[   82.025990][   T36] sched: DL replenish lagged too much
Warning: Permanently added '10.128.1.78' (ED25519) to the list of known hosts.
2025/08/11 16:50:01 ignoring optional flag "sandboxArg"="0"
2025/08/11 16:50:03 parsed 1 programs
[   87.921376][ T5867] cgroup: Unknown subsys name 'net'
[   88.069096][ T5867] cgroup: Unknown subsys name 'cpuset'
[   88.079112][ T5867] cgroup: Unknown subsys name 'rlimit'
[   89.660786][ T5867] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.013511][ T5879] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   92.030832][   T24] cfg80211: failed to load regulatory.db
[   92.126250][ T5888] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.134805][ T5888] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.148155][ T5888] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.156918][ T5888] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.165140][ T5888] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   93.219254][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.231097][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.257056][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.265296][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.647047][ T5951] chnl_net:caif_netlink_parms(): no params data found
[   95.756001][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.764181][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.772144][ T5951] bridge_slave_0: entered allmulticast mode
[   95.779793][ T5951] bridge_slave_0: entered promiscuous mode
[   95.796116][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.803299][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.810983][ T5951] bridge_slave_1: entered allmulticast mode
[   95.818338][ T5951] bridge_slave_1: entered promiscuous mode
[   95.848284][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.861594][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.899018][ T5951] team0: Port device team_slave_0 added
[   95.908562][ T5951] team0: Port device team_slave_1 added
[   95.933697][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.940732][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.967009][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.979538][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.986934][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.014156][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.056903][ T5951] hsr_slave_0: entered promiscuous mode
[   96.063479][ T5951] hsr_slave_1: entered promiscuous mode
[   96.201061][ T5951] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   96.213221][ T5951] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   96.224574][ T5951] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   96.235389][ T5951] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.265046][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.272379][ T5951] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.280682][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.287812][ T5951] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.345186][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.363338][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.373885][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.391864][ T5951] 8021q: adding VLAN 0 to HW filter on device team0
[   96.406495][ T3477] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.413655][ T3477] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.430533][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.437773][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.612353][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.659556][ T5951] veth0_vlan: entered promiscuous mode
[   96.672971][ T5951] veth1_vlan: entered promiscuous mode
[   96.704435][ T5951] veth0_macvtap: entered promiscuous mode
[   96.713595][ T5951] veth1_macvtap: entered promiscuous mode
[   96.732380][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.749470][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.765189][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.777218][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.788272][   T64] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.798548][   T64] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.921769][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.002748][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.090234][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.138672][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/08/11 16:50:15 executed programs: 0
[   97.342214][ T5888] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.351471][ T5888] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   97.359980][ T5888] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.368961][ T5888] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.377678][ T5888] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.539669][ T5977] chnl_net:caif_netlink_parms(): no params data found
[   97.618212][ T5977] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.626395][ T5977] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.633632][ T5977] bridge_slave_0: entered allmulticast mode
