Warning: Permanently added '[localhost]:65154' (ED25519) to the list of known hosts. 2025/07/30 16:30:58 ignoring optional flag "sandboxArg"="0" 2025/07/30 16:30:58 ignoring optional flag "type"="qemu" 2025/07/30 16:30:58 parsed 1 programs [ 57.460262][ T40] audit: type=1400 audit(1753893058.829:98): avc: denied { getattr } for pid=6072 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 57.483889][ T40] audit: type=1400 audit(1753893058.849:99): avc: denied { mounton } for pid=6078 comm="syz-executor" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 57.484703][ T6078] cgroup: Unknown subsys name 'net' [ 57.494555][ T6078] cgroup: Unknown subsys name 'cpuset' [ 57.498019][ T6078] cgroup: Unknown subsys name 'rlimit' 2025/07/30 16:30:58 executed programs: 0 [ 57.531346][ T40] audit: type=1400 audit(1753893058.899:100): avc: denied { create } for pid=6083 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.541013][ T40] audit: type=1400 audit(1753893059.909:101): avc: denied { ioctl } for pid=6083 comm="syz-executor.0" path="socket:[7427]" dev="sockfs" ino=7427 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.541129][ T5304] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.552066][ T5304] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.554782][ T5304] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.557974][ T5304] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.560561][ T5304] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.630667][ T6083] chnl_net:caif_netlink_parms(): no params data found [ 58.696080][ T6083] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.698483][ T6083] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.700730][ T6083] bridge_slave_0: entered allmulticast mode [ 58.703287][ T6083] bridge_slave_0: entered promiscuous mode [ 58.706430][ T6083] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.708784][ T6083] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.711050][ T6083] bridge_slave_1: entered allmulticast mode [ 58.713615][ T6083] bridge_slave_1: entered promiscuous mode [ 58.745345][ T6083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.749895][ T6083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.781270][ T6083] team0: Port device team_slave_0 added [ 58.784650][ T6083] team0: Port device team_slave_1 added [ 58.813502][ T6083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.815710][ T6083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.823683][ T6083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.828022][ T6083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.830233][ T6083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.838206][ T6083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.875028][ T6083] hsr_slave_0: entered promiscuous mode [ 58.877241][ T6083] hsr_slave_1: entered promiscuous mode [ 58.964387][ T6083] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.966672][ T6083] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.969537][ T6083] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.971791][ T6083] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.998995][ T6083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.006690][ T236] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.011213][ T236] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.026052][ T6083] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.032067][ T71] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.034360][ T71] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.040782][ T236] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.043042][ T236] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.074138][ T6083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.321512][ T6083] veth0_vlan: entered promiscuous mode [ 59.326283][ T6083] veth1_vlan: entered promiscuous mode [ 59.342844][ T6083] veth0_macvtap: entered promiscuous mode [ 59.346508][ T6083] veth1_macvtap: entered promiscuous mode [ 59.359888][ T6083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.367087][ T6083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.400235][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.402798][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.419346][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.421596][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.441961][ T40] audit: type=1400 audit(1753893060.809:102): avc: denied { write } for pid=6113 comm="syz-executor.0" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 59.449044][ T40] audit: type=1400 audit(1753893060.809:103): avc: denied { ioctl } for pid=6113 comm="syz-executor.0" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 59.596179][ T40] audit: type=1400 audit(1753893060.959:104): avc: denied { search } for pid=6115 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 59.603733][ T40] audit: type=1400 audit(1753893060.959:105): avc: denied { search } for pid=6115 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=1905 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 59.611092][ T40] audit: type=1400 audit(1753893060.959:106): avc: denied { search } for pid=6115 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1909 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 59.618347][ T40] audit: type=1400 audit(1753893060.959:107): avc: denied { search } for pid=6115 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1910 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 59.678587][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 59.829985][ T10] usb 5-1: config 0 has an invalid interface number: 130 but max is 0 [ 59.833378][ T10] usb 5-1: config 0 has no interface number 0 [ 59.835930][ T10] usb 5-1: config 0 interface 130 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 59.840717][ T10] usb 5-1: New USB device found, idVendor=2040, idProduct=8265, bcdDevice=f3.4a [ 59.844460][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.851029][ T10] usb 5-1: config 0 descriptor?? [ 59.858109][ T10] em28xx 5-1:0.130: New device @ 480 Mbps (2040:8265, interface 130, class 130) [ 59.862182][ T10] em28xx 5-1:0.130: Audio interface 130 found (Vendor Class) [ 60.118240][ T10] em28xx 5-1:0.130: unknown em28xx chip ID (0) [ 60.122115][ T10] em28xx 5-1:0.130: Config register raw data: 0xfffffffb [ 60.125494][ T10] em28xx 5-1:0.130: AC97 chip type couldn't be determined [ 60.128659][ T10] em28xx 5-1:0.130: No AC97 audio processor [ 60.131138][ T10] em28xx 5-1:0.130: We currently don't support analog TV or stream capture on dual tuners. [ 60.187693][ T10] em28xx 5-1:0.130: unknown em28xx chip ID (0) [ 60.189999][ T10] em28xx 5-1:0.130: Config register raw data: 0xfffffffb [ 60.192486][ T10] em28xx 5-1:0.130: AC97 chip type couldn't be determined [ 60.194735][ T10] em28xx 5-1:0.130: No AC97 audio processor [ 60.402927][ T10] usb 5-1: USB disconnect, device number 2 [ 60.405479][ T10] em28xx 5-1:0.130: Disconnecting em28xx #1 [ 60.407770][ T10] em28xx 5-1:0.130: Disconnecting em28xx [ 60.411730][ T10] em28xx 5-1:0.130: Freeing device [ 60.413410][ T10] em28xx 5-1:0.130: Freeing device [ 60.618418][ T5304] Bluetooth: hci0: command tx timeout [ 60.867492][ T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 61.019751][ T10] usb 5-1: config 0 has an invalid interface number: 