Warning: Permanently added '10.128.0.117' (ED25519) to the list of known hosts.
2025/02/28 19:59:00 ignoring optional flag "sandboxArg"="0"
2025/02/28 19:59:02 parsed 1 programs
[  275.218251][ T5859] cgroup: Unknown subsys name 'net'
[  275.331850][ T5859] cgroup: Unknown subsys name 'cpuset'
[  275.341958][ T5859] cgroup: Unknown subsys name 'rlimit'
[  276.885924][ T5859] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  279.400901][ T5866] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  279.744416][ T5879] chnl_net:caif_netlink_parms(): no params data found
[  279.835854][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.844408][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.852439][ T5879] bridge_slave_0: entered allmulticast mode
[  279.859936][ T5879] bridge_slave_0: entered promiscuous mode
[  279.870746][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.877999][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.885340][ T5879] bridge_slave_1: entered allmulticast mode
[  279.892723][ T5879] bridge_slave_1: entered promiscuous mode
[  279.923407][ T5879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.935482][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.965178][ T5879] team0: Port device team_slave_0 added
[  279.974222][ T5879] team0: Port device team_slave_1 added
[  279.995778][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0
[  280.003292][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.030524][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  280.046144][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1
[  280.053236][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.079872][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.111896][ T5879] hsr_slave_0: entered promiscuous mode
[  280.118106][ T5879] hsr_slave_1: entered promiscuous mode
[  280.215838][ T5879] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  280.229587][ T5879] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  280.240559][ T5879] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  280.250142][ T5879] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  280.275340][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.282965][ T5879] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.291272][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.298378][ T5879] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.347722][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.366539][   T67] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.376159][   T67] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.392498][ T5879] 8021q: adding VLAN 0 to HW filter on device team0
[  280.405765][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.412971][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.425569][ T3560] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.432718][ T3560] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.565385][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  280.596969][ T5879] veth0_vlan: entered promiscuous mode
[  280.611012][ T5879] veth1_vlan: entered promiscuous mode
[  280.637366][ T5879] veth0_macvtap: entered promiscuous mode
[  280.646941][ T5879] veth1_macvtap: entered promiscuous mode
[  280.665568][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0
[  280.681486][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.692866][ T5879] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.702529][ T5879] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.711640][ T5879] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.720733][ T5879] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.881555][ T1161] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.960898][ T1161] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.050830][ T1161] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.108649][ T1161] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.213105][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.238876][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.287143][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.295609][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.451403][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  283.461041][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  283.469801][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  283.477981][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  283.486867][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  283.494625][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/02/28 19:59:13 executed programs: 0
[  284.175020][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  284.184596][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  284.193433][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  284.205212][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  284.213944][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  284.221826][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  284.312479][ T1161] bridge_slave_1: left allmulticast mode
[  284.318363][ T1161] bridge_slave_1: left promiscuous mode
