Warning: Permanently added '10.128.1.165' (ED25519) to the list of known hosts.
2025/09/09 11:18:59 parsed 1 programs
[ 82.997696][ T5869] cgroup: Unknown subsys name 'net'
[ 83.108950][ T5869] cgroup: Unknown subsys name 'cpuset'
[ 83.118070][ T5869] cgroup: Unknown subsys name 'rlimit'
[ 84.662972][ T5869] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 86.627446][ T123] cfg80211: failed to load regulatory.db
[ 87.202209][ T5879] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 88.382536][ T5899] chnl_net:caif_netlink_parms(): no params data found
[ 88.453899][ T5899] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.461313][ T5899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 88.469086][ T5899] bridge_slave_0: entered allmulticast mode
[ 88.476573][ T5899] bridge_slave_0: entered promiscuous mode
[ 88.485164][ T5899] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.492687][ T5899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 88.501201][ T5899] bridge_slave_1: entered allmulticast mode
[ 88.508606][ T5899] bridge_slave_1: entered promiscuous mode
[ 88.541172][ T5899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 88.552468][ T5899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 88.583176][ T5899] team0: Port device team_slave_0 added
[ 88.590625][ T5899] team0: Port device team_slave_1 added
[ 88.617009][ T5899] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 88.623941][ T5899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.649926][ T5899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 88.662178][ T5899] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 88.669570][ T5899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.695466][ T5899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 88.736555][ T5899] hsr_slave_0: entered promiscuous mode
[ 88.742975][ T5899] hsr_slave_1: entered promiscuous mode
[ 88.876398][ T5899] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 88.888526][ T5899] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 88.899294][ T5899] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 88.909055][ T5899] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 88.937802][ T5899] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.945061][ T5899] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 88.952735][ T5899] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.959885][ T5899] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.012517][ T5899] 8021q: adding VLAN 0 to HW filter on device bond0
[ 89.029255][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 89.037530][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 89.053484][ T5899] 8021q: adding VLAN 0 to HW filter on device team0
[ 89.067132][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.074214][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.086783][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.093878][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 89.257187][ T5899] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 89.299770][ T5899] veth0_vlan: entered promiscuous mode
[ 89.311109][ T5899] veth1_vlan: entered promiscuous mode
[ 89.339145][ T5899] veth0_macvtap: entered promiscuous mode
[ 89.349462][ T5899] veth1_macvtap: entered promiscuous mode
