Warning: Permanently added '10.128.1.218' (ED25519) to the list of known hosts.
2025/10/16 15:25:23 parsed 1 programs
[ 76.290113][ T5829] cgroup: Unknown subsys name 'net'
[ 76.420398][ T5829] cgroup: Unknown subsys name 'cpuset'
[ 76.429141][ T5829] cgroup: Unknown subsys name 'rlimit'
[ 77.841984][ T5829] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 80.509861][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 82.921496][ T5879] chnl_net:caif_netlink_parms(): no params data found
[ 83.007818][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.015721][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.023514][ T5879] bridge_slave_0: entered allmulticast mode
[ 83.031126][ T5879] bridge_slave_0: entered promiscuous mode
[ 83.040140][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.047805][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.054957][ T5879] bridge_slave_1: entered allmulticast mode
[ 83.062200][ T5879] bridge_slave_1: entered promiscuous mode
[ 83.099718][ T5879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 83.111180][ T5879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 83.141231][ T5879] team0: Port device team_slave_0 added
[ 83.149819][ T5879] team0: Port device team_slave_1 added
[ 83.174493][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 83.181758][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 83.208488][ T5879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 83.221049][ T5879] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 83.228060][ T5879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 83.254018][ T5879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 83.293066][ T5879] hsr_slave_0: entered promiscuous mode
[ 83.299602][ T5879] hsr_slave_1: entered promiscuous mode
[ 83.431142][ T5879] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 83.443233][ T5879] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 83.453857][ T5879] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 83.464000][ T5879] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 83.491189][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.498401][ T5879] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.506188][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.513377][ T5879] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.571685][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0
[ 83.591561][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.599947][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.615958][ T5879] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.630637][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.637829][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.653910][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.661113][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.815464][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.860460][ T5879] veth0_vlan: entered promiscuous mode
[ 83.872665][ T5879] veth1_vlan: entered promiscuous mode
[ 83.900478][ T5879] veth0_macvtap: entered promiscuous mode
[ 83.909631][ T5879] veth1_macvtap: entered promiscuous mode
