Warning: Permanently added '10.128.1.230' (ED25519) to the list of known hosts.
2025/08/17 05:28:37 ignoring optional flag "sandboxArg"="0"
2025/08/17 05:28:38 parsed 1 programs
[ 93.668916][ T6176] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 96.067525][ T6194] chnl_net:caif_netlink_parms(): no params data found
[ 96.117588][ T6194] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.124691][ T6194] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.132321][ T6194] bridge_slave_0: entered allmulticast mode
[ 96.140289][ T6194] bridge_slave_0: entered promiscuous mode
[ 96.148295][ T6194] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.155477][ T6194] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.163158][ T6194] bridge_slave_1: entered allmulticast mode
[ 96.170227][ T6194] bridge_slave_1: entered promiscuous mode
[ 96.194301][ T6194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 96.205842][ T6194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 96.229038][ T6194] team0: Port device team_slave_0 added
[ 96.236509][ T6194] team0: Port device team_slave_1 added
[ 96.255127][ T6194] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 96.262697][ T6194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.289936][ T6194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 96.302301][ T6194] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 96.309599][ T6194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 96.335612][ T6194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 96.360915][ T6194] hsr_slave_0: entered promiscuous mode
[ 96.366942][ T6194] hsr_slave_1: entered promiscuous mode
[ 96.666139][ T6194] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 96.680246][ T6194] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 96.689648][ T6194] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 96.699259][ T6194] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 96.722334][ T6194] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.729656][ T6194] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 96.737383][ T6194] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.744505][ T6194] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 96.788449][ T6194] 8021q: adding VLAN 0 to HW filter on device bond0
[ 96.802437][ T3606] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.813122][ T3606] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.826070][ T6194] 8021q: adding VLAN 0 to HW filter on device team0
[ 96.839042][ T3606] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.846233][ T3606] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 96.873608][ T3606] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.881206][ T3606] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 97.032050][ T6194] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 97.071944][ T6194] veth0_vlan: entered promiscuous mode
[ 97.084858][ T6194] veth1_vlan: entered promiscuous mode
[ 97.116663][ T6194] veth0_macvtap: entered promiscuous mode
[ 97.125670][ T6194] veth1_macvtap: entered promiscuous mode
[ 97.145229][ T6194] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 97.160584][ T6194] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 97.174283][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.184504][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.208909][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.223677][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.292968][ T3606] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.339265][ T3606] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.401305][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.414082][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.423991][ T3606] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.462823][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.472644][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.529951][ T3606] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.046342][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 98.055395][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 98.065148][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 98.073096][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 98.082813][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.092506][ T3606] bridge_slave_1: left allmulticast mode
[ 100.119808][ T3606] bridge_slave_1: left promiscuous mode
[ 100.125542][ T3606] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.140126][ T3606] bridge_slave_0: left allmulticast mode
