Warning: Permanently added '10.128.1.130' (ED25519) to the list of known hosts.
2025/10/23 21:04:56 parsed 1 programs
[   87.121466][ T5834] cgroup: Unknown subsys name 'net'
[   87.260149][ T5834] cgroup: Unknown subsys name 'cpuset'
[   87.269338][ T5834] cgroup: Unknown subsys name 'rlimit'
[   88.968470][ T5834] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.000830][ T5852] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   92.069792][ T1218] cfg80211: failed to load regulatory.db
[   92.491831][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.502191][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.511465][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.520903][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.529923][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   94.257881][ T3558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.266197][ T3558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.294728][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.304128][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.378617][ T5907] chnl_net:caif_netlink_parms(): no params data found
[   95.454497][ T5907] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.463637][ T5907] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.471967][ T5907] bridge_slave_0: entered allmulticast mode
[   95.479729][ T5907] bridge_slave_0: entered promiscuous mode
[   95.489507][ T5907] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.496878][ T5907] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.504089][ T5907] bridge_slave_1: entered allmulticast mode
[   95.511606][ T5907] bridge_slave_1: entered promiscuous mode
[   95.542266][ T5907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.553967][ T5907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.584918][ T5907] team0: Port device team_slave_0 added
[   95.595198][ T5907] team0: Port device team_slave_1 added
[   95.622836][ T5907] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.630309][ T5907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.657052][ T5907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.670149][ T5907] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.677305][ T5907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.704327][ T5907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.748999][ T5907] hsr_slave_0: entered promiscuous mode
[   95.757609][ T5907] hsr_slave_1: entered promiscuous mode
[   95.900356][ T5907] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.914387][ T5907] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.928022][ T5907] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.941259][ T5907] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.023256][ T5907] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.045116][ T5907] 8021q: adding VLAN 0 to HW filter on device team0
[   96.058407][ T3558] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.066478][ T3558] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.085585][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.093084][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.271444][ T5907] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.313815][ T5907] veth0_vlan: entered promiscuous mode
[   96.327881][ T5907] veth1_vlan: entered promiscuous mode
[   96.357851][ T5907] veth0_macvtap: entered promiscuous mode
[   96.367329][ T5907] veth1_macvtap: entered promiscuous mode
[   96.388344][ T5907] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.404164][ T5907] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.422424][ T1327] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.432557][ T1327] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.444048][ T1327] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.453531][ T1327] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.621480][ T1327] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.695629][ T1327] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.772650][ T1327] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.848435][ T1327] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/10/23 21:05:10 executed programs: 0