[   97.640984][ T5977] bridge_slave_0: entered promiscuous mode
[   97.651255][ T5977] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.658573][ T5977] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.666219][ T5977] bridge_slave_1: entered allmulticast mode
[   97.673419][ T5977] bridge_slave_1: entered promiscuous mode
[   97.706746][ T5977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.719495][ T5977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.756815][ T5977] team0: Port device team_slave_0 added
[   97.764754][ T5977] team0: Port device team_slave_1 added
[   97.793042][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.801060][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.827464][ T5977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.841809][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.849111][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.876437][ T5977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.928141][ T5977] hsr_slave_0: entered promiscuous mode
[   97.934399][ T5977] hsr_slave_1: entered promiscuous mode
[   97.940743][ T5977] debugfs: 'hsr0' already exists in 'hsr'
[   97.946908][ T5977] Cannot create hsr debugfs directory
[   99.466352][ T5888] Bluetooth: hci0: command tx timeout
[   99.938312][   T49] bridge_slave_1: left allmulticast mode
[   99.944124][   T49] bridge_slave_1: left promiscuous mode
[   99.963731][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.975072][   T49] bridge_slave_0: left allmulticast mode
[   99.981656][   T49] bridge_slave_0: left promiscuous mode
[   99.988462][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.230437][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.241287][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.251390][   T49] bond0 (unregistering): Released all slaves
[  100.358235][   T49] hsr_slave_0: left promiscuous mode
[  100.364486][   T49] hsr_slave_1: left promiscuous mode
[  100.376279][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.383753][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.394801][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.402713][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.426982][   T49] veth1_macvtap: left promiscuous mode
[  100.432812][   T49] veth0_macvtap: left promiscuous mode
[  100.441269][   T49] veth1_vlan: left promiscuous mode
[  100.446826][   T49] veth0_vlan: left promiscuous mode
[  100.938093][   T49] team0 (unregistering): Port device team_slave_1 removed
[  100.967499][   T49] team0 (unregistering): Port device team_slave_0 removed
[  101.501575][ T5977] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  101.524538][ T5977] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  101.543740][ T5977] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  101.556435][ T5888] Bluetooth: hci0: command tx timeout
[  101.563796][ T5977] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.764629][ T5977] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.793838][ T5977] 8021q: adding VLAN 0 to HW filter on device team0
[  101.824175][ T3477] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.831479][ T3477] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.864074][ T3477] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.871354][ T3477] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.058844][ T5977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.100841][ T5977] veth0_vlan: entered promiscuous mode
[  102.111656][ T5977] veth1_vlan: entered promiscuous mode
[  102.139591][ T5977] veth0_macvtap: entered promiscuous mode
[  102.149093][ T5977] veth1_macvtap: entered promiscuous mode
[  102.167988][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.185008][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.207714][ T3488] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.219806][ T3488] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.233102][ T3488] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.250905][ T3488] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.324826][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.337695][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.385152][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.394198][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/08/11 16:50:20 executed programs: 2
[  103.626472][ T5888] Bluetooth: hci0: command tx timeout
[  105.705966][ T5888] Bluetooth: hci0: command tx timeout
2025/08/11 16:50:25 executed programs: 256
2025/08/11 16:50:30 executed programs: 520
[  114.038590][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  114.047422][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  114.055721][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  114.069889][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  114.078788][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  114.238536][ T3477] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.254175][ T6628] chnl_net:caif_netlink_parms(): no params data found
