Warning: Permanently added '10.128.1.223' (ED25519) to the list of known hosts.
2025/08/30 10:25:39 parsed 1 programs
[  104.027845][   T29] audit: type=1400 audit(1756549541.486:101): avc:  denied  { unlink } for  pid=3976 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[  104.173882][ T3976] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  105.730552][   T29] audit: type=1400 audit(1756549543.186:102): avc:  denied  { read } for  pid=3984 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  105.753667][   T29] audit: type=1400 audit(1756549543.186:103): avc:  denied  { open } for  pid=3984 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  105.786824][   T29] audit: type=1400 audit(1756549543.246:104): avc:  denied  { unmount } for  pid=3984 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  121.003785][   T29] audit: type=1401 audit(1756549558.456:105): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2025/08/30 10:25:58 executed programs: 0
2025/08/30 10:26:11 executed programs: 2
[  133.727169][   T29] audit: type=1400 audit(1756549571.176:106): avc:  denied  { read write } for  pid=4960 comm="syz.3.17" name="raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.751115][   T29] audit: type=1400 audit(1756549571.176:107): avc:  denied  { open } for  pid=4960 comm="syz.3.17" path="/dev/raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.774518][   T29] audit: type=1400 audit(1756549571.176:108): avc:  denied  { ioctl } for  pid=4960 comm="syz.3.17" path="/dev/raw-gadget" dev="devtmpfs" ino=236 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  134.036685][ T2717] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  134.188613][ T2717] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  134.199120][ T2717] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  134.215082][ T2717] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  134.225099][ T2717] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.233352][ T2717] usb 4-1: Product: syz
[  134.237636][ T2717] usb 4-1: Manufacturer: syz
[  134.242230][ T2717] usb 4-1: SerialNumber: syz
[  134.455805][ T4962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.464887][ T4962] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.488879][ T2717] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  134.505862][ T2717] usb 4-1: USB disconnect, device number 2
[  134.996515][ T2717] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  135.146604][ T2717] usb 4-1: Using ep0 maxpacket: 8
[  135.153888][ T2717] usb 4-1: config index 0 descriptor too short (expected 301, got 72)
[  135.162322][ T2717] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  135.173040][ T2717] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  135.183202][ T2717] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  135.193147][ T2717] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  135.203609][ T2717] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.214910][ T2717] usb 4-1: config 16 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  135.228018][ T2717] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  135.238295][ T2717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.450807][ T2717] usb 4-1: usb_control_msg returned -32
[  135.457224][ T2717] usbtmc 4-1:16.0: can't read capabilities
[  135.463848][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.470015][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.476440][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.482665][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.488946][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.494983][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.501321][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.507730][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.514510][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.520583][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.526974][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.533306][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.539510][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.545704][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.551734][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.557878