[ 83.928912][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 83.943093][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 83.961208][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.971317][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.982062][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.991705][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 84.114736][ T2980] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 84.252647][ T2980] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 84.324255][ T2980] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 84.396442][ T2980] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 84.689773][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.702328][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.732052][ T2991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.740357][ T2991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.980829][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 84.989003][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 84.996544][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 85.005600][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 85.014144][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/10/16 15:25:35 executed programs: 0
[ 85.541000][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 85.550743][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 85.558740][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 85.569515][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 85.577651][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 85.728782][ T5938] chnl_net:caif_netlink_parms(): no params data found
[ 85.806794][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.814222][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state
[ 85.821547][ T5938] bridge_slave_0: entered allmulticast mode
[ 85.829355][ T5938] bridge_slave_0: entered promiscuous mode
[ 85.838640][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.846326][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state
[ 85.853668][ T5938] bridge_slave_1: entered allmulticast mode
[ 85.860847][ T5938] bridge_slave_1: entered promiscuous mode
[ 85.890089][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 85.901614][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 85.934058][ T5938] team0: Port device team_slave_0 added
[ 85.941756][ T5938] team0: Port device team_slave_1 added
[ 85.968767][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 85.975726][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 86.003103][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 86.015707][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 86.023023][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 86.049198][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 86.094621][ T5938] hsr_slave_0: entered promiscuous mode
[ 86.101109][ T5938] hsr_slave_1: entered promiscuous mode
[ 86.107573][ T5938] debugfs: 'hsr0' already exists in 'hsr'
[ 86.113372][ T5938] Cannot create hsr debugfs directory
[ 86.789116][ T43] cfg80211: failed to load regulatory.db
[ 86.925664][ T2980] bridge_slave_1: left allmulticast mode
[ 86.931899][ T2980] bridge_slave_1: left promiscuous mode
[ 86.940431][ T2980] bridge0: port 2(bridge_slave_1) entered disabled state
[ 86.954074][ T2980] bridge_slave_0: left allmulticast mode
[ 86.962570][ T2980] bridge_slave_0: left promiscuous mode
[ 86.968691][ T2980] bridge0: port 1(bridge_slave_0) entered disabled state
[ 87.304115][ T2980] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 87.320318][ T2980] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 87.332189][ T2980] bond0 (unregistering): Released all slaves
[ 87.496008][ T2980] hsr_slave_0: left promiscuous mode
[ 87.504281][ T2980] hsr_slave_1: left promiscuous mode
[ 87.513659][ T2980] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 87.522758][ T2980] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 87.533591][ T2980] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 87.541309][ T2980] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 87.561581][ T2980] veth1_macvtap: left promiscuous mode