[  114.298268][ T3477] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.345696][ T6628] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.353148][ T6628] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.361732][ T6628] bridge_slave_0: entered allmulticast mode
[  114.368991][ T6628] bridge_slave_0: entered promiscuous mode
[  114.378169][ T6628] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.385350][ T6628] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.393139][ T6628] bridge_slave_1: entered allmulticast mode
[  114.400731][ T6628] bridge_slave_1: entered promiscuous mode
[  114.431273][ T3477] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.460712][ T6628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.472308][ T6628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.504558][ T6628] team0: Port device team_slave_0 added
[  114.513856][ T6628] team0: Port device team_slave_1 added
[  114.545108][ T3477] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.572211][ T6628] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.579457][ T6628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.606925][ T6628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.619973][ T6628] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.627183][ T6628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.654058][ T6628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  114.704598][ T6628] hsr_slave_0: entered promiscuous mode
[  114.711126][ T6628] hsr_slave_1: entered promiscuous mode
[  114.824913][ T3477] bridge_slave_1: left allmulticast mode
[  114.830949][ T3477] bridge_slave_1: left promiscuous mode
[  114.837631][ T3477] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.847913][ T3477] bridge_slave_0: left allmulticast mode
[  114.853660][ T3477] bridge_slave_0: left promiscuous mode
[  114.859853][ T3477] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.133920][ T3477] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.144976][ T3477] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  115.155393][ T3477] bond0 (unregistering): Released all slaves
[  115.472959][ T3477] hsr_slave_0: left promiscuous mode
[  115.480651][ T3477] hsr_slave_1: left promiscuous mode
[  115.494571][ T3477] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.503620][ T3477] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.512581][ T3477] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.523853][ T3477] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.550507][ T3477] veth1_macvtap: left promiscuous mode
[  115.556323][ T3477] veth0_macvtap: left promiscuous mode
[  115.562032][ T3477] veth1_vlan: left promiscuous mode
[  115.568084][ T3477] veth0_vlan: left promiscuous mode
[  115.961404][ T3477] team0 (unregistering): Port device team_slave_1 removed
[  115.990069][ T3477] team0 (unregistering): Port device team_slave_0 removed
[  116.105699][   T51] Bluetooth: hci1: command tx timeout
[  116.561587][ T6628] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  116.587562][ T6628] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  116.600679][ T6628] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  116.611797][ T6628] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  116.741064][ T6628] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.769516][ T6628] 8021q: adding VLAN 0 to HW filter on device team0
[  116.784074][ T3477] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.791846][ T3477] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.809712][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.816921][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.042673][ T6628] 8021q: adding VLAN 0 to HW filter on device batadv0
[  117.080880][ T6628] veth0_vlan: entered promiscuous mode
[  117.093741][ T6628] veth1_vlan: entered promiscuous mode
[  117.121801][ T6628] veth0_macvtap: entered promiscuous mode
[  117.131914][ T6628] veth1_macvtap: entered promiscuous mode
[  117.148529][ T6628] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.163654][ T6628] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.179259][ T3477] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.188868][ T3477] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.198476][ T3477] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.211681][ T3477] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.266939][ T3477] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.275008][ T3477] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.301571][ T3488] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.309830][ T3488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.342913][ T6676] ==================================================================
[  117.351029][ T6676] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340
[  117.358925][ T6676] Read of size 8 at addr ffff88807f321800 by task syz.0.617/6676
[  117.366628][ T6676] 
[  117.368958][ T6676] CPU: 0 UID: 0 PID: 6676 Comm: syz.0.617 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  117.368978][ T6676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.368990][ T6676] Call Trace:
[  117.368999][ T6676]  <TASK>
[  117.369005][ T6676]  dump_stack_lvl+0x116/0x1f0