[ 100.145806][ T3606] bridge_slave_0: left promiscuous mode
[ 100.171075][ T3606] bridge0: port 1(bridge_slave_0) entered disabled state
2025/08/17 05:28:48 executed programs: 0
[ 100.335400][ T3606] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 100.362269][ T3606] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 100.380254][ T3606] bond0 (unregistering): Released all slaves
[ 100.422026][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 100.433956][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 100.443356][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 100.451780][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 100.459574][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.507898][ T3606] hsr_slave_0: left promiscuous mode
[ 100.513952][ T3606] hsr_slave_1: left promiscuous mode
[ 100.519842][ T3606] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 100.527373][ T3606] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 100.535141][ T3606] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 100.542702][ T3606] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 100.554346][ T3606] veth1_macvtap: left promiscuous mode
[ 100.560229][ T3606] veth0_macvtap: left promiscuous mode
[ 100.565809][ T3606] veth1_vlan: left promiscuous mode
[ 100.571374][ T3606] veth0_vlan: left promiscuous mode
[ 100.724356][ T3606] team0 (unregistering): Port device team_slave_1 removed
[ 100.743122][ T3606] team0 (unregistering): Port device team_slave_0 removed
[ 100.935830][ T6438] chnl_net:caif_netlink_parms(): no params data found
[ 101.101897][ T6438] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.109146][ T6438] bridge0: port 1(bridge_slave_0) entered disabled state
[ 101.116269][ T6438] bridge_slave_0: entered allmulticast mode
[ 101.123029][ T6438] bridge_slave_0: entered promiscuous mode
[ 101.131095][ T6438] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.138652][ T6438] bridge0: port 2(bridge_slave_1) entered disabled state
[ 101.145905][ T6438] bridge_slave_1: entered allmulticast mode
[ 101.152637][ T6438] bridge_slave_1: entered promiscuous mode
[ 101.177950][ T6438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 101.189716][ T6438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 101.213983][ T6438] team0: Port device team_slave_0 added
[ 101.222093][ T6438] team0: Port device team_slave_1 added
[ 101.247834][ T6438] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 101.254949][ T6438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 101.282116][ T6438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 101.294692][ T6438] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 101.301978][ T6438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 101.328535][ T6438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 101.634749][ T6438] hsr_slave_0: entered promiscuous mode
[ 101.641164][ T6438] hsr_slave_1: entered promiscuous mode
[ 102.133229][ T6438] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 102.157468][ T6438] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 102.180720][ T6438] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 102.190409][ T6438] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 102.252829][ T6438] 8021q: adding VLAN 0 to HW filter on device bond0
[ 102.267780][ T6438] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.281755][ T59] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.288895][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.303435][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.310585][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.473494][ T6438] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 102.499212][ T51] Bluetooth: hci0: command tx timeout
[ 102.519053][ T6438] veth0_vlan: entered promiscuous mode
[ 102.529589][ T6438] veth1_vlan: entered promiscuous mode
[ 102.555441][ T6438] veth0_macvtap: entered promiscuous mode
[ 102.564528][ T6438] veth1_macvtap: entered promiscuous mode
