ss=file permissive=1 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.143' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 54.388292] audit: type=1400 audit(1544292717.316:36): avc: denied { map } for pid=6209 comm="syz-executor610" path="/root/syz-executor610281361" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 54.423515] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) executing program executing program executing program executing program executing program executing program executing program [ 54.455968] Bluetooth: Can't register HCI device executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 54.567232] kobject_add_internal failed for hci0 (error: -2 parent: bluetooth) [ 54.602097] Bluetooth: Can't register HCI device executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 54.858332] kobject_add_internal failed for hci0 (error: -2 parent: bluetooth) [ 54.888462] Bluetooth: Can't register HCI device executing program executing program executing program [ 54.940065] kobject_add_internal failed for rfkill97 (error: -2 parent: hci0) [ 54.956085] ------------[ cut here ]------------ [ 54.961079] sysfs group 'power' not found for kobject 'hci0' [ 54.980216] WARNING: CPU: 0 PID: 6319 at fs/sysfs/group.c:255 sysfs_remove_group+0x15b/0x1b0 executing program [ 54.981647] kobject: 'rfkill102' (00000000365e740a): kobject_uevent_env [ 54.988895] Kernel panic - not syncing: panic_on_warn set ... [ 54.988908] CPU: 0 PID: 6319 Comm: syz-executor610 Not tainted 4.20.0-rc5+ #147 [ 54.988913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.988917] Call Trace: [ 54.988939] dump_stack+0x244/0x39d [ 54.996180] kobject: 'rfkill98' (000000003623aaa7): kobject_uevent_env [ 55.001864] ? dump_stack_print_info.cold.1+0x20/0x20 [ 55.001883] panic+0x2ad/0x55c [ 55.001896] ? add_taint.cold.5+0x16/0x16 [ 55.010862] kobject: 'hci2' (00000000b7a86a6f): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 55.018699] ? __warn.cold.8+0x5/0x45 [ 55.018712] ? __warn+0xe8/0x1d0 [ 55.021372] kobject: 'rfkill98' (000000003623aaa7): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1/rfkill98' [ 55.024903] ? sysfs_remove_group+0x15b/0x1b0 [ 55.024920] __warn.cold.8+0x20/0x45 [ 55.024932] ? rcu_softirq_qs+0x20/0x20 [ 55.033093] kobject: 'rfkill102' (00000000365e740a): fill_kobj_path: path = '/devices/virtual/bluetooth/hci5/rfkill102' [ 55.036789] ? sysfs_remove_group+0x15b/0x1b0 [ 55.036810] report_bug+0x254/0x2d0 [ 55.036823] do_error_trap+0x11b/0x200 [ 55.040388] kobject: 'hci2' (00000000b7a86a6f): kobject_uevent_env [ 55.044150] do_invalid_op+0x36/0x40 [ 55.044160] ? sysfs_remove_group+0x15b/0x1b0 [ 55.044170] invalid_op+0x14/0x20 [ 55.044183] RIP: 0010:sysfs_remove_group+0x15b/0x1b0 [ 55.054271] kobject: 'rfkill98' (000000003623aaa7): kobject_cleanup, parent (null) [ 55.057678] Code: 48 89 d9 49 8b 55 00 48 b8 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 01 00 75 41 48 8b 33 48 c7 c7 20 bf 37 88 e8 65 2a 4f ff <0f> 0b eb 92 e8 3c 23 c9 ff e9 d0 fe ff ff 48 89 df e8 2f 23 c9 ff [ 55.057685] RSP: 0018:ffff8881c189f960 EFLAGS: 00010282 [ 55.057693] RAX: 0000000000000000 RBX: ffffffff887c38c0 RCX: 0000000000000000 [ 55.057702] RDX: 0000000000000000 RSI: ffffffff8165e495 RDI: 0000000000000005 [ 55.061462] kobject: 'rfkill102' (00000000365e740a): kobject_cleanup, parent (null) [ 55.071782] RBP: ffff8881c189f988 R08: ffff8881ca584700 R09: ffffed103b5c5020 [ 55.071789] R10: ffffed103b5c5020 R11: ffff8881dae28107 R12: 0000000000000000 [ 55.071801] R13: ffff8881b2ffe9d0 R14: ffffffff887c3e60 R15: ffff8881b2ffe8a8 [ 55.071826] ? vprintk_func+0x85/0x181 [ 55.071844] dpm_sysfs_remove+0x58/0x60 [ 55.076575] kobject: 'rfkill98' (000000003623aaa7): calling ktype release [ 55.080028] device_del+0x118/0xb70 [ 55.080041] ? do_raw_write_trylock+0x270/0x270 [ 55.080050] ? __device_links_no_driver+0x320/0x320 [ 55.080058] ? vfs_lock_file+0xe0/0xe0 [ 55.080074] hci_unregister_dev+0x3a2/0x990 [ 55.084292] kobject: 'rfkill98': free name [ 55.095392] ? hci_bdaddr_list_clear+0x2f0/0x2f0 [ 55.095406] ? ima_file_check+0x130/0x130 [ 55.095438] ? vhci_close_dev+0x50/0x50 [ 55.100183] kobject: 'hci2' (00000000b7a86a6f): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2' [ 55.103528] vhci_release+0x76/0xf0 [ 55.103543] __fput+0x385/0xa30 [ 55.103554] ? get_max_files+0x20/0x20 [ 55.103568] ? trace_hardirqs_on+0xbd/0x310 [ 55.107488] kobject: 'rfkill102' (00000000365e740a): calling ktype release [ 55.113882] ? kasan_check_read+0x11/0x20 [ 55.113899] ? task_work_run+0x1af/0x2a0 [ 55.113910] ? trace_hardirqs_off_caller+0x310/0x310 [ 55.113922] ? filp_close+0x1cd/0x250 [ 55.118031] kobject: 'rfkill104' (00000000f4ea81c3): kobject_add_internal: parent: 'hci2', set: 'devices' [ 55.122224] ____fput+0x15/0x20 [ 55.122237] task_work_run+0x1e8/0x2a0 [ 55.122248] ? task_work_cancel+0x240/0x240 [ 55.122260] ? copy_fd_bitmaps+0x210/0x210 [ 55.122275] ? do_syscall_64+0x9a/0x820 [ 55.126144] kobject: 'rfkill104' (00000000f4ea81c3): kobject_uevent_env [ 55.131149] exit_to_usermode_loop+0x318/0x380 [ 55.131161] ? __bpf_trace_sys_exit+0x30/0x30 [ 55.131174] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 55.131184] do_syscall_64+0x6be/0x820 [ 55.131198] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 55.140142] kobject: 'rfkill102': free name [ 55.158812] ? syscall_return_slowpath+0x5e0/0x5e0 [ 55.158824] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.158841] ? trace_hardirqs_on_caller+0x310/0x310 [ 55.158854] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 55.164531] kobject: 'hci1' (000000006735304d): kobject_uevent_env [ 55.171841] ? prepare_exit_to_usermode+0x291/0x3b0 [ 55.171855] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.171869] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 55.171882] RIP: 0033:0x400dd0 [ 55.179472] kobject: 'rfkill104' (00000000f4ea81c3): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2/rfkill104' [ 55.187814] Code: 01 f0 ff ff 0f 83 b0 0a 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d fd 18 2d 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 84 0a 00 00 c3 48 83 ec 08 e8 3a 01 00 00 [ 55.187822] RSP: 002b:00007fffb5d32f08 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 55.187836] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000400dd0 [ 55.195386] kobject: 'hci1' (000000006735304d): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1' [ 55.202362] RDX: 0000000000000002 RSI: 00000000200000c0 RDI: 0000000000000003 [ 55.202370] RBP: 0000000000000000 R08: 00000000004002c8 R09: 00000000004002c8 [ 55.202375] R10: 00000000025e2880 R11: 0000000000000246 R12: 000000000000d639 [ 55.202380] R13: 0000000000401d70 R14: 0000000000000000 R15: 0000000000000000 [ 55.210677] Kernel Offset: disabled [ 55.507823] Rebooting in 86400 seconds..