Warning: Permanently added '10.128.1.160' (ED25519) to the list of known hosts.
2025/07/07 18:39:57 ignoring optional flag "sandboxArg"="0"
2025/07/07 18:39:58 parsed 1 programs
[ 188.482846][ T30] audit: type=1400 audit(1751913600.394:115): avc: denied { unlink } for pid=6294 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 189.747837][ T6294] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 191.529000][ T30] audit: type=1400 audit(1751913603.434:116): avc: denied { mount } for pid=6299 comm="syz-executor" name="/" dev="gadgetfs" ino=7303 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 191.818913][ T30] audit: type=1401 audit(1751913603.724:117): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 192.270369][ T6322] chnl_net:caif_netlink_parms(): no params data found
[ 192.341986][ T6322] bridge0: port 1(bridge_slave_0) entered blocking state
[ 192.349077][ T6322] bridge0: port 1(bridge_slave_0) entered disabled state
[ 192.356280][ T6322] bridge_slave_0: entered allmulticast mode
[ 192.363151][ T6322] bridge_slave_0: entered promiscuous mode
[ 192.371113][ T6322] bridge0: port 2(bridge_slave_1) entered blocking state
[ 192.378183][ T6322] bridge0: port 2(bridge_slave_1) entered disabled state
[ 192.385334][ T6322] bridge_slave_1: entered allmulticast mode
[ 192.392114][ T6322] bridge_slave_1: entered promiscuous mode
[ 192.421179][ T6322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 192.432131][ T6322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 192.457795][ T6322] team0: Port device team_slave_0 added
[ 192.466617][ T6322] team0: Port device team_slave_1 added
[ 192.492275][ T6322] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 192.499244][ T6322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 192.525201][ T6322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 192.538130][ T6322] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 192.545722][ T6322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 192.571678][ T6322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 192.611393][ T6322] hsr_slave_0: entered promiscuous mode
[ 192.617395][ T6322] hsr_slave_1: entered promiscuous mode
[ 193.117658][ T6322] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 193.127840][ T6322] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 193.138019][ T6322] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 193.151345][ T6322] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 193.236895][ T6322] 8021q: adding VLAN 0 to HW filter on device bond0
[ 193.259106][ T6322] 8021q: adding VLAN 0 to HW filter on device team0
[ 193.275093][ T1154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 193.282231][ T1154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 193.304076][ T61] bridge0: port 2(bridge_slave_1) entered blocking state
[ 193.311220][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 193.532488][ T6322] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 193.576213][ T6322] veth0_vlan: entered promiscuous mode
[ 193.592562][ T6322] veth1_vlan: entered promiscuous mode
[ 193.622644][ T6322] veth0_macvtap: entered promiscuous mode
[ 193.634434][ T6322] veth1_macvtap: entered promiscuous mode
[ 193.658878][ T6322] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 193.674673][ T6322] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 193.688698][ T6322] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.699444][ T6322] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.708359][ T6322] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.720103][ T6322] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 193.937274][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 193.955091][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 193.969616][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 