Warning: Permanently added '10.128.1.27' (ED25519) to the list of known hosts. executing program [ 47.097890][ T29] audit: type=1400 audit(1726416720.932:80): avc: denied { execmem } for pid=2645 comm="syz-executor410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 47.117673][ T29] audit: type=1400 audit(1726416720.942:81): avc: denied { read write } for pid=2646 comm="syz-executor410" name="raw-gadget" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 47.141949][ T29] audit: type=1400 audit(1726416720.942:82): avc: denied { open } for pid=2646 comm="syz-executor410" path="/dev/raw-gadget" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 47.166129][ T29] audit: type=1400 audit(1726416720.942:83): avc: denied { ioctl } for pid=2646 comm="syz-executor410" path="/dev/raw-gadget" dev="devtmpfs" ino=140 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 47.371899][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 47.561853][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 47.570310][ T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 47.582120][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 56, changing to 7 [ 47.593682][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 57832, setting to 1024 [ 47.607712][ T9] usb 1-1: New USB device found, idVendor=2040, idProduct=0265, bcdDevice=4e.d1 [ 47.616829][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 47.624981][ T9] usb 1-1: Product: syz [ 47.629178][ T9] usb 1-1: Manufacturer: syz [ 47.633955][ T9] usb 1-1: SerialNumber: syz [ 47.643505][ T9] usb 1-1: config 0 descriptor?? [ 47.657076][ T9] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0265, interface 0, class 0) [ 47.666498][ T9] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) executing program [ 47.932334][ T9] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 47.939229][ T9] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 47.947311][ T9] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 47.954330][ T9] em28xx 1-1:0.0: No AC97 audio processor [ 47.960180][ T9] em28xx 1-1:0.0: We currently don't support analog TV or stream capture on dual tuners. [ 48.032426][ T9] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 48.038910][ T9] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 48.046531][ T9] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 48.053546][ T9] em28xx 1-1:0.0: No AC97 audio processor [ 48.269171][ T9] usb 1-1: USB disconnect, device number 2 [ 48.277376][ T9] em28xx 1-1:0.0: Disconnecting em28xx #1 [ 48.283247][ T9] em28xx 1-1:0.0: Disconnecting em28xx [ 48.298750][ T9] em28xx 1-1:0.0: Freeing device [ 48.303847][ T9] em28xx 1-1:0.0: Freeing device [ 48.682105][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 48.861860][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 48.869082][ T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 48.880693][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 56, changing to 7 [ 48.891739][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 57832, setting to 1024 [ 48.905559][ T9] usb 1-1: New USB device found, idVendor=2040, idProduct=0265, bcdDevice=4e.d1 [ 48.914715][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.922937][ T9] usb 1-1: Product: syz [ 48.927150][ T9] usb 1-1: Manufacturer: syz [ 48.931849][ T9] usb 1-1: SerialNumber: syz [ 48.939433][ T9] usb 1-1: config 0 descriptor?? [ 48.949704][ T9] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0265, interface 0, class 0) [ 48.959058][ T9] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) executing program [ 49.212228][ T9] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 49.218776][ T9] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 49.226450][ T9] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 49.233473][ T9] em28xx 1-1:0.0: No AC97 audio processor [ 49.239245][ T9] list_add corruption. prev->next should be next (ffffffff89df38a0), but was ffffffff83305c6e. (prev=ffff888121c74250). [ 49.252387][ T9] ------------[ cut here ]------------ [ 49.257889][ T9] kernel BUG at lib/list_debug.c:32! [ 49.263290][ T9] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 49.270271][ T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.11.0-rc7-syzkaller-00152-g68d4209158f4 #0 [ 49.280817][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 49.290903][ T9] Workqueue: usb_hub_wq hub_event [ 49.295982][ T9] RIP: 0010:__list_add_valid_or_report+0xbe/0x100 [ 49.302533][ T9] Code: e1 fe 90 0f 0b 48 89 d9 48 c7 c7 c0 9b 46 87 e8 98 b2 e1 fe 90 0f 0b 48 89 f1 48 c7 c7 40 9c 46 87 48 89 de e8 83 b2 e1 fe 90 <0f> 0b 48 89 f2 48 89 d9 48 89 ee 48 c7 c7 c0 9c 46 87 e8 6b b2 e1 [ 49.322190][ T9] RSP: 0018:ffffc9000009ef08 EFLAGS: 00010286 [ 49.328828][ T9] RAX: 0000000000000075 RBX: ffffffff89df38a0 RCX: ffffffff813560b9 [ 49.336817][ T9] RDX: 0000000000000000 RSI: ffffffff8135f4f6 RDI: 0000000000000005 [ 49.344810][ T9] RBP: ffff8881222cc250 R08: 0000000000000005 R09: 0000000000000000 [ 49.352804][ T9] R10: 0000000080000000 R11: 0000000000000001 R12: ffff8881222cc250 [ 49.360790][ T9] R13: ffff8881222cc000 R14: ffff8881222cd9d4 R15: ffff888112f82800 [ 49.368785][ T9] FS: 0000000000000000(0000) GS:ffff8881f5800000(0000) knlGS:0000000000000000 [ 49.377832][ T9] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.384536][ T9] CR2: 000055c40416e9e0 CR3: 0000000124190000 CR4: 00000000003506f0 [ 49.392530][ T9] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.400713][ T9] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.409051][ T9] Call Trace: [ 49.412342][ T9] [ 49.415279][ T9] ? show_regs+0x8c/0xa0 [ 49.419567][ T9] ? die+0x36/0xa0 [ 49.423331][ T9] ? do_trap+0x232/0x430 [ 49.427616][ T9] ? __list_add_valid_or_report+0xbe/0x100 [ 49.433447][ T9] ? __list_add_valid_or_report+0xbe/0x100 [ 49.439277][ T9] ? do_error_trap+0xf4/0x230 [ 49.444002][ T9] ? __list_add_valid_or_report+0xbe/0x100 [ 49.449857][ T9] ? handle_invalid_op+0x34/0x40 [ 49.454821][ T9] ? __list_add_valid_or_report+0xbe/0x100 [ 49.460650][ T9] ? exc_invalid_op+0x2e/0x50 [ 49.465349][ T9] ? asm_exc_invalid_op+0x1a/0x20 [ 49.470403][ T9] ? __wake_up_klogd.part.0+0x99/0xf0 [ 49.475805][ T9] ? vprintk+0x86/0xa0 [ 49.479895][ T9] ? __list_add_valid_or_report+0xbe/0x100 [ 49.485827][ T9] ? __list_add_valid_or_report+0xbd/0x100 [ 49.491673][ T9] em28xx_init_extension+0x48/0x200 [ 49.497037][ T9] em28xx_init_dev.constprop.0+0x197b/0x3090 [ 49.503055][ T9] ? __pfx_em28xx_init_dev.constprop.0+0x10/0x10 [ 49.509425][ T9] ? lockdep_init_map_type+0x16d/0x7d0 [ 49.515057][ T9] ? lockdep_init_map_type+0x16d/0x7d0 [ 49.520544][ T9] ? __raw_spin_lock_init+0x3a/0x110 [ 49.525860][ T9] em28xx_usb_probe+0x10db/0x3730 [ 49.530910][ T9] usb_probe_interface+0x309/0x9d0 [ 49.536288][ T9] ? __pfx_usb_probe_interface+0x10/0x10 [ 49.541950][ T9] really_probe+0x23e/0xa90 [ 49.546480][ T9] __driver_probe_device+0x1de/0x440 [ 49.551786][ T9] driver_probe_device+0x4c/0x1b0 [ 49.556842][ T9] __device_attach_driver+0x1df/0x310 [ 49.562257][ T9] ? __pfx___device_attach_driver+0x10/0x10 [ 49.568194][ T9] bus_for_each_drv+0x157/0x1e0 [ 49.573077][ T9] ? __pfx_bus_for_each_drv+0x10/0x10 [ 49.578466][ T9] ? lockdep_hardirqs_on+0x7c/0x110 [ 49.583716][ T9] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 49.589570][ T9] __device_attach+0x1e8/0x4b0 [ 49.594380][ T9] ? __pfx___device_attach+0x10/0x10 [ 49.599774][ T9] ? do_raw_spin_unlock+0x172/0x230 [ 49.605038][ T9] bus_probe_device+0x17f/0x1c0 [ 49.609910][ T9] device_add+0x114b/0x1a70 [ 49.614455][ T9] ? __pfx_device_add+0x10/0x10 [ 49.619353][ T9] ? mark_held_locks+0x9f/0xe0 [ 49.624141][ T9] usb_set_configuration+0x10cb/0x1c50 [ 49.629639][ T9] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 49.635731][ T9] usb_generic_driver_probe+0xb1/0x110 [ 49.641220][ T9] usb_probe_device+0xec/0x3e0 [ 49.646011][ T9] ? __pfx_usb_probe_device+0x10/0x10 [ 49.651395][ T9] really_probe+0x23e/0xa90 [ 49.655919][ T9] __driver_probe_device+0x1de/0x440 [ 49.661257][ T9] ? usb_driver_applicable+0x1c7/0x220 [ 49.666731][ T9] driver_probe_device+0x4c/0x1b0 [ 49.671893][ T9] __device_attach_driver+0x1df/0x310 [ 49.677396][ T9] ? __pfx___device_attach_driver+0x10/0x10 [ 49.683338][ T9] bus_for_each_drv+0x157/0x1e0 [ 49.688240][ T9] ? __pfx_bus_for_each_drv+0x10/0x10 [ 49.693721][ T9] ? lockdep_hardirqs_on+0x7c/0x110 [ 49.698952][ T9] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 49.704805][ T9] __device_attach+0x1e8/0x4b0 [ 49.709593][ T9] ? __pfx___device_attach+0x10/0x10 [ 49.714900][ T9] ? do_raw_spin_unlock+0x172/0x230 [ 49.720219][ T9] bus_probe_device+0x17f/0x1c0 [ 49.725105][ T9] device_add+0x114b/0x1a70 [ 49.729730][ T9] ? __pfx_device_add+0x10/0x10 [ 49.735035][ T9] ? add_device_randomness+0xb8/0xf0 [ 49.740350][ T9] usb_new_device+0xd90/0x1a10 [ 49.745195][ T9] ? __pfx_usb_new_device+0x10/0x10 [ 49.750426][ T9] hub_event+0x2e58/0x4f40 [ 49.754919][ T9] ? __pfx_hub_event+0x10/0x10 [ 49.759974][ T9] ? __pfx_lock_acquire+0x10/0x10 [ 49.765043][ T9] ? __pfx_lock_release+0x10/0x10 [ 49.770087][ T9] process_one_work+0x9c5/0x1b40 [ 49.775145][ T9] ? __pfx_hub_event+0x10/0x10 [ 49.779931][ T9] ? __pfx_process_one_work+0x10/0x10 [ 49.785352][ T9] ? assign_work+0x1a0/0x250 [ 49.789979][ T9] worker_thread+0x6c8/0xed0 [ 49.794611][ T9] ? __kthread_parkme+0x148/0x220 [ 49.799656][ T9] ? __pfx_worker_thread+0x10/0x10 [ 49.804804][ T9] kthread+0x2c1/0x3a0 [ 49.808894][ T9] ? _raw_spin_unlock_irq+0x23/0x50 [ 49.814213][ T9] ? __pfx_kthread+0x10/0x10 [ 49.818817][ T9] ret_from_fork+0x45/0x80 [ 49.823317][ T9] ? __pfx_kthread+0x10/0x10 [ 49.827918][ T9] ret_from_fork_asm+0x1a/0x30 [ 49.832714][ T9] [ 49.835735][ T9] Modules linked in: [ 49.839723][ T9] ---[ end trace 0000000000000000 ]--- [ 49.845286][ T9] RIP: 0010:__list_add_valid_or_report+0xbe/0x100 [ 49.851798][ T9] Code: e1 fe 90 0f 0b 48 89 d9 48 c7 c7 c0 9b 46 87 e8 98 b2 e1 fe 90 0f 0b 48 89 f1 48 c7 c7 40 9c 46 87 48 89 de e8 83 b2 e1 fe 90 <0f> 0b 48 89 f2 48 89 d9 48 89 ee 48 c7 c7 c0 9c 46 87 e8 6b b2 e1 [ 49.871484][ T9] RSP: 0018:ffffc9000009ef08 EFLAGS: 00010286 [ 49.877690][ T9] RAX: 0000000000000075 RBX: ffffffff89df38a0 RCX: ffffffff813560b9 [ 49.885725][ T9] RDX: 0000000000000000 RSI: ffffffff8135f4f6 RDI: 0000000000000005 [ 49.893773][ T9] RBP: ffff8881222cc250 R08: 0000000000000005 R09: 0000000000000000 [ 49.901895][ T9] R10: 0000000080000000 R11: 0000000000000001 R12: ffff8881222cc250 [ 49.910775][ T9] R13: ffff8881222cc000 R14: ffff8881222cd9d4 R15: ffff888112f82800 [ 49.919080][ T9] FS: 0000000000000000(0000) GS:ffff8881f5800000(0000) knlGS:0000000000000000 [ 49.928446][ T9] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.935194][ T9] CR2: 000055c40416e9e0 CR3: 0000000124190000 CR4: 00000000003506f0 [ 49.943237][ T9] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.951429][ T9] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.959564][ T9] Kernel panic - not syncing: Fatal exception [ 49.965945][ T9] Kernel Offset: disabled [ 49.970388][ T9] Rebooting in 86400 seconds..