[  284.330873][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.342309][ T1161] bridge_slave_0: left allmulticast mode
[  284.348835][ T1161] bridge_slave_0: left promiscuous mode
[  284.355157][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.638471][ T1161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.649911][ T1161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.662963][ T1161] bond0 (unregistering): Released all slaves
[  284.778190][ T1161] hsr_slave_0: left promiscuous mode
[  284.784581][ T1161] hsr_slave_1: left promiscuous mode
[  284.791722][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  284.799552][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_0
[  284.808214][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  284.816656][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_1
[  284.835102][ T1161] veth1_macvtap: left promiscuous mode
[  284.841013][ T1161] veth0_macvtap: left promiscuous mode
[  284.846590][ T1161] veth1_vlan: left promiscuous mode
[  284.852392][ T1161] veth0_vlan: left promiscuous mode
[  285.144641][ T1161] team0 (unregistering): Port device team_slave_1 removed
[  285.176867][ T1161] team0 (unregistering): Port device team_slave_0 removed
[  285.450904][ T5965] chnl_net:caif_netlink_parms(): no params data found
[  285.530253][ T5965] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.537525][ T5965] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.545222][ T5965] bridge_slave_0: entered allmulticast mode
[  285.552564][ T5965] bridge_slave_0: entered promiscuous mode
[  285.565120][ T5965] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.572565][ T5965] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.590318][ T5965] bridge_slave_1: entered allmulticast mode
[  285.608353][ T5965] bridge_slave_1: entered promiscuous mode
[  285.644688][ T5965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  285.656581][ T5965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.693435][ T5965] team0: Port device team_slave_0 added
[  285.706748][ T5965] team0: Port device team_slave_1 added
[  285.735272][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.747318][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.774756][ T5965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.799240][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.806240][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.835205][ T5965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.903444][ T5965] hsr_slave_0: entered promiscuous mode
[  285.920980][ T5965] hsr_slave_1: entered promiscuous mode
[  286.260166][ T5147] Bluetooth: hci0: command tx timeout
[  286.935693][ T5965] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  286.959405][ T5965] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  286.971303][ T5965] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  286.982152][ T5965] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  287.101648][ T5965] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.126358][ T5965] 8021q: adding VLAN 0 to HW filter on device team0
[  287.167119][ T3520] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.174412][ T3520] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.197676][ T3520] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.204966][ T3520] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.428220][ T5965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.478040][ T5965] veth0_vlan: entered promiscuous mode
[  287.494502][ T5965] veth1_vlan: entered promiscuous mode
[  287.533273][ T5965] veth0_macvtap: entered promiscuous mode
[  287.545352][ T5965] veth1_macvtap: entered promiscuous mode
[  287.570362][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  287.587929][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  287.604854][ T5965] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  287.614951][ T5965] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  287.626923][ T5965] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  287.636789][ T5965] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  287.720757][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.738162][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.773972][ T1161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.789207][ T1161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  288.338961][ T5147] Bluetooth: hci0: command tx timeout
2025/02/28 19:59:19 executed programs: 50
[  290.426505][ T5147] Bluetooth: hci0: command tx timeout
[  292.499227][ T5147] Bluetooth: hci0: command tx timeout
2025/02/28 19:59:24 executed programs: 286
2025/02/28 19:59:29 executed programs: 547
[  300.339244][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  300.352364][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  300.362013][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  300.370697][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  300.379367][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  300.386919][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  300.506214][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.523279][ T6652] chnl_net:caif_netlink_parms(): no params data found
