Warning: Permanently added '[localhost]:30554' (ED25519) to the list of known hosts.
2025/11/27 07:39:01 parsed 1 programs
[   97.198111][   T40] audit: type=1400 audit(1764229143.467:116): avc:  denied  { unlink } for  pid=6177 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   98.306418][ T6177] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  101.411034][ T6218] chnl_net:caif_netlink_parms(): no params data found
[  101.509528][ T6218] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.512570][ T6218] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.515631][ T6218] bridge_slave_0: entered allmulticast mode
[  101.520097][ T6218] bridge_slave_0: entered promiscuous mode
[  101.524348][ T6218] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.527333][ T6218] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.530103][ T6218] bridge_slave_1: entered allmulticast mode
[  101.533485][ T6218] bridge_slave_1: entered promiscuous mode
[  101.570237][ T6218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.574997][ T6218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.625170][ T6218] team0: Port device team_slave_0 added
[  101.630223][ T6218] team0: Port device team_slave_1 added
[  101.684908][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.688557][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.697970][ T6218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.703065][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.705070][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.714793][ T6218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.782982][ T6218] hsr_slave_0: entered promiscuous mode
[  101.785331][ T6218] hsr_slave_1: entered promiscuous mode
[  102.362252][ T6218] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.371735][ T6218] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.377933][ T6218] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.383502][ T6218] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  102.434832][ T6218] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.445478][ T6218] 8021q: adding VLAN 0 to HW filter on device team0
[  102.456200][   T80] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.459409][   T80] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.479747][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.482807][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.503187][ T6218] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  102.621228][ T6218] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.649994][ T6218] veth0_vlan: entered promiscuous mode
[  102.655359][ T6218] veth1_vlan: entered promiscuous mode
[  102.668907][ T6218] veth0_macvtap: entered promiscuous mode
[  102.672716][ T6218] veth1_macvtap: entered promiscuous mode
[  102.682044][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.688282][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.697372][   T61] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.700440][   T61] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.704241][   T61] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.707870][   T61] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.804637][   T61] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.911852][   T61] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.995360][   T61] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.088688][   T61] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.105137][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.109152][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.126285][   T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.129556][   T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.329409][   T40] audit: type=1401 audit(1764229149.597:117): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[  103.440361][ T5296] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  103.444068][ T5296] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  103.448246][ T5296] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  103.453184][ T5296] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  103.456567][ T5296] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/11/27 07:39:10 executed programs: 0
[  103.990774][ T5296] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  103.993812][ T5296] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  103.996636][ T5296] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  103.999873][ T5296] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.002621][ T5296] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  104.129767][ T6340] chnl_net:caif_netlink_parms(): no params data found