194.032862][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 194.119485][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 194.188983][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 195.468764][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 195.478692][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 195.487780][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 195.495818][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 195.503343][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 195.838115][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 195.851384][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 195.884579][ T3524] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 195.893333][ T3524] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 196.471318][ T13] bridge_slave_1: left allmulticast mode
[ 196.477003][ T13] bridge_slave_1: left promiscuous mode
[ 196.500829][ T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 196.521465][ T13] bridge_slave_0: left allmulticast mode
[ 196.527124][ T13] bridge_slave_0: left promiscuous mode
[ 196.541455][ T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 196.858144][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 196.868109][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 196.877975][ T13] bond0 (unregistering): Released all slaves
[ 197.004646][ T13] hsr_slave_0: left promiscuous mode
[ 197.018189][ T13] hsr_slave_1: left promiscuous mode
[ 197.026640][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 197.034183][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 197.042136][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 197.049524][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 197.066844][ T13] veth1_macvtap: left promiscuous mode
[ 197.072442][ T13] veth0_macvtap: left promiscuous mode
[ 197.078084][ T13] veth1_vlan: left promiscuous mode
[ 197.084064][ T13] veth0_vlan: left promiscuous mode
[ 197.449523][ T13] team0 (unregistering): Port device team_slave_1 removed
[ 197.483653][ T13] team0 (unregistering): Port device team_slave_0 removed
2025/07/07 18:40:10 executed programs: 0
[ 198.584875][ T5152] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 198.593151][ T5152] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 198.600726][ T5152] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 198.612067][ T5152] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 198.619643][ T5152] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 199.008848][ T6534] chnl_net:caif_netlink_parms(): no params data found
[ 199.252794][ T6534] bridge0: port 1(bridge_slave_0) entered blocking state
[ 199.259919][ T6534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 199.290837][ T6534] bridge_slave_0: entered allmulticast mode
[ 199.302507][ T6534] bridge_slave_0: entered promiscuous mode
[ 199.322018][ T6534] bridge0: port 2(bridge_slave_1) entered blocking state
[ 199.329157][ T6534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 199.339191][ T6534] bridge_slave_1: entered allmulticast mode
[ 199.351816][ T6534] bridge_slave_1: entered promiscuous mode
[ 199.432981][ T6534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 199.453150][ T6534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 199.528041][ T6534] team0: Port device team_slave_0 added
[ 199.549048][ T6534] team0: Port device team_slave_1 added
[ 199.588106][ T6534] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 199.597070][ T6534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 199.629171][ T6534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 199.647319][ T6534] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 199.654635][ T6534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 199.683507][ T6534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 199.749202][ T6534] hsr_slave_0: entered promiscuous mode
