Warning: Permanently added '10.128.1.125' (ED25519) to the list of known hosts.
2025/07/29 16:24:31 ignoring optional flag "sandboxArg"="0"
2025/07/29 16:24:32 parsed 1 programs
[ 69.768803][ T5793] cgroup: Unknown subsys name 'net'
[ 69.964663][ T5793] cgroup: Unknown subsys name 'rlimit'
[ 71.374133][ T5793] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 71.652777][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.661838][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 73.562002][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 73.571366][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 73.579386][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 73.587675][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 73.595559][ T5827] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 73.603360][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 73.835982][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.844468][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.884106][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.892375][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 75.117386][ T5862] chnl_net:caif_netlink_parms(): no params data found
[ 75.186618][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.194620][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.202022][ T5862] bridge_slave_0: entered allmulticast mode
[ 75.209361][ T5862] bridge_slave_0: entered promiscuous mode
[ 75.229800][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.236996][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.244219][ T5862] bridge_slave_1: entered allmulticast mode
[ 75.251112][ T5862] bridge_slave_1: entered promiscuous mode
[ 75.275741][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 75.294962][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 75.325642][ T5862] team0: Port device team_slave_0 added
[ 75.343900][ T5862] team0: Port device team_slave_1 added
[ 75.364418][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 75.373524][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 75.400223][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 75.433097][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 75.440197][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 75.466289][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 75.503573][ T5862] hsr_slave_0: entered promiscuous mode
[ 75.513416][ T5862] hsr_slave_1: entered promiscuous mode
[ 75.684119][ T5862] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 75.696800][ T5862] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 75.707349][ T5862] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 75.717333][ T5862] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 75.753241][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.760779][ T5862] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.768902][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.776041][ T5862] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.841882][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[ 75.866079][ T2950] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.875916][ T2950] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.893019][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[ 75.907742][ T3000] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.914942][ T3000] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.953237][ T3000] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.960523][ T3000] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 76.137073][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 76.182645][ T5862] veth0_vlan: entered promiscuous mode
[ 76.195356][ T5862] veth1_vlan: entered promiscuous mode
[ 76.236397][ T5862] veth0_macvtap: entered promiscuous mode
[ 76.245369][ T5862] veth1_macvtap: entered promiscuous mode
[ 76.272411][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 76.285593][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 76.296979][ T5862] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.306611][ T5862] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.316793][ T5862] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.326848][ T5862] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.473791][ T5862] syz-executor (5862) used greatest stack depth: 20552 bytes left