[ 87.568556][ T2980] veth0_macvtap: left promiscuous mode
[ 87.574297][ T2980] veth1_vlan: left promiscuous mode
[ 87.580301][ T2980] veth0_vlan: left promiscuous mode
[ 87.669809][ T52] Bluetooth: hci0: command tx timeout
[ 88.013881][ T2980] team0 (unregistering): Port device team_slave_1 removed
[ 88.039602][ T2980] team0 (unregistering): Port device team_slave_0 removed
[ 88.534786][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 88.551820][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 88.563199][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 88.580394][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 89.002330][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0
[ 89.031505][ T5938] 8021q: adding VLAN 0 to HW filter on device team0
[ 89.064958][ T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.072179][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.115639][ T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.122865][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 89.602156][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 89.675867][ T5938] veth0_vlan: entered promiscuous mode
[ 89.696475][ T5938] veth1_vlan: entered promiscuous mode
[ 89.724174][ T5938] veth0_macvtap: entered promiscuous mode
[ 89.734502][ T5938] veth1_macvtap: entered promiscuous mode
[ 89.747459][ T52] Bluetooth: hci0: command tx timeout
[ 89.752585][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.767951][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.782666][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.791823][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.806558][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.817576][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.869557][ T2991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.881343][ T2991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.903707][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.912984][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.187564][ T798] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 90.347462][ T798] usb 1-1: Using ep0 maxpacket: 32
[ 90.354835][ T798] usb 1-1: config 7 has an invalid interface number: 150 but max is 0
[ 90.363245][ T798] usb 1-1: config 7 has no interface number 0
[ 90.369529][ T798] usb 1-1: config 7 interface 150 has no altsetting 0
[ 90.378757][ T798] usb 1-1: New USB device found, idVendor=0424, idProduct=cf30, bcdDevice=d3.ae
[ 90.388619][ T798] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 90.396601][ T798] usb 1-1: Product: syz
[ 90.401075][ T798] usb 1-1: Manufacturer: syz
[ 90.405685][ T798] usb 1-1: SerialNumber: syz
[ 90.633189][ T798] usb 1-1: USB disconnect, device number 2
[ 90.643587][ T798] ==================================================================
[ 90.651678][ T798] BUG: KASAN: slab-use-after-free in hdm_disconnect+0x10d/0x1c0
[ 90.659309][ T798] Read of size 8 at addr ffff88807de398a0 by task kworker/1:2/798
[ 90.667092][ T798]
[ 90.669414][ T798] CPU: 1 UID: 0 PID: 798 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full)
[ 90.669426][ T798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 90.669434][ T798] Workqueue: usb_hub_wq hub_event
[ 90.669451][ T798] Call Trace:
[ 90.669460][ T798]
[ 90.669465][ T798] dump_stack_lvl+0x189/0x250
[ 90.669476][ T798] ? __kasan_check_byte+0x12/0x40
[ 90.669489][ T798] ? __pfx_dump_stack_lvl+0x10/0x10
[ 90.669498][ T798] ? lock_release+0x4b/0x3e0
[ 90.669512][ T798] ? __virt_addr_valid+0x4a5/0x5c0
[ 90.669522][ T798] print_report+0xca/0x240
[ 90.669533][ T798] ? hdm_disconnect+0x10d/0x1c0
[ 90.669544][ T798] kasan_report+0x118/0x150
[ 90.669555][ T798] ? hdm_disconnect+0x10d/0x1c0