[   97.644529][ T5150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.654644][ T5150] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   97.663957][ T5150] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.678854][ T5150] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.687773][ T5150] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.855533][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   97.940195][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.947882][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.955778][ T5942] bridge_slave_0: entered allmulticast mode
[   97.964146][ T5942] bridge_slave_0: entered promiscuous mode
[   97.972343][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.980869][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.988832][ T5942] bridge_slave_1: entered allmulticast mode
[   97.999022][ T5942] bridge_slave_1: entered promiscuous mode
[   98.042359][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.055314][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.095623][ T5942] team0: Port device team_slave_0 added
[   98.104461][ T5942] team0: Port device team_slave_1 added
[   98.150517][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.159337][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.188134][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.201142][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.209045][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.238097][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.287723][ T5942] hsr_slave_0: entered promiscuous mode
[   98.294516][ T5942] hsr_slave_1: entered promiscuous mode
[   98.301623][ T5942] debugfs: 'hsr0' already exists in 'hsr'
[   98.308123][ T5942] Cannot create hsr debugfs directory
[   99.391397][ T1327] bridge_slave_1: left allmulticast mode
[   99.399573][ T1327] bridge_slave_1: left promiscuous mode
[   99.406766][ T1327] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.421866][ T1327] bridge_slave_0: left allmulticast mode
[   99.428642][ T1327] bridge_slave_0: left promiscuous mode
[   99.435169][ T1327] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.713495][ T1327] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.727427][ T1327] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.738563][ T1327] bond0 (unregistering): Released all slaves
[   99.758048][   T52] Bluetooth: hci0: command tx timeout
[   99.836138][ T1327] hsr_slave_0: left promiscuous mode
[   99.843176][ T1327] hsr_slave_1: left promiscuous mode
[   99.850481][ T1327] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.867194][ T1327] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.881535][ T1327] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.889929][ T1327] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.918981][ T1327] veth1_macvtap: left promiscuous mode
[   99.925047][ T1327] veth0_macvtap: left promiscuous mode
[   99.933751][ T1327] veth1_vlan: left promiscuous mode
[   99.939983][ T1327] veth0_vlan: left promiscuous mode
[  100.483431][ T1327] team0 (unregistering): Port device team_slave_1 removed
[  100.511999][ T1327] team0 (unregistering): Port device team_slave_0 removed
[  101.231505][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  101.251994][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  101.270287][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  101.285250][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.741368][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.779792][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[  101.800843][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.808070][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.829584][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.837266][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.846461][   T52] Bluetooth: hci0: command tx timeout
[  102.170132][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.242118][ T5942] veth0_vlan: entered promiscuous mode
[  102.264805][ T5942] veth1_vlan: entered promiscuous mode
[  102.311568][ T5942] veth0_macvtap: entered promiscuous mode
[  102.326042][ T5942] veth1_macvtap: entered promiscuous mode