[  104.217577][ T6340] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.220245][ T6340] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.222765][ T6340] bridge_slave_0: entered allmulticast mode
[  104.225714][ T6340] bridge_slave_0: entered promiscuous mode
[  104.229040][ T6340] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.231659][ T6340] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.234217][ T6340] bridge_slave_1: entered allmulticast mode
[  104.237892][ T6340] bridge_slave_1: entered promiscuous mode
[  104.276776][ T6340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.281577][ T6340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.315538][ T6340] team0: Port device team_slave_0 added
[  104.320175][ T6340] team0: Port device team_slave_1 added
[  104.360912][ T6340] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.363183][ T6340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.372549][ T6340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.378873][ T6340] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.381774][ T6340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.394395][ T6340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.458775][ T6340] hsr_slave_0: entered promiscuous mode
[  104.461859][ T6340] hsr_slave_1: entered promiscuous mode
[  104.464670][ T6340] debugfs: 'hsr0' already exists in 'hsr'
[  104.467845][ T6340] Cannot create hsr debugfs directory
[  105.891669][   T61] bridge_slave_1: left allmulticast mode
[  105.893612][   T61] bridge_slave_1: left promiscuous mode
[  105.895560][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.899696][   T61] bridge_slave_0: left allmulticast mode
[  105.901499][   T61] bridge_slave_0: left promiscuous mode
[  105.903575][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.066878][ T6022] Bluetooth: hci0: command tx timeout
[  106.091565][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.097907][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.102896][   T61] bond0 (unregistering): Released all slaves
[  106.223472][   T61] hsr_slave_0: left promiscuous mode
[  106.226513][   T61] hsr_slave_1: left promiscuous mode
[  106.229357][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.232551][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.236555][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.239757][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.258458][   T61] veth1_macvtap: left promiscuous mode
[  106.260886][   T61] veth0_macvtap: left promiscuous mode
[  106.263280][   T61] veth1_vlan: left promiscuous mode
[  106.265649][   T61] veth0_vlan: left promiscuous mode
[  106.699639][   T61] team0 (unregistering): Port device team_slave_1 removed
[  106.745152][   T61] team0 (unregistering): Port device team_slave_0 removed
[  107.527153][ T6340] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.531315][ T6340] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  107.535409][ T6340] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  107.543272][ T6340] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  107.584000][ T6340] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.600557][ T6340] 8021q: adding VLAN 0 to HW filter on device team0
[  107.606513][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.609234][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.620973][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.623846][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.918082][ T6340] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.947061][ T6340] veth0_vlan: entered promiscuous mode
[  107.957600][ T6340] veth1_vlan: entered promiscuous mode
[  107.988621][ T6340] veth0_macvtap: entered promiscuous mode
[  107.996540][ T6340] veth1_macvtap: entered promiscuous mode
[  108.021343][ T6340] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.057021][ T6340] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.064036][  T186] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.067262][  T186] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.070749][  T186] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.073601][  T186] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.124645][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.127906][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.141973][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.144141][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.145881][ T6022] Bluetooth: hci0: command tx timeout
