[ 81.867451][ T780] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.129' (ED25519) to the list of known hosts.
2023/11/04 01:21:45 ignoring optional flag "sandboxArg"="0"
2023/11/04 01:21:45 parsed 1 programs
2023/11/04 01:21:46 executed programs: 0
[ 85.032786][ T5409] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 85.088583][ T4454] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 85.097888][ T4454] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 85.105433][ T4454] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 85.113661][ T4454] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 85.121628][ T4454] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 85.129133][ T4454] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 85.244910][ T5415] chnl_net:caif_netlink_parms(): no params data found
[ 85.296531][ T5415] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.303841][ T5415] bridge0: port 1(bridge_slave_0) entered disabled state
[ 85.311595][ T5415] bridge_slave_0: entered allmulticast mode
[ 85.318612][ T5415] bridge_slave_0: entered promiscuous mode
[ 85.326984][ T5415] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.334759][ T5415] bridge0: port 2(bridge_slave_1) entered disabled state
[ 85.342612][ T5415] bridge_slave_1: entered allmulticast mode
[ 85.349611][ T5415] bridge_slave_1: entered promiscuous mode
[ 85.373973][ T5415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 85.385670][ T5415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 85.413454][ T5415] team0: Port device team_slave_0 added
[ 85.421098][ T5415] team0: Port device team_slave_1 added
[ 85.443720][ T5415] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 85.451404][ T5415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 85.477989][ T5415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 85.491045][ T5415] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 85.498143][ T5415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 85.524561][ T5415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 85.560627][ T5415] hsr_slave_0: entered promiscuous mode
[ 85.567485][ T5415] hsr_slave_1: entered promiscuous mode
[ 86.351042][ T5415] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 86.363525][ T5415] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 86.374491][ T5415] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 86.387014][ T5415] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 86.490747][ T5415] 8021q: adding VLAN 0 to HW filter on device bond0
[ 86.519636][ T5415] 8021q: adding VLAN 0 to HW filter on device team0
[ 86.533382][ T27] bridge0: port 1(bridge_slave_0) entered blocking state
[ 86.540962][ T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 86.571919][ T27] bridge0: port 2(bridge_slave_1) entered blocking state
[ 86.579577][ T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.778666][ T5415] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.830490][ T5415] veth0_vlan: entered promiscuous mode
[ 86.844949][ T5415] veth1_vlan: entered promiscuous mode
[ 86.885782][ T5415] veth0_macvtap: entered promiscuous mode
[ 86.898701][ T5415] veth1_macvtap: entered promiscuous mode
[ 86.923041][ T5415] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 86.940609][ T5415] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 86.957297][ T5415] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.967986][ T5415] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.979719][ T5415] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.991664][ T5415] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 87.082296][ T2821] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 87.101433][ T2821] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 87.135448][ T2807] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 87.143922][ T2807] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 87.157220][ T4454] Bluetooth: hci0: command 0x0409 tx timeout
