[   49.366206][   T29] audit: type=1400 audit(1761498511.715:95): avc:  denied  { create } for  pid=3459 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   49.396210][   T29] audit: type=1400 audit(1761498511.715:96): avc:  denied  { sys_admin } for  pid=3459 comm="syz-executor" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   49.417875][   T29] audit: type=1400 audit(1761498511.775:97): avc:  denied  { sys_chroot } for  pid=3460 comm="syz-executor" capability=18  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   50.120068][   T29] audit: type=1400 audit(1761498512.465:98): avc:  denied  { write } for  pid=2962 comm="syz-execprog" path="pipe:[490]" dev="pipefs" ino=490 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
Warning: Permanently added '10.128.1.195' (ED25519) to the list of known hosts.
2025/10/26 17:09:03 ignoring optional flag "type"="gce"
2025/10/26 17:09:03 parsed 1 programs
[   82.884210][   T29] audit: type=1400 audit(1761498545.235:99): avc:  denied  { unlink } for  pid=3957 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   83.011656][ T3957] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   84.245549][   T29] audit: type=1400 audit(1761498546.595:100): avc:  denied  { read } for  pid=3967 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   84.266956][   T29] audit: type=1400 audit(1761498546.595:101): avc:  denied  { open } for  pid=3967 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   84.290741][   T29] audit: type=1400 audit(1761498546.635:102): avc:  denied  { unmount } for  pid=3967 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   94.851364][   T29] audit: type=1401 audit(1761498557.205:103): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2025/10/26 17:09:17 executed programs: 0
2025/10/26 17:09:27 executed programs: 2
[  105.044648][   T29] audit: type=1400 audit(1761498567.395:104): avc:  denied  { read write } for  pid=4924 comm="syz.0.15" name="raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.068104][   T29] audit: type=1400 audit(1761498567.395:105): avc:  denied  { open } for  pid=4924 comm="syz.0.15" path="/dev/raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.091323][   T29] audit: type=1400 audit(1761498567.395:106): avc:  denied  { ioctl } for  pid=4924 comm="syz.0.15" path="/dev/raw-gadget" dev="devtmpfs" ino=236 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.350537][ T1118] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  105.500391][ T1118] usb 1-1: Using ep0 maxpacket: 16
[  105.507260][ T1118] usb 1-1: config 0 has an invalid interface number: 6 but max is 0
[  105.515352][ T1118] usb 1-1: config 0 has no interface number 0
[  105.521479][ T1118] usb 1-1: config 0 interface 6 altsetting 0 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  105.532275][ T1118] usb 1-1: config 0 interface 6 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 120
[  105.542117][ T1118] usb 1-1: config 0 interface 6 altsetting 0 endpoint 0x8A has an invalid bInterval 127, changing to 10
[  105.553271][ T1118] usb 1-1: config 0 interface 6 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[  105.563804][ T1118] usb 1-1: config 0 interface 6 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  105.575678][ T1118] usb 1-1: New USB device found, idVendor=19d2, idProduct=0078, bcdDevice=74.c0
[  105.584769][ T1118] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.592768][ T1118] usb 1-1: Product: syz
[  105.596922][ T1118] usb 1-1: Manufacturer: syz
[  105.601527][ T1118] usb 1-1: SerialNumber: syz
[  105.608910][ T1118] usb 1-1: config 0 descriptor??