][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.564062][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.570120][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.576450][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.582908][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.588986][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.595302][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.602075][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.608373][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.614697][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.621195][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.627311][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.633340][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.639642][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.646115][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.652529][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.658897][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.665017][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.671321][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.677494][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.683828][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.689984][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.696187][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.702440][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.708621][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.714841][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.721116][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.727437][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.733810][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.740439][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.747125][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.753432][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.759483][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.765678][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.771797][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.778133][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.784365][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.793058][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.799104][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.805198][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.811306][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.817615][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.823884][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.830080][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.836319][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.842814][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.849132][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.855236][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.861252][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.867321][    C1] usbtmc 4-1:16.0: invalid notification: 11
[  135.873401][    C1] usbtmc 4-1:16.0: invalid notification: 1
[  135.879701][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.885819][    C1] usbtmc 4-1:16.0: invalid notification: 0
[  135.892039][    C1] usbtmc 4-1:16.0: invalid notification: 73
[  135.898364][    C1] usbtmc 4-1:16.0: invalid notification: 33
[  135.904840][    C1] usbtmc 4-1:16.0: invalid notification: 36
[  135.911410][    C1] usbtmc 4-1:16.0: invalid notification: 8
[  135.917449][    C1] ==================================================================
[  135.925515][    C1] BUG: KASAN: slab-out-of-bounds in usbtmc_interrupt+0x4e1/0x6e0
[  135.933257][    C1] Read of size 1 at addr ffff888100061221 by task kworker/1:2/2717
[  135.941233][    C1] 
[  135.943699][    C1] CPU: 1 UID: 0 PID: 2717 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  135.943722][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.943734][    C1] Workqueue: usb_hub_wq hub_event
[  135.943760][    C1] Call Trace:
[  135.943768][    C1]  <IRQ>
[  135.943779][    C1]  dump_stack_lvl+0x116/0x1f0
[  135.943853][    C1]  print_report+0xcd/0x630
[  135.943877][    C1]  ? __virt_addr_valid+0x81/0x610