[ 102.581787][ T6438] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 102.593654][ T6438] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 102.606743][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.619305][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.629538][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.648730][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 102.691272][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.699230][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.719831][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.728941][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.997167][ T921] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 103.148643][ T921] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 103.158815][ T921] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 103.173439][ T921] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 103.182598][ T921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 103.191279][ T921] usb 1-1: Product: syz
[ 103.195460][ T921] usb 1-1: Manufacturer: syz
[ 103.200139][ T921] usb 1-1: SerialNumber: syz
[ 103.408024][ T6545] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 103.417646][ T6545] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 103.429228][ T921] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[ 103.442646][ T921] usb 1-1: USB disconnect, device number 2
[ 103.867167][ T921] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 104.027173][ T921] usb 1-1: Using ep0 maxpacket: 8
[ 104.034064][ T921] usb 1-1: config index 0 descriptor too short (expected 301, got 72)
[ 104.042298][ T921] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 104.052718][ T921] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 104.062516][ T921] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 104.072360][ T921] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 104.082573][ T921] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 104.093633][ T921] usb 1-1: config 16 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 104.107546][ T921] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 104.116698][ T921] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 104.327764][ T921] usb 1-1: usb_control_msg returned -32
[ 104.333348][ T921] usbtmc 1-1:16.0: can't read capabilities
[ 104.340288][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.346390][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.352392][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.358398][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.364540][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.370534][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.376520][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.382532][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.388562][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.394652][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.400654][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.406670][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.412742][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.418744][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.424750][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.430861][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.436866][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.443272][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.449329][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.455361][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.461344][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.467347][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.473333][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.479384][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.485367][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.491451][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.497463][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.503455][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.509462][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.515451][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.521451][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.527465][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.533451][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.539416][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.545590][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.551629][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.557893][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.563957][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.570096][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.576081][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.581966][ T51] Bluetooth: hci0: command tx timeout