[ 89.365371][ T5899] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.379018][ T5899] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.392671][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.401739][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.412454][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.422867][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.524289][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 89.582539][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 89.640865][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.649017][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.673492][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 89.702520][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.711286][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 89.751821][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 89.952746][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 89.960503][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 89.969736][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 89.978290][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 89.986477][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/09/09 11:19:10 executed programs: 0
[ 91.687894][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 91.695493][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 91.703666][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 91.711788][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 91.720042][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 91.860379][ T5974] chnl_net:caif_netlink_parms(): no params data found
[ 91.928716][ T5974] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.935967][ T5974] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.943249][ T5974] bridge_slave_0: entered allmulticast mode
[ 91.950896][ T5974] bridge_slave_0: entered promiscuous mode
[ 91.958944][ T5974] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.966143][ T5974] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.973268][ T5974] bridge_slave_1: entered allmulticast mode
[ 91.980834][ T5974] bridge_slave_1: entered promiscuous mode
[ 92.010135][ T5974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 92.022012][ T5974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 92.053191][ T5974] team0: Port device team_slave_0 added
[ 92.060825][ T5974] team0: Port device team_slave_1 added
[ 92.088968][ T5974] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 92.096543][ T5974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 92.122491][ T5974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 92.134435][ T5974] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 92.141403][ T5974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 92.167384][ T5974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 92.210140][ T5974] hsr_slave_0: entered promiscuous mode
[ 92.216482][ T5974] hsr_slave_1: entered promiscuous mode
[ 92.223500][ T5974] debugfs: 'hsr0' already exists in 'hsr'
[ 92.229389][ T5974] Cannot create hsr debugfs directory
[ 92.609081][ T12] bridge_slave_1: left allmulticast mode
[ 92.614839][ T12] bridge_slave_1: left promiscuous mode
[ 92.621298][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.634402][ T12] bridge_slave_0: left allmulticast mode
[ 92.640154][ T12] bridge_slave_0: left promiscuous mode
[ 92.649331][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.918885][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 92.930532][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 92.941642][ T12] bond0 (unregistering): Released all slaves
[ 93.046658][ T12] hsr_slave_0: left promiscuous mode
[ 93.052902][ T12] hsr_slave_1: left promiscuous mode
[ 93.059187][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 93.067515][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 93.075434][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 93.082880][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 93.099679][ T12] veth1_macvtap: left promiscuous mode
[ 93.105252][ T12] veth0_macvtap: left promiscuous mode
[ 93.111334][ T12] veth1_vlan: left promiscuous mode
[ 93.116731][ T12] veth0_vlan: left promiscuous mode