[ 90.669566][ T798] hdm_disconnect+0x10d/0x1c0
[ 90.669577][ T798] usb_unbind_interface+0x26e/0x910
[ 90.669589][ T798] ? __pfx_usb_unbind_interface+0x10/0x10
[ 90.669600][ T798] device_release_driver_internal+0x4d9/0x800
[ 90.669614][ T798] bus_remove_device+0x34d/0x410
[ 90.669629][ T798] device_del+0x511/0x8e0
[ 90.669639][ T798] ? __pm_runtime_barrier+0x212/0x460
[ 90.669651][ T798] ? __pfx_device_del+0x10/0x10
[ 90.669660][ T798] ? __pfx___mutex_lock+0x10/0x10
[ 90.669673][ T798] usb_disable_device+0x3e9/0x8a0
[ 90.669684][ T798] usb_disconnect+0x330/0x950
[ 90.669699][ T798] hub_event+0x1cf5/0x4a20
[ 90.669713][ T798] ? do_raw_spin_lock+0x121/0x290
[ 90.669723][ T798] ? register_lock_class+0x51/0x320
[ 90.669738][ T798] ? __pfx_hub_event+0x10/0x10
[ 90.669747][ T798] ? process_scheduled_works+0x9ef/0x17b0
[ 90.669761][ T798] ? _raw_spin_unlock_irq+0x23/0x50
[ 90.669769][ T798] ? process_scheduled_works+0x9ef/0x17b0
[ 90.669781][ T798] ? process_scheduled_works+0x9ef/0x17b0
[ 90.669793][ T798] process_scheduled_works+0xae1/0x17b0
[ 90.669815][ T798] ? __pfx_process_scheduled_works+0x10/0x10
[ 90.669830][ T798] worker_thread+0x8a0/0xda0
[ 90.669843][ T798] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 90.669854][ T798] ? __kthread_parkme+0x7b/0x200
[ 90.669867][ T798] kthread+0x711/0x8a0
[ 90.669877][ T798] ? __pfx_worker_thread+0x10/0x10
[ 90.669889][ T798] ? __pfx_kthread+0x10/0x10
[ 90.669898][ T798] ? _raw_spin_unlock_irq+0x23/0x50
[ 90.669906][ T798] ? lockdep_hardirqs_on+0x9c/0x150
[ 90.669916][ T798] ? __pfx_kthread+0x10/0x10
[ 90.669925][ T798] ret_from_fork+0x4bc/0x870
[ 90.669937][ T798] ? __pfx_ret_from_fork+0x10/0x10
[ 90.669949][ T798] ? __switch_to_asm+0x39/0x70
[ 90.669960][ T798] ? __switch_to_asm+0x33/0x70
[ 90.669969][ T798] ? __pfx_kthread+0x10/0x10
[ 90.669978][ T798] ret_from_fork_asm+0x1a/0x30
[ 90.669991][ T798]
[ 90.669995][ T798]
[ 90.930533][ T798] Allocated by task 798:
[ 90.934756][ T798] kasan_save_track+0x3e/0x80
[ 90.939419][ T798] __kasan_kmalloc+0x93/0xb0
[ 90.944003][ T798] __kmalloc_cache_noprof+0x3e2/0x700
[ 90.949359][ T798] hdm_probe+0x96/0x1400
[ 90.953591][ T798] usb_probe_interface+0x668/0xc30
[ 90.958714][ T798] really_probe+0x26d/0x9e0
[ 90.963204][ T798] __driver_probe_device+0x18c/0x2f0
[ 90.968475][ T798] driver_probe_device+0x4f/0x430
[ 90.973507][ T798] __device_attach_driver+0x2ce/0x530
[ 90.978862][ T798] bus_for_each_drv+0x251/0x2e0
[ 90.983701][ T798] __device_attach+0x2b8/0x400
[ 90.988446][ T798] bus_probe_device+0x185/0x260
[ 90.993282][ T798] device_add+0x7b6/0xb50
[ 90.997594][ T798] usb_set_configuration+0x1a87/0x20e0
[ 91.003035][ T798] usb_generic_driver_probe+0x8d/0x150
[ 91.008481][ T798] usb_probe_device+0x1c4/0x390
[ 91.013315][ T798] really_probe+0x26d/0x9e0
[ 91.017807][ T798] __driver_probe_device+0x18c/0x2f0
[ 91.023080][ T798] driver_probe_device+0x4f/0x430
[ 91.028089][ T798] __device_attach_driver+0x2ce/0x530
[ 91.033449][ T798] bus_for_each_drv+0x251/0x2e0
[ 91.038289][ T798] __device_attach+0x2b8/0x400
[ 91.043037][ T798] bus_probe_device+0x185/0x260
[ 91.047875][ T798] device_add+0x7b6/0xb50
[ 91.052187][ T798] usb_new_device+0xa39/0x16f0
[ 91.056941][ T798] hub_event+0x2958/0x4a20
[ 91.061342][ T798] process_scheduled_works+0xae1/0x17b0
[ 91.066874][ T798] worker_thread+0x8a0/0xda0
[ 91.071452][ T798] kthread+0x711/0x8a0
[ 91.075504][ T798] ret_from_fork+0x4bc/0x870
[ 91.080079][ T798] ret_from_fork_asm+0x1a/0x30
[ 91.084829][ T798]
[ 91.087144][ T798] Freed by task 798:
[ 91.091023][ T798] kasan_save_track+0x3e/0x80
[ 91.095695][ T798] __kasan_save_free_info+0x46/0x50
[ 91.100881][ T798] __kasan_slab_free+0x5c/0x80