[  135.943899][    C1]  ? __phys_addr+0xe8/0x180
[  135.943920][    C1]  ? usbtmc_interrupt+0x4e1/0x6e0
[  135.943943][    C1]  kasan_report+0xe0/0x110
[  135.943963][    C1]  ? usbtmc_interrupt+0x4e1/0x6e0
[  135.943987][    C1]  usbtmc_interrupt+0x4e1/0x6e0
[  135.944011][    C1]  __usb_hcd_giveback_urb+0x38b/0x610
[  135.944036][    C1]  usb_hcd_giveback_urb+0x39b/0x450
[  135.944062][    C1]  dummy_timer+0x1814/0x3a30
[  135.944089][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  135.944104][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  135.944119][    C1]  ? mark_held_locks+0x49/0x80
[  135.944134][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  135.944157][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  135.944172][    C1]  __hrtimer_run_queues+0x1ff/0xad0
[  135.944194][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  135.944212][    C1]  ? read_tsc+0x9/0x20
[  135.944235][    C1]  hrtimer_run_softirq+0x17d/0x350
[  135.944256][    C1]  handle_softirqs+0x208/0x8d0
[  135.944281][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  135.944307][    C1]  __irq_exit_rcu+0xfa/0x160
[  135.944330][    C1]  irq_exit_rcu+0x9/0x30
[  135.944352][    C1]  sysvec_apic_timer_interrupt+0x90/0xb0
[  135.944375][    C1]  </IRQ>
[  135.944380][    C1]  <TASK>
[  135.944386][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  135.944404][    C1] RIP: 0010:__radix_tree_preload+0xd4/0x840
[  135.944428][    C1] Code: 48 89 e8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 39 07 00 00 44 8b 35 8a 66 67 0c 31 ff 4c 8d 63 28 44 89 f6 e8 4c e2 44 fa <45> 85 f6 75 2b e8 02 e7 44 fa 4c 89 e2 48 b8 00 00 00 00 00 fc ff
[  135.944444][    C1] RSP: 0018:ffffc90003dfef28 EFLAGS: 00000293
[  135.944457][    C1] RAX: 0000000000000000 RBX: ffff8881f5937520 RCX: ffffffff87391144
[  135.944468][    C1] RDX: ffff888115011d00 RSI: 0000000000000000 RDI: 0000000000000005
[  135.944478][    C1] RBP: ffffffff93a077c0 R08: 0000000000000005 R09: 0000000000000000
[  135.944488][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881f5937548
[  135.944498][    C1] R13: 000000000000000b R14: 0000000000000000 R15: ffff888100ac5068
[  135.944510][    C1]  ? __radix_tree_preload+0xd4/0x840
[  135.944534][    C1]  ? __radix_tree_preload+0xd4/0x840
[  135.944555][    C1]  ? kmem_cache_alloc_noprof+0x1a2/0x3b0
[  135.944585][    C1]  idr_preload+0x1b/0x240
[  135.944606][    C1]  __kernfs_new_node+0xf1/0x8e0
[  135.944623][    C1]  ? __pfx___kernfs_new_node+0x10/0x10
[  135.944641][    C1]  ? find_held_lock+0x2b/0x80
[  135.944668][    C1]  ? kernfs_root+0xee/0x2a0
[  135.944685][    C1]  kernfs_new_node+0x13c/0x1e0
[  135.944710][    C1]  __kernfs_create_file+0x53/0x350
[  135.944733][    C1]  sysfs_add_file_mode_ns+0x207/0x3c0
[  135.944760][    C1]  internal_create_group+0x578/0xf30
[  135.944778][    C1]  ? sysfs_create_file_ns+0x154/0x1d0
[  135.944802][    C1]  ? __pfx_internal_create_group+0x10/0x10
[  135.944818][    C1]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  135.944849][    C1]  ? down_read+0x13d/0x480
[  135.944863][    C1]  ? acpi_device_notify+0x351/0x480
[  135.944889][    C1]  ? lockdep_init_map_type+0x5c/0x280
[  135.944920][    C1]  internal_create_groups+0x9d/0x150
[  135.944952][    C1]  device_add+0x77f/0x1aa0
[  135.944980][    C1]  ? __pfx_device_add+0x10/0x10
[  135.945005][    C1]  ? lockdep_init_map_type+0x5c/0x280
[  135.945021][    C1]  ? __init_waitqueue_head+0xca/0x150
[  135.945046][    C1]  usb_create_ep_devs+0x160/0x2b0
[  135.945070][    C1]  create_intf_ep_devs.isra.0+0x161/0x200
[  135.945092][    C1]  usb_set_configuration+0x11a7/0x1e20
[  135.945118][    C1]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  135.945136][    C1]  usb_generic_driver_probe+0xb1/0x110
[  135.945154][    C1]  usb_probe_device+0xef/0x3e0
[  135.945174][    C1]  ? __pfx_usb_probe_device+0x10/0x10
[  135.945195][    C1]  really_probe+0x241/0xa90
[  135.945217][    C1]  __driver_probe_device+0x1de/0x440
[  135.945238][    C1]  ? usb_driver_applicable+0x1c7/0x220
[  135.945262][    C1]  driver_probe_device+0x4c/0x1b0
[  135.945283][    C1]  __device_attach_driver+0x1df/0x310
[  135.945305][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  135.945326][    C1]  bus_for_each_drv+0x159/0x1e0