[ 76.825598][ T1134] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/07/29 16:24:41 executed programs: 0
[ 77.587117][ T5105] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 77.595901][ T5105] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 77.603877][ T5105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 77.613005][ T5105] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 77.621807][ T5105] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 77.629414][ T5105] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 77.750071][ T5894] chnl_net:caif_netlink_parms(): no params data found
[ 77.804037][ T5894] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.811583][ T5894] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.819205][ T5894] bridge_slave_0: entered allmulticast mode
[ 77.826013][ T5894] bridge_slave_0: entered promiscuous mode
[ 77.834324][ T5894] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.841604][ T5894] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.849777][ T5894] bridge_slave_1: entered allmulticast mode
[ 77.856453][ T5894] bridge_slave_1: entered promiscuous mode
[ 77.888378][ T5894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.901796][ T5894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.937657][ T5894] team0: Port device team_slave_0 added
[ 77.946642][ T5894] team0: Port device team_slave_1 added
[ 77.971716][ T5894] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.978853][ T5894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.005460][ T5894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 78.018811][ T5894] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 78.025773][ T5894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.051908][ T5894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 78.086471][ T5894] hsr_slave_0: entered promiscuous mode
[ 78.093709][ T5894] hsr_slave_1: entered promiscuous mode
[ 78.100355][ T5894] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 78.108438][ T5894] Cannot create hsr debugfs directory
[ 79.118845][ T1134] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.728606][ T5105] Bluetooth: hci0: command tx timeout
[ 81.357373][ T1134] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.440375][ T1134] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.809221][ T5105] Bluetooth: hci0: command tx timeout
[ 81.892920][ T9] cfg80211: failed to load regulatory.db
[ 82.275754][ T1134] hsr_slave_0: left promiscuous mode
[ 82.283011][ T1134] hsr_slave_1: left promiscuous mode
[ 82.291059][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 82.298764][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 82.307406][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 82.316031][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 82.327433][ T1134] bridge_slave_1: left allmulticast mode
[ 82.333173][ T1134] bridge_slave_1: left promiscuous mode
[ 82.340161][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state
[ 82.350899][ T1134] bridge_slave_0: left allmulticast mode
[ 82.356641][ T1134] bridge_slave_0: left promiscuous mode
[ 82.362802][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state
[ 82.383548][ T1134] veth1_macvtap: left promiscuous mode
[ 82.389407][ T1134] veth0_macvtap: left promiscuous mode
[ 82.395030][ T1134] veth1_vlan: left promiscuous mode
[ 82.400558][ T1134] veth0_vlan: left promiscuous mode
[ 82.719682][ T1134] team0 (unregistering): Port device team_slave_1 removed
[ 82.752194][ T1134] team0 (unregistering): Port device team_slave_0 removed
[ 82.781989][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 82.813328][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 83.082091][ T1134] bond0 (unregistering): Released all slaves
[ 83.196604][ T5894] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 83.206551][ T5894] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 83.220508][ T5894] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 83.230853][ T5894] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 83.322074][ T5894] 8021q: adding VLAN 0 to HW filter on device bond0