[  102.358961][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.379826][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.400887][   T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.412529][   T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.432470][   T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.443570][   T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.533037][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.543536][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/10/23 21:05:15 executed programs: 2
[  102.591981][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.603811][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.670505][ T6009] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  102.703022][ T6009] FAULT_INJECTION: forcing a failure.
[  102.703022][ T6009] name failslab, interval 1, probability 0, space 0, times 1
[  102.726151][ T6009] CPU: 1 UID: 0 PID: 6009 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  102.726181][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  102.726192][ T6009] Call Trace:
[  102.726200][ T6009]  <TASK>
[  102.726209][ T6009]  dump_stack_lvl+0x189/0x250
[  102.726243][ T6009]  ? __pfx____ratelimit+0x10/0x10
[  102.726266][ T6009]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.726293][ T6009]  ? __pfx__printk+0x10/0x10
[  102.726321][ T6009]  ? __pfx___might_resched+0x10/0x10
[  102.726343][ T6009]  ? fs_reclaim_acquire+0x7d/0x100
[  102.726378][ T6009]  should_fail_ex+0x414/0x560
[  102.726413][ T6009]  should_failslab+0xa8/0x100
[  102.726436][ T6009]  __kmalloc_cache_node_noprof+0x74/0x6f0
[  102.726465][ T6009]  ? __get_vm_area_node+0x13f/0x300
[  102.726502][ T6009]  __get_vm_area_node+0x13f/0x300
[  102.726534][ T6009]  __vmalloc_node_range_noprof+0x30c/0x12d0
[  102.726562][ T6009]  ? kvm_arch_prepare_memory_region+0x33b/0xed0
[  102.726604][ T6009]  ? rcu_is_watching+0x15/0xb0
[  102.726627][ T6009]  ? trace_contention_end+0x39/0x120
[  102.726651][ T6009]  ? __mutex_lock+0x335/0x1350
[  102.726680][ T6009]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  102.726721][ T6009]  ? kvm_arch_prepare_memory_region+0x33b/0xed0
[  102.726742][ T6009]  __vmalloc_noprof+0xb1/0xf0
[  102.726770][ T6009]  ? kvm_arch_prepare_memory_region+0x33b/0xed0
[  102.726797][ T6009]  kvm_arch_prepare_memory_region+0x33b/0xed0
[  102.726837][ T6009]  ? kvm_gmem_bind+0x21d/0x490
[  102.726869][ T6009]  kvm_set_memslot+0x599/0x1310
[  102.726893][ T6009]  ? kvm_check_memslot_overlap+0x301/0x380
[  102.726926][ T6009]  kvm_set_memory_region+0x966/0xb90
[  102.726967][ T6009]  kvm_vm_ioctl_set_memory_region+0x6f/0xd0
[  102.726995][ T6009]  kvm_vm_ioctl+0x957/0xc60
[  102.727022][ T6009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  102.727086][ T6009]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  102.727116][ T6009]  ? do_vfs_ioctl+0xbe8/0x1430
[  102.727139][ T6009]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  102.727165][ T6009]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  102.727235][ T6009]  ? __fget_files+0x2a/0x420
[  102.727260][ T6009]  ? __fget_files+0x3a0/0x420
[  102.727277][ T6009]  ? __fget_files+0x2a/0x420
[  102.727300][ T6009]  ? bpf_lsm_file_ioctl+0x9/0x20
[  102.727323][ T6009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  102.727346][ T6009]  __se_sys_ioctl+0xfc/0x170
[  102.727374][ T6009]  do_syscall_64+0xfa/0xfa0
[  102.727397][ T6009]  ? lockdep_hardirqs_on+0x9c/0x150
[  102.727421][ T6009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.727441][ T6009]  ? clear_bhb_loop+0x60/0xb0
[  102.727466][ T6009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.727485][ T6009] RIP: 0033:0x7fa77a98efc9
[  102.727504][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.727520][ T6009] RSP: 002b:00007fa77b8ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.727542][ T6009] RAX: ffffffffffffffda RBX: 00007fa77abe5fa0 RCX: 00007fa77a98efc9
[  102.727557][ T6009] RDX: 0000200000000180 RSI: 0000000040a0ae49 RDI: 0000000000000004
[  102.727569][ T6009] RBP: 00007fa77b8ef090 R08: 0000000000000000 R09: 0000000000000000
[  102.727581][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.727593][ T6009] R13: 00007fa77abe6038 R14: 00007fa77abe5fa0 R15: 00007ffcb48a7fa8
[  102.727629][ T6009]  </TASK>
