Warning: Permanently added '10.128.1.85' (ED25519) to the list of known hosts.
2025/10/16 10:51:10 parsed 1 programs
[   87.807446][ T5791] cgroup: Unknown subsys name 'net'
[   87.977354][ T5791] cgroup: Unknown subsys name 'rlimit'
[   89.722916][ T5791] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.112140][  T787] cfg80211: failed to load regulatory.db
[   93.004627][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.016418][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.059892][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.067779][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.977797][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   94.075996][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.084122][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.091864][ T5849] bridge_slave_0: entered allmulticast mode
[   94.099723][ T5849] bridge_slave_0: entered promiscuous mode
[   94.117049][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.124348][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.131687][ T5849] bridge_slave_1: entered allmulticast mode
[   94.138972][ T5849] bridge_slave_1: entered promiscuous mode
[   94.183895][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.196045][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.244272][ T5849] team0: Port device team_slave_0 added
[   94.254426][ T5849] team0: Port device team_slave_1 added
[   94.293466][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.300587][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.326685][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.347957][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.355144][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.382497][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.428537][ T5849] hsr_slave_0: entered promiscuous mode
[   94.435379][ T5849] hsr_slave_1: entered promiscuous mode
[   94.671152][ T5849] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.688753][ T5849] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.700314][ T5849] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.711738][ T5849] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.762044][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.769648][ T5849] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.777838][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.785075][ T5849] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.852668][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.872425][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.890603][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.917438][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   94.932245][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.939812][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.961594][ T1303] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.968824][ T1303] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.183034][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.234858][ T5849] veth0_vlan: entered promiscuous mode
[   95.247223][ T5849] veth1_vlan: entered promiscuous mode
[   95.283161][ T5849] veth0_macvtap: entered promiscuous mode
[   95.293345][ T5849] veth1_macvtap: entered promiscuous mode
[   95.315218][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.331589][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.345929][ T5849] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.355320][ T5849] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.364319][ T5849] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.373911][ T5849] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.540285][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.552614][ T5871] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.561508][ T5871] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.572561][ T5871] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.582121][ T5871] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.590298][ T5871] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   95.597696][ T5871] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/10/16 10:51:22 executed programs: 0
[   97.155247][ T5102] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.164836][ T5102] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   97.173348][ T5102] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.182048][ T5102] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.190354][ T5102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   97.197755][ T5102] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.375549][ T5897] chnl_net:caif_netlink_parms(): no params data found