130 but max is 0 [ 61.022344][ T10] usb 5-1: config 0 has no interface number 0 [ 61.024282][ T10] usb 5-1: config 0 interface 130 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 61.027923][ T10] usb 5-1: New USB device found, idVendor=2040, idProduct=8265, bcdDevice=f3.4a [ 61.030820][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.034891][ T10] usb 5-1: config 0 descriptor?? [ 61.039332][ T10] em28xx 5-1:0.130: New device @ 480 Mbps (2040:8265, interface 130, class 130) [ 61.042198][ T10] em28xx 5-1:0.130: Audio interface 130 found (Vendor Class) [ 61.297780][ T10] em28xx 5-1:0.130: unknown em28xx chip ID (0) [ 61.300839][ T10] em28xx 5-1:0.130: Config register raw data: 0xfffffffb [ 61.304183][ T10] em28xx 5-1:0.130: AC97 chip type couldn't be determined [ 61.307188][ T10] em28xx 5-1:0.130: No AC97 audio processor [ 61.309452][ T10] non-slab/vmalloc memory [ 61.311414][ T10] list_add corruption. prev->next should be next (ffffffff8fdbeae0), but was ffffffff8b8a410d. (prev=ffff888026d30250). [ 61.315699][ T10] ------------[ cut here ]------------ [ 61.317554][ T10] kernel BUG at lib/list_debug.c:32! [ 61.319342][ T10] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 61.322032][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.16.0-syzkaller-g4b290aae788e #0 PREEMPT(full) [ 61.326597][ T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.330647][ T10] Workqueue: usb_hub_wq hub_event [ 61.332522][ T10] RIP: 0010:__list_add_valid_or_report+0x12b/0x190 [ 61.335315][ T10] Code: 00 00 00 00 fc ff df 48 89 f2 48 c1 ea 03 80 3c 02 00 75 5a 48 8b 16 48 89 f1 48 c7 c7 80 ef 15 8c 48 89 ee e8 d6 3f b2 fc 90 <0f> 0b 48 89 f2 48 89 e9 4c 89 e6 48 c7 c7 00 f0 15 8c e8 be 3f b2 [ 61.342964][ T10] RSP: 0018:ffffc900000d6e88 EFLAGS: 00010282 [ 61.345004][ T10] RAX: 0000000000000075 RBX: ffff8880391bc000 RCX: ffffffff819a6d19 [ 61.347544][ T10] RDX: 0000000000000000 RSI: ffffffff819aeba6 RDI: 0000000000000005 [ 61.350774][ T10] RBP: ffffffff8fdbeae0 R08: 0000000000000005 R09: 0000000000000000 [ 61.353995][ T10] R10: 0000000080000000 R11: 0000000000000001 R12: ffff8880391bc250 [ 61.357392][ T10] R13: ffffffff8fdbeae8 R14: ffff8880391bc1a8 R15: ffff8880391bda34 [ 61.360025][ T10] FS: 0000000000000000(0000) GS:ffff8880d6722000(0000) knlGS:0000000000000000 [ 61.362894][ T10] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.365021][ T10] CR2: 00007fe6d2b8d090 CR3: 000000003a762000 CR4: 0000000000352ef0 [ 61.367637][ T10] Call Trace: [ 61.369081][ T10] [ 61.370372][ T10] em28xx_init_extension+0x48/0x200 [ 61.372584][ T10] em28xx_init_dev.constprop.0+0x1a10/0x3170 [ 61.375114][ T10] ? __pfx_em28xx_init_dev.constprop.0+0x10/0x10 [ 61.377790][ T10] ? rcu_is_watching+0x12/0xc0 [ 61.379847][ T10] ? lockdep_init_map_type+0x5c/0x280 [ 61.382081][ T10] ? lockdep_init_map_type+0x5c/0x280 [ 61.383795][ T10] em28xx_usb_probe+0x1285/0x3770 [ 61.385402][ T10] usb_probe_interface+0x303/0xa40 [ 61.387045][ T10] ? __pfx_usb_probe_interface+0x10/0x10 [ 61.388805][ T10] really_probe+0x23e/0xa90 [ 61.390282][ T10] __driver_probe_device+0x1de/0x440 [ 61.391944][ T10] driver_probe_device+0x4c/0x1b0 [ 61.393534][ T10] __device_attach_driver+0x1df/0x310 [ 61.395229][ T10] ? __pfx___device_attach_driver+0x10/0x10 [ 61.397079][ T10] bus_for_each_drv+0x156/0x1e0 [ 61.398632][ T10] ? __pfx_bus_for_each_drv+0x10/0x10 [ 61.400339][ T10] ? lockdep_hardirqs_on+0x7c/0x110 [ 61.402000][ T10] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 61.404029][ T10] __device_attach+0x1e4/0x4b0 [ 61.405559][ T10] ? __pfx___device_attach+0x10/0x10 [ 61.407271][ T10] ? do_raw_spin_unlock+0x172/0x230 [ 61.408951][ T10] bus_probe_device+0x17f/0x1c0 [ 61.410512][ T10] device_add+0x1148/0x1a70 [ 61.411969][ T10] ? __pfx_device_add+0x10/0x10 [ 61.413527][ T10] ? mark_held_locks+0x49/0x80 [ 61.415056][ T10] usb_set_configuration+0x1187/0x1e20 [ 61.416781][ T10] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 61.418692][ T10] usb_generic_driver_probe+0xb1/0x110 [ 61.420415][ T10] usb_probe_device+0xef/0x3e0 [ 61.421934][ T10] ? __pfx_usb_probe_device+0x10/0x10 [ 61.423632][ T10] really_probe+0x23e/0xa90 [ 61.425084][ T10] __driver_probe_device+0x1de/0x440 [ 61.426760][ T10] ? usb_driver_applicable+0x1c7/0x220 [ 61.428483][ T10] driver_probe_device+0x4c/0x1b0 [ 61.430087][ T10] __device_attach_driver+0x1df/0x310 [ 61.431780][ T10] ? __pfx___device_attach_driver+0x10/0x10 [ 61.433662][ T10] bus_for_each_drv+0x156/0x1e0 [ 61.435210][ T10] ? __pfx_bus_for_each_drv+0x10/0x10 [ 61.436963][ T10] ? lockdep_hardirqs_on+0x7c/0x110 [ 61.438623][ T10] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 61.440488][ T10] __device_attach+0x1e4/0x4b0 [ 61.442021][ T10] ? __pfx___device_attach+0x10/0x10 [ 61.443700][ T10] ? do_raw_spin_unlock+0x172/0x230 [ 61.445340][ T10] bus_probe_device+0x17f/0x1c0 [ 61.446893][ T10] device_add+0x1148/0x1a70 [ 61.448339][ T10] ? __pfx_device_add+0x10/0x10 [ 61.449913][ T10] ? usb_detect_static_quirks+0x335/0x3e0 [ 61.451723][ T10] ? __usb_get_extra_descriptor+0x158/0x1c0 [ 61.453587][ T10] usb_new_device+0xd07/0x1a60 [ 61.455112][ T10] ? do_raw_spin_lock+0x12c/0x2b0 [ 61.456699][ T10] ? __pfx_usb_new_device+0x10/0x10 [ 61.458351][ T10] ? mark_held_locks+0x49/0x80 [ 61.459910][ T10] hub_event+0x2f34/0x4fe0 [ 61.461336][ T10] ? __pfx_hub_event+0x10/0x10 [ 61.462872][ T10] ? assoc_array_delete+0x7e0/0xd10 [ 61.464520][ T10] ? rcu_is_watching+0x12/0xc0 [ 61.466052][ T10] process_one_work+0x9cf/0x1b70 [ 61.467639][ T10] ? __pfx_hub_event+0x10/0x10 [ 61.469179][ T10] ? __pfx_process_one_work+0x10/0x10 [ 61.470895][ T10] ? assign_work+0x1a0/0x250 [ 61.472372][ T10] worker_thread+0x6c8/0xf10 [ 61.473845][ T10] ? __pfx_worker_thread+0x10/0x10 [ 61.475462][ T10] kthread+0x3c2/0x780 [ 61.476760][ T10] ? __pfx_kthread+0x10/0x10 [ 61.478233][ T10] ? rcu_is_watching+0x12/0xc0 [ 61.479768][ T10] ? __pfx_kthread+0x10/0x10 [ 61.481242][ T10] ret_from_fork+0x5d7/0x6f0 [ 61.482717][ T10] ? __pfx_kthread+0x10/0x10 [ 61.484186][ T10] ret_from_fork_asm+0x1a/0x30 [ 61.485716][ T10] [ 61.486715][ T10] Modules linked in: [ 61.488284][ T10] ---[ end trace 0000000000000000 ]--- [ 61.490068][ T10] RIP: 0010:__list_add_valid_or_report+0x12b/0x190 [ 61.492118][ T10] Code: 00 00 00 00 fc ff df 48 89 f2 48 c1 ea 03 80 3c 02 00 75 5a 48 8b 16 48 89 f1 48 c7 c7 80 ef 15 8c 48 89 ee e8 d6 3f b2 fc 90 <0f> 0b 48 89 f2 48 89 e9 4c 89 e6 48 c7 c7 00 f0 15 8c e8 be 3f b2 [ 61.498577][ T10] RSP: 0018:ffffc900000d6e88 EFLAGS: 00010282 [ 61.500523][ T10] RAX: 0000000000000075 RBX: ffff8880391bc000 RCX: ffffffff819a6d19 [ 61.503013][ T10] RDX: 0000000000000000 RSI: ffffffff819aeba6 RDI: 0000000000000005 [ 61.505500][ T10] RBP: ffffffff8fdbeae0 R08: 0000000000000005 R09: 0000000000000000 [ 61.508081][ T10] R10: 0000000080000000 R11: 0000000000000001 R12: ffff8880391bc250 [ 61.510616][ T10] R13: ffffffff8fdbeae8 R14: ffff8880391bc1a8 R15: ffff8880391bda34 [ 61.513128][ T10] FS: 0000000000000000(0000) GS:ffff8880d6722000(0000) knlGS:0000000000000000 [ 61.515978][ T10] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.518169][ T10] CR2: 00007fe6d2b8d090 CR3: 000000003a762000 CR4: 0000000000352ef0 [ 61.520718][ T10] Kernel panic - not syncing: Fatal exception [ 61.523216][ T10] Kernel Offset: disabled [ 61.524624][ T10] Rebooting in 86400 seconds..