[ 93.357528][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 93.380381][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 93.747060][ T5182] Bluetooth: hci0: command tx timeout
[ 93.821736][ T5974] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 93.832526][ T5974] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 93.845323][ T5974] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 93.858988][ T5974] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 94.347884][ T5974] 8021q: adding VLAN 0 to HW filter on device bond0
[ 94.378546][ T5974] 8021q: adding VLAN 0 to HW filter on device team0
[ 94.391784][ T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.398940][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 94.424664][ T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.431833][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.812385][ T5974] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 94.911469][ T5974] veth0_vlan: entered promiscuous mode
[ 94.932680][ T5974] veth1_vlan: entered promiscuous mode
[ 94.964770][ T5974] veth0_macvtap: entered promiscuous mode
[ 94.980303][ T5974] veth1_macvtap: entered promiscuous mode
[ 95.003534][ T5974] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 95.023060][ T5974] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 95.040557][ T1143] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.051920][ T1143] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.069089][ T1143] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.081819][ T1143] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 95.145565][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.167862][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.193033][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.201978][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.476212][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 95.625906][ T9] usb 1-1: Using ep0 maxpacket: 16
[ 95.634238][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 95.647482][ T9] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 95.656627][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 95.664591][ T9] usb 1-1: Product: syz
[ 95.669758][ T9] usb 1-1: Manufacturer: syz
[ 95.674362][ T9] usb 1-1: SerialNumber: syz
[ 95.686233][ T9] usb 1-1: config 0 descriptor??
[ 95.695673][ T9] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 95.705006][ T9] em28xx 1-1:0.0: DVB interface 0 found: bulk
[ 95.826018][ T5182] Bluetooth: hci0: command tx timeout
[ 95.946928][ T9] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 96.010261][ T9] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 96.018618][ T9] em28xx 1-1:0.0: board has no eeprom
[ 96.085862][ T9] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 96.093690][ T9] em28xx 1-1:0.0: dvb set to bulk mode.
[ 96.100709][ T123] em28xx 1-1:0.0: Binding DVB extension
[ 96.111174][ T9] usb 1-1: USB disconnect, device number 2
[ 96.124124][ T9] em28xx 1-1:0.0: Disconnecting em28xx
[ 96.162106][ T123] em28xx 1-1:0.0: Registering input extension
[ 96.168542][ T9] em28xx 1-1:0.0: Closing input extension
[ 96.178518][ T9] ==================================================================
[ 96.186589][ T9] BUG: KASAN: slab-use-after-free in media_devnode_unregister+0xe2/0xf0
[ 96.194922][ T9] Read of size 4 at addr ffff8880712ba4f0 by task kworker/0:0/9
[ 96.202539][ T9]
[ 96.204865][ T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted syzkaller #0 PREEMPT(full)
[ 96.204881][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 96.204890][ T9] Workqueue: usb_hub_wq hub_event
[ 96.204914][ T9] Call Trace:
[ 96.204919][ T9]
[ 96.204925][ T9] dump_stack_lvl+0x189/0x250
[ 96.204948][ T9] ? rcu_is_watching+0x15/0xb0
[ 96.204964][ T9] ? __kasan_check_byte+0x12/0x40