[  300.582478][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.600069][ T6652] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.607738][ T6652] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.615753][ T6652] bridge_slave_0: entered allmulticast mode
[  300.622751][ T6652] bridge_slave_0: entered promiscuous mode
[  300.631636][ T6652] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.639030][ T6652] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.646649][ T6652] bridge_slave_1: entered allmulticast mode
[  300.654080][ T6652] bridge_slave_1: entered promiscuous mode
[  300.671887][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.701547][ T6652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  300.713438][ T6652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  300.741940][ T6652] team0: Port device team_slave_0 added
[  300.760957][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.777475][ T6652] team0: Port device team_slave_1 added
[  300.800545][ T6652] batman_adv: batadv0: Adding interface: batadv_slave_0
[  300.807903][ T6652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.835446][ T6652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  300.849606][ T6652] batman_adv: batadv0: Adding interface: batadv_slave_1
[  300.857684][ T6652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.885488][ T6652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  300.923184][ T6652] hsr_slave_0: entered promiscuous mode
[  300.929896][ T6652] hsr_slave_1: entered promiscuous mode
[  300.936426][ T6652] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  300.945422][ T6652] Cannot create hsr debugfs directory
[  301.034036][   T35] bridge_slave_1: left allmulticast mode
[  301.042649][   T35] bridge_slave_1: left promiscuous mode
[  301.048616][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.058506][   T35] bridge_slave_0: left allmulticast mode
[  301.065469][   T35] bridge_slave_0: left promiscuous mode
[  301.071666][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.344261][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  301.355601][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  301.365900][   T35] bond0 (unregistering): Released all slaves
[  301.647973][   T35] hsr_slave_0: left promiscuous mode
[  301.658321][   T35] hsr_slave_1: left promiscuous mode
[  301.664900][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  301.672806][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  301.683705][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  301.691267][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.714956][   T35] veth1_macvtap: left promiscuous mode
[  301.721577][   T35] veth0_macvtap: left promiscuous mode
[  301.727961][   T35] veth1_vlan: left promiscuous mode
[  301.733515][   T35] veth0_vlan: left promiscuous mode
[  302.105665][   T35] team0 (unregistering): Port device team_slave_1 removed
[  302.137877][   T35] team0 (unregistering): Port device team_slave_0 removed
[  302.432475][   T54] Bluetooth: hci1: command tx timeout
[  302.598423][ T6652] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  302.616661][ T6652] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  302.635445][ T6652] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  302.651006][ T6652] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  302.773943][ T6652] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.796510][ T6652] 8021q: adding VLAN 0 to HW filter on device team0
[  302.811956][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.819148][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  302.835324][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.842754][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[  303.005447][ T6652] 8021q: adding VLAN 0 to HW filter on device batadv0
[  303.039890][ T6652] veth0_vlan: entered promiscuous mode
[  303.051412][ T6652] veth1_vlan: entered promiscuous mode
[  303.073694][ T6652] veth0_macvtap: entered promiscuous mode
[  303.082768][ T6652] veth1_macvtap: entered promiscuous mode
[  303.098005][ T6652] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.113215][ T6652] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.123681][ T6652] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.133233][ T6652] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.142030][ T6652] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.150878][ T6652] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  303.204114][ T3520] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.219230][ T3520] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.241170][ T3520] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.251132][ T3520] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.311268][ T6693] ==================================================================
[  303.319360][ T6693] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330
[  303.327271][ T6693] Read of size 8 at addr ffff888027f36000 by task syz.0.616/6693
[  303.334991][ T6693] 
[  303.337424][ T6693] CPU: 1 UID: 0 PID: 6693 Comm: syz.0.616 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0