[  103.086077][ T6009] syz.0.17: vmalloc error: size 4, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  103.103706][ T6009] CPU: 1 UID: 0 PID: 6009 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  103.103735][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  103.103746][ T6009] Call Trace:
[  103.103755][ T6009]  <TASK>
[  103.103764][ T6009]  dump_stack_lvl+0x189/0x250
[  103.103801][ T6009]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.103829][ T6009]  ? __pfx__printk+0x10/0x10
[  103.103851][ T6009]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  103.103878][ T6009]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  103.103916][ T6009]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  103.103944][ T6009]  warn_alloc+0x214/0x310
[  103.103982][ T6009]  ? __pfx_warn_alloc+0x10/0x10
[  103.104020][ T6009]  ? __get_vm_area_node+0x2b5/0x300
[  103.104056][ T6009]  __vmalloc_node_range_noprof+0x331/0x12d0
[  103.104106][ T6009]  ? rcu_is_watching+0x15/0xb0
[  103.104129][ T6009]  ? trace_contention_end+0x39/0x120
[  103.104154][ T6009]  ? __mutex_lock+0x335/0x1350
[  103.104185][ T6009]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  103.104224][ T6009]  ? kvm_arch_prepare_memory_region+0x33b/0xed0
[  103.104246][ T6009]  __vmalloc_noprof+0xb1/0xf0
[  103.104274][ T6009]  ? kvm_arch_prepare_memory_region+0x33b/0xed0
[  103.104301][ T6009]  kvm_arch_prepare_memory_region+0x33b/0xed0
[  103.104330][ T6009]  ? kvm_gmem_bind+0x21d/0x490
[  103.104362][ T6009]  kvm_set_memslot+0x599/0x1310
[  103.104386][ T6009]  ? kvm_check_memslot_overlap+0x301/0x380
[  103.104418][ T6009]  kvm_set_memory_region+0x966/0xb90
[  103.104458][ T6009]  kvm_vm_ioctl_set_memory_region+0x6f/0xd0
[  103.104486][ T6009]  kvm_vm_ioctl+0x957/0xc60
[  103.104513][ T6009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  103.104580][ T6009]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  103.104611][ T6009]  ? do_vfs_ioctl+0xbe8/0x1430
[  103.104635][ T6009]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  103.104661][ T6009]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  103.104733][ T6009]  ? __fget_files+0x2a/0x420
[  103.104758][ T6009]  ? __fget_files+0x3a0/0x420
[  103.104776][ T6009]  ? __fget_files+0x2a/0x420
[  103.104799][ T6009]  ? bpf_lsm_file_ioctl+0x9/0x20
[  103.104821][ T6009]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  103.104844][ T6009]  __se_sys_ioctl+0xfc/0x170
[  103.104873][ T6009]  do_syscall_64+0xfa/0xfa0
[  103.104904][ T6009]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.104928][ T6009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.104947][ T6009]  ? clear_bhb_loop+0x60/0xb0
[  103.104972][ T6009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.104990][ T6009] RIP: 0033:0x7fa77a98efc9
[  103.105009][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.105025][ T6009] RSP: 002b:00007fa77b8ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.105047][ T6009] RAX: ffffffffffffffda RBX: 00007fa77abe5fa0 RCX: 00007fa77a98efc9
[  103.105061][ T6009] RDX: 0000200000000180 RSI: 0000000040a0ae49 RDI: 0000000000000004
[  103.105074][ T6009] RBP: 00007fa77b8ef090 R08: 0000000000000000 R09: 0000000000000000
[  103.105086][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.105098][ T6009] R13: 00007fa77abe6038 R14: 00007fa77abe5fa0 R15: 00007ffcb48a7fa8
[  103.105133][ T6009]  </TASK>
[  103.105141][ T6009] Mem-Info:
[  103.435834][ T6009] active_anon:37545 inactive_anon:0 isolated_anon:0
[  103.435834][ T6009]  active_file:461 inactive_file:51758 isolated_file:0
[  103.435834][ T6009]  unevictable:768 dirty:1196 writeback:0
[  103.435834][ T6009]  slab_reclaimable:10694 slab_unreclaimable:79505
[  103.435834][ T6009]  mapped:10086 shmem:1356 pagetables:889
[  103.435834][ T6009]  sec_pagetables:0 bounce:0
[  103.435834][ T6009]  kernel_misc_reclaimable:0
[  103.435834][ T6009]  free:1364779 free_pcp:22915 free_cma:0
[  103.484350][ T6009] Node 0 active_anon:150180kB inactive_anon:0kB active_file:1844kB inactive_file:206832kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:40344kB dirty:4772kB writeback:0kB shmem:3888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9872kB pagetables:3420kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  103.522480][ T6009] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  103.554573][ T6009] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  103.588493][ T6009] lowmem_reserve[]: 0 2505 2505 2505 2505