[ 83.341458][ T5894] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.357800][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.364952][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.389403][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.396635][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.571728][ T5894] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.631402][ T5894] veth0_vlan: entered promiscuous mode
[ 83.642988][ T5894] veth1_vlan: entered promiscuous mode
[ 83.666427][ T5894] veth0_macvtap: entered promiscuous mode
[ 83.675033][ T5894] veth1_macvtap: entered promiscuous mode
[ 83.691045][ T5894] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 83.716893][ T5894] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 83.729053][ T5894] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.738265][ T5894] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.746970][ T5894] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.756315][ T5894] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.825209][ T1128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.836944][ T1128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.864544][ T1128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.872678][ T1128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.888473][ T5105] Bluetooth: hci0: command tx timeout
[ 83.941441][ T5944] syz.0.16[5944]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[ 84.193912][ T5944] loop0: detected capacity change from 0 to 32768
[ 84.219354][ T5944] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 84.228950][ T5944] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 84.266442][ T5944] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 84.278786][ T786] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 84.285930][ T786] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 84.327205][ T786] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 41ms
[ 84.335160][ T786] gfs2: fsid=syz:syz.0: jid=0: Done
[ 84.342535][ T5944] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 84.353131][ T5944] gfs2: fsid=syz:syz.0: can't lock local "qc" file: -28
[ 84.398121][ C1] ==================================================================
[ 84.406213][ C1] BUG: KASAN: slab-use-after-free in gfs2_qd_dealloc+0x81/0xe0
[ 84.413785][ C1] Write of size 4 at addr ffff88801dfb8a78 by task swapper/1/0
[ 84.421748][ C1]
[ 84.424081][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.100-syzkaller #0
[ 84.431791][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 84.441897][ C1] Call Trace:
[ 84.445289][ C1]
[ 84.448139][ C1] dump_stack_lvl+0x16c/0x230
[ 84.452835][ C1] ? __lock_acquire+0x7c80/0x7c80
[ 84.457850][ C1] ? show_regs_print_info+0x20/0x20
[ 84.463229][ C1] ? load_image+0x3b0/0x3b0
[ 84.467714][ C1] ? __virt_addr_valid+0x469/0x540
[ 84.472916][ C1] print_report+0xac/0x200
[ 84.477501][ C1] ? gfs2_qd_dealloc+0x81/0xe0
[ 84.482249][ C1] kasan_report+0x117/0x150
[ 84.486734][ C1] ? gfs2_qd_dealloc+0x81/0xe0
[ 84.491486][ C1] ? rcu_core+0xc51/0x1720
[ 84.495890][ C1] kasan_check_range+0x288/0x290
[ 84.500820][ C1] ? rcu_core+0xc51/0x1720
[ 84.505224][ C1] gfs2_qd_dealloc+0x81/0xe0
[ 84.509799][ C1] ? gfs2_qd_dispose+0x5b0/0x5b0
[ 84.514721][ C1] rcu_core+0xcc4/0x1720
[ 84.519039][ C1] ? rcu_cpu_kthread_park+0x90/0x90
[ 84.524221][ C1] ? __lock_acquire+0x7c80/0x7c80
[ 84.529237][ C1] ? rebalance_domains+0x8ad/0x9d0
[ 84.534336][ C1] ? rebalance_domains+0x127/0x9d0
[ 84.539441][ C1] handle_softirqs+0x280/0x820
[ 84.544193][ C1] ? __irq_exit_rcu+0xc7/0x190
[ 84.548943][ C1] ? do_softirq+0x180/0x180
[ 84.553446][ C1] ? irqtime_account_irq+0xb6/0x1c0
[ 84.558636][ C1] __irq_exit_rcu+0xc7/0x190
[ 84.563218][ C1] ? irq_exit_rcu+0x20/0x20
[ 84.567708][ C1] irq_exit_rcu+0x9/0x20
[ 84.571932][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0
[ 84.577565][ C1]
[ 84.580483][ C1]
[ 84.583397][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 84.589378][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 84.595086][ C1] Code: cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d e3 16 3b 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 66 0f 1f 00 55 41 57 41 56
[ 84.614684][ C1] RSP: 0018:ffffc90000187de0 EFLAGS: 000002c6
[ 84.620740][ C1] RAX: e3d2cf38db4d7800 RBX: ffffffff81619a5b RCX: e3d2cf38db4d7800
[ 84.628886][ C1] RDX: 0000000000000001 RSI: ffffffff8aaaba40 RDI: ffffffff8afc6700
[ 84.636933][ C1] RBP: ffffc90000187f20 R08: ffff8880b8f36d4b R09: 1ffff110171e6da9