[  303.337443][ T6693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  303.337455][ T6693] Call Trace:
[  303.337461][ T6693]  <TASK>
[  303.337470][ T6693]  dump_stack_lvl+0x116/0x1f0
[  303.337495][ T6693]  print_report+0xc3/0x670
[  303.337516][ T6693]  ? __virt_addr_valid+0x5e/0x590
[  303.337531][ T6693]  ? __phys_addr+0xc6/0x150
[  303.337550][ T6693]  kasan_report+0xd9/0x110
[  303.337561][ T6693]  ? force_devcd_write+0x317/0x330
[  303.337580][ T6693]  ? force_devcd_write+0x317/0x330
[  303.337598][ T6693]  force_devcd_write+0x317/0x330
[  303.337615][ T6693]  ? __pfx_force_devcd_write+0x10/0x10
[  303.337632][ T6693]  ? __debugfs_file_get+0x1ff/0x850
[  303.337650][ T6693]  ? __pfx___debugfs_file_get+0x10/0x10
[  303.337666][ T6693]  ? rcu_is_watching+0x12/0xc0
[  303.337681][ T6693]  ? trace_lock_acquire+0x14e/0x1f0
[  303.337698][ T6693]  full_proxy_write+0x13c/0x200
[  303.337715][ T6693]  ? __pfx_full_proxy_write+0x10/0x10
[  303.337732][ T6693]  vfs_write+0x24c/0x1150
[  303.337752][ T6693]  ? __pfx_vfs_write+0x10/0x10
[  303.337768][ T6693]  ? do_futex+0x123/0x350
[  303.337784][ T6693]  ? __pfx_do_futex+0x10/0x10
[  303.337801][ T6693]  ? __x64_sys_futex+0x1e1/0x4c0
[  303.337817][ T6693]  ? __x64_sys_futex+0x1ea/0x4c0
[  303.337833][ T6693]  ksys_write+0x12b/0x250
[  303.337851][ T6693]  ? __pfx_ksys_write+0x10/0x10
[  303.337870][ T6693]  do_syscall_64+0xcd/0x250
[  303.337889][ T6693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.337908][ T6693] RIP: 0033:0x7f1fbdb8d169
[  303.337920][ T6693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.337937][ T6693] RSP: 002b:00007ffd33a1a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  303.337950][ T6693] RAX: ffffffffffffffda RBX: 00007f1fbdda5fa0 RCX: 00007f1fbdb8d169
[  303.337959][ T6693] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  303.337966][ T6693] RBP: 00007f1fbdc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  303.337974][ T6693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  303.337982][ T6693] R13: 00007f1fbdda5fa0 R14: 00007f1fbdda5fa0 R15: 0000000000000003
[  303.337993][ T6693]  </TASK>
[  303.337998][ T6693] 
[  303.569296][ T6693] Allocated by task 5965:
[  303.573636][ T6693]  kasan_save_stack+0x33/0x60
[  303.578339][ T6693]  kasan_save_track+0x14/0x30
[  303.583042][ T6693]  __kasan_kmalloc+0xaa/0xb0
[  303.587644][ T6693]  vhci_open+0x4c/0x430
[  303.591827][ T6693]  misc_open+0x35a/0x420
[  303.596602][ T6693]  chrdev_open+0x237/0x6a0
[  303.601039][ T6693]  do_dentry_open+0x735/0x1c40
[  303.605822][ T6693]  vfs_open+0x82/0x3f0
[  303.609918][ T6693]  path_openat+0x1e88/0x2d80
[  303.614529][ T6693]  do_filp_open+0x20c/0x470
[  303.619043][ T6693]  do_sys_openat2+0x17a/0x1e0
[  303.623721][ T6693]  __x64_sys_openat+0x175/0x210
[  303.628573][ T6693]  do_syscall_64+0xcd/0x250
[  303.633105][ T6693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.639028][ T6693] 
[  303.641382][ T6693] Freed by task 5965:
[  303.645505][ T6693]  kasan_save_stack+0x33/0x60
[  303.650293][ T6693]  kasan_save_track+0x14/0x30
[  303.654978][ T6693]  kasan_save_free_info+0x3b/0x60
[  303.660005][ T6693]  __kasan_slab_free+0x51/0x70
[  303.664791][ T6693]  kfree+0x2c4/0x4d0
[  303.668707][ T6693]  vhci_release+0xbb/0xf0
[  303.673160][ T6693]  __fput+0x3ff/0xb70
[  303.677166][ T6693]  task_work_run+0x14e/0x250
[  303.681772][ T6693]  do_exit+0xad8/0x2d70
[  303.685953][ T6693]  do_group_exit+0xd3/0x2a0
[  303.690579][ T6693]  get_signal+0x24ed/0x26c0
[  303.695401][ T6693]  arch_do_signal_or_restart+0x90/0x7e0
[  303.701005][ T6693]  syscall_exit_to_user_mode+0x150/0x2a0
[  303.706662][ T6693]  do_syscall_64+0xda/0x250
[  303.711192][ T6693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.717261][ T6693] 
[  303.719596][ T6693] The buggy address belongs to the object at ffff888027f36000
[  303.719596][ T6693]  which belongs to the cache kmalloc-1k of size 1024
[  303.733930][ T6693] The buggy address is located 0 bytes inside of
[  303.733930][ T6693]  freed 1024-byte region [ffff888027f36000, ffff888027f36400)
[  303.747990][ T6693] 
[  303.750305][ T6693] The buggy address belongs to the physical page:
[  303.756887][ T6693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27f30
[  303.765759][ T6693] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  303.774271][ T6693] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  303.782379][ T6693] page_type: f5(slab)
[  303.786394][ T6693] raw: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  303.794987][ T6693] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  303.803739][ T6693] head: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  303.812424][ T6693] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  303.821090][ T6693] head: 00fff00000000003 ffffea00009fcc01 ffffffffffffffff 0000000000000000
[  303.829846][ T6693] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  303.838766][ T6693] page dumped because: kasan: bad access detected
[  303.845543][ T6693] page_owner tracks the page as allocated
[  303.851257][ T6693] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5617, tgid 5617 (dhcpcd), ts 48016305028, free_ts 47833912072