[  105.617159][ T1118] smsusb:smsusb_probe: board id=15, interface number 6
[  105.627054][ T1118] smsusb:siano_media_device_register: media controller created
[  105.635965][ T1118] usb 1-1: BOGUS urb xfer, pipe 3 != type 1
[  105.641872][ T1118] smsusb:smsusb_start_streaming: smsusb_submit_urb(...) failed
[  105.649434][ T1118] smsusb:smsusb_init_device: smsusb_start_streaming(...) failed
[  105.658186][ T1118] ------------[ cut here ]------------
[  105.663655][ T1118] WARNING: CPU: 0 PID: 1118 at mm/slub.c:6729 free_large_kmalloc+0x114/0x180
[  105.672624][ T1118] Modules linked in:
[  105.676610][ T1118] CPU: 0 UID: 0 PID: 1118 Comm: kworker/0:2 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  105.686437][ T1118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  105.696538][ T1118] Workqueue: usb_hub_wq hub_event
[  105.701582][ T1118] RIP: 0010:free_large_kmalloc+0x114/0x180
[  105.707405][ T1118] Code: 00 00 00 48 89 df e8 db 6f 0b 00 e8 66 77 b0 ff 9c 58 f6 c4 02 75 6f fb eb 83 48 c7 c6 d8 cf d3 88 e8 90 f1 f0 ff 90 0f 0b 90 <0f> 0b 90 48 c7 c6 ef 97 c7 88 48 89 df 5b 5d 41 5c 41 5d e9 74 f1
[  105.727066][ T1118] RSP: 0018:ffffc90001dfedb8 EFLAGS: 00010202
[  105.733251][ T1118] RAX: 0200000000000000 RBX: ffffea0004c15880 RCX: ffffffff813ca8fe
[  105.741251][ T1118] RDX: 00000000000000ff RSI: ffff888130562000 RDI: ffffea0004c15880
[  105.749224][ T1118] RBP: ffff888130562000 R08: 0000000000000007 R09: 0000000000000000
[  105.757234][ T1118] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888106ab4000
[  105.765227][ T1118] R13: ffff888106ab5000 R14: dffffc0000000000 R15: ffff888106ab40f0
[  105.773235][ T1118] FS:  0000000000000000(0000) GS:ffff888268ea3000(0000) knlGS:0000000000000000
[  105.782188][ T1118] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  105.788758][ T1118] CR2: 00007f08048d9120 CR3: 0000000116cd0000 CR4: 00000000003506f0
[  105.796836][ T1118] Call Trace:
[  105.800115][ T1118]  <TASK>
[  105.803084][ T1118]  usb_free_urb.part.0+0xe5/0x100
[  105.808133][ T1118]  usb_free_urb+0x1f/0x30
[  105.812496][ T1118]  smsusb_term_device+0x108/0x1e0
[  105.817541][ T1118]  smsusb_init_device+0xaa0/0xe00
[  105.822647][ T1118]  ? __pfx_smsusb_init_device+0x10/0x10
[  105.828225][ T1118]  ? __pfx_smsusb_sendrequest+0x10/0x10
[  105.833848][ T1118]  ? usb_clear_halt+0xb5/0x160
[  105.838651][ T1118]  smsusb_probe+0x5d3/0x1090
[  105.843280][ T1118]  ? __pfx_smsusb_probe+0x10/0x10
[  105.848323][ T1118]  ? mark_held_locks+0x49/0x80
[  105.853112][ T1118]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  105.858932][ T1118]  ? __pm_runtime_set_status+0x13c/0xa80
[  105.864627][ T1118]  usb_probe_interface+0x303/0xa40
[  105.869759][ T1118]  ? __pfx_usb_probe_interface+0x10/0x10
[  105.875412][ T1118]  really_probe+0x241/0xa90
[  105.879936][ T1118]  __driver_probe_device+0x1de/0x440
[  105.885352][ T1118]  driver_probe_device+0x4c/0x1b0
[  105.890412][ T1118]  __device_attach_driver+0x1df/0x310
[  105.895785][ T1118]  ? __pfx___device_attach_driver+0x10/0x10
[  105.901699][ T1118]  bus_for_each_drv+0x159/0x1e0