[   97.447358][ T5897] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.455058][ T5897] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.462452][ T5897] bridge_slave_0: entered allmulticast mode
[   97.471860][ T5897] bridge_slave_0: entered promiscuous mode
[   97.481269][ T5897] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.488393][ T5897] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.497370][ T5897] bridge_slave_1: entered allmulticast mode
[   97.504637][ T5897] bridge_slave_1: entered promiscuous mode
[   97.535385][ T5897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.547262][ T5897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.584274][ T5897] team0: Port device team_slave_0 added
[   97.592327][ T5897] team0: Port device team_slave_1 added
[   97.622575][ T5897] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.629733][ T5897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.656168][ T5897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.669353][ T5897] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.676342][ T5897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.702382][ T5897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.747978][ T5897] hsr_slave_0: entered promiscuous mode
[   97.754608][ T5897] hsr_slave_1: entered promiscuous mode
[   97.761470][ T5897] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.770122][ T5897] Cannot create hsr debugfs directory
[   97.931391][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.229984][ T5871] Bluetooth: hci0: command tx timeout
[  100.220383][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.286334][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.183075][   T11] hsr_slave_0: left promiscuous mode
[  101.189593][   T11] hsr_slave_1: left promiscuous mode
[  101.195858][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.203572][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.213613][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.221806][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.230261][   T11] bridge_slave_1: left allmulticast mode
[  101.236049][   T11] bridge_slave_1: left promiscuous mode
[  101.243098][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.256234][   T11] bridge_slave_0: left allmulticast mode
[  101.263417][   T11] bridge_slave_0: left promiscuous mode
[  101.270333][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.300337][   T11] veth1_macvtap: left promiscuous mode
[  101.306262][   T11] veth0_macvtap: left promiscuous mode
[  101.316875][ T5871] Bluetooth: hci0: command tx timeout
[  101.323349][   T11] veth1_vlan: left promiscuous mode
[  101.329279][   T11] veth0_vlan: left promiscuous mode
[  101.766592][   T11] team0 (unregistering): Port device team_slave_1 removed
[  101.798462][   T11] team0 (unregistering): Port device team_slave_0 removed
[  101.832643][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.872475][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.168266][   T11] bond0 (unregistering): Released all slaves
[  102.264415][ T5897] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.277499][ T5897] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.295120][ T5897] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.308541][ T5897] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  102.433977][ T5897] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.455884][ T5897] 8021q: adding VLAN 0 to HW filter on device team0
[  102.472330][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.479545][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.496567][ T1303] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.503769][ T1303] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.777367][ T5897] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.821714][ T5897] veth0_vlan: entered promiscuous mode
[  102.835645][ T5897] veth1_vlan: entered promiscuous mode
[  102.865353][ T5897] veth0_macvtap: entered promiscuous mode
[  102.875501][ T5897] veth1_macvtap: entered promiscuous mode