[  103.595370][ T6009] Node 0 DMA32 free:1550304kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:149880kB inactive_anon:0kB active_file:1844kB inactive_file:206832kB unevictable:1536kB writepending:4772kB zspages:0kB present:3129332kB managed:2565188kB mlocked:0kB bounce:0kB free_pcp:76164kB local_pcp:37728kB free_cma:0kB
[  103.633158][ T6009] lowmem_reserve[]: 0 0 0 0 0
[  103.638831][ T6009] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  103.672269][ T6009] lowmem_reserve[]: 0 0 0 0 0
[  103.677785][ T6009] Node 1 Normal free:3893452kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:12kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:16812kB local_pcp:5836kB free_cma:0kB
[  103.712999][ T6009] lowmem_reserve[]: 0 0 0 0 0
[  103.719167][ T6009] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  103.733323][ T6009] Node 0 DMA32: 1666*4kB (UM) 455*8kB (UME) 102*16kB (UME) 84*32kB (UME) 51*64kB (UM) 21*128kB (UME) 25*256kB (UME) 15*512kB (UME) 14*1024kB (UM) 9*2048kB (UM) 362*4096kB (M) = 1550176kB
[  103.754988][ T6009] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  103.767869][ T6009] Node 1 Normal: 179*4kB (U) 40*8kB (UME) 40*16kB (UME) 48*32kB (UME) 11*64kB (UM) 7*128kB (UME) 2*256kB (M) 4*512kB (UME) 3*1024kB (UME) 2*2048kB (UE) 947*4096kB (M) = 3893452kB
[  103.787817][ T6009] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  103.797708][ T6009] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  103.808131][ T6009] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  103.819975][ T6009] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  103.830725][ T6009] 53571 total pagecache pages
[  103.835428][ T6009] 0 pages in swap cache
[  103.839801][ T6009] Free swap  = 124996kB
[  103.844189][ T6009] Total swap = 124996kB
[  103.848620][ T6009] 2097051 pages RAM
[  103.852439][ T6009] 0 pages HighMem/MovableOnly
[  103.857488][ T6009] 424112 pages reserved
[  103.861664][ T6009] 0 pages cma reserved
[  103.865964][ T6008] ==================================================================
[  103.874160][ T6008] BUG: KASAN: slab-use-after-free in kvm_gmem_release+0x176/0x440
[  103.882208][ T6008] Write of size 8 at addr ffff888027c38508 by task syz.0.17/6008
[  103.890070][ T6008] 
[  103.892397][ T6008] CPU: 1 UID: 0 PID: 6008 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  103.892412][ T6008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  103.892420][ T6008] Call Trace:
[  103.892427][ T6008]  <TASK>
[  103.892433][ T6008]  dump_stack_lvl+0x189/0x250
[  103.892452][ T6008]  ? __kasan_check_byte+0x12/0x40
[  103.892465][ T6008]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.892480][ T6008]  ? lock_release+0x4b/0x3e0
[  103.892492][ T6008]  ? __virt_addr_valid+0x4a5/0x5c0
[  103.892509][ T6008]  print_report+0xca/0x240
[  103.892522][ T6008]  ? kvm_gmem_release+0x176/0x440
[  103.892536][ T6008]  kasan_report+0x118/0x150
[  103.892547][ T6008]  ? kvm_gmem_release+0x176/0x440
[  103.892563][ T6008]  kvm_gmem_release+0x176/0x440
[  103.892579][ T6008]  ? __pfx_kvm_gmem_release+0x10/0x10
[  103.892594][ T6008]  ? evm_file_release+0x101/0x1e0
[  103.892607][ T6008]  ? __pfx_kvm_gmem_release+0x10/0x10
[  103.892621][ T6008]  __fput+0x44c/0xa70
[  103.892637][ T6008]  task_work_run+0x1d4/0x260
[  103.892654][ T6008]  ? __pfx_task_work_run+0x10/0x10
[  103.892671][ T6008]  ? exit_to_user_mode_loop+0x40/0x130
[  103.892682][ T6008]  exit_to_user_mode_loop+0xe9/0x130
[  103.892692][ T6008]  do_syscall_64+0x2bd/0xfa0
[  103.892708][ T6008]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.892722][ T6008]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.892733][ T6008]  ? clear_bhb_loop+0x60/0xb0
[  103.892746][ T6008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.892757][ T6008] RIP: 0033:0x7fa77a98efc9
[  103.892770][ T6008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.892780][ T6008] RSP: 002b:00007ffcb48a8108 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  103.892794][ T6008] RAX: 0000000000000000 RBX: 00007fa77abe7da0 RCX: 00007fa77a98efc9