[  105.906571][ T1118]  ? __pfx_bus_for_each_drv+0x10/0x10
[  105.911982][ T1118]  ? lockdep_hardirqs_on+0x7c/0x110
[  105.917189][ T1118]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  105.923036][ T1118]  __device_attach+0x1e4/0x4b0
[  105.927807][ T1118]  ? __pfx___device_attach+0x10/0x10
[  105.933108][ T1118]  ? do_raw_spin_unlock+0x172/0x230
[  105.938322][ T1118]  bus_probe_device+0x17f/0x1c0
[  105.943201][ T1118]  device_add+0x1148/0x1aa0
[  105.947719][ T1118]  ? __pfx_device_add+0x10/0x10
[  105.952590][ T1118]  ? mark_held_locks+0x49/0x80
[  105.957364][ T1118]  usb_set_configuration+0x1187/0x1e20
[  105.962871][ T1118]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  105.968947][ T1118]  usb_generic_driver_probe+0xb1/0x110
[  105.974436][ T1118]  usb_probe_device+0xef/0x3e0
[  105.979236][ T1118]  ? __pfx_usb_probe_device+0x10/0x10
[  105.984637][ T1118]  really_probe+0x241/0xa90
[  105.989165][ T1118]  __driver_probe_device+0x1de/0x440
[  105.994474][ T1118]  ? usb_driver_applicable+0x1c7/0x220
[  105.999943][ T1118]  driver_probe_device+0x4c/0x1b0
[  106.004995][ T1118]  __device_attach_driver+0x1df/0x310
[  106.010402][ T1118]  ? __pfx___device_attach_driver+0x10/0x10
[  106.016290][ T1118]  bus_for_each_drv+0x159/0x1e0
[  106.021173][ T1118]  ? __pfx_bus_for_each_drv+0x10/0x10
[  106.026555][ T1118]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.031782][ T1118]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.037599][ T1118]  __device_attach+0x1e4/0x4b0
[  106.042404][ T1118]  ? __pfx___device_attach+0x10/0x10
[  106.047692][ T1118]  ? do_raw_spin_unlock+0x172/0x230
[  106.052924][ T1118]  bus_probe_device+0x17f/0x1c0
[  106.057788][ T1118]  device_add+0x1148/0x1aa0
[  106.062334][ T1118]  ? __pfx_device_add+0x10/0x10
[  106.067190][ T1118]  ? add_device_randomness+0xb7/0xf0
[  106.072538][ T1118]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  106.078463][ T1118]  usb_new_device+0xd07/0x1a60
[  106.083288][ T1118]  ? do_raw_spin_lock+0x12c/0x2b0
[  106.088341][ T1118]  ? __pfx_usb_new_device+0x10/0x10
[  106.093581][ T1118]  ? mark_held_locks+0x49/0x80
[  106.098370][ T1118]  hub_event+0x2fce/0x5060
[  106.102857][ T1118]  ? __pfx_hub_event+0x10/0x10
[  106.107632][ T1118]  ? debug_object_active_state+0x320/0x3f0
[  106.113478][ T1118]  ? rcu_is_watching+0x12/0xc0
[  106.118261][ T1118]  process_one_work+0x9cf/0x1b70
[  106.123240][ T1118]  ? __pfx_hcd_resume_work+0x10/0x10
[  106.128532][ T1118]  ? __pfx_process_one_work+0x10/0x10
[  106.133956][ T1118]  ? assign_work+0x1a0/0x250
[  106.138561][ T1118]  worker_thread+0x6c8/0xf10
[  106.143194][ T1118]  ? __kthread_parkme+0x19e/0x250
[  106.148229][ T1118]  ? __pfx_worker_thread+0x10/0x10
[  106.153374][ T1118]  kthread+0x3c5/0x780
[  106.157459][ T1118]  ? __pfx_kthread+0x10/0x10
[  106.162081][ T1118]  ? rcu_is_watching+0x12/0xc0
[  106.166944][ T1118]  ? __pfx_kthread+0x10/0x10
[  106.171555][ T1118]  ret_from_fork+0x56d/0x700
[  106.176149][ T1118]  ? __pfx_kthread+0x10/0x10
[  106.180761][ T1118]  ret_from_fork_asm+0x1a/0x30
[  106.185545][ T1118]  </TASK>