[ 96.204980][ T9] ? __pfx_dump_stack_lvl+0x10/0x10
[ 96.205000][ T9] ? rcu_is_watching+0x15/0xb0
[ 96.205016][ T9] ? lock_release+0x4b/0x3e0
[ 96.205031][ T9] ? __virt_addr_valid+0x1c8/0x5c0
[ 96.205052][ T9] ? __virt_addr_valid+0x4a5/0x5c0
[ 96.205072][ T9] print_report+0xca/0x240
[ 96.205086][ T9] ? media_devnode_unregister+0xe2/0xf0
[ 96.205103][ T9] kasan_report+0x118/0x150
[ 96.205118][ T9] ? media_devnode_unregister+0xe2/0xf0
[ 96.205138][ T9] media_devnode_unregister+0xe2/0xf0
[ 96.205156][ T9] media_device_unregister+0x37c/0x400
[ 96.205175][ T9] em28xx_release_resources+0xac/0x240
[ 96.205196][ T9] em28xx_usb_disconnect+0x19f/0x2f0
[ 96.205221][ T9] usb_unbind_interface+0x26e/0x910
[ 96.205238][ T9] ? __pfx_usb_unbind_interface+0x10/0x10
[ 96.205254][ T9] device_release_driver_internal+0x4d6/0x800
[ 96.205273][ T9] bus_remove_device+0x34d/0x410
[ 96.205296][ T9] device_del+0x511/0x8e0
[ 96.205313][ T9] ? __pfx_device_del+0x10/0x10
[ 96.205327][ T9] ? kobject_put+0x446/0x480
[ 96.205351][ T9] usb_disable_device+0x3e9/0x8a0
[ 96.205367][ T9] usb_disconnect+0x330/0x950
[ 96.205389][ T9] hub_event+0x1cf5/0x4a20
[ 96.205411][ T9] ? do_raw_spin_lock+0x121/0x290
[ 96.205431][ T9] ? register_lock_class+0x51/0x320
[ 96.205450][ T9] ? __pfx_hub_event+0x10/0x10
[ 96.205464][ T9] ? process_scheduled_works+0x9ef/0x17b0
[ 96.205483][ T9] ? _raw_spin_unlock_irq+0x23/0x50
[ 96.205500][ T9] ? process_scheduled_works+0x9ef/0x17b0
[ 96.205515][ T9] ? process_scheduled_works+0x9ef/0x17b0
[ 96.205531][ T9] process_scheduled_works+0xae1/0x17b0
[ 96.205556][ T9] ? __pfx_process_scheduled_works+0x10/0x10
[ 96.205577][ T9] worker_thread+0x8a0/0xda0
[ 96.205602][ T9] kthread+0x711/0x8a0
[ 96.205622][ T9] ? __pfx_worker_thread+0x10/0x10
[ 96.205637][ T9] ? __pfx_kthread+0x10/0x10
[ 96.205657][ T9] ? _raw_spin_unlock_irq+0x23/0x50
[ 96.205674][ T9] ? lockdep_hardirqs_on+0x9c/0x150
[ 96.205692][ T9] ? __pfx_kthread+0x10/0x10
[ 96.205711][ T9] ret_from_fork+0x47c/0x820
[ 96.205727][ T9] ? __pfx_ret_from_fork+0x10/0x10
[ 96.205744][ T9] ? __switch_to_asm+0x39/0x70
[ 96.205758][ T9] ? __switch_to_asm+0x33/0x70
[ 96.205771][ T9] ? __pfx_kthread+0x10/0x10
[ 96.205792][ T9] ret_from_fork_asm+0x1a/0x30
[ 96.205816][ T9]
[ 96.205821][ T9]
[ 96.481609][ T9] Allocated by task 9:
[ 96.485666][ T9] kasan_save_track+0x3e/0x80
[ 96.490334][ T9] __kasan_kmalloc+0x93/0xb0
[ 96.494913][ T9] __kmalloc_cache_noprof+0x3d5/0x6f0
[ 96.500272][ T9] __media_device_register+0x58/0x280
[ 96.505635][ T9] em28xx_usb_probe+0x1764/0x2a20
[ 96.510653][ T9] usb_probe_interface+0x665/0xc30
[ 96.515757][ T9] really_probe+0x26a/0x9e0
[ 96.520255][ T9] __driver_probe_device+0x18c/0x2f0
[ 96.525529][ T9] driver_probe_device+0x4f/0x430
[ 96.530546][ T9] __device_attach_driver+0x2ce/0x530
[ 96.535911][ T9] bus_for_each_drv+0x251/0x2e0
[ 96.540767][ T9] __device_attach+0x2b8/0x400
[ 96.545525][ T9] bus_probe_device+0x185/0x260
[ 96.550371][ T9] device_add+0x7b6/0xb50
[ 96.554692][ T9] usb_set_configuration+0x1a87/0x20e0
[ 96.560142][ T9] usb_generic_driver_probe+0x8d/0x150
[ 96.565613][ T9] usb_probe_device+0x1c1/0x390
[ 96.570453][ T9] really_probe+0x26a/0x9e0
[ 96.574945][ T9] __driver_probe_device+0x18c/0x2f0
[ 96.580219][ T9] driver_probe_device+0x4f/0x430
[ 96.585243][ T9] __device_attach_driver+0x2ce/0x530
[ 96.590613][ T9] bus_for_each_drv+0x251/0x2e0
[ 96.595458][ T9] __device_attach+0x2b8/0x400
[ 96.600214][ T9] bus_probe_device+0x185/0x260
[ 96.605061][ T9] device_add+0x7b6/0xb50
[ 96.609385][ T9] usb_new_device+0xa39/0x16f0
[ 96.614158][ T9] hub_event+0x2958/0x4a20
[ 96.618568][ T9] process_scheduled_works+0xae1/0x17b0
[ 96.624111][ T9] worker_thread+0x8a0/0xda0
[ 96.628699][ T9] kthread+0x711/0x8a0
[ 96.632765][ T9] ret_from_fork+0x47c/0x820
[ 96.637348][ T9] ret_from_fork_asm+0x1a/0x30