[ 84.644891][ C1] R10: dffffc0000000000 R11: ffffed10171e6daa R12: ffffffff8e4a7da8
[ 84.652891][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110037ca780
[ 84.660857][ C1] ? do_idle+0x1eb/0x510
[ 84.665197][ C1] default_idle+0x13/0x20
[ 84.669531][ C1] default_idle_call+0x6c/0xa0
[ 84.674329][ C1] do_idle+0x1eb/0x510
[ 84.678396][ C1] ? lock_chain_count+0x20/0x20
[ 84.683254][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 84.688454][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 84.694428][ C1] ? lockdep_hardirqs_on+0x98/0x150
[ 84.699655][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 84.705625][ C1] ? _raw_spin_unlock+0x40/0x40
[ 84.710470][ C1] cpu_startup_entry+0x43/0x60
[ 84.715222][ C1] start_secondary+0xee/0xf0
[ 84.719802][ C1] secondary_startup_64_no_verify+0x179/0x17b
[ 84.725863][ C1]
[ 84.728873][ C1]
[ 84.731190][ C1] Allocated by task 5944:
[ 84.735500][ C1] kasan_set_track+0x4e/0x70
[ 84.740076][ C1] __kasan_kmalloc+0x8f/0xa0
[ 84.744773][ C1] gfs2_fill_super+0x11b/0x1f80
[ 84.749622][ C1] get_tree_bdev+0x3e4/0x510
[ 84.754281][ C1] gfs2_get_tree+0x51/0x1e0
[ 84.758781][ C1] vfs_get_tree+0x8c/0x280
[ 84.763195][ C1] do_new_mount+0x24b/0xa40
[ 84.767687][ C1] __se_sys_mount+0x2da/0x3c0
[ 84.772354][ C1] do_syscall_64+0x55/0xb0
[ 84.776763][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 84.782649][ C1]
[ 84.784956][ C1] Freed by task 5944:
[ 84.788918][ C1] kasan_set_track+0x4e/0x70
[ 84.793494][ C1] kasan_save_free_info+0x2e/0x50
[ 84.798507][ C1] ____kasan_slab_free+0x126/0x1e0
[ 84.803606][ C1] slab_free_freelist_hook+0x130/0x1b0
[ 84.809045][ C1] __kmem_cache_free+0xba/0x1f0
[ 84.813883][ C1] gfs2_fill_super+0x13c7/0x1f80
[ 84.818808][ C1] get_tree_bdev+0x3e4/0x510
[ 84.823385][ C1] gfs2_get_tree+0x51/0x1e0
[ 84.827895][ C1] vfs_get_tree+0x8c/0x280
[ 84.832308][ C1] do_new_mount+0x24b/0xa40
[ 84.836816][ C1] __se_sys_mount+0x2da/0x3c0
[ 84.841574][ C1] do_syscall_64+0x55/0xb0
[ 84.845979][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 84.852039][ C1]
[ 84.854346][ C1] The buggy address belongs to the object at ffff88801dfb8000
[ 84.854346][ C1] which belongs to the cache kmalloc-8k of size 8192
[ 84.868387][ C1] The buggy address is located 2680 bytes inside of
[ 84.868387][ C1] freed 8192-byte region [ffff88801dfb8000, ffff88801dfba000)
[ 84.882348][ C1]
[ 84.884657][ C1] The buggy address belongs to the physical page:
[ 84.891234][ C1] page:ffffea000077ee00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1dfb8
[ 84.901386][ C1] head:ffffea000077ee00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 84.910318][ C1] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.918296][ C1] page_type: 0xffffffff()
[ 84.922703][ C1] raw: 00fff00000000840 ffff888017842280 ffffea000098c600 0000000000000002
[ 84.931543][ C1] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 84.940108][ C1] page dumped because: kasan: bad access detected
[ 84.946508][ C1] page_owner tracks the page as allocated
[ 84.952202][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5626, tgid 5626 (dhcpcd-run-hook), ts 48591777512, free_ts 48591073318
[ 84.973029][ C1] post_alloc_hook+0x1cd/0x210
[ 84.977797][ C1] get_page_from_freelist+0x195c/0x19f0
[ 84.983330][ C1] __alloc_pages+0x1e3/0x460
[ 84.987918][ C1] alloc_slab_page+0x5d/0x170
[ 84.992583][ C1] new_slab+0x87/0x2e0
[ 84.996642][ C1] ___slab_alloc+0xc6d/0x12f0
[ 85.001313][ C1] __kmem_cache_alloc_node+0x1a2/0x260
[ 85.006760][ C1] kmalloc_trace+0x2a/0xe0
[ 85.011239][ C1] tomoyo_init_log+0x1104/0x1f10
[ 85.016276][ C1] tomoyo_supervisor+0x32d/0x1080
[ 85.021342][ C1] tomoyo_env_perm+0x14a/0x1e0
[ 85.026096][ C1] tomoyo_find_next_domain+0x1594/0x1a60
[ 85.031728][ C1] tomoyo_bprm_check_security+0x116/0x170
[ 85.037531][ C1] security_bprm_check+0x62/0xa0
[ 85.042456][ C1] bprm_execve+0xa51/0x16f0
[ 85.046948][ C1] do_execveat_common+0x51b/0x6c0
[ 85.051971][ C1] page last free stack trace:
[ 85.056628][ C1] free_unref_page_prepare+0x7ce/0x8e0
[ 85.062078][ C1] free_unref_page+0x32/0x2e0
[ 85.066753][ C1] __unfreeze_partials+0x1cf/0x210
[ 85.071863][ C1] put_cpu_partial+0x17c/0x250
[ 85.076653][ C1] __slab_free+0x31d/0x410
[ 85.081146][ C1] qlist_free_all+0x75/0xe0
[ 85.085641][ C1] kasan_quarantine_reduce+0x143/0x160
[ 85.091097][ C1] __kasan_slab_alloc+0x22/0x80
[ 85.095938][ C1] slab_post_alloc_hook+0x6e/0x4d0