[ 87.212876][ T5484] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 87.219677][ T5484] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 87.234889][ T5484] vhci_hcd vhci_hcd.0: Device attached
[ 87.437983][ T23] vhci_hcd: vhci_device speed not set
[ 87.507819][ T23] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[ 87.798574][ T5523] vhci_hcd vhci_hcd.0: port 0 already used
[ 88.349383][ T5558] vhci_hcd vhci_hcd.0: port 0 already used
[ 88.926421][ T5598] vhci_hcd vhci_hcd.0: port 0 already used
[ 89.226249][ T4454] Bluetooth: hci0: command 0x041b tx timeout
[ 89.484968][ T5636] vhci_hcd vhci_hcd.0: port 0 already used
[ 90.038815][ T5675] vhci_hcd vhci_hcd.0: port 0 already used
2023/11/04 01:21:52 executed programs: 6
[ 90.577233][ T5711] vhci_hcd vhci_hcd.0: port 0 already used
[ 91.119211][ T5747] vhci_hcd vhci_hcd.0: port 0 already used
[ 91.306113][ T4454] Bluetooth: hci0: command 0x040f tx timeout
[ 91.659649][ T5783] vhci_hcd vhci_hcd.0: port 0 already used
[ 92.193953][ T5813] vhci_hcd vhci_hcd.0: port 0 already used
[ 92.676183][ T23] vhci_hcd: vhci_device speed not set
[ 92.732714][ T5818] vhci_hcd vhci_hcd.0: port 0 already used
[ 92.746491][ T23] usb 9-1: device descriptor read/64, error -110
[ 92.867148][ T23] ==================================================================
[ 92.875352][ T23] BUG: KASAN: slab-use-after-free in usb_hcd_flush_endpoint+0x1ab/0x3e0
[ 92.883683][ T23] Read of size 4 at addr ffff888019ecd204 by task kworker/1:0/23
[ 92.891484][ T23]
[ 92.893817][ T23] CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted 6.6.0-syzkaller-12893-ge392ea4d4d00-dirty #0
[ 92.904053][ T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[ 92.914214][ T23] Workqueue: usb_hub_wq hub_event
[ 92.919440][ T23] Call Trace:
[ 92.922758][ T23]
[ 92.925686][ T23] dump_stack_lvl+0x1e7/0x2d0
[ 92.930508][ T23] ? nf_tcp_handle_invalid+0x650/0x650
[ 92.936078][ T23] ? panic+0x850/0x850
[ 92.940145][ T23] ? _printk+0xd5/0x120
[ 92.944512][ T23] print_report+0x163/0x540
[ 92.949108][ T23] ? __virt_addr_valid+0x22f/0x2e0
[ 92.954411][ T23] ? __phys_addr+0xba/0x170
[ 92.959018][ T23] ? usb_hcd_flush_endpoint+0x1ab/0x3e0
[ 92.964571][ T23] kasan_report+0x142/0x170
[ 92.969066][ T23] ? _raw_spin_lock_irq+0xdf/0x120
[ 92.974183][ T23] ? usb_hcd_flush_endpoint+0x1ab/0x3e0
[ 92.979729][ T23] usb_hcd_flush_endpoint+0x1ab/0x3e0
[ 92.985106][ T23] usb_disable_endpoint+0x123/0x180
[ 92.990346][ T23] hub_event+0x2ee5/0x50a0
[ 92.994783][ T23] ? led_work+0x770/0x770
[ 92.999204][ T23] ? read_lock_is_recursive+0x20/0x20
[ 93.004781][ T23] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[ 93.010957][ T23] ? print_irqtrace_events+0x220/0x220
[ 93.016418][ T23] ? process_scheduled_works+0x825/0x1400
[ 93.022132][ T23] process_scheduled_works+0x90f/0x1400
[ 93.027940][ T23] ? assign_work+0x3d0/0x3d0
[ 93.032564][ T23] ? assign_work+0x364/0x3d0
[ 93.037268][ T23] worker_thread+0xa5f/0xff0
[ 93.041858][ T23] kthread+0x2d3/0x370
[ 93.046008][ T23] ? pr_cont_work+0x5e0/0x5e0
[ 93.050686][ T23] ? kthread_blkcg+0xd0/0xd0
[ 93.055268][ T23] ret_from_fork+0x48/0x80
[ 93.059677][ T23] ? kthread_blkcg+0xd0/0xd0
[ 93.064342][ T23] ret_from_fork_asm+0x11/0x20
[ 93.069191][ T23]
[ 93.072371][ T23]
[ 93.074682][ T23] Allocated by task 23:
[ 93.078822][ T23] kasan_set_track+0x4f/0x70
[ 93.083404][ T23] __kasan_kmalloc+0x98/0xb0
[ 93.087998][ T23] __kmalloc+0xb9/0x230
[ 93.092291][ T23] usb_alloc_urb+0x3a/0x130
[ 93.096892][ T23] usb_control_msg+0x189/0x4c0
[ 93.101760][ T23] hub_port_init+0xaa6/0x23a0
[ 93.106728][ T23] hub_event+0x2a3c/0x50a0
[ 93.111238][ T23] process_scheduled_works+0x90f/0x1400