[  102.893975][ T5897] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.909280][ T5897] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.922765][ T5897] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.932026][ T5897] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.941278][ T5897] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.950354][ T5897] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.056863][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.072919][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.116996][ T1303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.125419][ T1303] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.389079][ T5871] Bluetooth: hci0: command tx timeout
[  103.469238][  T787] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  103.669187][  T787] usb 1-1: Using ep0 maxpacket: 32
[  103.679450][  T787] usb 1-1: config 7 has an invalid interface number: 150 but max is 0
[  103.687831][  T787] usb 1-1: config 7 has no interface number 0
[  103.694624][  T787] usb 1-1: config 7 interface 150 has no altsetting 0
[  103.712693][  T787] usb 1-1: New USB device found, idVendor=0424, idProduct=cf30, bcdDevice=d3.ae
[  103.722021][  T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.733164][  T787] usb 1-1: Product: syz
[  103.737354][  T787] usb 1-1: Manufacturer: syz
[  103.742044][  T787] usb 1-1: SerialNumber: syz
[  103.977075][  T787] usb 1-1: USB disconnect, device number 2
[  103.988256][  T787] ==================================================================
[  103.996369][  T787] BUG: KASAN: slab-use-after-free in hdm_disconnect+0x10d/0x1c0
[  104.004043][  T787] Read of size 8 at addr ffff88802e93d898 by task kworker/0:2/787
[  104.011850][  T787] 
[  104.014187][  T787] CPU: 0 PID: 787 Comm: kworker/0:2 Not tainted syzkaller #0
[  104.021554][  T787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  104.031616][  T787] Workqueue: usb_hub_wq hub_event
[  104.036671][  T787] Call Trace:
[  104.039956][  T787]  <TASK>
[  104.042904][  T787]  dump_stack_lvl+0x16c/0x230
[  104.047599][  T787]  ? __lock_acquire+0x7c80/0x7c80
[  104.052633][  T787]  ? show_regs_print_info+0x20/0x20
[  104.057845][  T787]  ? load_image+0x3b0/0x3b0
[  104.062362][  T787]  ? __virt_addr_valid+0x469/0x540
[  104.067496][  T787]  print_report+0xac/0x220
[  104.071928][  T787]  ? hdm_disconnect+0x10d/0x1c0
[  104.076791][  T787]  kasan_report+0x117/0x150
[  104.081306][  T787]  ? hdm_disconnect+0x10d/0x1c0
[  104.086175][  T787]  hdm_disconnect+0x10d/0x1c0
[  104.090868][  T787]  usb_unbind_interface+0x1f2/0x870
[  104.096089][  T787]  ? kernfs_remove_by_name_ns+0x117/0x150
[  104.101824][  T787]  ? usb_driver_release_interface+0x1c0/0x1c0
[  104.107905][  T787]  device_release_driver_internal+0x4cb/0x7a0
[  104.114079][  T787]  bus_remove_device+0x342/0x400
[  104.119052][  T787]  device_del+0x50b/0x900
[  104.123399][  T787]  ? mark_lock+0x94/0x320
[  104.127737][  T787]  ? kill_device+0x160/0x160
[  104.132345][  T787]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  104.138337][  T787]  ? usb_disconnect+0x10b/0x8a0
[  104.143194][  T787]  ? mutex_lock_nested+0x20/0x20
[  104.148234][  T787]  ? _raw_spin_lock_irq+0xaf/0xe0
[  104.153279][  T787]  usb_disable_device+0x3e9/0x8a0
[  104.158322][  T787]  usb_disconnect+0x34c/0x8a0
[  104.163026][  T787]  hub_event+0x1cef/0x49c0
[  104.167456][  T787]  ? verify_lock_unused+0x140/0x140
[  104.172690][  T787]  ? hub_post_resume+0x120/0x120
[  104.177638][  T787]  ? read_lock_is_recursive+0x20/0x20
[  104.183040][  T787]  ? _raw_spin_unlock_irq+0x23/0x50
[  104.188247][  T787]  ? process_scheduled_works+0x957/0x15b0
[  104.193980][  T787]  ? process_scheduled_works+0x957/0x15b0
[  104.199712][  T787]  process_scheduled_works+0xa45/0x15b0
[  104.205282][  T787]  ? assign_work+0x400/0x400
[  104.209893][  T787]  ? assign_work+0x39e/0x400
[  104.214502][  T787]  worker_thread+0xa55/0xfc0
[  104.219114][  T787]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  104.225101][  T787]  ? _raw_spin_unlock+0x40/0x40
[  104.229959][  T787]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  104.235881][  T787]  kthread+0x2fa/0x390
[  104.239958][  T787]  ? pr_cont_work+0x560/0x560
[  104.244650][  T787]  ? kthread_blkcg+0xd0/0xd0
[  104.249249][  T787]  ret_from_fork+0x48/0x80
[  104.253674][  T787]  ? kthread_blkcg+0xd0/0xd0
[  104.258367][  T787]  ret_from_fork_asm+0x11/0x20
[  104.263153][  T787]  </TASK>
[  104.266175][  T787] 
[  104.268512][  T787] Allocated by task 787:
[  104.272766][  T787]  kasan_set_track+0x4e/0x70
[  104.277536][  T787]  __kasan_kmalloc+0x8f/0xa0
[  104.282220][  T787]  hdm_probe+0x96/0x13e0
[  104.286490][  T787]  usb_probe_interface+0x5a4/0xb00
[  104.291618][  T787]  really_probe+0x25b/0xb40
[  104.296134][  T787]  __driver_probe_device+0x18c/0x330
[  104.301426][  T787]  driver_probe_device+0x4f/0x420