[  103.892803][ T6008] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  103.892810][ T6008] RBP: 00007fa77abe7da0 R08: 0000000000000000 R09: 00000004b48a83ff
[  103.892818][ T6008] R10: 00007fa77abe7cb0 R11: 0000000000000246 R12: 000000000001941b
[  103.892825][ T6008] R13: 00007ffcb48a8200 R14: ffffffffffffffff R15: 00007ffcb48a8220
[  103.892838][ T6008]  </TASK>
[  103.892842][ T6008] 
[  104.126936][ T6008] Allocated by task 6009:
[  104.131251][ T6008]  kasan_save_track+0x3e/0x80
[  104.135952][ T6008]  __kasan_kmalloc+0x93/0xb0
[  104.140635][ T6008]  __kmalloc_cache_noprof+0x3d5/0x6f0
[  104.146200][ T6008]  kvm_set_memory_region+0x747/0xb90
[  104.151565][ T6008]  kvm_vm_ioctl_set_memory_region+0x6f/0xd0
[  104.157473][ T6008]  kvm_vm_ioctl+0x957/0xc60
[  104.162160][ T6008]  __se_sys_ioctl+0xfc/0x170
[  104.167052][ T6008]  do_syscall_64+0xfa/0xfa0
[  104.171571][ T6008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.177991][ T6008] 
[  104.180314][ T6008] Freed by task 6009:
[  104.184376][ T6008]  kasan_save_track+0x3e/0x80
[  104.189590][ T6008]  __kasan_save_free_info+0x46/0x50
[  104.195128][ T6008]  __kasan_slab_free+0x5c/0x80
[  104.200004][ T6008]  kfree+0x19a/0x6d0
[  104.204084][ T6008]  kvm_set_memory_region+0x9c4/0xb90
[  104.209392][ T6008]  kvm_vm_ioctl_set_memory_region+0x6f/0xd0
[  104.215515][ T6008]  kvm_vm_ioctl+0x957/0xc60
[  104.220270][ T6008]  __se_sys_ioctl+0xfc/0x170
[  104.225060][ T6008]  do_syscall_64+0xfa/0xfa0
[  104.229677][ T6008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.235604][ T6008] 
[  104.237939][ T6008] The buggy address belongs to the object at ffff888027c38400
[  104.237939][ T6008]  which belongs to the cache kmalloc-cg-512 of size 512
[  104.252610][ T6008] The buggy address is located 264 bytes inside of
[  104.252610][ T6008]  freed 512-byte region [ffff888027c38400, ffff888027c38600)
[  104.266786][ T6008] 
[  104.269154][ T6008] The buggy address belongs to the physical page:
[  104.275573][ T6008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27c38
[  104.284449][ T6008] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  104.293375][ T6008] memcg:ffff888075b14901
[  104.297613][ T6008] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  104.305337][ T6008] page_type: f5(slab)
[  104.309423][ T6008] raw: 00fff00000000040 ffff88801a030140 dead000000000100 dead000000000122
[  104.318192][ T6008] raw: 0000000000000000 0000000000100010 00000000f5000000 ffff888075b14901
[  104.326973][ T6008] head: 00fff00000000040 ffff88801a030140 dead000000000100 dead000000000122
[  104.336055][ T6008] head: 0000000000000000 0000000000100010 00000000f5000000 ffff888075b14901
[  104.344832][ T6008] head: 00fff00000000002 ffffea00009f0e01 00000000ffffffff 00000000ffffffff
[  104.354294][ T6008] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  104.363326][ T6008] page dumped because: kasan: bad access detected
[  104.369994][ T6008] page_owner tracks the page as allocated
[  104.375961][ T6008] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5494, tgid 5494 (dhcpcd), ts 72988292812, free_ts 64231045025
[  104.397865][ T6008]  post_alloc_hook+0x240/0x2a0
[  104.403021][ T6008]  get_page_from_freelist+0x2365/0x2440
[  104.409102][ T6008]  __alloc_frozen_pages_noprof+0x181/0x370
[  104.417781][ T6008]  alloc_pages_mpol+0x232/0x4a0
[  104.423776][ T6008]  allocate_slab+0x96/0x3a0
[  104.428687][ T6008]  ___slab_alloc+0xe94/0x18a0
[  104.433811][ T6008]  __slab_alloc+0x65/0x100
[  104.438606][ T6008]  __kmalloc_node_track_caller_noprof+0x5c7/0x800
[  104.445344][ T6008]  kmalloc_reserve+0x136/0x290
[  104.451745][ T6008]  __alloc_skb+0x142/0x2d0
[  104.457424][ T6008]  alloc_skb_with_frags+0xca/0x890
[  104.462709][ T6008]  sock_alloc_send_pskb+0x84d/0x980
[  104.468634][ T6008]  unix_dgram_sendmsg+0x461/0x1850
[  104.473898][ T6008]  __sock_sendmsg+0x21c/0x270
[  104.478847][ T6008]  sock_write_iter+0x279/0x360
[  104.483775][ T6008]  do_iter_readv_writev+0x623/0x8c0
[  104.489180][ T6008] page last free pid 5651 tgid 5651 stack trace:
[  104.496575][ T6008]  __free_frozen_pages+0xbc4/0xd30