[ 93.117167][ T23] worker_thread+0xa5f/0xff0
[ 93.121874][ T23] kthread+0x2d3/0x370
[ 93.126129][ T23] ret_from_fork+0x48/0x80
[ 93.130569][ T23] ret_from_fork_asm+0x11/0x20
[ 93.135441][ T23]
[ 93.137772][ T23] Freed by task 23:
[ 93.141663][ T23] kasan_set_track+0x4f/0x70
[ 93.146340][ T23] kasan_save_free_info+0x28/0x40
[ 93.151444][ T23] ____kasan_slab_free+0xd6/0x120
[ 93.156631][ T23] __kmem_cache_free+0x263/0x3a0
[ 93.161565][ T23] usb_start_wait_urb+0x24b/0x520
[ 93.166579][ T23] usb_control_msg+0x2b1/0x4c0
[ 93.171333][ T23] hub_port_init+0xaa6/0x23a0
[ 93.176440][ T23] hub_event+0x2a3c/0x50a0
[ 93.180854][ T23] process_scheduled_works+0x90f/0x1400
[ 93.186398][ T23] worker_thread+0xa5f/0xff0
[ 93.191326][ T23] kthread+0x2d3/0x370
[ 93.197409][ T23] ret_from_fork+0x48/0x80
[ 93.201931][ T23] ret_from_fork_asm+0x11/0x20
[ 93.206692][ T23]
[ 93.209014][ T23] Last potentially related work creation:
[ 93.214897][ T23] kasan_save_stack+0x3f/0x60
[ 93.219662][ T23] __kasan_record_aux_stack+0xad/0xc0
[ 93.225048][ T23] call_rcu+0x167/0xa70
[ 93.229218][ T23] addrconf_ifdown+0x18f1/0x1bb0
[ 93.234159][ T23] addrconf_notify+0x3ce/0x1020
[ 93.239002][ T23] notifier_call_chain+0x18c/0x3a0
[ 93.244114][ T23] unregister_netdevice_many_notify+0xd87/0x1710
[ 93.250438][ T23] ip6_tnl_exit_batch_net+0x5c8/0x610
[ 93.255849][ T23] cleanup_net+0x767/0xb80
[ 93.260258][ T23] process_scheduled_works+0x90f/0x1400
[ 93.266059][ T23] worker_thread+0xa5f/0xff0
[ 93.270809][ T23] kthread+0x2d3/0x370
[ 93.275342][ T23] ret_from_fork+0x48/0x80
[ 93.280032][ T23] ret_from_fork_asm+0x11/0x20
[ 93.284975][ T23]
[ 93.287390][ T23] Second to last potentially related work creation:
[ 93.293986][ T23] kasan_save_stack+0x3f/0x60
[ 93.299203][ T23] __kasan_record_aux_stack+0xad/0xc0
[ 93.305201][ T23] insert_work+0x3e/0x320
[ 93.309704][ T23] __queue_work+0xc06/0x1010
[ 93.314304][ T23] queue_work_on+0x14f/0x250
[ 93.318989][ T23] call_usermodehelper_exec+0x276/0x480
[ 93.324811][ T23] kobject_uevent_env+0x6a9/0x8e0
[ 93.329955][ T23] kset_register+0x1ab/0x200
[ 93.334569][ T23] class_register+0x1c3/0x2a0
[ 93.339355][ T23] cpuid_init+0x49/0x100
[ 93.343621][ T23] do_one_initcall+0x234/0x800
[ 93.348827][ T23] do_initcall_level+0x157/0x210
[ 93.353933][ T23] do_initcalls+0x3f/0x80
[ 93.358344][ T23] kernel_init_freeable+0x429/0x5c0
[ 93.363709][ T23] kernel_init+0x1d/0x2a0
[ 93.368140][ T23] ret_from_fork+0x48/0x80
[ 93.372553][ T23] ret_from_fork_asm+0x11/0x20
[ 93.377324][ T23]
[ 93.379641][ T23] The buggy address belongs to the object at ffff888019ecd200
[ 93.379641][ T23] which belongs to the cache kmalloc-192 of size 192
[ 93.393781][ T23] The buggy address is located 4 bytes inside of
[ 93.393781][ T23] freed 192-byte region [ffff888019ecd200, ffff888019ecd2c0)
[ 93.407726][ T23]
[ 93.410050][ T23] The buggy address belongs to the physical page:
[ 93.416466][ T23] page:ffffea000067b340 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x19ecd
[ 93.426798][ T23] ksm flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 93.434675][ T23] page_type: 0xffffffff()
[ 93.439173][ T23] raw: 00fff00000000800 ffff888012c41a00 ffffea00007faa00 dead000000000003
[ 93.447834][ T23] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 93.456773][ T23] page dumped because: kasan: bad access detected
[ 93.463288][ T23] page_owner tracks the page as allocated
[ 93.469258][ T23] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, tgid 1 (swapper/0), ts 3961051695, free_ts 3958343321
[ 93.487067][ T23] post_alloc_hook+0x1e6/0x210
[ 93.491842][ T23] get_page_from_freelist+0x339a/0x3530
[ 93.497468][ T23] __alloc_pages+0x255/0x670
[ 93.502222][ T23] alloc_pages_mpol+0x3de/0x640
[ 93.507080][ T23] alloc_slab_page+0x6a/0x160
[ 93.511779][ T23] new_slab+0x84/0x2f0