[ 199.755937][ T6534] hsr_slave_1: entered promiscuous mode
[ 200.157326][ T6534] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 200.168691][ T6534] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 200.179191][ T6534] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 200.190060][ T6534] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 200.274259][ T6534] 8021q: adding VLAN 0 to HW filter on device bond0
[ 200.299552][ T6534] 8021q: adding VLAN 0 to HW filter on device team0
[ 200.313398][ T3524] bridge0: port 1(bridge_slave_0) entered blocking state
[ 200.320534][ T3524] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 200.350027][ T3524] bridge0: port 2(bridge_slave_1) entered blocking state
[ 200.357224][ T3524] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 200.394857][ T6534] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 200.586209][ T6534] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 200.636159][ T6534] veth0_vlan: entered promiscuous mode
[ 200.652364][ T6534] veth1_vlan: entered promiscuous mode
[ 200.671248][ T51] Bluetooth: hci0: command tx timeout
[ 200.693676][ T6534] veth0_macvtap: entered promiscuous mode
[ 200.705299][ T6534] veth1_macvtap: entered promiscuous mode
[ 200.725248][ T6534] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 200.740243][ T6534] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 200.756029][ T6534] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 200.767053][ T6534] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 200.776064][ T6534] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 200.786918][ T6534] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 200.865556][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 200.876531][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 200.905554][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 200.915467][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 200.993146][ T30] audit: type=1400 audit(1751913612.894:118): avc: denied { read write } for pid=6622 comm="syz.0.16" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 201.018862][ T30] audit: type=1400 audit(1751913612.894:119): avc: denied { open } for pid=6622 comm="syz.0.16" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 201.046179][ T30] audit: type=1400 audit(1751913612.894:120): avc: denied { ioctl } for pid=6622 comm="syz.0.16" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 201.240928][ T3689] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 201.414239][ T3689] usb 1-1: Using ep0 maxpacket: 16
[ 201.428809][ T3689] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 201.440524][ T3689] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 201.451036][ T3689] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 201.465242][ T3689] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 201.474506][ T3689] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 201.487626][ T3689] usb 1-1: config 0 descriptor??
[ 201.907016][ T30] audit: type=1400 audit(1751913613.814:121): avc: denied { read } for pid=6622 comm="syz.0.16" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 201.935925][ T3689] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[ 201.946207][ T3689] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max
[ 201.957714][ T3689] usbhid 1-1:0.0: count 0 reportnum 0 buf[0] 0
[ 201.965141][ T30] audit: type=1400 audit(1751913613.814:122): avc: denied { open } for pid=6622 comm="syz.0.16" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 201.991012][ T3689] ==================================================================
[ 201.999087][ T3689] BUG: KASAN: slab-out-of-bounds in mon_copy_to_buff+0xc2/0x170
[ 202.006735][ T3689] Read of size 3904 at addr ffff8880222d53c1 by task kworker/1:2/3689
[ 202.014884][ T3689]