[  117.369029][ T6676]  print_report+0xcd/0x630
[  117.369047][ T6676]  ? __virt_addr_valid+0x81/0x610
[  117.369064][ T6676]  ? __phys_addr+0xe8/0x180
[  117.369080][ T6676]  ? force_devcd_write+0x312/0x340
[  117.369098][ T6676]  kasan_report+0xe0/0x110
[  117.369115][ T6676]  ? force_devcd_write+0x312/0x340
[  117.369134][ T6676]  force_devcd_write+0x312/0x340
[  117.369151][ T6676]  ? __pfx_force_devcd_write+0x10/0x10
[  117.369168][ T6676]  ? __debugfs_file_get+0x1fe/0x840
[  117.369189][ T6676]  ? __pfx___debugfs_file_get+0x10/0x10
[  117.369211][ T6676]  full_proxy_write+0x12e/0x1a0
[  117.369232][ T6676]  ? __pfx_full_proxy_write+0x10/0x10
[  117.369255][ T6676]  vfs_write+0x29d/0x11d0
[  117.369273][ T6676]  ? __pfx_vfs_write+0x10/0x10
[  117.369287][ T6676]  ? do_futex+0x122/0x350
[  117.369305][ T6676]  ? __pfx_do_futex+0x10/0x10
[  117.369321][ T6676]  ? find_held_lock+0x2b/0x80
[  117.369335][ T6676]  ? handle_mm_fault+0x2ab/0xd10
[  117.369376][ T6676]  ? __x64_sys_futex+0x1e0/0x4c0
[  117.369392][ T6676]  ? __x64_sys_futex+0x1e9/0x4c0
[  117.369410][ T6676]  ksys_write+0x12a/0x250
[  117.369425][ T6676]  ? __pfx_ksys_write+0x10/0x10
[  117.369442][ T6676]  do_syscall_64+0xcd/0x490
[  117.369460][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.369474][ T6676] RIP: 0033:0x7f4a1738ebe9
[  117.369490][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.369507][ T6676] RSP: 002b:00007ffce3d62748 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  117.369521][ T6676] RAX: ffffffffffffffda RBX: 00007f4a175b5fa0 RCX: 00007f4a1738ebe9
[  117.369531][ T6676] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  117.369539][ T6676] RBP: 00007f4a17411e19 R08: 0000000000000000 R09: 0000000000000000
[  117.369547][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  117.369555][ T6676] R13: 00007f4a175b5fa0 R14: 00007f4a175b5fa0 R15: 0000000000000003
[  117.369568][ T6676]  </TASK>
[  117.369573][ T6676] 
[  117.596027][ T6676] Allocated by task 5977:
[  117.600344][ T6676]  kasan_save_stack+0x33/0x60
[  117.605019][ T6676]  kasan_save_track+0x14/0x30
[  117.609692][ T6676]  __kasan_kmalloc+0xaa/0xb0
[  117.614283][ T6676]  vhci_open+0x4c/0x430
[  117.618434][ T6676]  misc_open+0x35a/0x420
[  117.622674][ T6676]  chrdev_open+0x231/0x6a0
[  117.627173][ T6676]  do_dentry_open+0x97f/0x1530
[  117.632035][ T6676]  vfs_open+0x82/0x3f0
[  117.636115][ T6676]  path_openat+0x1de4/0x2cb0
[  117.640708][ T6676]  do_filp_open+0x20b/0x470
[  117.645208][ T6676]  do_sys_openat2+0x11b/0x1d0
[  117.649898][ T6676]  __x64_sys_openat+0x174/0x210
[  117.654777][ T6676]  do_syscall_64+0xcd/0x490
[  117.659300][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.665211][ T6676] 
[  117.667532][ T6676] Freed by task 5977:
[  117.671503][ T6676]  kasan_save_stack+0x33/0x60
[  117.676225][ T6676]  kasan_save_track+0x14/0x30
[  117.680894][ T6676]  kasan_save_free_info+0x3b/0x60
[  117.685916][ T6676]  __kasan_slab_free+0x60/0x70
[  117.690676][ T6676]  kfree+0x2b4/0x4d0
[  117.694574][ T6676]  vhci_release+0xbb/0xf0
[  117.698900][ T6676]  __fput+0x3ff/0xb70
[  117.702877][ T6676]  task_work_run+0x150/0x240
[  117.707496][ T6676]  do_exit+0x86f/0x2bf0
[  117.711648][ T6676]  do_group_exit+0xd3/0x2a0
[  117.716147][ T6676]  get_signal+0x2673/0x26d0
[  117.720652][ T6676]  arch_do_signal_or_restart+0x8f/0x790
[  117.726194][ T6676]  exit_to_user_mode_loop+0x84/0x110
[  117.731496][ T6676]  do_syscall_64+0x3f6/0x490
[  117.736095][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.741978][ T6676] 
[  117.744319][ T6676] The buggy address belongs to the object at ffff88807f321800
[  117.744319][ T6676]  which belongs to the cache kmalloc-1k of size 1024
[  117.758654][ T6676] The buggy address is located 0 bytes inside of
[  117.758654][ T6676]  freed 1024-byte region [ffff88807f321800, ffff88807f321c00)
[  117.772417][ T6676] 
[  117.774731][ T6676] The buggy address belongs to the physical page:
[  117.781310][ T6676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f320
[  117.790087][ T6676] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  117.798627][ T6676] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  117.806694][ T6676] page_type: f5(slab)
[  117.810669][ T6676] raw: 00fff00000000040 ffff88801b841dc0 0000000000000000 dead000000000001
[  117.819243][ T6676] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  117.827861][ T6676] head: 00fff00000000040 ffff88801b841dc0 0000000000000000 dead000000000001
[  117.836521][ T6676] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  117.845683][ T6676] head: 00fff00000000003 ffffea0001fcc801 00000000ffffffff 00000000ffffffff
[  117.854529][ T6676] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  117.863191][ T6676] page dumped because: kasan: bad access detected
[  117.869616][ T6676] page_owner tracks the page as allocated
[  117.875329][ T6676] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5694, tgid 5694 (dhcpcd-run-hook), ts 66244384104, free_ts 66240208493
[  117.897035][ T6676]  post_alloc_hook+0x1c0/0x230
[  117.901800][ T6676]  get_page_from_freelist+0x132b/0x38e0