[  104.502504][ T6008]  __slab_free+0x2e7/0x390
[  104.507111][ T6008]  qlist_free_all+0x97/0x140
[  104.512170][ T6008]  kasan_quarantine_reduce+0x148/0x160
[  104.518278][ T6008]  __kasan_slab_alloc+0x22/0x80
[  104.523485][ T6008]  __kmalloc_noprof+0x3c3/0x7f0
[  104.528708][ T6008]  tomoyo_supervisor+0xbd5/0x1480
[  104.533839][ T6008]  tomoyo_env_perm+0x149/0x1e0
[  104.538604][ T6008]  tomoyo_find_next_domain+0x15cf/0x1aa0
[  104.544328][ T6008]  tomoyo_bprm_check_security+0x11c/0x180
[  104.550138][ T6008]  security_bprm_check+0x89/0x270
[  104.555193][ T6008]  bprm_execve+0x8ee/0x1450
[  104.559707][ T6008]  do_execveat_common+0x510/0x6a0
[  104.564730][ T6008]  __x64_sys_execve+0x94/0xb0
[  104.569594][ T6008]  do_syscall_64+0xfa/0xfa0
[  104.574155][ T6008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.580159][ T6008] 
[  104.582486][ T6008] Memory state around the buggy address:
[  104.588111][ T6008]  ffff888027c38400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.596271][ T6008]  ffff888027c38480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.605046][ T6008] >ffff888027c38500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.613597][ T6008]                       ^
[  104.618104][ T6008]  ffff888027c38580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  104.626528][ T6008]  ffff888027c38600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  104.635573][ T6008] ==================================================================
[  104.652700][   T52] Bluetooth: hci0: command tx timeout
[  104.655253][ T6008] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  104.655274][ T6008] CPU: 0 UID: 0 PID: 6008 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  104.655294][ T6008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  104.655305][ T6008] Call Trace:
[  104.655313][ T6008]  <TASK>
[  104.655321][ T6008]  dump_stack_lvl+0x99/0x250
[  104.655351][ T6008]  ? __asan_memcpy+0x40/0x70
[  104.655375][ T6008]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.655398][ T6008]  ? __pfx__printk+0x10/0x10
[  104.655421][ T6008]  vpanic+0x237/0x6d0
[  104.655444][ T6008]  ? __pfx_vpanic+0x10/0x10
[  104.655467][ T6008]  ? preempt_schedule+0xae/0xc0
[  104.655488][ T6008]  ? __pfx_preempt_schedule+0x10/0x10
[  104.655512][ T6008]  panic+0xb9/0xc0
[  104.655534][ T6008]  ? __pfx_panic+0x10/0x10
[  104.655559][ T6008]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  104.655582][ T6008]  ? kvm_gmem_release+0x176/0x440
[  104.655604][ T6008]  check_panic_on_warn+0x89/0xb0
[  104.655628][ T6008]  ? kvm_gmem_release+0x176/0x440
[  104.655649][ T6008]  end_report+0x78/0x160
[  104.655664][ T6008]  kasan_report+0x129/0x150
[  104.655681][ T6008]  ? kvm_gmem_release+0x176/0x440
[  104.655705][ T6008]  kvm_gmem_release+0x176/0x440
[  104.655728][ T6008]  ? __pfx_kvm_gmem_release+0x10/0x10
[  104.655752][ T6008]  ? evm_file_release+0x101/0x1e0
[  104.655773][ T6008]  ? __pfx_kvm_gmem_release+0x10/0x10
[  104.655794][ T6008]  __fput+0x44c/0xa70
[  104.655818][ T6008]  task_work_run+0x1d4/0x260
[  104.655844][ T6008]  ? __pfx_task_work_run+0x10/0x10
[  104.655877][ T6008]  ? exit_to_user_mode_loop+0x40/0x130
[  104.655896][ T6008]  exit_to_user_mode_loop+0xe9/0x130
[  104.655913][ T6008]  do_syscall_64+0x2bd/0xfa0
[  104.655935][ T6008]  ? lockdep_hardirqs_on+0x9c/0x150
[  104.655957][ T6008]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.655974][ T6008]  ? clear_bhb_loop+0x60/0xb0
[  104.655993][ T6008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.656010][ T6008] RIP: 0033:0x7fa77a98efc9
[  104.656026][ T6008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.656042][ T6008] RSP: 002b:00007ffcb48a8108 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  104.656063][ T6008] RAX: 0000000000000000 RBX: 00007fa77abe7da0 RCX: 00007fa77a98efc9
[  104.656076][ T6008] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  104.656087][ T6008] RBP: 00007fa77abe7da0 R08: 0000000000000000 R09: 00000004b48a83ff
[  104.656100][ T6008] R10: 00007fa77abe7cb0 R11: 0000000000000246 R12: 000000000001941b
[  104.656113][ T6008] R13: 00007ffcb48a8200 R14: ffffffffffffffff R15: 00007ffcb48a8220
[  104.656133][ T6008]  </TASK>
[  104.659537][ T6008] Kernel Offset: disabled