[ 202.017227][ T3689] CPU: 1 UID: 0 PID: 3689 Comm: kworker/1:2 Not tainted 6.16.0-rc5-syzkaller-dirty #0 PREEMPT(full)
[ 202.017252][ T3689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 202.017265][ T3689] Workqueue: usb_hub_wq hub_event
[ 202.017291][ T3689] Call Trace:
[ 202.017299][ T3689]
[ 202.017308][ T3689] dump_stack_lvl+0x116/0x1f0
[ 202.017339][ T3689] print_report+0xcd/0x680
[ 202.017365][ T3689] ? __virt_addr_valid+0x81/0x610
[ 202.017387][ T3689] ? __phys_addr+0xe8/0x180
[ 202.017410][ T3689] ? mon_copy_to_buff+0xc2/0x170
[ 202.017435][ T3689] kasan_report+0xe0/0x110
[ 202.017461][ T3689] ? mon_copy_to_buff+0xc2/0x170
[ 202.017491][ T3689] kasan_check_range+0x100/0x1b0
[ 202.017510][ T3689] __asan_memcpy+0x23/0x60
[ 202.017531][ T3689] mon_copy_to_buff+0xc2/0x170
[ 202.017561][ T3689] mon_bin_event+0x1071/0x2050
[ 202.017595][ T3689] ? __pfx_mon_bin_event+0x10/0x10
[ 202.017627][ T3689] mon_bus_submit+0xcf/0x140
[ 202.017652][ T3689] usb_hcd_submit_urb+0x12d/0x1c60
[ 202.017683][ T3689] ? bus_for_each_drv+0x156/0x1e0
[ 202.017704][ T3689] ? __device_attach+0x1e4/0x4b0
[ 202.017728][ T3689] ? bus_probe_device+0x17f/0x1c0
[ 202.017748][ T3689] ? device_add+0x1148/0x1a70
[ 202.017764][ T3689] ? usb_set_configuration+0x1187/0x1e20
[ 202.017787][ T3689] usb_submit_urb+0x87c/0x1790
[ 202.017805][ T3689] ? __pfx_lockdep_init_map_type+0x1/0x10
[ 202.017825][ T3689] ? __init_swait_queue_head+0xca/0x150
[ 202.017850][ T3689] usb_start_wait_urb+0x104/0x4b0
[ 202.017869][ T3689] ? __pfx_usb_start_wait_urb+0x10/0x10
[ 202.017892][ T3689] ? __asan_memset+0x23/0x50
[ 202.017914][ T3689] usb_control_msg+0x326/0x4a0
[ 202.017933][ T3689] ? __pfx_usb_control_msg+0x10/0x10
[ 202.017955][ T3689] usbhid_raw_request+0x29a/0x710
[ 202.017985][ T3689] ? __pfx_usbhid_raw_request+0x10/0x10
[ 202.018013][ T3689] __hid_request+0x296/0x3c0
[ 202.018037][ T3689] hidinput_connect+0x1ada/0x2bd0
[ 202.018071][ T3689] hid_connect+0x13f3/0x1a60
[ 202.018091][ T3689] ? trace_kmalloc+0x2b/0xd0
[ 202.018118][ T3689] ? __kmalloc_noprof+0x242/0x510
[ 202.018141][ T3689] ? __asan_memset+0x23/0x50
[ 202.018163][ T3689] ? __pfx_hid_connect+0x10/0x10
[ 202.018190][ T3689] hid_hw_start+0xaa/0x140
[ 202.018211][ T3689] ms_probe+0x195/0x500
[ 202.018229][ T3689] ? __pfx_ms_probe+0x10/0x10
[ 202.018245][ T3689] hid_device_probe+0x360/0x720
[ 202.018267][ T3689] ? __pfx_hid_device_probe+0x10/0x10
[ 202.018289][ T3689] really_probe+0x23e/0xa90
[ 202.018314][ T3689] __driver_probe_device+0x1de/0x440
[ 202.018340][ T3689] driver_probe_device+0x4c/0x1b0
[ 202.018364][ T3689] __device_attach_driver+0x1df/0x310
[ 202.018389][ T3689] ? __pfx___device_attach_driver+0x10/0x10
[ 202.018414][ T3689] bus_for_each_drv+0x156/0x1e0
[ 202.018434][ T3689] ? __pfx_bus_for_each_drv+0x10/0x10
[ 202.018455][ T3689] ? lockdep_hardirqs_on+0x7c/0x110
[ 202.018479][ T3689] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 202.018505][ T3689] __device_attach+0x1e4/0x4b0
[ 202.018530][ T3689] ? __pfx___device_attach+0x10/0x10
[ 202.018554][ T3689] ? do_raw_spin_unlock+0x172/0x230
[ 202.018578][ T3689] bus_probe_device+0x17f/0x1c0
[ 202.018602][ T3689] device_add+0x1148/0x1a70
[ 202.018620][ T3689] ? __pfx_device_add+0x10/0x10
[ 202.018638][ T3689] ? debugfs_create_file_full+0x41/0x60
[ 202.018666][ T3689] hid_add_device+0x373/0xa60
[ 202.018694][ T3689] ? __pfx_hid_add_device+0x10/0x10
[ 202.018713][ T3689] ? lockdep_init_map_type+0x5c/0x280
[ 202.018732][ T3689] ? lockdep_init_map_type+0x5c/0x280
[ 202.018753][ T3689] usbhid_probe+0xd38/0x13f0
[ 202.018782][ T3689] usb_probe_interface+0x303/0x9c0
[ 202.018810][ T3689] ? __pfx_usb_probe_interface+0x10/0x10
[ 202.018835][ T3689] really_probe+0x23e/0xa90
[ 202.018860][ T3689] __driver_probe_device+0x1de/0x440
[ 202.018886][ T3689] driver_probe_device+0x4c/0x1b0
[ 202.018911][ T3689] __device_attach_driver+0x1df/0x310