[  117.907437][ T6676]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  117.913330][ T6676]  alloc_pages_mpol+0x1fb/0x550
[  117.918187][ T6676]  new_slab+0x247/0x330
[  117.922330][ T6676]  ___slab_alloc+0xcf2/0x1740
[  117.926994][ T6676]  __slab_alloc.constprop.0+0x56/0xb0
[  117.932454][ T6676]  __kmalloc_noprof+0x2f2/0x510
[  117.937328][ T6676]  load_elf_phdrs+0x102/0x210
[  117.942082][ T6676]  load_elf_binary+0x151b/0x4fe0
[  117.947113][ T6676]  bprm_execve+0x8bb/0x1640
[  117.951695][ T6676]  do_execveat_common.isra.0+0x4a5/0x610
[  117.957317][ T6676]  __x64_sys_execve+0x8e/0xb0
[  117.961994][ T6676]  do_syscall_64+0xcd/0x490
[  117.966497][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.972471][ T6676] page last free pid 5694 tgid 5694 stack trace:
[  117.978782][ T6676]  __free_frozen_pages+0x7d5/0x10f0
[  117.984060][ T6676]  __put_partials+0x165/0x1c0
[  117.988728][ T6676]  qlist_free_all+0x4d/0x120
[  117.993310][ T6676]  kasan_quarantine_reduce+0x195/0x1e0
[  117.998774][ T6676]  __kasan_slab_alloc+0x69/0x90
[  118.003621][ T6676]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  118.008981][ T6676]  tomoyo_init_log+0x197/0x2140
[  118.013829][ T6676]  tomoyo_supervisor+0x302/0x13b0
[  118.018855][ T6676]  tomoyo_env_perm+0x191/0x200
[  118.023610][ T6676]  tomoyo_find_next_domain+0xec2/0x20b0
[  118.029216][ T6676]  tomoyo_bprm_check_security+0x12e/0x1d0
[  118.035036][ T6676]  security_bprm_check+0x1b9/0x1e0
[  118.040137][ T6676]  bprm_execve+0x81a/0x1640
[  118.044640][ T6676]  do_execveat_common.isra.0+0x4a5/0x610
[  118.050271][ T6676]  __x64_sys_execve+0x8e/0xb0
[  118.055029][ T6676]  do_syscall_64+0xcd/0x490
[  118.059539][ T6676] 
[  118.061963][ T6676] Memory state around the buggy address:
[  118.067628][ T6676]  ffff88807f321700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  118.076121][ T6676]  ffff88807f321780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  118.084271][ T6676] >ffff88807f321800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  118.092318][ T6676]                    ^
[  118.096379][ T6676]  ffff88807f321880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  118.104430][ T6676]  ffff88807f321900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  118.112569][ T6676] ==================================================================
[  118.135436][ T6676] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  118.142704][ T6676] CPU: 1 UID: 0 PID: 6676 Comm: syz.0.617 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  118.152878][ T6676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.162941][ T6676] Call Trace:
[  118.166306][ T6676]  <TASK>
[  118.169235][ T6676]  dump_stack_lvl+0x3d/0x1f0
[  118.173828][ T6676]  vpanic+0x6e8/0x7a0
[  118.177812][ T6676]  ? __pfx_vpanic+0x10/0x10
[  118.182316][ T6676]  ? __pfx_vprintk_emit+0x10/0x10
[  118.187347][ T6676]  ? force_devcd_write+0x312/0x340
[  118.192469][ T6676]  panic+0xca/0xd0
[  118.196199][ T6676]  ? __pfx_panic+0x10/0x10
[  118.200622][ T6676]  ? force_devcd_write+0x312/0x340
[  118.205736][ T6676]  ? preempt_schedule_common+0x44/0xc0
[  118.211281][ T6676]  ? preempt_schedule_thunk+0x16/0x30
[  118.216738][ T6676]  ? check_panic_on_warn+0x1f/0xb0
[  118.222027][ T6676]  check_panic_on_warn+0xab/0xb0
[  118.226980][ T6676]  end_report+0x107/0x170
[  118.231396][ T6676]  kasan_report+0xee/0x110
[  118.235808][ T6676]  ? force_devcd_write+0x312/0x340
[  118.241009][ T6676]  force_devcd_write+0x312/0x340
[  118.246029][ T6676]  ? __pfx_force_devcd_write+0x10/0x10
[  118.251502][ T6676]  ? __debugfs_file_get+0x1fe/0x840
[  118.256790][ T6676]  ? __pfx___debugfs_file_get+0x10/0x10
[  118.262341][ T6676]  full_proxy_write+0x12e/0x1a0
[  118.267193][ T6676]  ? __pfx_full_proxy_write+0x10/0x10
[  118.272580][ T6676]  vfs_write+0x29d/0x11d0
[  118.276915][ T6676]  ? __pfx_vfs_write+0x10/0x10
[  118.281787][ T6676]  ? do_futex+0x122/0x350
[  118.286205][ T6676]  ? __pfx_do_futex+0x10/0x10
[  118.290881][ T6676]  ? find_held_lock+0x2b/0x80
[  118.295641][ T6676]  ? handle_mm_fault+0x2ab/0xd10
[  118.300596][ T6676]  ? __x64_sys_futex+0x1e0/0x4c0
[  118.305588][ T6676]  ? __x64_sys_futex+0x1e9/0x4c0
[  118.310528][ T6676]  ksys_write+0x12a/0x250
[  118.314856][ T6676]  ? __pfx_ksys_write+0x10/0x10
[  118.319792][ T6676]  do_syscall_64+0xcd/0x490
[  118.324294][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.330181][ T6676] RIP: 0033:0x7f4a1738ebe9
[  118.334603][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.354378][ T6676] RSP: 002b:00007ffce3d62748 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  118.362799][ T6676] RAX: ffffffffffffffda RBX: 00007f4a175b5fa0 RCX: 00007f4a1738ebe9
[  118.370779][ T6676] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  118.378745][ T6676] RBP: 00007f4a17411e19 R08: 0000000000000000 R09: 0000000000000000
[  118.386719][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  118.394678][ T6676] R13: 00007f4a175b5fa0 R14: 00007f4a175b5fa0 R15: 0000000000000003
[  118.402647][ T6676]  </TASK>
[  118.405927][ T6676] Kernel Offset: disabled
[  118.410254][ T6676] Rebooting in 86400 seconds..