[  303.873254][ T6693]  post_alloc_hook+0x181/0x1b0
[  303.878068][ T6693]  get_page_from_freelist+0xfce/0x2f80
[  303.883564][ T6693]  __alloc_frozen_pages_noprof+0x221/0x2470
[  303.889472][ T6693]  alloc_pages_mpol+0x1fc/0x540
[  303.894318][ T6693]  new_slab+0x23d/0x330
[  303.898659][ T6693]  ___slab_alloc+0xc5d/0x1720
[  303.903353][ T6693]  __slab_alloc.constprop.0+0x56/0xb0
[  303.908859][ T6693]  __kmalloc_node_track_caller_noprof+0x2f1/0x510
[  303.915383][ T6693]  kmemdup_noprof+0x29/0x60
[  303.920170][ T6693]  bpf_prepare_filter+0xc4f/0x1100
[  303.925302][ T6693]  bpf_prog_create_from_user+0x1e4/0x2d0
[  303.930952][ T6693]  do_seccomp+0x7b6/0x2640
[  303.935483][ T6693]  prctl_set_seccomp+0x4b/0x70
[  303.940355][ T6693]  __do_sys_prctl+0xf42/0x2450
[  303.945248][ T6693]  do_syscall_64+0xcd/0x250
[  303.949980][ T6693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.956781][ T6693] page last free pid 5608 tgid 5608 stack trace:
[  303.963624][ T6693]  free_frozen_pages+0x6db/0xfb0
[  303.968671][ T6693]  qlist_free_all+0x4e/0x120
[  303.973321][ T6693]  kasan_quarantine_reduce+0x195/0x1e0
[  303.978796][ T6693]  __kasan_slab_alloc+0x69/0x90
[  303.983877][ T6693]  __kmalloc_noprof+0x1cd/0x510
[  303.988773][ T6693]  tomoyo_supervisor+0x46c/0x1380
[  303.993828][ T6693]  tomoyo_path_permission+0x270/0x3b0
[  303.999215][ T6693]  tomoyo_check_open_permission+0x37d/0x3c0
[  304.005358][ T6693]  tomoyo_file_open+0x6b/0x90
[  304.010054][ T6693]  security_file_open+0x84/0x1e0
[  304.015174][ T6693]  do_dentry_open+0x57c/0x1c40
[  304.019961][ T6693]  vfs_open+0x82/0x3f0
[  304.024163][ T6693]  path_openat+0x1e88/0x2d80
[  304.028927][ T6693]  do_filp_open+0x20c/0x470
[  304.033642][ T6693]  do_sys_openat2+0x17a/0x1e0
[  304.038415][ T6693]  __x64_sys_openat+0x175/0x210
[  304.043296][ T6693] 
[  304.045633][ T6693] Memory state around the buggy address:
[  304.051281][ T6693]  ffff888027f35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  304.060208][ T6693]  ffff888027f35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  304.068491][ T6693] >ffff888027f36000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.076569][ T6693]                    ^
[  304.080767][ T6693]  ffff888027f36080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.089177][ T6693]  ffff888027f36100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.097977][ T6693] ==================================================================
[  304.117041][ T6693] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  304.124296][ T6693] CPU: 0 UID: 0 PID: 6693 Comm: syz.0.616 Not tainted 6.14.0-rc4-syzkaller-00199-g76544811c850 #0
[  304.134910][ T6693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  304.145005][ T6693] Call Trace:
[  304.148307][ T6693]  <TASK>
[  304.151266][ T6693]  dump_stack_lvl+0x3d/0x1f0
[  304.156030][ T6693]  panic+0x71d/0x800
[  304.160227][ T6693]  ? __pfx_panic+0x10/0x10
[  304.164753][ T6693]  ? preempt_schedule_thunk+0x1a/0x30
[  304.170346][ T6693]  ? preempt_schedule_common+0x44/0xc0
[  304.175826][ T6693]  ? check_panic_on_warn+0x1f/0xb0
[  304.180953][ T6693]  check_panic_on_warn+0xab/0xb0
[  304.185907][ T6693]  end_report+0x117/0x180
[  304.190244][ T6693]  kasan_report+0xe9/0x110
[  304.194654][ T6693]  ? force_devcd_write+0x317/0x330
[  304.199849][ T6693]  ? force_devcd_write+0x317/0x330
[  304.204953][ T6693]  force_devcd_write+0x317/0x330
[  304.210008][ T6693]  ? __pfx_force_devcd_write+0x10/0x10
[  304.215488][ T6693]  ? __debugfs_file_get+0x1ff/0x850
[  304.220886][ T6693]  ? __pfx___debugfs_file_get+0x10/0x10
[  304.226848][ T6693]  ? rcu_is_watching+0x12/0xc0
[  304.231645][ T6693]  ? trace_lock_acquire+0x14e/0x1f0
[  304.237354][ T6693]  full_proxy_write+0x13c/0x200
[  304.243421][ T6693]  ? __pfx_full_proxy_write+0x10/0x10
[  304.248826][ T6693]  vfs_write+0x24c/0x1150
[  304.253184][ T6693]  ? __pfx_vfs_write+0x10/0x10
[  304.258189][ T6693]  ? do_futex+0x123/0x350
[  304.262801][ T6693]  ? __pfx_do_futex+0x10/0x10
[  304.267590][ T6693]  ? __x64_sys_futex+0x1e1/0x4c0
[  304.273076][ T6693]  ? __x64_sys_futex+0x1ea/0x4c0
[  304.278059][ T6693]  ksys_write+0x12b/0x250
[  304.282422][ T6693]  ? __pfx_ksys_write+0x10/0x10
[  304.287521][ T6693]  do_syscall_64+0xcd/0x250
[  304.292214][ T6693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.298173][ T6693] RIP: 0033:0x7f1fbdb8d169
[  304.302605][ T6693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.322227][ T6693] RSP: 002b:00007ffd33a1a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  304.331628][ T6693] RAX: ffffffffffffffda RBX: 00007f1fbdda5fa0 RCX: 00007f1fbdb8d169
[  304.340404][ T6693] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  304.348383][ T6693] RBP: 00007f1fbdc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  304.356824][ T6693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  304.364815][ T6693] R13: 00007f1fbdda5fa0 R14: 00007f1fbdda5fa0 R15: 0000000000000003
[  304.372794][ T6693]  </TASK>
[  304.376173][ T6693] Kernel Offset: disabled
[  304.380504][ T6693] Rebooting in 86400 seconds..