[ 202.018937][ T3689] ? __pfx___device_attach_driver+0x10/0x10
[ 202.018962][ T3689] bus_for_each_drv+0x156/0x1e0
[ 202.018984][ T3689] ? __pfx_bus_for_each_drv+0x10/0x10
[ 202.019005][ T3689] ? lockdep_hardirqs_on+0x7c/0x110
[ 202.019029][ T3689] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 202.019054][ T3689] __device_attach+0x1e4/0x4b0
[ 202.019078][ T3689] ? __pfx___device_attach+0x10/0x10
[ 202.019104][ T3689] ? do_raw_spin_unlock+0x172/0x230
[ 202.019128][ T3689] bus_probe_device+0x17f/0x1c0
[ 202.019151][ T3689] device_add+0x1148/0x1a70
[ 202.019169][ T3689] ? __pfx_device_add+0x10/0x10
[ 202.019185][ T3689] ? preempt_schedule_thunk+0x16/0x30
[ 202.019215][ T3689] usb_set_configuration+0x1187/0x1e20
[ 202.019246][ T3689] ? __pfx_usb_generic_driver_probe+0x10/0x10
[ 202.019264][ T3689] usb_generic_driver_probe+0xb1/0x110
[ 202.019284][ T3689] usb_probe_device+0xef/0x3e0
[ 202.019305][ T3689] ? __pfx_usb_probe_device+0x10/0x10
[ 202.019328][ T3689] really_probe+0x23e/0xa90
[ 202.019354][ T3689] __driver_probe_device+0x1de/0x440
[ 202.019378][ T3689] ? usb_driver_applicable+0x1c7/0x220
[ 202.019404][ T3689] driver_probe_device+0x4c/0x1b0
[ 202.019429][ T3689] __device_attach_driver+0x1df/0x310
[ 202.019455][ T3689] ? __pfx___device_attach_driver+0x10/0x10
[ 202.019480][ T3689] bus_for_each_drv+0x156/0x1e0
[ 202.019501][ T3689] ? __pfx_bus_for_each_drv+0x10/0x10
[ 202.019522][ T3689] ? lockdep_hardirqs_on+0x7c/0x110
[ 202.019547][ T3689] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 202.019572][ T3689] __device_attach+0x1e4/0x4b0
[ 202.019596][ T3689] ? __pfx___device_attach+0x10/0x10
[ 202.019621][ T3689] ? do_raw_spin_unlock+0x172/0x230
[ 202.019644][ T3689] bus_probe_device+0x17f/0x1c0
[ 202.019667][ T3689] device_add+0x1148/0x1a70
[ 202.019692][ T3689] ? __pfx_device_add+0x10/0x10
[ 202.019707][ T3689] ? usb_detect_static_quirks+0x335/0x3e0
[ 202.019728][ T3689] ? __usb_get_extra_descriptor+0x158/0x1c0
[ 202.019754][ T3689] usb_new_device+0xd07/0x1a20
[ 202.019777][ T3689] ? do_raw_spin_lock+0x12c/0x2b0
[ 202.019797][ T3689] ? __pfx_usb_new_device+0x10/0x10
[ 202.019817][ T3689] ? mark_held_locks+0x49/0x80
[ 202.019846][ T3689] hub_event+0x2eb7/0x4fa0
[ 202.019879][ T3689] ? __pfx_hub_event+0x10/0x10
[ 202.019899][ T3689] ? ioread32_rep+0xe0/0x100
[ 202.019926][ T3689] ? rcu_is_watching+0x12/0xc0
[ 202.019952][ T3689] process_one_work+0x9cf/0x1b70
[ 202.019977][ T3689] ? __pfx_hcd_resume_work+0x10/0x10
[ 202.020001][ T3689] ? __pfx_process_one_work+0x10/0x10
[ 202.020025][ T3689] ? assign_work+0x1a0/0x250
[ 202.020044][ T3689] worker_thread+0x6c8/0xf10
[ 202.020068][ T3689] ? __kthread_parkme+0x19e/0x250
[ 202.020095][ T3689] ? __pfx_worker_thread+0x10/0x10
[ 202.020115][ T3689] kthread+0x3c5/0x780
[ 202.020133][ T3689] ? __pfx_kthread+0x10/0x10
[ 202.020152][ T3689] ? rcu_is_watching+0x12/0xc0
[ 202.020175][ T3689] ? __pfx_kthread+0x10/0x10
[ 202.020193][ T3689] ret_from_fork+0x5d4/0x6f0
[ 202.020221][ T3689] ? __pfx_kthread+0x10/0x10
[ 202.020239][ T3689] ret_from_fork_asm+0x1a/0x30
[ 202.020266][ T3689]
[ 202.020273][ T3689]
[ 202.679674][ T3689] Allocated by task 3689:
[ 202.683973][ T3689] kasan_save_stack+0x33/0x60
[ 202.688630][ T3689] kasan_save_track+0x14/0x30
[ 202.693278][ T3689] __kasan_kmalloc+0xaa/0xb0
[ 202.697841][ T3689] __kmalloc_noprof+0x223/0x510
[ 202.702664][ T3689] __hid_request+0x2c/0x3c0
[ 202.707138][ T3689] hidinput_connect+0x1ada/0x2bd0
[ 202.712135][ T3689] hid_connect+0x13f3/0x1a60
[ 202.716696][ T3689] hid_hw_start+0xaa/0x140
[ 202.721092][ T3689] ms_probe+0x195/0x500
[ 202.725217][ T3689] hid_device_probe+0x360/0x720
[ 202.730036][ T3689] really_probe+0x23e/0xa90
[ 202.734517][ T3689] __driver_probe_device+0x1de/0x440
[ 202.739774][ T3689] driver_probe_device+0x4c/0x1b0
[ 202.744777][ T3689] __device_attach_driver+0x1df/0x310