[ 104.587593][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.593649][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.599646][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.605714][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.611675][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.617778][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.623857][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.629928][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.635914][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.641972][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.648097][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.654190][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.660292][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.666288][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.672278][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.678275][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.684457][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.690439][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.696423][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.702390][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.708415][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.714435][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.720425][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.726714][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.732741][ C1] usbtmc 1-1:16.0: invalid notification: 11
[ 104.738993][ C1] usbtmc 1-1:16.0: invalid notification: 1
[ 104.745037][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.751426][ C1] usbtmc 1-1:16.0: invalid notification: 0
[ 104.757683][ C1] usbtmc 1-1:16.0: invalid notification: 73
[ 104.763931][ C1] usbtmc 1-1:16.0: invalid notification: 33
[ 104.770095][ C1] usbtmc 1-1:16.0: invalid notification: 36
[ 104.776179][ C1] usbtmc 1-1:16.0: invalid notification: 8
[ 104.782160][ C1] ==================================================================
[ 104.790238][ C1] BUG: KASAN: slab-out-of-bounds in usbtmc_interrupt+0x560/0x720
[ 104.798073][ C1] Read of size 1 at addr ffff8880328ca261 by task swapper/1/0
[ 104.805521][ C1]
[ 104.807857][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.17.0-rc1-next-20250815-syzkaller-g1357b2649c02-dirty #0 PREEMPT(full)
[ 104.807872][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 104.807880][ C1] Call Trace:
[ 104.807884][ C1]
[ 104.807889][ C1] dump_stack_lvl+0x189/0x250
[ 104.807907][ C1] ? __virt_addr_valid+0x1c8/0x5c0
[ 104.807917][ C1] ? rcu_is_watching+0x15/0xb0
[ 104.807930][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 104.807943][ C1] ? rcu_is_watching+0x15/0xb0
[ 104.807954][ C1] ? lock_release+0x4b/0x3e0
[ 104.807966][ C1] ? __virt_addr_valid+0x1c8/0x5c0
[ 104.807975][ C1] ? __virt_addr_valid+0x4a5/0x5c0
[ 104.807986][ C1] print_report+0xca/0x240
[ 104.807996][ C1] ? usbtmc_interrupt+0x560/0x720
[ 104.808008][ C1] kasan_report+0x118/0x150
[ 104.808020][ C1] ? usbtmc_interrupt+0x560/0x720
[ 104.808033][ C1] usbtmc_interrupt+0x560/0x720
[ 104.808045][ C1] ? usb_unanchor_urb+0xa5/0xc0
[ 104.808057][ C1] ? usb_anchor_suspend_wakeups+0x3b/0x50
[ 104.808069][ C1] __usb_hcd_giveback_urb+0x376/0x540
[ 104.808081][ C1] dummy_timer+0x862/0x4550
[ 104.808118][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 104.808137][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 104.808153][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 104.808162][ C1] __hrtimer_run_queues+0x529/0xc60
[ 104.808177][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 104.808188][ C1] ? read_tsc+0x9/0x20
[ 104.808199][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 104.808213][ C1] hrtimer_run_softirq+0x187/0x2b0
[ 104.808236][ C1] handle_softirqs+0x283/0x870
[ 104.808248][ C1] ? __irq_exit_rcu+0xca/0x1f0
[ 104.808260][ C1] ? __pfx_handle_softirqs+0x10/0x10
[ 104.808272][ C1] ? irqtime_account_irq+0xb6/0x1c0
[ 104.808287][ C1] __irq_exit_rcu+0xca/0x1f0
[ 104.808298][ C1] ? __pfx___irq_exit_rcu+0x10/0x10
[ 104.808311][ C1] irq_exit_rcu+0x9/0x30
[ 104.808321][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 104.808332][ C1]
[ 104.808335][ C1]
[ 104.808339][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 104.808350][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 104.808362][ C1] Code: d3 e7 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 33 ea 24 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 104.808371][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[ 104.808381][ C1] RAX: 9a4dc4a4e698df00 RBX: ffffffff8196d418 RCX: 9a4dc4a4e698df00