[  108.172658][   T40] audit: type=1400 audit(1764229154.437:118): avc:  denied  { create } for  pid=6385 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  108.179804][   T40] audit: type=1400 audit(1764229154.437:119): avc:  denied  { read write } for  pid=6385 comm="syz.0.16" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  108.188060][   T40] audit: type=1400 audit(1764229154.437:120): avc:  denied  { open } for  pid=6385 comm="syz.0.16" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  108.195700][   T40] audit: type=1400 audit(1764229154.437:121): avc:  denied  { ioctl } for  pid=6385 comm="syz.0.16" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  108.406029][   T54] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  108.575964][   T54] usb 5-1: Using ep0 maxpacket: 8
[  108.581586][   T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  108.585399][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  108.589472][   T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  108.593832][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  108.598035][   T54] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  108.603051][   T54] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  108.606661][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.813437][   T54] usb 5-1: GET_CAPABILITIES returned 0
[  108.816069][   T54] usbtmc 5-1:16.0: can't read capabilities
[  109.014209][   T40] audit: type=1400 audit(1764229155.277:122): avc:  denied  { write } for  pid=6385 comm="syz.0.16" name="usbtmc0" dev="devtmpfs" ino=2844 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  109.020954][ T5985] usb 5-1: USB disconnect, device number 2
2025/11/27 07:39:15 executed programs: 3
[  109.795921][ T6384] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  109.955967][ T6384] usb 5-1: Using ep0 maxpacket: 8
[  109.959791][ T6384] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  109.963868][ T6384] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  109.968272][ T6384] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  109.972471][ T6384] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  109.976495][ T6384] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  109.981580][ T6384] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  109.984761][ T6384] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.193290][ T6384] usb 5-1: GET_CAPABILITIES returned 0
[  110.195306][ T6384] usbtmc 5-1:16.0: can't read capabilities
[  110.235974][ T6022] Bluetooth: hci0: command tx timeout
[  110.397314][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  110.407121][ T5985] usb 5-1: USB disconnect, device number 3
[  111.176097][ T6384] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  111.326025][ T6384] usb 5-1: Using ep0 maxpacket: 8
[  111.329796][ T6384] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  111.333814][ T6384] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  111.338080][ T6384] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  111.342610][ T6384] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  111.346822][ T6384] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  111.352156][ T6384] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  111.355704][ T6384] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.563409][ T6384] usb 5-1: GET_CAPABILITIES returned 0
[  111.565913][ T6384] usbtmc 5-1:16.0: can't read capabilities
[  111.765055][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  111.769459][   T54] usb 5-1: USB disconnect, device number 4
[  112.305949][ T6022] Bluetooth: hci0: command tx timeout
[  112.525960][ T5985] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  112.675895][ T5985] usb 5-1: Using ep0 maxpacket: 8
[  112.679064][ T5985] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  112.682115][ T5985] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  112.685281][ T5985] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  112.689196][ T5985] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  112.692342][ T5985] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  112.697283][ T5985] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  112.700489][ T5985] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.909592][ T5985] usb 5-1: GET_CAPABILITIES returned 0
[  112.911935][ T5985] usbtmc 5-1:16.0: can't read capabilities
[  113.111360][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  113.116991][ T6017] usb 5-1: USB disconnect, device number 5
[  113.885932][ T6017] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  114.036059][ T6017] usb 5-1: Using ep0 maxpacket: 8