[ 202.750294][ T3689] bus_for_each_drv+0x156/0x1e0
[ 202.755116][ T3689] __device_attach+0x1e4/0x4b0
[ 202.759853][ T3689] bus_probe_device+0x17f/0x1c0
[ 202.764673][ T3689] device_add+0x1148/0x1a70
[ 202.769146][ T3689] hid_add_device+0x373/0xa60
[ 202.773793][ T3689] usbhid_probe+0xd38/0x13f0
[ 202.778357][ T3689] usb_probe_interface+0x303/0x9c0
[ 202.783448][ T3689] really_probe+0x23e/0xa90
[ 202.787922][ T3689] __driver_probe_device+0x1de/0x440
[ 202.793179][ T3689] driver_probe_device+0x4c/0x1b0
[ 202.798176][ T3689] __device_attach_driver+0x1df/0x310
[ 202.803525][ T3689] bus_for_each_drv+0x156/0x1e0
[ 202.808344][ T3689] __device_attach+0x1e4/0x4b0
[ 202.813086][ T3689] bus_probe_device+0x17f/0x1c0
[ 202.817909][ T3689] device_add+0x1148/0x1a70
[ 202.822383][ T3689] usb_set_configuration+0x1187/0x1e20
[ 202.827813][ T3689] usb_generic_driver_probe+0xb1/0x110
[ 202.833241][ T3689] usb_probe_device+0xef/0x3e0
[ 202.837975][ T3689] really_probe+0x23e/0xa90
[ 202.842458][ T3689] __driver_probe_device+0x1de/0x440
[ 202.847716][ T3689] driver_probe_device+0x4c/0x1b0
[ 202.852718][ T3689] __device_attach_driver+0x1df/0x310
[ 202.858075][ T3689] bus_for_each_drv+0x156/0x1e0
[ 202.862895][ T3689] __device_attach+0x1e4/0x4b0
[ 202.867631][ T3689] bus_probe_device+0x17f/0x1c0
[ 202.872459][ T3689] device_add+0x1148/0x1a70
[ 202.876938][ T3689] usb_new_device+0xd07/0x1a20
[ 202.881673][ T3689] hub_event+0x2eb7/0x4fa0
[ 202.886059][ T3689] process_one_work+0x9cf/0x1b70
[ 202.890967][ T3689] worker_thread+0x6c8/0xf10
[ 202.895530][ T3689] kthread+0x3c5/0x780
[ 202.899568][ T3689] ret_from_fork+0x5d4/0x6f0
[ 202.904134][ T3689] ret_from_fork_asm+0x1a/0x30
[ 202.908868][ T3689]
[ 202.911163][ T3689] The buggy address belongs to the object at ffff8880222d53c0
[ 202.911163][ T3689] which belongs to the cache kmalloc-8 of size 8
[ 202.924840][ T3689] The buggy address is located 1 bytes inside of
[ 202.924840][ T3689] allocated 7-byte region [ffff8880222d53c0, ffff8880222d53c7)
[ 202.938601][ T3689]
[ 202.940899][ T3689] The buggy address belongs to the physical page:
[ 202.947281][ T3689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x222d5
[ 202.956012][ T3689] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 202.963090][ T3689] page_type: f5(slab)
[ 202.967042][ T3689] raw: 00fff00000000000 ffff88801b841500 dead000000000100 dead000000000122
[ 202.975595][ T3689] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[ 202.984153][ T3689] page dumped because: kasan: bad access detected
[ 202.990537][ T3689] page_owner tracks the page as allocated
[ 202.996221][ T3689] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 2690993754, free_ts 0
[ 203.013730][ T3689] post_alloc_hook+0x1c0/0x230
[ 203.018466][ T3689] get_page_from_freelist+0x1321/0x3890
[ 203.023983][ T3689] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 203.029858][ T3689] alloc_pages_mpol+0x1fb/0x550
[ 203.034684][ T3689] new_slab+0x23b/0x330
[ 203.038812][ T3689] ___slab_alloc+0xd9c/0x1940
[ 203.043459][ T3689] __slab_alloc.constprop.0+0x56/0xb0
[ 203.048800][ T3689] __kmalloc_node_track_caller_noprof+0x2ee/0x510
[ 203.055187][ T3689] kstrdup+0x53/0x100
[ 203.059142][ T3689] kstrdup_const+0x63/0x80
[ 203.063539][ T3689] __kernfs_new_node+0x9b/0x8e0
[ 203.068393][ T3689] kernfs_new_node+0x13c/0x1e0
[ 203.073133][ T3689] kernfs_create_link+0xcc/0x240
[ 203.078043][ T3689] sysfs_do_create_link_sd+0x90/0x140
[ 203.083388][ T3689] sysfs_create_link+0x61/0xc0
[ 203.088124][ T3689] device_add+0x62c/0x1a70
[ 203.092514][ T3689] page_owner free stack trace missing
[ 203.097852][ T3689]
[ 203.100146][ T3689] Memory state around the buggy address:
[ 203.105746][ T3689] ffff8880222d5280: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc
[ 203.113785][ T3689] ffff8880222d5300: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc
[ 203.121908][ T3689] >ffff8880222d5380: fa fc fc fc 00 fc fc fc 07 fc fc fc 00 fc fc fc
[ 203.129939][ T3689] ^
[ 203.136059][ T3689] ffff8880222d5400: 00 fc fc fc 00 fc fc fc 00 fc fc fc 00 fc fc fc
[ 203.144091][ T3689] ffff8880222d5480: 00 fc fc fc 00 fc fc fc 00 fc fc fc 00 fc fc fc
[ 203.152121][ T3689] ==================================================================
[ 203.160152][ T3689] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 203.167326][ T3689] CPU: 1 UID: 0 PID: 3689 Comm: kworker/1:2 Not tainted 6.16.0-rc5-syzkaller-dirty #0 PREEMPT(full)
[ 203.178140][ T3689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 203.188169][ T3689] Workqueue: usb_hub_wq hub_event
[ 203.193173][ T3689] Call Trace:
[ 203.196434][ T3689]
[ 203.199341][ T3689] dump_stack_lvl+0x3d/0x1f0
[ 203.203909][ T3689] panic+0x71c/0x800
[ 203.207782][ T3689] ? __pfx_panic+0x10/0x10
[ 203.212177][ T3689] ? __pfx__printk+0x10/0x10
[ 203.216742][ T3689] ? end_report+0x4c/0x170
[ 203.221133][ T3689] ? check_panic_on_warn+0x1f/0xb0
[ 203.226222][ T3689] ? mon_copy_to_buff+0xc2/0x170
[ 203.231135][ T3689] check_panic_on_warn+0xab/0xb0
[ 203.236048][ T3689] end_report+0x107/0x170
[ 203.240352][ T3689] kasan_report+0xee/0x110
[ 203.244743][ T3689] ? mon_copy_to_buff+0xc2/0x170
[ 203.249657][ T3689] kasan_check_range+0x100/0x1b0
[ 203.254568][ T3689] __asan_memcpy+0x23/0x60
[ 203.258959][ T3689] mon_copy_to_buff+0xc2/0x170
[ 203.263700][ T3689] mon_bin_event+0x1071/0x2050
[ 203.268442][ T3689] ? __pfx_mon_bin_event+0x10/0x10
[ 203.273538][ T3689] mon_bus_submit+0xcf/0x140
[ 203.278105][ T3689] usb_hcd_submit_urb+0x12d/0x1c60
[ 203.283192][ T3689] ? bus_for_each_drv+0x156/0x1e0
[ 203.288188][ T3689] ? __device_attach+0x1e4/0x4b0
[ 203.293097][ T3689] ? bus_probe_device+0x17f/0x1c0
[ 203.298092][ T3689] ? device_add+0x1148/0x1a70
[ 203.302738][ T3689] ? usb_set_configuration+0x1187/0x1e20
[ 203.308342][ T3689] usb_submit_urb+0x87c/0x1790
[ 203.313081][ T3689] ? __pfx_lockdep_init_map_type+0x1/0x10
[ 203.318773][ T3689] ? __init_swait_queue_head+0xca/0x150
[ 203.324290][ T3689] usb_start_wait_urb+0x104/0x4b0
[ 203.329287][ T3689] ? __pfx_usb_start_wait_urb+0x10/0x10
[ 203.334807][ T3689] ? __asan_memset+0x23/0x50
[ 203.339373][ T3689] usb_control_msg+0x326/0x4a0
[ 203.344124][ T3689] ? __pfx_usb_control_msg+0x10/0x10
[ 203.349383][ T3689] usbhid_raw_request+0x29a/0x710
[ 203.354386][ T3689] ? __pfx_usbhid_raw_request+0x10/0x10
[ 203.359923][ T3689] __hid_request+0x296/0x3c0
[ 203.364491][ T3689] hidinput_connect+0x1ada/0x2bd0
[ 203.369495][ T3689] hid_connect+0x13f3/0x1a60
[ 203.374055][ T3689] ? trace_kmalloc+0x2b/0xd0
[ 203.378620][ T3689] ? __kmalloc_noprof+0x242/0x510
[ 203.383620][ T3689] ? __asan_memset+0x23/0x50
[ 203.388185][ T3689] ? __pfx_hid_connect+0x10/0x10
[ 203.393100][ T3689] hid_hw_start+0xaa/0x140
[ 203.397490][ T3689] ms_probe+0x195/0x500
[ 203.401616][ T3689] ? __pfx_ms_probe+0x10/0x10
[ 203.406264][ T3689] hid_device_probe+0x360/0x720
[ 203.411087][ T3689] ? __pfx_hid_device_probe+0x10/0x10
[ 203.416432][ T3689] really_probe+0x23e/0xa90
[ 203.420912][ T3689] __driver_probe_device+0x1de/0x440
[ 203.426178][ T3689] driver_probe_device+0x4c/0x1b0
[ 203.431175][ T3689] __device_attach_driver+0x1df/0x310
[ 203.436521][ T3689] ? __pfx___device_attach_driver+0x10/0x10
[ 203.442388][ T3689] bus_for_each_drv+0x156/0x1e0
[ 203.447473][ T3689] ? __pfx_bus_for_each_drv+0x10/0x10
[ 203.452817][ T3689] ? lockdep_hardirqs_on+0x7c/0x110
[ 203.457991][ T3689] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 203.463775][ T3689] __device_attach+0x1e4/0x4b0
[ 203.468513][ T3689] ? __pfx___device_attach+0x10/0x10
[ 203.473773][ T3689] ? do_raw_spin_unlock+0x172/0x230
[ 203.478946][ T3689] bus_probe_device+0x17f/0x1c0
[ 203.483773][ T3689] device_add+0x1148/0x1a70
[ 203.488248][ T3689] ? __pfx_device_add+0x10/0x10