[  104.306488][  T787]  __device_attach_driver+0x2ca/0x520
[  104.311942][  T787]  bus_for_each_drv+0x24b/0x2d0
[  104.316903][  T787]  __device_attach+0x2b5/0x400
[  104.321696][  T787]  bus_probe_device+0x180/0x260
[  104.326570][  T787]  device_add+0x85b/0xc20
[  104.330917][  T787]  usb_set_configuration+0x1a79/0x20c0
[  104.336396][  T787]  usb_generic_driver_probe+0x8d/0x150
[  104.341917][  T787]  usb_probe_device+0x13d/0x280
[  104.346797][  T787]  really_probe+0x25b/0xb40
[  104.351320][  T787]  __driver_probe_device+0x18c/0x330
[  104.356627][  T787]  driver_probe_device+0x4f/0x420
[  104.361667][  T787]  __device_attach_driver+0x2ca/0x520
[  104.367064][  T787]  bus_for_each_drv+0x24b/0x2d0
[  104.371928][  T787]  __device_attach+0x2b5/0x400
[  104.376730][  T787]  bus_probe_device+0x180/0x260
[  104.381610][  T787]  device_add+0x85b/0xc20
[  104.385962][  T787]  usb_new_device+0xa31/0x1630
[  104.390741][  T787]  hub_event+0x2962/0x49c0
[  104.395210][  T787]  process_scheduled_works+0xa45/0x15b0
[  104.400771][  T787]  worker_thread+0xa55/0xfc0
[  104.405391][  T787]  kthread+0x2fa/0x390
[  104.409472][  T787]  ret_from_fork+0x48/0x80
[  104.413903][  T787]  ret_from_fork_asm+0x11/0x20
[  104.418707][  T787] 
[  104.421039][  T787] Freed by task 787:
[  104.424937][  T787]  kasan_set_track+0x4e/0x70
[  104.429539][  T787]  kasan_save_free_info+0x2e/0x50
[  104.434577][  T787]  ____kasan_slab_free+0x126/0x1e0
[  104.439698][  T787]  slab_free_freelist_hook+0x130/0x1b0
[  104.445175][  T787]  __kmem_cache_free+0xba/0x1f0
[  104.450116][  T787]  device_release+0x96/0x1c0
[  104.454726][  T787]  kobject_put+0x221/0x470
[  104.459172][  T787]  hdm_disconnect+0xf3/0x1c0
[  104.463780][  T787]  usb_unbind_interface+0x1f2/0x870
[  104.468994][  T787]  device_release_driver_internal+0x4cb/0x7a0
[  104.475080][  T787]  bus_remove_device+0x342/0x400
[  104.480034][  T787]  device_del+0x50b/0x900
[  104.484382][  T787]  usb_disable_device+0x3e9/0x8a0
[  104.489418][  T787]  usb_disconnect+0x34c/0x8a0
[  104.494099][  T787]  hub_event+0x1cef/0x49c0
[  104.498542][  T787]  process_scheduled_works+0xa45/0x15b0
[  104.504114][  T787]  worker_thread+0xa55/0xfc0
[  104.508730][  T787]  kthread+0x2fa/0x390
[  104.512833][  T787]  ret_from_fork+0x48/0x80
[  104.517265][  T787]  ret_from_fork_asm+0x11/0x20
[  104.522048][  T787] 
[  104.524384][  T787] The buggy address belongs to the object at ffff88802e93c000
[  104.524384][  T787]  which belongs to the cache kmalloc-8k of size 8192
[  104.538446][  T787] The buggy address is located 6296 bytes inside of
[  104.538446][  T787]  freed 8192-byte region [ffff88802e93c000, ffff88802e93e000)
[  104.552432][  T787] 
[  104.554763][  T787] The buggy address belongs to the physical page:
[  104.561200][  T787] page:ffffea0000ba4e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2e938
[  104.571387][  T787] head:ffffea0000ba4e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  104.580347][  T787] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  104.588354][  T787] page_type: 0xffffffff()
[  104.592725][  T787] raw: 00fff00000000840 ffff888017842280 ffffea0001f62c00 0000000000000004
[  104.601322][  T787] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[  104.609905][  T787] page dumped because: kasan: bad access detected
[  104.616340][  T787] page_owner tracks the page as allocated
[  104.622074][  T787] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5743, tgid 5743 (sh), ts 69582070803, free_ts 69478143341
[  104.641817][  T787]  post_alloc_hook+0x1cd/0x210
[  104.646611][  T787]  get_page_from_freelist+0x195c/0x19f0
[  104.652261][  T787]  __alloc_pages+0x1e3/0x460
[  104.656865][  T787]  alloc_slab_page+0x5d/0x170
[  104.661559][  T787]  new_slab+0x87/0x2e0
[  104.665645][  T787]  ___slab_alloc+0xc6d/0x1300
[  104.670337][  T787]  __kmem_cache_alloc_node+0x1a2/0x260
[  104.675817][  T787]  kmalloc_trace+0x2a/0xe0
[  104.680248][  T787]  tomoyo_init_log+0x1104/0x1f10
[  104.685204][  T787]  tomoyo_supervisor+0x32d/0x1080
[  104.690269][  T787]  tomoyo_env_perm+0x14a/0x1e0
[  104.695091][  T787]  tomoyo_find_next_domain+0x1594/0x1a60
[  104.700738][  T787]  tomoyo_bprm_check_security+0x116/0x170
[  104.706473][  T787]  security_bprm_check+0x62/0xa0
[  104.711420][  T787]  bprm_execve+0xa51/0x16f0
[  104.715942][  T787]  do_execveat_common+0x51b/0x6c0
[  104.720979][  T787] page last free stack trace:
[  104.725656][  T787]  free_unref_page_prepare+0x7ce/0x8e0
[  104.731137][  T787]  free_unref_page+0x32/0x2e0