[ 96.642105][ T9]
[ 96.644422][ T9] Freed by task 9:
[ 96.648128][ T9] kasan_save_track+0x3e/0x80
[ 96.652794][ T9] __kasan_save_free_info+0x46/0x50
[ 96.657987][ T9] __kasan_slab_free+0x5b/0x80
[ 96.662741][ T9] kfree+0x199/0x6d0
[ 96.666630][ T9] media_devnode_release+0x61/0xa0
[ 96.671758][ T9] device_release+0x9c/0x1c0
[ 96.676342][ T9] kobject_put+0x228/0x480
[ 96.680752][ T9] media_devnode_unregister+0x6d/0xf0
[ 96.686116][ T9] media_device_unregister+0x37c/0x400
[ 96.691565][ T9] em28xx_release_resources+0xac/0x240
[ 96.697018][ T9] em28xx_usb_disconnect+0x19f/0x2f0
[ 96.702295][ T9] usb_unbind_interface+0x26e/0x910
[ 96.707484][ T9] device_release_driver_internal+0x4d6/0x800
[ 96.713545][ T9] bus_remove_device+0x34d/0x410
[ 96.718476][ T9] device_del+0x511/0x8e0
[ 96.722795][ T9] usb_disable_device+0x3e9/0x8a0
[ 96.727809][ T9] usb_disconnect+0x330/0x950
[ 96.732483][ T9] hub_event+0x1cf5/0x4a20
[ 96.736885][ T9] process_scheduled_works+0xae1/0x17b0
[ 96.742419][ T9] worker_thread+0x8a0/0xda0
[ 96.747001][ T9] kthread+0x711/0x8a0
[ 96.751062][ T9] ret_from_fork+0x47c/0x820
[ 96.755641][ T9] ret_from_fork_asm+0x1a/0x30
[ 96.760399][ T9]
[ 96.762716][ T9] The buggy address belongs to the object at ffff8880712ba000
[ 96.762716][ T9] which belongs to the cache kmalloc-2k of size 2048
[ 96.776754][ T9] The buggy address is located 1264 bytes inside of
[ 96.776754][ T9] freed 2048-byte region [ffff8880712ba000, ffff8880712ba800)
[ 96.790708][ T9]
[ 96.793024][ T9] The buggy address belongs to the physical page:
[ 96.799440][ T9] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x712b8
[ 96.808188][ T9] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 96.816697][ T9] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 96.824239][ T9] page_type: f5(slab)
[ 96.828213][ T9] raw: 00fff00000000040 ffff88801a842000 dead000000000122 0000000000000000
[ 96.836784][ T9] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 96.845364][ T9] head: 00fff00000000040 ffff88801a842000 dead000000000122 0000000000000000
[ 96.854042][ T9] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 96.862703][ T9] head: 00fff00000000003 ffffea0001c4ae01 00000000ffffffff 00000000ffffffff
[ 96.871361][ T9] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 96.880032][ T9] page dumped because: kasan: bad access detected
[ 96.886439][ T9] page_owner tracks the page as allocated
[ 96.892139][ T9] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12, tgid 12 (kworker/u8:0), ts 96068363962, free_ts 91163397017
[ 96.913141][ T9] post_alloc_hook+0x240/0x2a0
[ 96.917903][ T9] get_page_from_freelist+0x21e4/0x22c0
[ 96.923462][ T9] __alloc_frozen_pages_noprof+0x181/0x370
[ 96.929259][ T9] alloc_pages_mpol+0x232/0x4a0
[ 96.934101][ T9] allocate_slab+0x8a/0x330
[ 96.938598][ T9] ___slab_alloc+0xbd1/0x13f0
[ 96.943274][ T9] __slab_alloc+0x55/0xa0
[ 96.947593][ T9] __kmalloc_node_track_caller_noprof+0x5c7/0x800
[ 96.953998][ T9] kmalloc_reserve+0x136/0x290
[ 96.958758][ T9] __alloc_skb+0x142/0x2d0
[ 96.963171][ T9] mld_newpack+0x13c/0xc40
[ 96.967586][ T9] add_grhead+0x5a/0x2a0
[ 96.971822][ T9] add_grec+0x1452/0x1740
[ 96.976150][ T9] mld_send_initial_cr+0x288/0x550
[ 96.981252][ T9] ipv6_mc_dad_complete+0x88/0x410
[ 96.986354][ T9] addrconf_dad_completed+0x6d5/0xd60
[ 96.991716][ T9] page last free pid 5917 tgid 5917 stack trace:
[ 96.998028][ T9] __free_frozen_pages+0xbc4/0xd30
[ 97.003126][ T9] kasan_depopulate_vmalloc_pte+0x6d/0x90
[ 97.008845][ T9] __apply_to_page_range+0xb63/0x13d0
[ 97.014222][ T9] kasan_release_vmalloc+0xa2/0xd0
[ 97.019330][ T9] purge_vmap_node+0x214/0x8f0
[ 97.024115][ T9] __purge_vmap_area_lazy+0x7a4/0xb40
[ 97.029486][ T9] drain_vmap_area_work+0x27/0x40
[ 97.034519][ T9] process_scheduled_works+0xae1/0x17b0