[ 203.493068][ T3689] ? debugfs_create_file_full+0x41/0x60
[ 203.498590][ T3689] hid_add_device+0x373/0xa60
[ 203.503240][ T3689] ? __pfx_hid_add_device+0x10/0x10
[ 203.508409][ T3689] ? lockdep_init_map_type+0x5c/0x280
[ 203.513753][ T3689] ? lockdep_init_map_type+0x5c/0x280
[ 203.519098][ T3689] usbhid_probe+0xd38/0x13f0
[ 203.523671][ T3689] usb_probe_interface+0x303/0x9c0
[ 203.528758][ T3689] ? __pfx_usb_probe_interface+0x10/0x10
[ 203.534365][ T3689] really_probe+0x23e/0xa90
[ 203.538845][ T3689] __driver_probe_device+0x1de/0x440
[ 203.544105][ T3689] driver_probe_device+0x4c/0x1b0
[ 203.549107][ T3689] __device_attach_driver+0x1df/0x310
[ 203.554456][ T3689] ? __pfx___device_attach_driver+0x10/0x10
[ 203.560325][ T3689] bus_for_each_drv+0x156/0x1e0
[ 203.565161][ T3689] ? __pfx_bus_for_each_drv+0x10/0x10
[ 203.570516][ T3689] ? lockdep_hardirqs_on+0x7c/0x110
[ 203.575697][ T3689] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 203.581506][ T3689] __device_attach+0x1e4/0x4b0
[ 203.586253][ T3689] ? __pfx___device_attach+0x10/0x10
[ 203.591522][ T3689] ? do_raw_spin_unlock+0x172/0x230
[ 203.596697][ T3689] bus_probe_device+0x17f/0x1c0
[ 203.601523][ T3689] device_add+0x1148/0x1a70
[ 203.605998][ T3689] ? __pfx_device_add+0x10/0x10
[ 203.610819][ T3689] ? preempt_schedule_thunk+0x16/0x30
[ 203.616171][ T3689] usb_set_configuration+0x1187/0x1e20
[ 203.621608][ T3689] ? __pfx_usb_generic_driver_probe+0x10/0x10
[ 203.627644][ T3689] usb_generic_driver_probe+0xb1/0x110
[ 203.633075][ T3689] usb_probe_device+0xef/0x3e0
[ 203.637812][ T3689] ? __pfx_usb_probe_device+0x10/0x10
[ 203.643160][ T3689] really_probe+0x23e/0xa90
[ 203.647639][ T3689] __driver_probe_device+0x1de/0x440
[ 203.652900][ T3689] ? usb_driver_applicable+0x1c7/0x220
[ 203.658336][ T3689] driver_probe_device+0x4c/0x1b0
[ 203.663338][ T3689] __device_attach_driver+0x1df/0x310
[ 203.668686][ T3689] ? __pfx___device_attach_driver+0x10/0x10
[ 203.674554][ T3689] bus_for_each_drv+0x156/0x1e0
[ 203.679378][ T3689] ? __pfx_bus_for_each_drv+0x10/0x10
[ 203.684722][ T3689] ? lockdep_hardirqs_on+0x7c/0x110
[ 203.689894][ T3689] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 203.695673][ T3689] __device_attach+0x1e4/0x4b0
[ 203.700411][ T3689] ? __pfx___device_attach+0x10/0x10
[ 203.705669][ T3689] ? do_raw_spin_unlock+0x172/0x230
[ 203.710840][ T3689] bus_probe_device+0x17f/0x1c0
[ 203.715665][ T3689] device_add+0x1148/0x1a70
[ 203.720141][ T3689] ? __pfx_device_add+0x10/0x10
[ 203.725047][ T3689] ? usb_detect_static_quirks+0x335/0x3e0
[ 203.730739][ T3689] ? __usb_get_extra_descriptor+0x158/0x1c0
[ 203.736607][ T3689] usb_new_device+0xd07/0x1a20
[ 203.741345][ T3689] ? do_raw_spin_lock+0x12c/0x2b0
[ 203.746339][ T3689] ? __pfx_usb_new_device+0x10/0x10
[ 203.751513][ T3689] ? mark_held_locks+0x49/0x80
[ 203.756255][ T3689] hub_event+0x2eb7/0x4fa0
[ 203.760656][ T3689] ? __pfx_hub_event+0x10/0x10
[ 203.765392][ T3689] ? ioread32_rep+0xe0/0x100
[ 203.769960][ T3689] ? rcu_is_watching+0x12/0xc0
[ 203.774698][ T3689] process_one_work+0x9cf/0x1b70
[ 203.779610][ T3689] ? __pfx_hcd_resume_work+0x10/0x10
[ 203.784871][ T3689] ? __pfx_process_one_work+0x10/0x10
[ 203.790226][ T3689] ? assign_work+0x1a0/0x250
[ 203.794788][ T3689] worker_thread+0x6c8/0xf10
[ 203.799352][ T3689] ? __kthread_parkme+0x19e/0x250
[ 203.804354][ T3689] ? __pfx_worker_thread+0x10/0x10
[ 203.809446][ T3689] kthread+0x3c5/0x780
[ 203.813487][ T3689] ? __pfx_kthread+0x10/0x10
[ 203.818051][ T3689] ? rcu_is_watching+0x12/0xc0
[ 203.822790][ T3689] ? __pfx_kthread+0x10/0x10
[ 203.827354][ T3689] ret_from_fork+0x5d4/0x6f0
[ 203.831920][ T3689] ? __pfx_kthread+0x10/0x10
[ 203.836480][ T3689] ret_from_fork_asm+0x1a/0x30
[ 203.841221][ T3689]
[ 204.902788][ T3689] Shutting down cpus with NMI
[ 204.907688][ T3689] Kernel Offset: disabled
[ 204.911997][ T3689] Rebooting in 86400 seconds..