[ 104.808389][ C1] RDX: 0000000000000001 RSI: ffffffff8c04da60 RDI: ffffffff8196d418
[ 104.808396][ C1] RBP: ffffc90000197f20 R08: ffff8880b8732f9b R09: 1ffff110170e65f3
[ 104.808404][ C1] R10: dffffc0000000000 R11: ffffed10170e65f4 R12: ffffffff8fe4e130
[ 104.808411][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003ad8b40
[ 104.808418][ C1] ? do_idle+0x1e8/0x510
[ 104.808430][ C1] ? do_idle+0x1e8/0x510
[ 104.808442][ C1] default_idle+0x13/0x20
[ 104.808453][ C1] default_idle_call+0x74/0xb0
[ 104.808465][ C1] do_idle+0x1e8/0x510
[ 104.808477][ C1] ? __pfx_do_idle+0x10/0x10
[ 104.808491][ C1] cpu_startup_entry+0x44/0x60
[ 104.808502][ C1] start_secondary+0x101/0x110
[ 104.808513][ C1] common_startup_64+0x13e/0x147
[ 104.808526][ C1]
[ 104.808530][ C1]
[ 105.131337][ C1] Allocated by task 921:
[ 105.135564][ C1] kasan_save_track+0x3e/0x80
[ 105.140315][ C1] __kasan_kmalloc+0x93/0xb0
[ 105.144893][ C1] __kmalloc_noprof+0x27a/0x4f0
[ 105.149737][ C1] usbtmc_probe+0xa3a/0x1ad0
[ 105.154331][ C1] usb_probe_interface+0x665/0xc30
[ 105.159426][ C1] really_probe+0x26d/0x9e0
[ 105.164006][ C1] __driver_probe_device+0x18c/0x2f0
[ 105.169276][ C1] driver_probe_device+0x4f/0x430
[ 105.174373][ C1] __device_attach_driver+0x2ce/0x530
[ 105.179732][ C1] bus_for_each_drv+0x24e/0x2e0
[ 105.184564][ C1] __device_attach+0x2b8/0x400
[ 105.189335][ C1] bus_probe_device+0x185/0x260
[ 105.194601][ C1] device_add+0x7b6/0xb50
[ 105.198914][ C1] usb_set_configuration+0x1a87/0x20e0
[ 105.204551][ C1] usb_generic_driver_probe+0x8d/0x150
[ 105.210005][ C1] usb_probe_device+0x1c4/0x390
[ 105.214838][ C1] really_probe+0x26d/0x9e0
[ 105.219417][ C1] __driver_probe_device+0x18c/0x2f0
[ 105.224776][ C1] driver_probe_device+0x4f/0x430
[ 105.229786][ C1] __device_attach_driver+0x2ce/0x530
[ 105.235145][ C1] bus_for_each_drv+0x24e/0x2e0
[ 105.240071][ C1] __device_attach+0x2b8/0x400
[ 105.244922][ C1] bus_probe_device+0x185/0x260
[ 105.249809][ C1] device_add+0x7b6/0xb50
[ 105.254121][ C1] usb_new_device+0xa39/0x16f0
[ 105.259047][ C1] hub_event+0x2958/0x4a20
[ 105.263453][ C1] process_scheduled_works+0xade/0x17b0
[ 105.269043][ C1] worker_thread+0x8a0/0xda0
[ 105.273711][ C1] kthread+0x70e/0x8a0
[ 105.277777][ C1] ret_from_fork+0x3f9/0x770
[ 105.282447][ C1] ret_from_fork_asm+0x1a/0x30
[ 105.287195][ C1]
[ 105.289502][ C1] The buggy address belongs to the object at ffff8880328ca260
[ 105.289502][ C1] which belongs to the cache kmalloc-8 of size 8
[ 105.303200][ C1] The buggy address is located 0 bytes to the right of
[ 105.303200][ C1] allocated 1-byte region [ffff8880328ca260, ffff8880328ca261)
[ 105.317806][ C1]
[ 105.320134][ C1] The buggy address belongs to the physical page:
[ 105.326556][ C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x328ca
[ 105.335321][ C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 105.342449][ C1] page_type: f5(slab)
[ 105.346433][ C1] raw: 00fff00000000000 ffff88801a841500 dead000000000100 dead000000000122
[ 105.355013][ C1] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[ 105.363926][ C1] page dumped because: kasan: bad access detected
[ 105.370590][ C1] page_owner tracks the page as allocated
[ 105.376284][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5215, tgid 5215 (init), ts 19330584896, free_ts 18340276944
[ 105.394870][ C1] post_alloc_hook+0x240/0x2a0
[ 105.399688][ C1] get_page_from_freelist+0x21e4/0x22c0
[ 105.405237][ C1] __alloc_frozen_pages_noprof+0x181/0x370
[ 105.411036][ C1] alloc_pages_mpol+0x232/0x4a0
[ 105.415873][ C1] allocate_slab+0x8a/0x370
[ 105.420431][ C1] ___slab_alloc+0xbeb/0x1410
[ 105.425127][ C1] __kmalloc_noprof+0x305/0x4f0
[ 105.430084][ C1] ima_write_template_field_data+0x47/0x490
[ 105.436100][ C1] ima_eventname_init_common+0x1e0/0x240
[ 105.441845][ C1] ima_alloc_init_template+0x30d/0x6f0
[ 105.447329][ C1] ima_store_measurement+0x1b7/0x640
[ 105.452628][ C1] process_measurement+0x11eb/0x1a40
[ 105.458083][ C1] ima_bprm_check+0xfd/0x200
[ 105.462657][ C1] security_bprm_check+0xd9/0x270
[ 105.467668][ C1] bprm_execve+0x8ee/0x1450
[ 105.472186][ C1] do_execveat_common+0x510/0x6a0
[ 105.477205][ C1] page last free pid 1 tgid 1 stack trace:
[ 105.483163][ C1] __free_frozen_pages+0xbc4/0xd30
[ 105.488361][ C1] kasan_depopulate_vmalloc_pte+0x74/0xa0
[ 105.494086][ C1] __apply_to_page_range+0xb92/0x1380
[ 105.499451][ C1] kasan_release_vmalloc+0xa2/0xd0
[ 105.504552][ C1] purge_vmap_node+0x214/0x8f0
[ 105.509750][ C1] __purge_vmap_area_lazy+0x7a4/0xb40