[ 91.105627][ T798] kfree+0x19a/0x6d0
[ 91.109506][ T798] device_release+0x9c/0x1c0
[ 91.114083][ T798] kobject_put+0x22b/0x480
[ 91.118486][ T798] hdm_disconnect+0xf3/0x1c0
[ 91.123062][ T798] usb_unbind_interface+0x26e/0x910
[ 91.128245][ T798] device_release_driver_internal+0x4d9/0x800
[ 91.134299][ T798] bus_remove_device+0x34d/0x410
[ 91.139227][ T798] device_del+0x511/0x8e0
[ 91.143544][ T798] usb_disable_device+0x3e9/0x8a0
[ 91.148548][ T798] usb_disconnect+0x330/0x950
[ 91.153210][ T798] hub_event+0x1cf5/0x4a20
[ 91.157616][ T798] process_scheduled_works+0xae1/0x17b0
[ 91.163146][ T798] worker_thread+0x8a0/0xda0
[ 91.167724][ T798] kthread+0x711/0x8a0
[ 91.171774][ T798] ret_from_fork+0x4bc/0x870
[ 91.176348][ T798] ret_from_fork_asm+0x1a/0x30
[ 91.181096][ T798]
[ 91.183399][ T798] The buggy address belongs to the object at ffff88807de38000
[ 91.183399][ T798] which belongs to the cache kmalloc-8k of size 8192
[ 91.197433][ T798] The buggy address is located 6304 bytes inside of
[ 91.197433][ T798] freed 8192-byte region [ffff88807de38000, ffff88807de3a000)
[ 91.211387][ T798]
[ 91.213695][ T798] The buggy address belongs to the physical page:
[ 91.220103][ T798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7de38
[ 91.228858][ T798] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 91.237336][ T798] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 91.245306][ T798] page_type: f5(slab)
[ 91.249280][ T798] raw: 00fff00000000040 ffff88813fe27280 ffffea000084ec00 dead000000000005
[ 91.257854][ T798] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[ 91.266423][ T798] head: 00fff00000000040 ffff88813fe27280 ffffea000084ec00 dead000000000005
[ 91.275079][ T798] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[ 91.283745][ T798] head: 00fff00000000003 ffffea0001f78e01 00000000ffffffff 00000000ffffffff
[ 91.292419][ T798] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 91.301074][ T798] page dumped because: kasan: bad access detected
[ 91.307481][ T798] page_owner tracks the page as allocated
[ 91.313181][ T798] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5194, tgid 5194 (rcS), ts 25171419736, free_ts 22833143199
[ 91.332966][ T798] post_alloc_hook+0x240/0x2a0
[ 91.337724][ T798] get_page_from_freelist+0x2365/0x2440
[ 91.343262][ T798] __alloc_frozen_pages_noprof+0x181/0x370
[ 91.349053][ T798] alloc_pages_mpol+0x232/0x4a0
[ 91.353918][ T798] allocate_slab+0x96/0x3a0
[ 91.358408][ T798] ___slab_alloc+0xe94/0x18a0
[ 91.363068][ T798] __slab_alloc+0x65/0x100
[ 91.367470][ T798] __kmalloc_cache_noprof+0x41e/0x700
[ 91.372833][ T798] tomoyo_init_log+0x111f/0x1f70
[ 91.377766][ T798] tomoyo_supervisor+0x340/0x1480
[ 91.382776][ T798] tomoyo_env_perm+0x149/0x1e0
[ 91.387534][ T798] tomoyo_find_next_domain+0x15cf/0x1aa0
[ 91.393157][ T798] tomoyo_bprm_check_security+0x11c/0x180
[ 91.398866][ T798] security_bprm_check+0x89/0x270
[ 91.403873][ T798] bprm_execve+0x8ee/0x1450
[ 91.408357][ T798] do_execveat_common+0x510/0x6a0
[ 91.413374][ T798] page last free pid 1 tgid 1 stack trace:
[ 91.419157][ T798] __free_frozen_pages+0xbc4/0xd30
[ 91.424251][ T798] free_contig_range+0x1bd/0x4a0
[ 91.429172][ T798] destroy_args+0x69/0x660
[ 91.433574][ T798] debug_vm_pgtable+0x39f/0x3b0
[ 91.438407][ T798] do_one_initcall+0x236/0x820
[ 91.443154][ T798] do_initcall_level+0x104/0x190
[ 91.448079][ T798] do_initcalls+0x59/0xa0
[ 91.452393][ T798] kernel_init_freeable+0x334/0x4b0
[ 91.457575][ T798] kernel_init+0x1d/0x1d0
[ 91.461889][ T798] ret_from_fork+0x4bc/0x870
[ 91.466462][ T798] ret_from_fork_asm+0x1a/0x30
[ 91.471210][ T798]
[ 91.473516][ T798] Memory state around the buggy address:
[ 91.479123][ T798] ffff88807de39780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 91.487165][ T798] ffff88807de39800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 91.495204][ T798] >ffff88807de39880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 91.503328][ T798] ^
[ 91.508417][ T798] ffff88807de39900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 91.516463][ T798] ffff88807de39980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 91.524506][ T798] ==================================================================
[ 91.563461][ T798] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 91.570692][ T798] CPU: 1 UID: 0 PID: 798 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full)
[ 91.579988][ T798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 91.590035][ T798] Workqueue: usb_hub_wq hub_event
[ 91.595068][ T798] Call Trace:
[ 91.598329][ T798]
[ 91.601242][ T798] dump_stack_lvl+0x99/0x250
[ 91.605819][ T798] ? __asan_memcpy+0x40/0x70
[ 91.610389][ T798] ? __pfx_dump_stack_lvl+0x10/0x10
[ 91.615562][ T798] ? __pfx__printk+0x10/0x10
[ 91.620134][ T798] vpanic+0x237/0x6d0
[ 91.624102][ T798] ? __pfx_vpanic+0x10/0x10
[ 91.628583][ T798] ? preempt_schedule+0xae/0xc0
[ 91.633414][ T798] ? __pfx_preempt_schedule+0x10/0x10
[ 91.638766][ T798] panic+0xb9/0xc0
[ 91.642465][ T798] ? __pfx_panic+0x10/0x10
[ 91.646861][ T798] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 91.652732][ T798] ? hdm_disconnect+0x10d/0x1c0
[ 91.657561][ T798] check_panic_on_warn+0x89/0xb0
[ 91.662478][ T798] ? hdm_disconnect+0x10d/0x1c0
[ 91.667309][ T798] end_report+0x78/0x160
[ 91.671585][ T798] kasan_report+0x129/0x150
[ 91.676095][ T798] ? hdm_disconnect+0x10d/0x1c0
[ 91.680943][ T798] hdm_disconnect+0x10d/0x1c0
[ 91.685622][ T798] usb_unbind_interface+0x26e/0x910
[ 91.690814][ T798] ? __pfx_usb_unbind_interface+0x10/0x10
[ 91.696523][ T798] device_release_driver_internal+0x4d9/0x800
[ 91.702582][ T798] bus_remove_device+0x34d/0x410
[ 91.707512][ T798] device_del+0x511/0x8e0
[ 91.711851][ T798] ? __pm_runtime_barrier+0x212/0x460
[ 91.717211][ T798] ? __pfx_device_del+0x10/0x10
[ 91.722049][ T798] ? __pfx___mutex_lock+0x10/0x10
[ 91.727063][ T798] usb_disable_device+0x3e9/0x8a0
[ 91.732081][ T798] usb_disconnect+0x330/0x950
[ 91.736754][ T798] hub_event+0x1cf5/0x4a20
[ 91.741165][ T798] ? do_raw_spin_lock+0x121/0x290
[ 91.746179][ T798] ? register_lock_class+0x51/0x320
[ 91.751371][ T798] ? __pfx_hub_event+0x10/0x10
[ 91.756119][ T798] ? process_scheduled_works+0x9ef/0x17b0
[ 91.761839][ T798] ? _raw_spin_unlock_irq+0x23/0x50
[ 91.767027][ T798] ? process_scheduled_works+0x9ef/0x17b0
[ 91.772736][ T798] ? process_scheduled_works+0x9ef/0x17b0
[ 91.778444][ T798] process_scheduled_works+0xae1/0x17b0
[ 91.783990][ T798] ? __pfx_process_scheduled_works+0x10/0x10
[ 91.789971][ T798] worker_thread+0x8a0/0xda0
[ 91.794556][ T798] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 91.800889][ T798] ? __kthread_parkme+0x7b/0x200
[ 91.805836][ T798] kthread+0x711/0x8a0
[ 91.809895][ T798] ? __pfx_worker_thread+0x10/0x10
[ 91.815001][ T798] ? __pfx_kthread+0x10/0x10
[ 91.819578][ T798] ? _raw_spin_unlock_irq+0x23/0x50
[ 91.824763][ T798] ? lockdep_hardirqs_on+0x9c/0x150
[ 91.829950][ T798] ? __pfx_kthread+0x10/0x10
[ 91.834524][ T798] ret_from_fork+0x4bc/0x870
[ 91.839103][ T798] ? __pfx_ret_from_fork+0x10/0x10
[ 91.844205][ T798] ? __switch_to_asm+0x39/0x70
[ 91.848956][ T798] ? __switch_to_asm+0x33/0x70
[ 91.853705][ T798] ? __pfx_kthread+0x10/0x10
[ 91.858277][ T798] ret_from_fork_asm+0x1a/0x30
[ 91.863036][ T798]
[ 91.866296][ T798] Kernel Offset: disabled
[ 91.870608][ T798] Rebooting in 86400 seconds..