Warning: Permanently added '[localhost]:27365' (ED25519) to the list of known hosts. 2025/04/19 00:18:46 ignoring optional flag "sandboxArg"="0" 2025/04/19 00:18:46 ignoring optional flag "type"="qemu" 2025/04/19 00:18:46 parsed 1 programs [ 64.492591][ T40] audit: type=1400 audit(1745021926.510:119): avc: denied { getattr } for pid=6062 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 64.501798][ T40] audit: type=1400 audit(1745021926.510:120): avc: denied { read } for pid=6062 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 64.509336][ T40] audit: type=1400 audit(1745021926.510:121): avc: denied { open } for pid=6062 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 64.510750][ T6068] cgroup: Unknown subsys name 'net' [ 64.518011][ T40] audit: type=1400 audit(1745021926.520:122): avc: denied { mounton } for pid=6068 comm="syz-executor" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 64.521815][ T6068] cgroup: Unknown subsys name 'cpuset' [ 64.530212][ T6068] cgroup: Unknown subsys name 'rlimit' 2025/04/19 00:18:46 executed programs: 0 [ 65.595409][ T5297] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.598343][ T5297] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.601231][ T5297] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.604141][ T5297] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 65.606648][ T5297] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 65.613353][ T40] audit: type=1400 audit(1745021927.630:123): avc: denied { mounton } for pid=6073 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 65.694903][ T6073] chnl_net:caif_netlink_parms(): no params data found [ 65.793718][ T6073] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.796664][ T6073] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.798951][ T6073] bridge_slave_0: entered allmulticast mode [ 65.802803][ T6073] bridge_slave_0: entered promiscuous mode [ 65.806932][ T6073] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.809635][ T6073] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.812106][ T6073] bridge_slave_1: entered allmulticast mode [ 65.814718][ T6073] bridge_slave_1: entered promiscuous mode [ 65.850811][ T6073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.855373][ T6073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.889733][ T6073] team0: Port device team_slave_0 added [ 65.893985][ T6073] team0: Port device team_slave_1 added [ 65.926082][ T6073] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.928256][ T6073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.938209][ T6073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.942699][ T6073] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.945610][ T6073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.955362][ T6073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.988719][ T6073] hsr_slave_0: entered promiscuous mode [ 65.993278][ T6073] hsr_slave_1: entered promiscuous mode [ 66.081864][ T6073] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.084075][ T6073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.086336][ T6073] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.088438][ T6073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.117036][ T6073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.125183][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.128480][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.140223][ T6073] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.148059][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.151114][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.157072][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.159924][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.196918][ T6073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.444912][ T6073] veth0_vlan: entered promiscuous mode [ 66.450430][ T6073] veth1_vlan: entered promiscuous mode [ 66.465209][ T6073] veth0_macvtap: entered promiscuous mode [ 66.468721][ T6073] veth1_macvtap: entered promiscuous mode [ 66.477136][ T6073] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.488510][ T6073] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.535475][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.537968][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.559816][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.563642][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.607892][ T40] audit: type=1400 audit(1745021928.620:124): avc: denied { write } for pid=6095 comm="syz-executor.0" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 66.615715][ T40] audit: type=1400 audit(1745021928.620:125): avc: denied { ioctl } for pid=6095 comm="syz-executor.0" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 66.870405][ T3557] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 67.034612][ T3557] usb 5-1: config 0 has an invalid interface number: 130 but max is 0 [ 67.037958][ T3557] usb 5-1: config 0 has no interface number 0 [ 67.040613][ T3557] usb 5-1: config 0 interface 130 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 67.045073][ T3557] usb 5-1: New USB device found, idVendor=2040, idProduct=8265, bcdDevice=f3.4a [ 67.048709][ T3557] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.054644][ T3557] usb 5-1: config 0 descriptor?? [ 67.058938][ T3557] em28xx 5-1:0.130: New device @ 480 Mbps (2040:8265, interface 130, class 130) [ 67.061952][ T3557] em28xx 5-1:0.130: Audio interface 130 found (Vendor Class) [ 67.175135][ T40] audit: type=1400 audit(1745021929.190:126): avc: denied { search } for pid=6098 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 67.181952][ T40] audit: type=1400 audit(1745021929.190:127): avc: denied { read } for pid=6099 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 67.188973][ T40] audit: type=1400 audit(1745021929.190:128): avc: denied { open } for pid=6099 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1770 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 67.310628][ T3557] em28xx 5-1:0.130: unknown em28xx chip ID (0) [ 67.312837][ T3557] em28xx 5-1:0.130: Config register raw data: 0xfffffffb [ 67.315259][ T3557] em28xx 5-1:0.130: AC97 chip type couldn't be determined [ 67.317454][ T3557] em28xx 5-1:0.130: No AC97 audio processor [ 67.319302][ T3557] em28xx 5-1:0.130: We currently don't support analog TV or stream capture on dual tuners. [ 67.390653][ T3557] em28xx 5-1:0.130: unknown em28xx chip ID (0) [ 67.392968][ T3557] em28xx 5-1:0.130: Config register raw data: 0xfffffffb [ 67.395399][ T3557] em28xx 5-1:0.130: AC97 chip type couldn't be determined [ 67.397638][ T3557] em28xx 5-1:0.130: No AC97 audio processor [ 67.604107][ T3557] usb 5-1: USB disconnect, device number 2 [ 67.606991][ T3557] em28xx 5-1:0.130: Disconnecting em28xx #1 [ 67.608873][ T3557] em28xx 5-1:0.130: Disconnecting em28xx [ 67.613372][ T3557] em28xx 5-1:0.130: Freeing device [ 67.615054][ T3557] em28xx 5-1:0.130: Freeing device [ 67.681068][ T68] Bluetooth: hci0: command tx timeout [ 68.071500][ T3557] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 68.222520][ T3557] usb 5-1: config 0 has an invalid interface number: 130 but max is 0 [ 68.225738][ T3557] usb 5-1: config 0 has no interface number 0 [ 68.227713][ T3557] usb 5-1: config 0 interface 130 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 68.231563][ T3557] usb 5-1: New USB device found, idVendor=2040, idProduct=8265, bcdDevice=f3.4a [ 68.234567][ T3557] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.241882][ T3557] usb 5-1: config 0 descriptor?? [ 68.246790][ T3557] em28xx 5-1:0.130: New device @ 480 Mbps (2040:8265, interface 130, class 130) [ 68.250933][ T3557] em28xx 5-1:0.130: Audio interface 130 found (Vendor Class) [ 68.500825][ T3557] em28xx 5-1:0.130: unknown em28xx chip ID (0) [ 68.503135][ T3557] em28xx 5-1:0.130: Config register raw data: 0xfffffffb [ 68.505744][ T3557] em28xx 5-1:0.130: AC97 chip type couldn't be determined [ 68.507956][ T3557] em28xx 5-1:0.130: No AC97 audio processor [ 68.509860][ T3557] non-slab/vmalloc memory [ 68.511868][ T3557] list_add corruption. prev->next should be next (ffffffff8fba3aa0), but was ffffffff8183778c. (prev=ffff8880311c0250). [ 68.516197][ T3557] ------------[ cut here ]------------ [ 68.517976][ T3557] kernel BUG at lib/list_debug.c:32! [ 68.519690][ T3557] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 68.522281][ T3557] CPU: 3 UID: 0 PID: 3557 Comm: kworker/3:2 Not tainted 6.15.0-rc2-syzkaller-g3088d26962e8 #0 PREEMPT(full) [ 68.527147][ T3557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.530543][ T3557] Workqueue: usb_hub_wq hub_event [ 68.532135][ T3557] RIP: 0010:__list_add_valid_or_report+0x12b/0x190 [ 68.534206][ T3557] Code: 00 00 00 00 fc ff df 48 89 f2 48 c1 ea 03 80 3c 02 00 75 5a 48 8b 16 48 89 f1 48 c7 c7 40 66 f4 8b 48 89 ee e8 e6 91 c5 fc 90 <0f> 0b 48 89 f2 48 89 e9 4c 89 e6 48 c7 c7 c0 66 f4 8b e8 ce 91 c5 [ 68.540223][ T3557] RSP: 0018:ffffc90026e7ee90 EFLAGS: 00010282 [ 68.542170][ T3557] RAX: 0000000000000075 RBX: ffff888012674000 RCX: ffffffff819aaf39 [ 68.544732][ T3557] RDX: 0000000000000000 RSI: ffffffff819b2dc6 RDI: 0000000000000005 [ 68.547211][ T3557] RBP: ffffffff8fba3aa0 R08: 0000000000000005 R09: 0000000000000000 [ 68.549750][ T3557] R10: 0000000080000000 R11: 0000000000000000 R12: ffff888012674250 [ 68.552257][ T3557] R13: ffffffff8fba3aa8 R14: ffff8880126741a8 R15: ffff888012675a14 [ 68.555047][ T3557] FS: 0000000000000000(0000) GS:ffff8880d6cb2000(0000) knlGS:0000000000000000 [ 68.558158][ T3557] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.560031][ T3557] CR2: 000055ed25375300 CR3: 0000000023e00000 CR4: 0000000000352ef0 [ 68.562546][ T3557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 68.565119][ T3557] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 68.567473][ T3557] Call Trace: [ 68.568575][ T3557] [ 68.569543][ T3557] em28xx_init_extension+0x48/0x200 [ 68.571311][ T3557] em28xx_init_dev.constprop.0+0x1a10/0x3170 [ 68.573256][ T3557] ? __pfx_em28xx_init_dev.constprop.0+0x10/0x10 [ 68.575251][ T3557] ? lockdep_init_map_type+0x5c/0x280 [ 68.577009][ T3557] ? lockdep_init_map_type+0x5c/0x280 [ 68.578660][ T3557] em28xx_usb_probe+0x1285/0x3770 [ 68.580251][ T3557] usb_probe_interface+0x300/0x9c0 [ 68.581895][ T3557] ? __pfx_usb_probe_interface+0x10/0x10 [ 68.583679][ T3557] really_probe+0x23e/0xa90 [ 68.585126][ T3557] __driver_probe_device+0x1de/0x440 [ 68.586794][ T3557] driver_probe_device+0x4c/0x1b0 [ 68.588383][ T3557] __device_attach_driver+0x1df/0x310 [ 68.590114][ T3557] ? __pfx___device_attach_driver+0x10/0x10 [ 68.591986][ T3557] bus_for_each_drv+0x156/0x1e0 [ 68.593562][ T3557] ? __pfx_bus_for_each_drv+0x10/0x10 [ 68.595485][ T3557] ? lockdep_hardirqs_on+0x7c/0x110 [ 68.597658][ T3557] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 68.600081][ T3557] __device_attach+0x1e4/0x4b0 [ 68.602132][ T3557] ? __pfx___device_attach+0x10/0x10 [ 68.604294][ T3557] ? do_raw_spin_unlock+0x172/0x230 [ 68.606442][ T3557] bus_probe_device+0x17f/0x1c0 [ 68.608470][ T3557] device_add+0x1148/0x1a70 [ 68.610372][ T3557] ? __pfx_device_add+0x10/0x10 [ 68.612415][ T3557] ? mark_held_locks+0x49/0x80 [ 68.614445][ T3557] usb_set_configuration+0x1187/0x1e20 [ 68.616438][ T3557] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 68.618915][ T3557] usb_generic_driver_probe+0xb1/0x110 [ 68.621216][ T3557] usb_probe_device+0xec/0x3e0 [ 68.623173][ T3557] ? __pfx_usb_probe_device+0x10/0x10 [ 68.625367][ T3557] really_probe+0x23e/0xa90 [ 68.627229][ T3557] __driver_probe_device+0x1de/0x440 [ 68.629501][ T3557] ? usb_driver_applicable+0x1c7/0x220 [ 68.631762][ T3557] driver_probe_device+0x4c/0x1b0 [ 68.633869][ T3557] __device_attach_driver+0x1df/0x310 [ 68.636148][ T3557] ? __pfx___device_attach_driver+0x10/0x10 [ 68.638660][ T3557] bus_for_each_drv+0x156/0x1e0 [ 68.640698][ T3557] ? __pfx_bus_for_each_drv+0x10/0x10 [ 68.642896][ T3557] ? lockdep_hardirqs_on+0x7c/0x110 [ 68.645051][ T3557] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 68.647468][ T3557] __device_attach+0x1e4/0x4b0 [ 68.649503][ T3557] ? __pfx___device_attach+0x10/0x10 [ 68.651690][ T3557] ? do_raw_spin_unlock+0x172/0x230 [ 68.653843][ T3557] bus_probe_device+0x17f/0x1c0 [ 68.655783][ T3557] device_add+0x1148/0x1a70 [ 68.657637][ T3557] ? __pfx_device_add+0x10/0x10 [ 68.659678][ T3557] ? usb_detect_static_quirks+0x335/0x3e0 [ 68.662053][ T3557] ? __usb_get_extra_descriptor+0x158/0x1c0 [ 68.664490][ T3557] usb_new_device+0xd07/0x1a20 [ 68.666558][ T3557] ? do_raw_spin_lock+0x12c/0x2b0 [ 68.668666][ T3557] ? __pfx_usb_new_device+0x10/0x10 [ 68.670813][ T3557] ? mark_held_locks+0x49/0x80 [ 68.672773][ T3557] hub_event+0x2eb7/0x4fa0 [ 68.674624][ T3557] ? __pfx_hub_event+0x10/0x10 [ 68.676597][ T3557] ? debug_object_deactivate+0x1ec/0x3a0 [ 68.678962][ T3557] ? rcu_is_watching+0x12/0xc0 [ 68.680979][ T3557] process_one_work+0x9cc/0x1b70 [ 68.683023][ T3557] ? __pfx_hub_event+0x10/0x10 [ 68.685028][ T3557] ? __pfx_process_one_work+0x10/0x10 [ 68.687278][ T3557] ? assign_work+0x1a0/0x250 [ 68.689167][ T3557] worker_thread+0x6c8/0xf10 [ 68.691074][ T3557] ? __kthread_parkme+0x19e/0x250 [ 68.693100][ T3557] ? __pfx_worker_thread+0x10/0x10 [ 68.695233][ T3557] kthread+0x3c2/0x780 [ 68.696926][ T3557] ? __pfx_kthread+0x10/0x10 [ 68.698835][ T3557] ? __pfx_kthread+0x10/0x10 [ 68.700713][ T3557] ? __pfx_kthread+0x10/0x10 [ 68.702646][ T3557] ? __pfx_kthread+0x10/0x10 [ 68.704590][ T3557] ? rcu_is_watching+0x12/0xc0 [ 68.706581][ T3557] ? __pfx_kthread+0x10/0x10 [ 68.708379][ T3557] ret_from_fork+0x45/0x80 [ 68.710148][ T3557] ? __pfx_kthread+0x10/0x10 [ 68.712045][ T3557] ret_from_fork_asm+0x1a/0x30 [ 68.714018][ T3557] [ 68.715321][ T3557] Modules linked in: [ 68.717291][ T3557] ---[ end trace 0000000000000000 ]--- [ 68.719753][ T3557] RIP: 0010:__list_add_valid_or_report+0x12b/0x190 [ 68.722741][ T3557] Code: 00 00 00 00 fc ff df 48 89 f2 48 c1 ea 03 80 3c 02 00 75 5a 48 8b 16 48 89 f1 48 c7 c7 40 66 f4 8b 48 89 ee e8 e6 91 c5 fc 90 <0f> 0b 48 89 f2 48 89 e9 4c 89 e6 48 c7 c7 c0 66 f4 8b e8 ce 91 c5 [ 68.730672][ T3557] RSP: 0018:ffffc90026e7ee90 EFLAGS: 00010282 [ 68.733181][ T3557] RAX: 0000000000000075 RBX: ffff888012674000 RCX: ffffffff819aaf39 [ 68.736403][ T3557] RDX: 0000000000000000 RSI: ffffffff819b2dc6 RDI: 0000000000000005 [ 68.739503][ T3557] RBP: ffffffff8fba3aa0 R08: 0000000000000005 R09: 0000000000000000 [ 68.742903][ T3557] R10: 0000000080000000 R11: 0000000000000000 R12: ffff888012674250 [ 68.746192][ T3557] R13: ffffffff8fba3aa8 R14: ffff8880126741a8 R15: ffff888012675a14 [ 68.749390][ T3557] FS: 0000000000000000(0000) GS:ffff8880d6cb2000(0000) knlGS:0000000000000000 [ 68.753083][ T3557] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.755819][ T3557] CR2: 000055ed25375300 CR3: 0000000023e00000 CR4: 0000000000352ef0 [ 68.759074][ T3557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 68.762446][ T3557] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 68.765725][ T3557] Kernel panic - not syncing: Fatal exception [ 68.768870][ T3557] Kernel Offset: disabled [ 68.770569][ T3557] Rebooting in 86400 seconds..