[  106.188550][ T1118] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  106.195811][ T1118] CPU: 0 UID: 0 PID: 1118 Comm: kworker/0:2 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.205596][ T1118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  106.215632][ T1118] Workqueue: usb_hub_wq hub_event
[  106.220644][ T1118] Call Trace:
[  106.223902][ T1118]  <TASK>
[  106.226812][ T1118]  dump_stack_lvl+0x3d/0x1f0
[  106.231397][ T1118]  vpanic+0x640/0x6f0
[  106.235365][ T1118]  ? free_large_kmalloc+0x114/0x180
[  106.240546][ T1118]  panic+0xca/0xd0
[  106.244341][ T1118]  ? __pfx_panic+0x10/0x10
[  106.248762][ T1118]  ? check_panic_on_warn+0x1f/0xb0
[  106.253866][ T1118]  check_panic_on_warn+0xab/0xb0
[  106.258796][ T1118]  __warn+0xf6/0x3c0
[  106.262708][ T1118]  ? free_large_kmalloc+0x114/0x180
[  106.267897][ T1118]  report_bug+0x3c3/0x580
[  106.272223][ T1118]  ? free_large_kmalloc+0x114/0x180
[  106.277420][ T1118]  handle_bug+0x184/0x210
[  106.281744][ T1118]  exc_invalid_op+0x17/0x50
[  106.286250][ T1118]  asm_exc_invalid_op+0x1a/0x20
[  106.291080][ T1118] RIP: 0010:free_large_kmalloc+0x114/0x180
[  106.296869][ T1118] Code: 00 00 00 48 89 df e8 db 6f 0b 00 e8 66 77 b0 ff 9c 58 f6 c4 02 75 6f fb eb 83 48 c7 c6 d8 cf d3 88 e8 90 f1 f0 ff 90 0f 0b 90 <0f> 0b 90 48 c7 c6 ef 97 c7 88 48 89 df 5b 5d 41 5c 41 5d e9 74 f1
[  106.316486][ T1118] RSP: 0018:ffffc90001dfedb8 EFLAGS: 00010202
[  106.322545][ T1118] RAX: 0200000000000000 RBX: ffffea0004c15880 RCX: ffffffff813ca8fe
[  106.330538][ T1118] RDX: 00000000000000ff RSI: ffff888130562000 RDI: ffffea0004c15880
[  106.338528][ T1118] RBP: ffff888130562000 R08: 0000000000000007 R09: 0000000000000000
[  106.346490][ T1118] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888106ab4000
[  106.354452][ T1118] R13: ffff888106ab5000 R14: dffffc0000000000 R15: ffff888106ab40f0
[  106.362431][ T1118]  ? __phys_addr+0xde/0x180
[  106.366948][ T1118]  usb_free_urb.part.0+0xe5/0x100
[  106.371980][ T1118]  usb_free_urb+0x1f/0x30
[  106.376308][ T1118]  smsusb_term_device+0x108/0x1e0
[  106.381333][ T1118]  smsusb_init_device+0xaa0/0xe00
[  106.386365][ T1118]  ? __pfx_smsusb_init_device+0x10/0x10
[  106.391926][ T1118]  ? __pfx_smsusb_sendrequest+0x10/0x10
[  106.397470][ T1118]  ? usb_clear_halt+0xb5/0x160
[  106.402237][ T1118]  smsusb_probe+0x5d3/0x1090
[  106.406827][ T1118]  ? __pfx_smsusb_probe+0x10/0x10
[  106.411845][ T1118]  ? mark_held_locks+0x49/0x80
[  106.416606][ T1118]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  106.422410][ T1118]  ? __pm_runtime_set_status+0x13c/0xa80
[  106.428038][ T1118]  usb_probe_interface+0x303/0xa40
[  106.433147][ T1118]  ? __pfx_usb_probe_interface+0x10/0x10
[  106.438772][ T1118]  really_probe+0x241/0xa90
[  106.443281][ T1118]  __driver_probe_device+0x1de/0x440
[  106.448570][ T1118]  driver_probe_device+0x4c/0x1b0
[  106.453595][ T1118]  __device_attach_driver+0x1df/0x310
[  106.458975][ T1118]  ? __pfx___device_attach_driver+0x10/0x10
[  106.464867][ T1118]  bus_for_each_drv+0x159/0x1e0
[  106.469713][ T1118]  ? __pfx_bus_for_each_drv+0x10/0x10