[  114.042296][ T6017] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  114.046765][ T6017] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  114.051127][ T6017] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  114.055980][ T6017] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  114.060284][ T6017] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.065738][ T6017] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  114.069646][ T6017] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.278203][ T6017] usb 5-1: GET_CAPABILITIES returned 0
[  114.280170][ T6017] usbtmc 5-1:16.0: can't read capabilities
[  114.484156][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  114.488768][ T6017] usb 5-1: USB disconnect, device number 6
2025/11/27 07:39:21 executed programs: 7
[  115.255864][   T54] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  115.405982][   T54] usb 5-1: Using ep0 maxpacket: 8
[  115.410083][   T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  115.414111][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  115.418690][   T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  115.423336][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  115.427847][   T54] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  115.433166][   T54] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  115.437120][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.643959][   T54] usb 5-1: GET_CAPABILITIES returned 0
[  115.645869][   T54] usbtmc 5-1:16.0: can't read capabilities
[  115.845537][    C1] ==================================================================
[  115.845712][   T54] usb 5-1: USB disconnect, device number 7
[  115.848810][    C1] BUG: KASAN: slab-use-after-free in usb_anchor_suspend_wakeups+0x28/0x40
[  115.848838][    C1] Write of size 4 at addr ffff88802c0fd110 by task swapper/1/0
[  115.848851][    C1] 
[  115.848861][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  115.848879][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  115.848889][    C1] Call Trace:
[  115.848896][    C1]  <IRQ>
[  115.848903][    C1]  dump_stack_lvl+0x116/0x1f0
[  115.848920][    C1]  print_report+0xcd/0x630
[  115.848939][    C1]  ? __virt_addr_valid+0x81/0x610
[  115.848961][    C1]  ? __phys_addr+0xe8/0x180
[  115.848997][    C1]  ? usb_anchor_suspend_wakeups+0x28/0x40
[  115.849013][    C1]  kasan_report+0xe0/0x110
[  115.849031][    C1]  ? usb_anchor_suspend_wakeups+0x28/0x40
[  115.849050][    C1]  kasan_check_range+0x100/0x1b0
[  115.849071][    C1]  usb_anchor_suspend_wakeups+0x28/0x40
[  115.849088][    C1]  __usb_hcd_giveback_urb+0x220/0x610
[  115.849113][    C1]  usb_hcd_giveback_urb+0x39b/0x450
[  115.849137][    C1]  dummy_timer+0x1809/0x3a00
[  115.849157][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  115.849177][    C1]  ? debug_object_deactivate+0x1ec/0x3a0
[  115.849204][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  115.849227][    C1]  ? debug_object_deactivate+0x1ec/0x3a0
[  115.849251][    C1]  ? __pfx_debug_object_deactivate+0x10/0x10
[  115.849274][    C1]  ? __lock_acquire+0xb8a/0x1c90
[  115.849289][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  115.849306][    C1]  ? rcu_is_watching+0x12/0xc0
[  115.849326][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  115.849350][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  115.849366][    C1]  __hrtimer_run_queues+0x202/0xad0
[  115.849388][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  115.849407][    C1]  ? read_tsc+0x9/0x20
[  115.849429][    C1]  hrtimer_run_softirq+0x17d/0x350
[  115.849449][    C1]  handle_softirqs+0x219/0x8e0
[  115.849472][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  115.849515][    C1]  __irq_exit_rcu+0x109/0x170
[  115.849534][    C1]  irq_exit_rcu+0x9/0x30
[  115.849552][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  115.849576][    C1]  </IRQ>
[  115.849581][    C1]  <TASK>
[  115.849587][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  115.849605][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  115.849629][    C1] Code: 97 6c 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 45 29 00 fb f4 <e9> 3c 0a 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  115.849644][    C1] RSP: 0018:ffffc90000177de8 EFLAGS: 00000286
[  115.849658][    C1] RAX: 00000000000a33e9 RBX: 0000000000000001 RCX: ffffffff8b60e2a9
[  115.849669][    C1] RDX: 0000000000000000 RSI: ffffffff8da2c165 RDI: ffffffff8bf073c0
[  115.849679][    C1] RBP: ffffed1003bd4490 R08: 0000000000000001 R09: ffffed100d4a6655
[  115.849689][    C1] R10: ffff88806a5332ab R11: 0000000000000001 R12: 0000000000000001
[  115.849699][    C1] R13: ffff88801dea2480 R14: ffffffff908214d0 R15: 0000000000000000
[  115.849712][    C1]  ? ct_kernel_exit+0x139/0x190
[  115.849730][    C1]  default_idle+0x13/0x20
[  115.849752][    C1]  default_idle_call+0x6c/0xb0