[ 93.515864][ T23] ___slab_alloc+0xc85/0x1310
[ 93.520544][ T23] __kmem_cache_alloc_node+0x21d/0x300
[ 93.525999][ T23] kmalloc_trace+0x2a/0xe0
[ 93.530546][ T23] call_usermodehelper_setup+0x8e/0x260
[ 93.536204][ T23] kobject_uevent_env+0x68c/0x8e0
[ 93.541232][ T23] kset_register+0x1ab/0x200
[ 93.545908][ T23] class_register+0x1c3/0x2a0
[ 93.550662][ T23] msr_init+0x49/0x100
[ 93.554726][ T23] do_one_initcall+0x234/0x800
[ 93.559489][ T23] do_initcall_level+0x157/0x210
[ 93.564419][ T23] page last free stack trace:
[ 93.569083][ T23] free_unref_page_prepare+0x92a/0xa50
[ 93.574548][ T23] free_unref_page+0x37/0x3f0
[ 93.579241][ T23] __mmdrop+0xb8/0x3d0
[ 93.583304][ T23] free_bprm+0x144/0x330
[ 93.587540][ T23] kernel_execve+0x8f5/0xa10
[ 93.592209][ T23] call_usermodehelper_exec_async+0x233/0x370
[ 93.598363][ T23] ret_from_fork+0x48/0x80
[ 93.602781][ T23] ret_from_fork_asm+0x11/0x20
[ 93.607535][ T23]
[ 93.609843][ T23] Memory state around the buggy address:
[ 93.615725][ T23] ffff888019ecd100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 93.623787][ T23] ffff888019ecd180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 93.632279][ T23] >ffff888019ecd200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 93.640630][ T23] ^
[ 93.644694][ T23] ffff888019ecd280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 93.653047][ T23] ffff888019ecd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 93.661206][ T23] ==================================================================
[ 93.669355][ T23] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 93.676735][ T23] CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted 6.6.0-syzkaller-12893-ge392ea4d4d00-dirty #0
[ 93.687060][ T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[ 93.697373][ T23] Workqueue: usb_hub_wq hub_event
[ 93.702405][ T23] Call Trace:
[ 93.705704][ T23]
[ 93.708643][ T23] dump_stack_lvl+0x1e7/0x2d0
[ 93.713426][ T23] ? nf_tcp_handle_invalid+0x650/0x650
[ 93.718890][ T23] ? panic+0x850/0x850
[ 93.723143][ T23] ? rcu_is_watching+0x15/0xb0
[ 93.728167][ T23] ? lock_release+0xbf/0x9d0
[ 93.732840][ T23] ? vscnprintf+0x5d/0x80
[ 93.737205][ T23] panic+0x349/0x850
[ 93.741187][ T23] ? check_panic_on_warn+0x21/0xa0
[ 93.746563][ T23] ? __memcpy_flushcache+0x2b0/0x2b0
[ 93.751863][ T23] ? do_raw_spin_unlock+0x13b/0x8b0
[ 93.757088][ T23] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 93.762991][ T23] ? _raw_spin_unlock+0x40/0x40
[ 93.767931][ T23] ? print_report+0x4fb/0x540
[ 93.772868][ T23] check_panic_on_warn+0x82/0xa0
[ 93.777998][ T23] ? usb_hcd_flush_endpoint+0x1ab/0x3e0
[ 93.783646][ T23] end_report+0x6e/0x130
[ 93.787897][ T23] kasan_report+0x153/0x170
[ 93.792485][ T23] ? _raw_spin_lock_irq+0xdf/0x120
[ 93.797594][ T23] ? usb_hcd_flush_endpoint+0x1ab/0x3e0
[ 93.803140][ T23] usb_hcd_flush_endpoint+0x1ab/0x3e0
[ 93.808617][ T23] usb_disable_endpoint+0x123/0x180
[ 93.813923][ T23] hub_event+0x2ee5/0x50a0
[ 93.818460][ T23] ? led_work+0x770/0x770
[ 93.822976][ T23] ? read_lock_is_recursive+0x20/0x20
[ 93.828457][ T23] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[ 93.834775][ T23] ? print_irqtrace_events+0x220/0x220
[ 93.840418][ T23] ? process_scheduled_works+0x825/0x1400
[ 93.846309][ T23] process_scheduled_works+0x90f/0x1400
[ 93.851952][ T23] ? assign_work+0x3d0/0x3d0
[ 93.856628][ T23] ? assign_work+0x364/0x3d0
[ 93.861234][ T23] worker_thread+0xa5f/0xff0
[ 93.866021][ T23] kthread+0x2d3/0x370
[ 93.870100][ T23] ? pr_cont_work+0x5e0/0x5e0
[ 93.875043][ T23] ? kthread_blkcg+0xd0/0xd0
[ 93.879717][ T23] ret_from_fork+0x48/0x80
[ 93.884129][ T23] ? kthread_blkcg+0xd0/0xd0
[ 93.888751][ T23] ret_from_fork_asm+0x11/0x20
[ 93.893534][ T23]
[ 93.896890][ T23] Kernel Offset: disabled
[ 93.901374][ T23] Rebooting in 86400 seconds..