[  106.475080][ T1118]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.480274][ T1118]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.486084][ T1118]  __device_attach+0x1e4/0x4b0
[  106.490838][ T1118]  ? __pfx___device_attach+0x10/0x10
[  106.496116][ T1118]  ? do_raw_spin_unlock+0x172/0x230
[  106.501316][ T1118]  bus_probe_device+0x17f/0x1c0
[  106.506176][ T1118]  device_add+0x1148/0x1aa0
[  106.510672][ T1118]  ? __pfx_device_add+0x10/0x10
[  106.515516][ T1118]  ? mark_held_locks+0x49/0x80
[  106.520304][ T1118]  usb_set_configuration+0x1187/0x1e20
[  106.525786][ T1118]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  106.531859][ T1118]  usb_generic_driver_probe+0xb1/0x110
[  106.537317][ T1118]  usb_probe_device+0xef/0x3e0
[  106.542069][ T1118]  ? __pfx_usb_probe_device+0x10/0x10
[  106.547521][ T1118]  really_probe+0x241/0xa90
[  106.552035][ T1118]  __driver_probe_device+0x1de/0x440
[  106.557326][ T1118]  ? usb_driver_applicable+0x1c7/0x220
[  106.562783][ T1118]  driver_probe_device+0x4c/0x1b0
[  106.567808][ T1118]  __device_attach_driver+0x1df/0x310
[  106.573193][ T1118]  ? __pfx___device_attach_driver+0x10/0x10
[  106.579083][ T1118]  bus_for_each_drv+0x159/0x1e0
[  106.583933][ T1118]  ? __pfx_bus_for_each_drv+0x10/0x10
[  106.589304][ T1118]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.594499][ T1118]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.600306][ T1118]  __device_attach+0x1e4/0x4b0
[  106.605061][ T1118]  ? __pfx___device_attach+0x10/0x10
[  106.610334][ T1118]  ? do_raw_spin_unlock+0x172/0x230
[  106.615546][ T1118]  bus_probe_device+0x17f/0x1c0
[  106.620399][ T1118]  device_add+0x1148/0x1aa0
[  106.624898][ T1118]  ? __pfx_device_add+0x10/0x10
[  106.629738][ T1118]  ? add_device_randomness+0xb7/0xf0
[  106.635019][ T1118]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  106.640908][ T1118]  usb_new_device+0xd07/0x1a60
[  106.645678][ T1118]  ? do_raw_spin_lock+0x12c/0x2b0
[  106.650699][ T1118]  ? __pfx_usb_new_device+0x10/0x10
[  106.655900][ T1118]  ? mark_held_locks+0x49/0x80
[  106.660659][ T1118]  hub_event+0x2fce/0x5060
[  106.665091][ T1118]  ? __pfx_hub_event+0x10/0x10
[  106.669843][ T1118]  ? debug_object_active_state+0x320/0x3f0
[  106.675656][ T1118]  ? rcu_is_watching+0x12/0xc0
[  106.680435][ T1118]  process_one_work+0x9cf/0x1b70
[  106.685388][ T1118]  ? __pfx_hcd_resume_work+0x10/0x10
[  106.690664][ T1118]  ? __pfx_process_one_work+0x10/0x10
[  106.696039][ T1118]  ? assign_work+0x1a0/0x250
[  106.700627][ T1118]  worker_thread+0x6c8/0xf10
[  106.705229][ T1118]  ? __kthread_parkme+0x19e/0x250
[  106.710422][ T1118]  ? __pfx_worker_thread+0x10/0x10
[  106.715533][ T1118]  kthread+0x3c5/0x780
[  106.719601][ T1118]  ? __pfx_kthread+0x10/0x10
[  106.724190][ T1118]  ? rcu_is_watching+0x12/0xc0
[  106.728988][ T1118]  ? __pfx_kthread+0x10/0x10
[  106.733582][ T1118]  ret_from_fork+0x56d/0x700
[  106.738169][ T1118]  ? __pfx_kthread+0x10/0x10
[  106.742759][ T1118]  ret_from_fork_asm+0x1a/0x30
[  106.747604][ T1118]  </TASK>
[  106.750843][ T1118] Kernel Offset: disabled
[  106.755151][ T1118] Rebooting in 86400 seconds..