[  115.849770][    C1]  do_idle+0x38d/0x500
[  115.849790][    C1]  ? __pfx_do_idle+0x10/0x10
[  115.849809][    C1]  ? trace_sched_exit_tp+0x2f/0x120
[  115.849829][    C1]  cpu_startup_entry+0x4f/0x60
[  115.849849][    C1]  start_secondary+0x21d/0x2b0
[  115.849872][    C1]  ? __pfx_start_secondary+0x10/0x10
[  115.849896][    C1]  common_startup_64+0x13e/0x148
[  115.849917][    C1]  </TASK>
[  115.849922][    C1] 
[  115.986156][    C1] Allocated by task 6401:
[  115.987946][    C1]  kasan_save_stack+0x33/0x60
[  115.989454][    C1]  kasan_save_track+0x14/0x30
[  115.991374][    C1]  __kasan_kmalloc+0xaa/0xb0
[  115.993254][    C1]  usbtmc_open+0xa9/0x9b0
[  115.995029][    C1]  usb_open+0x189/0x220
[  115.996742][    C1]  chrdev_open+0x234/0x6a0
[  115.998632][    C1]  do_dentry_open+0x982/0x1530
[  116.000574][    C1]  vfs_open+0x82/0x3f0
[  116.001880][    C1]  path_openat+0x1de4/0x2cb0
[  116.003706][    C1]  do_filp_open+0x20b/0x470
[  116.005556][    C1]  do_sys_openat2+0x11b/0x1d0
[  116.007451][    C1]  __x64_sys_openat+0x174/0x210
[  116.009456][    C1]  do_syscall_64+0xcd/0xfa0
[  116.011323][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.013509][    C1] 
[  116.014345][    C1] Freed by task 6401:
[  116.015951][    C1]  kasan_save_stack+0x33/0x60
[  116.017959][    C1]  kasan_save_track+0x14/0x30
[  116.019859][    C1]  __kasan_save_free_info+0x3b/0x60
[  116.021986][    C1]  __kasan_slab_free+0x5f/0x80
[  116.023918][    C1]  kfree+0x2b8/0x6d0
[  116.025550][    C1]  usbtmc_release+0x271/0x380
[  116.027439][    C1]  __fput+0x402/0xb70
[  116.028816][    C1]  task_work_run+0x150/0x240
[  116.030576][    C1]  exit_to_user_mode_loop+0xec/0x130
[  116.032691][    C1]  do_syscall_64+0x426/0xfa0
[  116.034571][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.036923][    C1] 
[  116.037958][    C1] The buggy address belongs to the object at ffff88802c0fd000
[  116.037958][    C1]  which belongs to the cache kmalloc-1k of size 1024
[  116.042978][    C1] The buggy address is located 272 bytes inside of
[  116.042978][    C1]  freed 1024-byte region [ffff88802c0fd000, ffff88802c0fd400)
[  116.048437][    C1] 
[  116.049356][    C1] The buggy address belongs to the physical page:
[  116.051555][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802c0fd800 pfn:0x2c0f8
[  116.055517][    C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  116.058488][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  116.061501][    C1] page_type: f5(slab)
[  116.063088][    C1] raw: 00fff00000000040 ffff88801b442dc0 ffffea0000d98000 dead000000000002
[  116.066087][    C1] raw: ffff88802c0fd800 000000008010000d 00000000f5000000 0000000000000000
[  116.069509][    C1] head: 00fff00000000040 ffff88801b442dc0 ffffea0000d98000 dead000000000002
[  116.072507][    C1] head: ffff88802c0fd800 000000008010000d 00000000f5000000 0000000000000000
[  116.076075][    C1] head: 00fff00000000003 ffffea0000b03e01 00000000ffffffff 00000000ffffffff
[  116.079450][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  116.082415][    C1] page dumped because: kasan: bad access detected
[  116.084748][    C1] page_owner tracks the page as allocated
[  116.086621][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 23074104772, free_ts 23073398950
[  116.094155][    C1]  post_alloc_hook+0x1af/0x220
[  116.096140][    C1]  get_page_from_freelist+0x10a3/0x3a30
[  116.098436][    C1]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  116.100852][    C1]  alloc_pages_mpol+0x1fb/0x550
[  116.102966][    C1]  new_slab+0x24a/0x360
[  116.104674][    C1]  ___slab_alloc+0xd79/0x1a50
[  116.106601][    C1]  __slab_alloc.constprop.0+0x63/0x110
[  116.108814][    C1]  __kmalloc_node_track_caller_noprof+0x4db/0x8a0
[  116.111394][    C1]  krealloc_node_align_noprof+0x1b6/0x470
[  116.113688][    C1]  add_sysfs_param+0xde/0xa10
[  116.115585][    C1]  param_sysfs_builtin_init+0x307/0x4c0
[  116.117441][    C1]  do_one_initcall+0x123/0x6e0
[  116.119375][    C1]  kernel_init_freeable+0x5c8/0x920
[  116.121499][    C1]  kernel_init+0x1c/0x2b0
[  116.123228][    C1]  ret_from_fork+0x675/0x7d0
[  116.125084][    C1]  ret_from_fork_asm+0x1a/0x30
[  116.127077][    C1] page last free pid 1 tgid 1 stack trace:
[  116.128893][    C1]  __free_frozen_pages+0x7df/0x1160
[  116.130746][    C1]  __put_partials+0x130/0x170
[  116.132654][    C1]  qlist_free_all+0x4d/0x120
[  116.134525][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  116.136670][    C1]  __kasan_krealloc+0x14a/0x1a0
[  116.138684][    C1]  krealloc_node_align_noprof+0x200/0x470
[  116.140960][    C1]  add_sysfs_param+0xde/0xa10
[  116.142919][    C1]  param_sysfs_builtin_init+0x307/0x4c0
