037] 
[   93.653158][ T6037] Freed by task 6037:
[   93.657114][ T6037]  kasan_save_track+0x3e/0x80
[   93.661774][ T6037]  kasan_save_free_info+0x46/0x50
[   93.666808][ T6037]  __kasan_slab_free+0x5b/0x80
[   93.671557][ T6037]  kfree+0x18e/0x440
[   93.675471][ T6037]  device_release+0x99/0x1c0
[   93.680058][ T6037]  kobject_put+0x22b/0x480
[   93.684451][ T6037]  hdm_disconnect+0xf3/0x1c0
[   93.689026][ T6037]  usb_unbind_interface+0x26b/0x910
[   93.694235][ T6037]  device_release_driver_internal+0x4d9/0x800
[   93.700307][ T6037]  bus_remove_device+0x34d/0x410
[   93.705228][ T6037]  device_del+0x511/0x8e0
[   93.709551][ T6037]  usb_disable_device+0x3e9/0x8a0
[   93.714584][ T6037]  usb_disconnect+0x330/0x950
[   93.719244][ T6037]  hub_event+0x1cf5/0x4a20
[   93.723641][ T6037]  process_scheduled_works+0xae1/0x17b0
[   93.729164][ T6037]  worker_thread+0x8a0/0xda0
[   93.733729][ T6037]  kthread+0x70e/0x8a0
[   93.737778][ T6037]  ret_from_fork+0x3f9/0x770
[   93.742346][ T6037]  ret_from_fork_asm+0x1a/0x30
[   93.747092][ T6037] 
[   93.749392][ T6037] The buggy address belongs to the object at ffff888027020000
[   93.749392][ T6037]  which belongs to the cache kmalloc-8k of size 8192
[   93.763445][ T6037] The buggy address is located 6304 bytes inside of
[   93.763445][ T6037]  freed 8192-byte region [ffff888027020000, ffff888027022000)
[   93.777403][ T6037] 
[   93.779711][ T6037] The buggy address belongs to the physical page:
[   93.786113][ T6037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27020
[   93.794859][ T6037] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   93.803337][ T6037] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   93.810873][ T6037] page_type: f5(slab)
[   93.814849][ T6037] raw: 00fff00000000040 ffff88801a442280 dead000000000100 dead000000000122
[   93.823593][ T6037] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[   93.832158][ T6037] head: 00fff00000000040 ffff88801a442280 dead000000000100 dead000000000122
[   93.840807][ T6037] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[   93.849504][ T6037] head: 00fff00000000003 ffffea00009c0801 00000000ffffffff 00000000ffffffff
[   93.858162][ T6037] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[   93.866817][ T6037] page dumped because: kasan: bad access detected
[   93.873231][ T6037] page_owner tracks the page as allocated
[   93.878938][ T6037] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5706, tgid 5706 (dhcpcd-run-hook), ts 56881963208, free_ts 56616509644
[   93.899752][ T6037]  post_alloc_hook+0x240/0x2a0
[   93.904530][ T6037]  get_page_from_freelist+0x21e4/0x22c0
[   93.910057][ T6037]  __alloc_frozen_pages_noprof+0x181/0x370
[   93.915866][ T6037]  alloc_pages_mpol+0x232/0x4a0
[   93.920704][ T6037]  allocate_slab+0x8a/0x370
[   93.925187][ T6037]  ___slab_alloc+0xbeb/0x1410
[   93.929854][ T6037]  __kmalloc_cache_noprof+0x296/0x3d0
[   93.935217][ T6037]  tomoyo_init_log+0x111f/0x1f70
[   93.940164][ T6037]  tomoyo_supervisor+0x340/0x1480
[   93.945169][ T6037]  tomoyo_env_perm+0x149/0x1e0
[   93.949914][ T6037]  tomoyo_find_next_domain+0x15cf/0x1aa0
[   93.955528][ T6037]  tomoyo_bprm_check_security+0x11c/0x180
[   93.961233][ T6037]  security_bprm_check+0x89/0x270
[   93.966254][ T6037]  bprm_execve+0x8ee/0x1450
[   93.970743][ T6037]  do_execveat_common+0x510/0x6a0
[   93.975755][ T6037]  __x64_sys_execve+0x94/0xb0
[   93.980423][ T6037] page last free pid 5695 tgid 5695 stack trace:
[   93.986724][ T6037]  __free_frozen_pages+0xbc4/0xd30
[   93.991828][ T6037]  __slab_free+0x303/0x3c0
[   93.996235][ T6037]  qlist_free_all+0x97/0x140
[   94.000820][ T6037]  kasan_quarantine_reduce+0x148/0x160
[   94.006290][ T6037]  __kasan_slab_alloc+0x22/0x80
[   94.011125][ T6037]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[   94.017115][ T6037]  dup_task_struct+0x52/0x860
[   94.021785][ T6037]  copy_process+0x54b/0x3c00
[   94.026377][ T6037]  kernel_clone+0x21e/0x840
[   94.030864][ T6037]  __x64_sys_clone+0x18b/0x1e0
[   94.035623][ T6037]  do_syscall_64+0xfa/0x3b0
[   94.040103][ T6037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.045976][ T6037] 
[   94.048384][ T6037] Memory state around the buggy address:
[   94.053994][ T6037]  ffff888027021780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.062045][ T6037]  ffff888027021800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.070091][ T6037] >ffff888027021880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.078132][ T6037]                                ^
[   94.083238][ T6037]  ffff888027021900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.091276][ T6037]  ffff888027021980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.099329][ T6037] ==================================================================
[   94.108607][ T5921] Bluetooth: hci0: command tx timeout
[   94.118384][ T6037] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   94.125613][ T6037] CPU: 1 UID: 0 PID: 6037 Comm: kworker/1:3 Not tainted syzkaller #0 PREEMPT(full) 
[   94.134975][ T6037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   94.145026][ T6037] Workqueue: usb_hub_wq hub_event
[   94.150061][ T6037] Call Trace:
[   94.153345][ T6037]  <TASK>
[   94.156277][ T6037]  dump_stack_lvl+0x99/0x250
[   94.160861][ T6037]  ? __asan_memcpy+0x40/0x70
[   94.165442][ T6037]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.170632][ T6037]  ? __pfx__printk+0x10/0x10
[   94.175232][ T6037]  vpanic+0x281/0x750
[   94.179208][ T6037]  ? preempt_schedule+0xae/0xc0
[   94.184085][ T6037]  ? __pfx_vpanic+0x10/0x10
[   94.188590][ T6037]  ? preempt_schedule_common+0x83/0xd0
[   94.194039][ T6037]  ? preempt_schedule+0xae/0xc0
[   94.198881][ T6037]  ? __pfx_preempt_schedule+0x10/0x10
[   94.204294][ T6037]  panic+0xb9/0xc0
[   94.208006][ T6037]  ? __pfx_panic+0x10/0x10
[   94.212409][ T6037]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   94.218292][ T6037]  ? hdm_disconnect+0x10d/0x1c0
[   94.223131][ T6037]  check_panic_on_warn+0x89/0xb0
[   94.228060][ T6037]  ? hdm_disconnect+0x10d/0x1c0
[   94.232896][ T6037]  end_report+0x78/0x160
[   94.237130][ T6037]  kasan_report+0x129/0x150
[   94.241627][ T6037]  ? hdm_disconnect+0x10d/0x1c0
[   94.246470][ T6037]  hdm_disconnect+0x10d/0x1c0
[   94.251137][ T6037]  usb_unbind_interface+0x26b/0x910
[   94.256362][ T6037]  ? __pfx_usb_unbind_interface+0x10/0x10
[   94.262076][ T6037]  device_release_driver_internal+0x4d9/0x800
[   94.268226][ T6037]  bus_remove_device+0x34d/0x410
[   94.273174][ T6037]  device_del+0x511/0x8e0
[   94.277497][ T6037]  ? __pm_runtime_barrier+0x212/0x460
[   94.282858][ T6037]  ? __pfx_device_del+0x10/0x10
[   94.287700][ T6037]  ? __pfx___mutex_lock+0x10/0x10
[   94.292721][ T6037]  usb_disable_device+0x3e9/0x8a0
[   94.297761][ T6037]  usb_disconnect+0x330/0x950
[   94.302431][ T6037]  hub_event+0x1cf5/0x4a20
[   94.306845][ T6037]  ? do_raw_spin_lock+0x121/0x290
[   94.311858][ T6037]  ? register_lock_class+0x51/0x320
[   94.317051][ T6037]  ? __pfx_hub_event+0x10/0x10
[   94.321809][ T6037]  ? process_scheduled_works+0x9ef/0x17b0
[   94.327521][ T6037]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.332710][ T6037]  ? process_scheduled_works+0x9ef/0x17b0
[   94.338415][ T6037]  ? process_scheduled_works+0x9ef/0x17b0
[   94.344122][ T6037]  process_scheduled_works+0xae1/0x17b0
[   94.349676][ T6037]  ? __pfx_process_scheduled_works+0x10/0x10
[   94.355752][ T6037]  worker_thread+0x8a0/0xda0
[   94.360340][ T6037]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   94.366680][ T6037]  ? __kthread_parkme+0x7b/0x200
[   94.371607][ T6037]  kthread+0x70e/0x8a0
[   94.375669][ T6037]  ? __pfx_worker_thread+0x10/0x10
[   94.380763][ T6037]  ? __pfx_kthread+0x10/0x10
[   94.385343][ T6037]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.390539][ T6037]  ? lockdep_hardirqs_on+0x9c/0x150
[   94.395735][ T6037]  ? __pfx_kthread+0x10/0x10
[   94.400315][ T6037]  ret_from_fork+0x3f9/0x770
[   94.404892][ T6037]  ? __pfx_ret_from_fork+0x10/0x10
[   94.409992][ T6037]  ? __switch_to_asm+0x39/0x70
[   94.414745][ T6037]  ? __switch_to_asm+0x33/0x70
[   94.419498][ T6037]  ? __pfx_kthread+0x10/0x10
[   94.424076][ T6037]  ret_from_fork_asm+0x1a/0x30
[   94.428834][ T6037]  </TASK>
[   94.432081][ T6037] Kernel Offset: disabled
[   94.436395][ T6037] Rebooting in 86400 seconds..