[  135.945344][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  135.945361][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  135.945383][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  135.945405][    C1]  __device_attach+0x1e4/0x4b0
[  135.945426][    C1]  ? __pfx___device_attach+0x10/0x10
[  135.945448][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  135.945468][    C1]  bus_probe_device+0x17f/0x1c0
[  135.945487][    C1]  device_add+0x1148/0x1aa0
[  135.945512][    C1]  ? __pfx_device_add+0x10/0x10
[  135.945535][    C1]  ? usb_detect_static_quirks+0x335/0x3e0
[  135.945554][    C1]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  135.945582][    C1]  usb_new_device+0xd07/0x1a60
[  135.945604][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  135.945621][    C1]  ? __pfx_usb_new_device+0x10/0x10
[  135.945642][    C1]  ? mark_held_locks+0x49/0x80
[  135.945657][    C1]  hub_event+0x2fce/0x5060
[  135.945685][    C1]  ? __pfx_hub_event+0x10/0x10
[  135.945704][    C1]  ? assoc_array_apply_edit+0x420/0x6c0
[  135.945728][    C1]  ? rcu_is_watching+0x12/0xc0
[  135.945751][    C1]  process_one_work+0x9cc/0x1b70
[  135.945774][    C1]  ? __pfx_hub_event+0x10/0x10
[  135.945794][    C1]  ? __pfx_process_one_work+0x10/0x10
[  135.945817][    C1]  ? assign_work+0x1a0/0x250
[  135.945842][    C1]  worker_thread+0x6c8/0xf10
[  135.945865][    C1]  ? __kthread_parkme+0x19e/0x250
[  135.945881][    C1]  ? __pfx_worker_thread+0x10/0x10
[  135.945901][    C1]  kthread+0x3c5/0x780
[  135.945919][    C1]  ? __pfx_kthread+0x10/0x10
[  135.945940][    C1]  ? rcu_is_watching+0x12/0xc0
[  135.945976][    C1]  ? __pfx_kthread+0x10/0x10
[  135.946007][    C1]  ret_from_fork+0x5b6/0x6c0
[  135.946034][    C1]  ? __pfx_kthread+0x10/0x10
[  135.946065][    C1]  ret_from_fork_asm+0x1a/0x30
[  135.946092][    C1]  </TASK>
[  135.946098][    C1] 
[  136.572376][    C1] Allocated by task 2717:
[  136.576880][    C1]  kasan_save_stack+0x33/0x60
[  136.581739][    C1]  kasan_save_track+0x14/0x30
[  136.586438][    C1]  __kasan_kmalloc+0x8f/0xa0
[  136.591209][    C1]  __kmalloc_noprof+0x213/0x4d0
[  136.596160][    C1]  usbtmc_probe+0xa54/0x1b90
[  136.600947][    C1]  usb_probe_interface+0x300/0xa40
[  136.606248][    C1]  really_probe+0x241/0xa90
[  136.610776][    C1]  __driver_probe_device+0x1de/0x440
[  136.616176][    C1]  driver_probe_device+0x4c/0x1b0
[  136.621486][    C1]  __device_attach_driver+0x1df/0x310
[  136.626977][    C1]  bus_for_each_drv+0x159/0x1e0
[  136.632282][    C1]  __device_attach+0x1e4/0x4b0
[  136.637207][    C1]  bus_probe_device+0x17f/0x1c0
[  136.642438][    C1]  device_add+0x1148/0x1aa0
[  136.647007][    C1]  usb_set_configuration+0x1187/0x1e20
[  136.652759][    C1]  usb_generic_driver_probe+0xb1/0x110
[  136.658253][    C1]  usb_probe_device+0xef/0x3e0
[  136.663040][    C1]  really_probe+0x241/0xa90
[  136.667548][    C1]  __driver_probe_device+0x1de/0x440
[  136.672946][    C1]  driver_probe_device+0x4c/0x1b0
[  136.677989][    C1]  __device_attach_driver+0x1df/0x310
[  136.683990][    C1]  bus_for_each_drv+0x159/0x1e0
[  136.689047][    C1]  __device_attach+0x1e4/0x4b0
[  136.694076][    C1]  bus_probe_device+0x17f/0x1c0
[  136.699324][    C1]  device_add+0x1148/0x1aa0
[  136.703868][    C1]  usb_new_device+0xd07/0x1a60
[  136.708652][    C1]  hub_event+0x2fce/0x5060
[  136.713174][    C1]  process_one_work+0x9cc/0x1b70
[  136.718303][    C1]  worker_thread+0x6c8/0xf10
[  136.723059][    C1]  kthread+0x3c5/0x780
[  136.727326][    C1]  ret_from_fork+0x5b6/0x6c0
[  136.732194][    C1]  ret_from_fork_asm+0x1a/0x30
[  136.737169][    C1] 
[  136.739498][    C1] The buggy address belongs to the object at ffff888100061220
[  136.739498][    C1]  which belongs to the cache kmalloc-8 of size 8
[  136.753684][    C1] The buggy address is located 0 bytes to the right of
[  136.753684][    C1]  allocated 1-byte region [ffff888100061220, ffff888100061221)
[  136.768278][    C1] 
[  136.770730][    C1] The buggy address belongs to the physical page:
[  136.777332][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100061
[  136.786392][    C1] flags: 0x200000000000000(node=0|zone=2)
[  136.792242][    C1] page_type: f5(slab)