[ 105.515122][ C1] _vm_unmap_aliases+0x70f/0x7b0
[ 105.520047][ C1] change_page_attr_set_clr+0x305/0xeb0
[ 105.525583][ C1] set_memory_nx+0xd6/0x110
[ 105.530073][ C1] free_kernel_image_pages+0x85/0x100
[ 105.535456][ C1] kernel_init+0x31/0x1d0
[ 105.539869][ C1] ret_from_fork+0x3f9/0x770
[ 105.544485][ C1] ret_from_fork_asm+0x1a/0x30
[ 105.549232][ C1]
[ 105.551595][ C1] Memory state around the buggy address:
[ 105.557205][ C1] ffff8880328ca100: fa fc fc fc fa fc fc fc 06 fc fc fc 06 fc fc fc
[ 105.565507][ C1] ffff8880328ca180: 00 fc fc fc fa fc fc fc fa fc fc fc 00 fc fc fc
[ 105.573551][ C1] >ffff8880328ca200: fa fc fc fc 00 fc fc fc fa fc fc fc 01 fc fc fc
[ 105.581793][ C1] ^
[ 105.588966][ C1] ffff8880328ca280: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc
[ 105.597103][ C1] ffff8880328ca300: fa fc fc fc fa fc fc fc 04 fc fc fc fa fc fc fc
[ 105.605164][ C1] ==================================================================
[ 105.613393][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 105.620584][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.17.0-rc1-next-20250815-syzkaller-g1357b2649c02-dirty #0 PREEMPT(full)
[ 105.633411][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 105.643539][ C1] Call Trace:
[ 105.646810][ C1]
[ 105.649730][ C1] dump_stack_lvl+0x99/0x250
[ 105.654315][ C1] ? __asan_memcpy+0x40/0x70
[ 105.658905][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 105.664183][ C1] ? __pfx__printk+0x10/0x10
[ 105.668771][ C1] vpanic+0x281/0x750
[ 105.672746][ C1] ? __pfx_print_hex_dump+0x10/0x10
[ 105.677932][ C1] ? __pfx_vpanic+0x10/0x10
[ 105.682435][ C1] panic+0xb9/0xc0
[ 105.686163][ C1] ? __pfx_panic+0x10/0x10
[ 105.690840][ C1] ? do_raw_spin_unlock+0x122/0x240
[ 105.696036][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 105.702352][ C1] ? usbtmc_interrupt+0x560/0x720
[ 105.707374][ C1] check_panic_on_warn+0x89/0xb0
[ 105.712298][ C1] ? usbtmc_interrupt+0x560/0x720
[ 105.717330][ C1] end_report+0x78/0x160
[ 105.721565][ C1] kasan_report+0x129/0x150
[ 105.726065][ C1] ? usbtmc_interrupt+0x560/0x720
[ 105.731179][ C1] usbtmc_interrupt+0x560/0x720
[ 105.736047][ C1] ? usb_unanchor_urb+0xa5/0xc0
[ 105.740889][ C1] ? usb_anchor_suspend_wakeups+0x3b/0x50
[ 105.746599][ C1] __usb_hcd_giveback_urb+0x376/0x540
[ 105.752068][ C1] dummy_timer+0x862/0x4550
[ 105.756596][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 105.761523][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 105.766489][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 105.771425][ C1] __hrtimer_run_queues+0x529/0xc60
[ 105.776733][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 105.782448][ C1] ? read_tsc+0x9/0x20
[ 105.786595][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10
[ 105.792478][ C1] hrtimer_run_softirq+0x187/0x2b0
[ 105.797671][ C1] handle_softirqs+0x283/0x870
[ 105.802460][ C1] ? __irq_exit_rcu+0xca/0x1f0
[ 105.807301][ C1] ? __pfx_handle_softirqs+0x10/0x10
[ 105.812666][ C1] ? irqtime_account_irq+0xb6/0x1c0
[ 105.818052][ C1] __irq_exit_rcu+0xca/0x1f0
[ 105.822657][ C1] ? __pfx___irq_exit_rcu+0x10/0x10
[ 105.827939][ C1] irq_exit_rcu+0x9/0x30
[ 105.832216][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 105.837860][ C1]
[ 105.840872][ C1]
[ 105.843793][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 105.849761][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 105.855644][ C1] Code: d3 e7 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 33 ea 24 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 105.875443][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[ 105.881521][ C1] RAX: 9a4dc4a4e698df00 RBX: ffffffff8196d418 RCX: 9a4dc4a4e698df00
[ 105.889491][ C1] RDX: 0000000000000001 RSI: ffffffff8c04da60 RDI: ffffffff8196d418
[ 105.897452][ C1] RBP: ffffc90000197f20 R08: ffff8880b8732f9b R09: 1ffff110170e65f3
[ 105.905419][ C1] R10: dffffc0000000000 R11: ffffed10170e65f4 R12: ffffffff8fe4e130
[ 105.913377][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003ad8b40
[ 105.921348][ C1] ? do_idle+0x1e8/0x510
[ 105.925617][ C1] ? do_idle+0x1e8/0x510
[ 105.929887][ C1] default_idle+0x13/0x20
[ 105.934217][ C1] default_idle_call+0x74/0xb0
[ 105.938972][ C1] do_idle+0x1e8/0x510
[ 105.943314][ C1] ? __pfx_do_idle+0x10/0x10
[ 105.947920][ C1] cpu_startup_entry+0x44/0x60
[ 105.952682][ C1] start_secondary+0x101/0x110
[ 105.957442][ C1] common_startup_64+0x13e/0x147
[ 105.962458][ C1]
[ 105.965800][ C1] Kernel Offset: disabled
[ 105.970116][ C1] Rebooting in 86400 seconds..