[ 85.101043][ C1] __kmem_cache_alloc_node+0x13e/0x260
[ 85.106492][ C1] kmalloc_trace+0x2a/0xe0
[ 85.110898][ C1] tomoyo_init_log+0x1104/0x1f10
[ 85.115821][ C1] tomoyo_supervisor+0x32d/0x1080
[ 85.120830][ C1] tomoyo_env_perm+0x14a/0x1e0
[ 85.125580][ C1] tomoyo_find_next_domain+0x1594/0x1a60
[ 85.131211][ C1] tomoyo_bprm_check_security+0x116/0x170
[ 85.136922][ C1]
[ 85.139225][ C1] Memory state around the buggy address:
[ 85.144838][ C1] ffff88801dfb8900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 85.152883][ C1] ffff88801dfb8980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 85.160930][ C1] >ffff88801dfb8a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 85.168972][ C1] ^
[ 85.176932][ C1] ffff88801dfb8a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 85.184981][ C1] ffff88801dfb8b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 85.193021][ C1] ==================================================================
[ 85.201107][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 85.208388][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.100-syzkaller #0
[ 85.216112][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 85.226188][ C1] Call Trace:
[ 85.229486][ C1]
[ 85.232611][ C1] dump_stack_lvl+0x16c/0x230
[ 85.237317][ C1] ? show_regs_print_info+0x20/0x20
[ 85.242578][ C1] ? load_image+0x3b0/0x3b0
[ 85.247087][ C1] panic+0x2c0/0x710
[ 85.250977][ C1] ? bpf_jit_dump+0xd0/0xd0
[ 85.255477][ C1] ? _raw_spin_unlock_irqrestore+0xa9/0x110
[ 85.261361][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 85.267244][ C1] ? _raw_spin_unlock+0x40/0x40
[ 85.272086][ C1] ? print_memory_metadata+0x314/0x400
[ 85.277583][ C1] ? gfs2_qd_dealloc+0x81/0xe0
[ 85.282422][ C1] check_panic_on_warn+0x84/0xa0
[ 85.287348][ C1] ? gfs2_qd_dealloc+0x81/0xe0
[ 85.292095][ C1] end_report+0x6f/0x140
[ 85.296322][ C1] kasan_report+0x128/0x150
[ 85.300812][ C1] ? gfs2_qd_dealloc+0x81/0xe0
[ 85.305731][ C1] ? rcu_core+0xc51/0x1720
[ 85.310146][ C1] kasan_check_range+0x288/0x290
[ 85.315071][ C1] ? rcu_core+0xc51/0x1720
[ 85.319469][ C1] gfs2_qd_dealloc+0x81/0xe0
[ 85.324048][ C1] ? gfs2_qd_dispose+0x5b0/0x5b0
[ 85.328969][ C1] rcu_core+0xcc4/0x1720
[ 85.333202][ C1] ? rcu_cpu_kthread_park+0x90/0x90
[ 85.338385][ C1] ? __lock_acquire+0x7c80/0x7c80
[ 85.343485][ C1] ? rebalance_domains+0x8ad/0x9d0
[ 85.348583][ C1] ? rebalance_domains+0x127/0x9d0
[ 85.353769][ C1] handle_softirqs+0x280/0x820
[ 85.358691][ C1] ? __irq_exit_rcu+0xc7/0x190
[ 85.363439][ C1] ? do_softirq+0x180/0x180
[ 85.367930][ C1] ? irqtime_account_irq+0xb6/0x1c0
[ 85.373140][ C1] __irq_exit_rcu+0xc7/0x190
[ 85.377712][ C1] ? irq_exit_rcu+0x20/0x20
[ 85.382204][ C1] irq_exit_rcu+0x9/0x20
[ 85.386428][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0
[ 85.392049][ C1]
[ 85.394967][ C1]
[ 85.397881][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 85.403856][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 85.409568][ C1] Code: cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d e3 16 3b 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 66 0f 1f 00 55 41 57 41 56
[ 85.429338][ C1] RSP: 0018:ffffc90000187de0 EFLAGS: 000002c6
[ 85.435394][ C1] RAX: e3d2cf38db4d7800 RBX: ffffffff81619a5b RCX: e3d2cf38db4d7800
[ 85.443353][ C1] RDX: 0000000000000001 RSI: ffffffff8aaaba40 RDI: ffffffff8afc6700
[ 85.451310][ C1] RBP: ffffc90000187f20 R08: ffff8880b8f36d4b R09: 1ffff110171e6da9
[ 85.459267][ C1] R10: dffffc0000000000 R11: ffffed10171e6daa R12: ffffffff8e4a7da8
[ 85.467227][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110037ca780
[ 85.475732][ C1] ? do_idle+0x1eb/0x510
[ 85.480064][ C1] default_idle+0x13/0x20
[ 85.484388][ C1] default_idle_call+0x6c/0xa0
[ 85.489148][ C1] do_idle+0x1eb/0x510
[ 85.493203][ C1] ? lock_chain_count+0x20/0x20
[ 85.498042][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 85.503337][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 85.509338][ C1] ? lockdep_hardirqs_on+0x98/0x150
[ 85.514612][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 85.520581][ C1] ? _raw_spin_unlock+0x40/0x40
[ 85.525602][ C1] cpu_startup_entry+0x43/0x60
[ 85.530441][ C1] start_secondary+0xee/0xf0
[ 85.535026][ C1] secondary_startup_64_no_verify+0x179/0x17b
[ 85.541086][ C1]
[ 85.544309][ C1] Kernel Offset: disabled
[ 85.548632][ C1] Rebooting in 86400 seconds..