[  136.796506][    C1] raw: 0200000000000000 ffff888100041500 ffffea00042da240 dead000000000002
[  136.805273][    C1] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[  136.814117][    C1] page dumped because: kasan: bad access detected
[  136.821053][    C1] page_owner tracks the page as allocated
[  136.827115][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(), pid 0, tgid 0 (swapper), ts 1830878588, free_ts 0
[  136.840145][    C1]  register_early_stack+0x89/0xd0
[  136.845269][    C1]  init_page_owner+0x52/0x7b0
[  136.850487][    C1]  page_ext_init+0x7aa/0xcc0
[  136.855186][    C1]  mm_core_init+0x211/0x250
[  136.859721][    C1] page_owner free stack trace missing
[  136.865174][    C1] 
[  136.867650][    C1] Memory state around the buggy address:
[  136.873556][    C1]  ffff888100061100: fa fc fc fc 00 fc fc fc fa fc fc fc fa fc fc fc
[  136.881902][    C1]  ffff888100061180: 02 fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc
[  136.891187][    C1] >ffff888100061200: fa fc fc fc 01 fc fc fc 00 fc fc fc fa fc fc fc
[  136.899334][    C1]                                ^
[  136.904455][    C1]  ffff888100061280: 00 fc fc fc 00 fc fc fc fa fc fc fc 04 fc fc fc
[  136.912965][    C1]  ffff888100061300: 00 fc fc fc 00 fc fc fc 00 fc fc fc 00 fc fc fc
[  136.921462][    C1] ==================================================================
[  136.929535][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  136.936918][    C1] CPU: 1 UID: 0 PID: 2717 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  136.947068][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  136.957571][    C1] Workqueue: usb_hub_wq hub_event
[  136.962629][    C1] Call Trace:
[  136.965916][    C1]  <IRQ>
[  136.968782][    C1]  dump_stack_lvl+0x3d/0x1f0
[  136.973563][    C1]  vpanic+0x6e8/0x7a0
[  136.977760][    C1]  ? __pfx_vpanic+0x10/0x10
[  136.982367][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  136.987684][    C1]  ? usbtmc_interrupt+0x4e1/0x6e0
[  136.992922][    C1]  panic+0xca/0xd0
[  136.996764][    C1]  ? __pfx_panic+0x10/0x10
[  137.001391][    C1]  ? end_report+0x4c/0x170
[  137.005916][    C1]  ? rcu_is_watching+0x12/0xc0
[  137.010716][    C1]  ? lock_release+0x201/0x2f0
[  137.015411][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  137.020763][    C1]  check_panic_on_warn+0xab/0xb0
[  137.025846][    C1]  end_report+0x107/0x170
[  137.030313][    C1]  kasan_report+0xee/0x110
[  137.034751][    C1]  ? usbtmc_interrupt+0x4e1/0x6e0
[  137.040064][    C1]  usbtmc_interrupt+0x4e1/0x6e0
[  137.045208][    C1]  __usb_hcd_giveback_urb+0x38b/0x610
[  137.050608][    C1]  usb_hcd_giveback_urb+0x39b/0x450
[  137.055920][    C1]  dummy_timer+0x1814/0x3a30
[  137.060543][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  137.065615][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  137.070737][    C1]  ? mark_held_locks+0x49/0x80
[  137.075852][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  137.082229][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  137.087548][    C1]  __hrtimer_run_queues+0x1ff/0xad0
[  137.093657][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  137.099774][    C1]  ? read_tsc+0x9/0x20
[  137.104482][    C1]  hrtimer_run_softirq+0x17d/0x350
[  137.109968][    C1]  handle_softirqs+0x208/0x8d0
[  137.115400][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  137.120914][    C1]  __irq_exit_rcu+0xfa/0x160
[  137.125629][    C1]  irq_exit_rcu+0x9/0x30
[  137.130161][    C1]  sysvec_apic_timer_interrupt+0x90/0xb0
[  137.135875][    C1]  </IRQ>
[  137.138993][    C1]  <TASK>
[  137.142016][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  137.148010][    C1] RIP: 0010:__radix_tree_preload+0xd4/0x840
[  137.153941][    C1] Code: 48 89 e8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 39 07 00 00 44 8b 35 8a 66 67 0c 31 ff 4c 8d 63 28 44 89 f6 e8 4c e2 44 fa <45> 85 f6 75 2b e8 02 e7 44 fa 4c 89 e2 48 b8 00 00 00 00 00 fc ff
[  137.174013][    C1] RSP: 0018:ffffc90003dfef28 EFLAGS: 00000293
[  137.180277][    C1] RAX: 0000000000000000 RBX: ffff8881f5937520 RCX: ffffffff87391144
[  137.188404][    C1] RDX: ffff888115011d00 RSI: 0000000000000000 RDI: 0000000000000005
[  137.196474][    C1] RBP: ffffffff93a077c0 R08: 0000000000000005 R09: 0000000000000000