[  116.145159][    C1]  do_one_initcall+0x123/0x6e0
[  116.147111][    C1]  kernel_init_freeable+0x5c8/0x920
[  116.148937][    C1]  kernel_init+0x1c/0x2b0
[  116.150559][    C1]  ret_from_fork+0x675/0x7d0
[  116.152420][    C1]  ret_from_fork_asm+0x1a/0x30
[  116.154358][    C1] 
[  116.155343][    C1] Memory state around the buggy address:
[  116.157718][    C1]  ffff88802c0fd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.160266][    C1]  ffff88802c0fd080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.163447][    C1] >ffff88802c0fd100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.166125][    C1]                          ^
[  116.167817][    C1]  ffff88802c0fd180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.171005][    C1]  ffff88802c0fd200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.174221][    C1] ==================================================================
[  116.176982][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  116.179688][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  116.182968][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.186833][    C1] Call Trace:
[  116.188166][    C1]  <IRQ>
[  116.189082][    C1]  dump_stack_lvl+0x3d/0x1f0
[  116.190563][    C1]  vpanic+0x640/0x6f0
[  116.192184][    C1]  panic+0xca/0xd0
[  116.193725][    C1]  ? __pfx_panic+0x10/0x10
[  116.195242][    C1]  ? end_report+0x4c/0x170
[  116.196843][    C1]  ? rcu_is_watching+0x12/0xc0
[  116.198806][    C1]  ? lock_release+0x201/0x2f0
[  116.200712][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  116.202774][    C1]  check_panic_on_warn+0xab/0xb0
[  116.204714][    C1]  end_report+0x107/0x170
[  116.206156][    C1]  kasan_report+0xee/0x110
[  116.208003][    C1]  ? usb_anchor_suspend_wakeups+0x28/0x40
[  116.210343][    C1]  kasan_check_range+0x100/0x1b0
[  116.212344][    C1]  usb_anchor_suspend_wakeups+0x28/0x40
[  116.214595][    C1]  __usb_hcd_giveback_urb+0x220/0x610
[  116.216775][    C1]  usb_hcd_giveback_urb+0x39b/0x450
[  116.218539][    C1]  dummy_timer+0x1809/0x3a00
[  116.220365][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  116.222436][    C1]  ? debug_object_deactivate+0x1ec/0x3a0
[  116.224595][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  116.226966][    C1]  ? debug_object_deactivate+0x1ec/0x3a0
[  116.228813][    C1]  ? __pfx_debug_object_deactivate+0x10/0x10
[  116.231090][    C1]  ? __lock_acquire+0xb8a/0x1c90
[  116.233069][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  116.235138][    C1]  ? rcu_is_watching+0x12/0xc0
[  116.237067][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  116.239338][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  116.241340][    C1]  __hrtimer_run_queues+0x202/0xad0
[  116.243435][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  116.245781][    C1]  ? read_tsc+0x9/0x20
[  116.247438][    C1]  hrtimer_run_softirq+0x17d/0x350
[  116.249117][    C1]  handle_softirqs+0x219/0x8e0
[  116.251075][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  116.253207][    C1]  __irq_exit_rcu+0x109/0x170
[  116.255127][    C1]  irq_exit_rcu+0x9/0x30
[  116.256688][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  116.258983][    C1]  </IRQ>
[  116.260238][    C1]  <TASK>
[  116.261451][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  116.263960][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  116.266227][    C1] Code: 97 6c 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 45 29 00 fb f4 <e9> 3c 0a 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  116.273159][    C1] RSP: 0018:ffffc90000177de8 EFLAGS: 00000286
[  116.275462][    C1] RAX: 00000000000a33e9 RBX: 0000000000000001 RCX: ffffffff8b60e2a9
[  116.278098][    C1] RDX: 0000000000000000 RSI: ffffffff8da2c165 RDI: ffffffff8bf073c0
[  116.280669][    C1] RBP: ffffed1003bd4490 R08: 0000000000000001 R09: ffffed100d4a6655
[  116.283249][    C1] R10: ffff88806a5332ab R11: 0000000000000001 R12: 0000000000000001
[  116.285995][    C1] R13: ffff88801dea2480 R14: ffffffff908214d0 R15: 0000000000000000
[  116.289260][    C1]  ? ct_kernel_exit+0x139/0x190
[  116.291222][    C1]  default_idle+0x13/0x20
[  116.292946][    C1]  default_idle_call+0x6c/0xb0
[  116.294986][    C1]  do_idle+0x38d/0x500
[  116.296751][    C1]  ? __pfx_do_idle+0x10/0x10
[  116.298702][    C1]  ? trace_sched_exit_tp+0x2f/0x120
[  116.300785][    C1]  cpu_startup_entry+0x4f/0x60
[  116.302795][    C1]  start_secondary+0x21d/0x2b0
[  116.304761][    C1]  ? __pfx_start_secondary+0x10/0x10
[  116.306874][    C1]  common_startup_64+0x13e/0x148
[  116.308966][    C1]  </TASK>
[  116.311034][    C1] Kernel Offset: disabled
[  116.312822][    C1] Rebooting in 86400 seconds..