[  104.735829][  T787]  __unfreeze_partials+0x1cf/0x210
[  104.740957][  T787]  put_cpu_partial+0x17c/0x250
[  104.745735][  T787]  __slab_free+0x31d/0x410
[  104.750173][  T787]  qlist_free_all+0x75/0xe0
[  104.754686][  T787]  kasan_quarantine_reduce+0x143/0x160
[  104.760247][  T787]  __kasan_slab_alloc+0x22/0x80
[  104.765106][  T787]  slab_post_alloc_hook+0x6e/0x4d0
[  104.770233][  T787]  __kmem_cache_alloc_node+0x13e/0x260
[  104.775708][  T787]  __kmalloc+0xa4/0x240
[  104.779878][  T787]  tomoyo_realpath_from_path+0xe3/0x5d0
[  104.785440][  T787]  tomoyo_path_perm+0x20f/0x4b0
[  104.790304][  T787]  security_inode_getattr+0xd3/0x120
[  104.795602][  T787]  __x64_sys_newfstat+0x101/0x1f0
[  104.800642][  T787]  do_syscall_64+0x55/0xb0
[  104.805093][  T787] 
[  104.807421][  T787] Memory state around the buggy address:
[  104.813057][  T787]  ffff88802e93d780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.821126][  T787]  ffff88802e93d800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.829198][  T787] >ffff88802e93d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.837296][  T787]                             ^
[  104.842153][  T787]  ffff88802e93d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.850225][  T787]  ffff88802e93d980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.858296][  T787] ==================================================================
[  104.868155][  T787] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  104.875670][  T787] CPU: 0 PID: 787 Comm: kworker/0:2 Not tainted syzkaller #0
[  104.883072][  T787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  104.893160][  T787] Workqueue: usb_hub_wq hub_event
[  104.898228][  T787] Call Trace:
[  104.901542][  T787]  <TASK>
[  104.904503][  T787]  dump_stack_lvl+0x16c/0x230
[  104.909222][  T787]  ? show_regs_print_info+0x20/0x20
[  104.914460][  T787]  ? load_image+0x3b0/0x3b0
[  104.919067][  T787]  panic+0x2c0/0x710
[  104.922999][  T787]  ? bpf_jit_dump+0xd0/0xd0
[  104.927529][  T787]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  104.933537][  T787]  ? _raw_spin_unlock+0x40/0x40
[  104.938414][  T787]  ? print_memory_metadata+0x314/0x400
[  104.943894][  T787]  ? hdm_disconnect+0x10d/0x1c0
[  104.948769][  T787]  check_panic_on_warn+0x84/0xa0
[  104.953720][  T787]  ? hdm_disconnect+0x10d/0x1c0
[  104.958590][  T787]  end_report+0x6f/0x140
[  104.962855][  T787]  kasan_report+0x128/0x150
[  104.967376][  T787]  ? hdm_disconnect+0x10d/0x1c0
[  104.972248][  T787]  hdm_disconnect+0x10d/0x1c0
[  104.976945][  T787]  usb_unbind_interface+0x1f2/0x870
[  104.982167][  T787]  ? kernfs_remove_by_name_ns+0x117/0x150
[  104.987905][  T787]  ? usb_driver_release_interface+0x1c0/0x1c0
[  104.993989][  T787]  device_release_driver_internal+0x4cb/0x7a0
[  105.000079][  T787]  bus_remove_device+0x342/0x400
[  105.005036][  T787]  device_del+0x50b/0x900
[  105.009383][  T787]  ? mark_lock+0x94/0x320
[  105.013810][  T787]  ? kill_device+0x160/0x160
[  105.018417][  T787]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  105.024408][  T787]  ? usb_disconnect+0x10b/0x8a0
[  105.029271][  T787]  ? mutex_lock_nested+0x20/0x20
[  105.034225][  T787]  ? _raw_spin_lock_irq+0xaf/0xe0
[  105.039260][  T787]  usb_disable_device+0x3e9/0x8a0
[  105.044310][  T787]  usb_disconnect+0x34c/0x8a0
[  105.049027][  T787]  hub_event+0x1cef/0x49c0
[  105.053457][  T787]  ? verify_lock_unused+0x140/0x140
[  105.058684][  T787]  ? hub_post_resume+0x120/0x120
[  105.063630][  T787]  ? read_lock_is_recursive+0x20/0x20
[  105.069020][  T787]  ? _raw_spin_unlock_irq+0x23/0x50
[  105.074228][  T787]  ? process_scheduled_works+0x957/0x15b0
[  105.079961][  T787]  ? process_scheduled_works+0x957/0x15b0
[  105.085710][  T787]  process_scheduled_works+0xa45/0x15b0
[  105.091284][  T787]  ? assign_work+0x400/0x400
[  105.095897][  T787]  ? assign_work+0x39e/0x400
[  105.100498][  T787]  worker_thread+0xa55/0xfc0
[  105.105101][  T787]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  105.111018][  T787]  ? _raw_spin_unlock+0x40/0x40
[  105.115901][  T787]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  105.121823][  T787]  kthread+0x2fa/0x390
[  105.125898][  T787]  ? pr_cont_work+0x560/0x560
[  105.130594][  T787]  ? kthread_blkcg+0xd0/0xd0
[  105.135214][  T787]  ret_from_fork+0x48/0x80
[  105.139644][  T787]  ? kthread_blkcg+0xd0/0xd0
[  105.144246][  T787]  ret_from_fork_asm+0x11/0x20
[  105.149029][  T787]  </TASK>
[  105.152196][  T787] Kernel Offset: disabled
[  105.156522][  T787] Rebooting in 86400 seconds..