[  137.204542][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881f5937548
[  137.212611][    C1] R13: 000000000000000b R14: 0000000000000000 R15: ffff888100ac5068
[  137.220696][    C1]  ? __radix_tree_preload+0xd4/0x840
[  137.226193][    C1]  ? __radix_tree_preload+0xd4/0x840
[  137.231500][    C1]  ? kmem_cache_alloc_noprof+0x1a2/0x3b0
[  137.237342][    C1]  idr_preload+0x1b/0x240
[  137.241779][    C1]  __kernfs_new_node+0xf1/0x8e0
[  137.246654][    C1]  ? __pfx___kernfs_new_node+0x10/0x10
[  137.252130][    C1]  ? find_held_lock+0x2b/0x80
[  137.257126][    C1]  ? kernfs_root+0xee/0x2a0
[  137.261665][    C1]  kernfs_new_node+0x13c/0x1e0
[  137.266634][    C1]  __kernfs_create_file+0x53/0x350
[  137.271779][    C1]  sysfs_add_file_mode_ns+0x207/0x3c0
[  137.277184][    C1]  internal_create_group+0x578/0xf30
[  137.282683][    C1]  ? sysfs_create_file_ns+0x154/0x1d0
[  137.288344][    C1]  ? __pfx_internal_create_group+0x10/0x10
[  137.294347][    C1]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  137.300175][    C1]  ? down_read+0x13d/0x480
[  137.304745][    C1]  ? acpi_device_notify+0x351/0x480
[  137.309962][    C1]  ? lockdep_init_map_type+0x5c/0x280
[  137.315354][    C1]  internal_create_groups+0x9d/0x150
[  137.320657][    C1]  device_add+0x77f/0x1aa0
[  137.325184][    C1]  ? __pfx_device_add+0x10/0x10
[  137.330055][    C1]  ? lockdep_init_map_type+0x5c/0x280
[  137.335543][    C1]  ? __init_waitqueue_head+0xca/0x150
[  137.341215][    C1]  usb_create_ep_devs+0x160/0x2b0
[  137.346484][    C1]  create_intf_ep_devs.isra.0+0x161/0x200
[  137.352257][    C1]  usb_set_configuration+0x11a7/0x1e20
[  137.357918][    C1]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  137.363997][    C1]  usb_generic_driver_probe+0xb1/0x110
[  137.369566][    C1]  usb_probe_device+0xef/0x3e0
[  137.374609][    C1]  ? __pfx_usb_probe_device+0x10/0x10
[  137.380003][    C1]  really_probe+0x241/0xa90
[  137.384546][    C1]  __driver_probe_device+0x1de/0x440
[  137.389851][    C1]  ? usb_driver_applicable+0x1c7/0x220
[  137.395418][    C1]  driver_probe_device+0x4c/0x1b0
[  137.400649][    C1]  __device_attach_driver+0x1df/0x310
[  137.406169][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  137.412193][    C1]  bus_for_each_drv+0x159/0x1e0
[  137.417081][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  137.422734][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  137.428258][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  137.434171][    C1]  __device_attach+0x1e4/0x4b0
[  137.439138][    C1]  ? __pfx___device_attach+0x10/0x10
[  137.444453][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  137.449760][    C1]  bus_probe_device+0x17f/0x1c0
[  137.454826][    C1]  device_add+0x1148/0x1aa0
[  137.459353][    C1]  ? __pfx_device_add+0x10/0x10
[  137.464237][    C1]  ? usb_detect_static_quirks+0x335/0x3e0
[  137.470087][    C1]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  137.476105][    C1]  usb_new_device+0xd07/0x1a60
[  137.480979][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  137.486115][    C1]  ? __pfx_usb_new_device+0x10/0x10
[  137.491337][    C1]  ? mark_held_locks+0x49/0x80
[  137.496201][    C1]  hub_event+0x2fce/0x5060
[  137.500650][    C1]  ? __pfx_hub_event+0x10/0x10
[  137.505427][    C1]  ? assoc_array_apply_edit+0x420/0x6c0
[  137.511194][    C1]  ? rcu_is_watching+0x12/0xc0
[  137.516086][    C1]  process_one_work+0x9cc/0x1b70
[  137.521136][    C1]  ? __pfx_hub_event+0x10/0x10
[  137.526092][    C1]  ? __pfx_process_one_work+0x10/0x10
[  137.531660][    C1]  ? assign_work+0x1a0/0x250
[  137.536271][    C1]  worker_thread+0x6c8/0xf10
[  137.540903][    C1]  ? __kthread_parkme+0x19e/0x250
[  137.546175][    C1]  ? __pfx_worker_thread+0x10/0x10
[  137.551314][    C1]  kthread+0x3c5/0x780
[  137.555422][    C1]  ? __pfx_kthread+0x10/0x10
[  137.560026][    C1]  ? rcu_is_watching+0x12/0xc0
[  137.565004][    C1]  ? __pfx_kthread+0x10/0x10
[  137.569790][    C1]  ret_from_fork+0x5b6/0x6c0
[  137.574660][    C1]  ? __pfx_kthread+0x10/0x10
[  137.579351][    C1]  ret_from_fork_asm+0x1a/0x30
[  137.584155][    C1]  </TASK>
[  137.587760][    C1] Kernel Offset: disabled
[  137.592088][    C1] Rebooting in 86400 seconds..