[ 97.040057][ T9] worker_thread+0x8a0/0xda0
[ 97.044639][ T9] kthread+0x711/0x8a0
[ 97.048705][ T9] ret_from_fork+0x47c/0x820
[ 97.053283][ T9] ret_from_fork_asm+0x1a/0x30
[ 97.058039][ T9]
[ 97.060350][ T9] Memory state around the buggy address:
[ 97.065964][ T9] ffff8880712ba380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 97.074027][ T9] ffff8880712ba400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 97.082103][ T9] >ffff8880712ba480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 97.090159][ T9] ^
[ 97.097861][ T9] ffff8880712ba500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 97.105906][ T9] ffff8880712ba580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 97.113951][ T9] ==================================================================
[ 97.145969][ T9] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 97.153202][ T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted syzkaller #0 PREEMPT(full)
[ 97.162309][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 97.172373][ T9] Workqueue: usb_hub_wq hub_event
[ 97.177392][ T9] Call Trace:
[ 97.180657][ T9]
[ 97.183573][ T9] dump_stack_lvl+0x99/0x250
[ 97.188158][ T9] ? __asan_memcpy+0x40/0x70
[ 97.192740][ T9] ? __pfx_dump_stack_lvl+0x10/0x10
[ 97.197926][ T9] ? __pfx__printk+0x10/0x10
[ 97.202510][ T9] vpanic+0x237/0x6d0
[ 97.206486][ T9] ? __pfx_vpanic+0x10/0x10
[ 97.210994][ T9] ? preempt_schedule+0xae/0xc0
[ 97.215843][ T9] ? __pfx_preempt_schedule+0x10/0x10
[ 97.221209][ T9] panic+0xb9/0xc0
[ 97.224921][ T9] ? __pfx_panic+0x10/0x10
[ 97.229327][ T9] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 97.235211][ T9] ? media_devnode_unregister+0xe2/0xf0
[ 97.240747][ T9] check_panic_on_warn+0x89/0xb0
[ 97.245679][ T9] ? media_devnode_unregister+0xe2/0xf0
[ 97.251212][ T9] end_report+0x78/0x160
[ 97.255442][ T9] kasan_report+0x129/0x150
[ 97.259938][ T9] ? media_devnode_unregister+0xe2/0xf0
[ 97.265486][ T9] media_devnode_unregister+0xe2/0xf0
[ 97.270853][ T9] media_device_unregister+0x37c/0x400
[ 97.276314][ T9] em28xx_release_resources+0xac/0x240
[ 97.281769][ T9] em28xx_usb_disconnect+0x19f/0x2f0
[ 97.287051][ T9] usb_unbind_interface+0x26e/0x910
[ 97.292244][ T9] ? __pfx_usb_unbind_interface+0x10/0x10
[ 97.297957][ T9] device_release_driver_internal+0x4d6/0x800
[ 97.304021][ T9] bus_remove_device+0x34d/0x410
[ 97.308970][ T9] device_del+0x511/0x8e0
[ 97.313295][ T9] ? __pfx_device_del+0x10/0x10
[ 97.318154][ T9] ? kobject_put+0x446/0x480
[ 97.322755][ T9] usb_disable_device+0x3e9/0x8a0
[ 97.327777][ T9] usb_disconnect+0x330/0x950
[ 97.332453][ T9] hub_event+0x1cf5/0x4a20
[ 97.336867][ T9] ? do_raw_spin_lock+0x121/0x290
[ 97.341889][ T9] ? register_lock_class+0x51/0x320
[ 97.347089][ T9] ? __pfx_hub_event+0x10/0x10
[ 97.351847][ T9] ? process_scheduled_works+0x9ef/0x17b0
[ 97.357561][ T9] ? _raw_spin_unlock_irq+0x23/0x50
[ 97.362752][ T9] ? process_scheduled_works+0x9ef/0x17b0
[ 97.368462][ T9] ? process_scheduled_works+0x9ef/0x17b0
[ 97.374173][ T9] process_scheduled_works+0xae1/0x17b0
[ 97.379723][ T9] ? __pfx_process_scheduled_works+0x10/0x10
[ 97.385701][ T9] worker_thread+0x8a0/0xda0
[ 97.390295][ T9] kthread+0x711/0x8a0
[ 97.394364][ T9] ? __pfx_worker_thread+0x10/0x10
[ 97.399466][ T9] ? __pfx_kthread+0x10/0x10
[ 97.404055][ T9] ? _raw_spin_unlock_irq+0x23/0x50
[ 97.409248][ T9] ? lockdep_hardirqs_on+0x9c/0x150
[ 97.414439][ T9] ? __pfx_kthread+0x10/0x10
[ 97.419029][ T9] ret_from_fork+0x47c/0x820
[ 97.423616][ T9] ? __pfx_ret_from_fork+0x10/0x10
[ 97.428724][ T9] ? __switch_to_asm+0x39/0x70
[ 97.433505][ T9] ? __switch_to_asm+0x33/0x70
[ 97.438259][ T9] ? __pfx_kthread+0x10/0x10
[ 97.442857][ T9] ret_from_fork_asm+0x1a/0x30
[ 97.447639][ T9]
[ 97.450972][ T9] Kernel Offset: disabled
[ 97.455297][ T9] Rebooting in 86400 seconds..