Warning: Permanently added '10.128.0.222' (ED25519) to the list of known hosts.
2023/08/20 10:12:42 ignoring optional flag "sandboxArg"="0"
2023/08/20 10:12:42 parsed 1 programs
2023/08/20 10:12:42 executed programs: 0
[   41.096061][   T25] kauditd_printk_skb: 86 callbacks suppressed
[   41.096065][   T25] audit: type=1400 audit(1692526362.266:177): avc:  denied  { getattr } for  pid=3026 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   41.119725][ T2749] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   41.126986][   T25] audit: type=1400 audit(1692526362.266:178): avc:  denied  { read } for  pid=3026 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   41.134236][ T2749] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   41.155548][   T25] audit: type=1400 audit(1692526362.266:179): avc:  denied  { open } for  pid=3026 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   41.162888][ T2749] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   41.186079][   T25] audit: type=1400 audit(1692526362.276:180): avc:  denied  { mounton } for  pid=3031 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   41.218404][   T25] audit: type=1400 audit(1692526362.276:181): avc:  denied  { mount } for  pid=3031 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   41.242117][   T25] audit: type=1400 audit(1692526362.276:182): avc:  denied  { ioctl } for  pid=3035 comm="syz-executor.0" path="socket:[24170]" dev="sockfs" ino=24170 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   41.242204][ T2749] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   41.274820][ T2749] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   41.282149][ T2749] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   41.291245][   T25] audit: type=1400 audit(1692526362.466:183): avc:  denied  { mounton } for  pid=3035 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   41.347822][ T3035] chnl_net:caif_netlink_parms(): no params data found
[   41.361621][ T3035] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.368931][ T3035] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.376209][ T3035] bridge_slave_0: entered allmulticast mode
[   41.382280][ T3035] bridge_slave_0: entered promiscuous mode
[   41.388404][ T3035] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.395603][ T3035] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.402875][ T3035] bridge_slave_1: entered allmulticast mode
[   41.408907][ T3035] bridge_slave_1: entered promiscuous mode
[   41.416923][ T3035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   41.426433][ T3035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   41.452433][ T3035] batman_adv: batadv0: Adding interface: batadv_slave_0
[   41.459616][ T3035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   41.485642][ T3035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   41.496576][ T3035] batman_adv: batadv0: Adding interface: batadv_slave_1
[   41.503637][ T3035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   41.530023][ T3035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   41.576132][   T25] audit: type=1400 audit(1692526362.746:184): avc:  denied  { write } for  pid=3035 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   41.576285][ T3035] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.596820][   T25] audit: type=1400 audit(1692526362.746:185): avc:  denied  { read } for  pid=3035 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   41.603806][ T3035] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.603831][ T3035] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.638982][ T3035] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.810605][ T3035] 8021q: adding VLAN 0 to HW filter on device bond0
[   41.818438][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.826011][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.848965][  T786] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.856193][  T786] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.863663][  T786] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.870665][  T786] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.941802][ T3035] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.969591][ T3035] veth0_vlan: entered promiscuous mode
[   42.090637][ T3035] batman_adv: batadv0: Interface activated: batadv_slave_0
[   42.098668][ T3035] batman_adv: batadv0: Interface activated: batadv_slave_1
[   42.145548][   T25] audit: type=1400 audit(1692526363.316:186): avc:  denied  { mounton } for  pid=3035 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=1003 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   42.469382][   T21] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   42.889392][   T21] usb 1-1: config 8 has an invalid interface number: 184 but max is 0
[   42.897987][   T21] usb 1-1: config 8 has an invalid interface number: 100 but max is 0
[   42.906284][   T21] usb 1-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[   42.915152][   T21] usb 1-1: config 8 has 2 interfaces, different from the descriptor's value: 1
[   42.924090][   T21] usb 1-1: config 8 has no interface number 0
[   42.930144][   T21] usb 1-1: config 8 has no interface number 1
[   42.936185][   T21] usb 1-1: config 8 interface 184 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 16
[   42.949178][   T21] usb 1-1: too many endpoints for config 8 interface 100 altsetting 231: 95, using maximum allowed: 30
[   42.960188][   T21] usb 1-1: config 8 interface 100 altsetting 231 bulk endpoint 0x9 has invalid maxpacket 32
[   42.970408][   T21] usb 1-1: config 8 interface 100 altsetting 231 has a duplicate endpoint with address 0x9, skipping
[   42.981408][   T21] usb 1-1: config 8 interface 100 altsetting 231 has an invalid endpoint with address 0x0, skipping
[   42.992333][   T21] usb 1-1: config 8 interface 100 altsetting 231 has a duplicate endpoint with address 0xE, skipping
[   43.003175][   T21] usb 1-1: config 8 interface 100 altsetting 231 has an invalid endpoint with address 0x80, skipping
[   43.014005][   T21] usb 1-1: config 8 interface 100 altsetting 231 has a duplicate endpoint with address 0x4, skipping
[   43.024833][   T21] usb 1-1: config 8 interface 100 altsetting 231 has a duplicate endpoint with address 0xA, skipping
[   43.035854][   T21] usb 1-1: config 8 interface 100 altsetting 231 endpoint 0x2 has invalid maxpacket 512, setting to 64
[   43.047233][   T21] usb 1-1: config 8 interface 100 altsetting 231 has a duplicate endpoint with address 0xF, skipping
[   43.058322][   T21] usb 1-1: config 8 interface 100 altsetting 231 has an invalid endpoint with address 0x80, skipping
[   43.069171][   T21] usb 1-1: config 8 interface 100 altsetting 231 has an invalid endpoint with address 0x0, skipping
[   43.080182][   T21] usb 1-1: config 8 interface 100 altsetting 231 has 15 endpoint descriptors, different from the interface descriptor's value: 95
[   43.093567][   T21] usb 1-1: config 8 interface 100 has no altsetting 0
[   43.100555][   T21] usb 1-1: New USB device found, idVendor=07d1, idProduct=3a09, bcdDevice= 1.b3
[   43.109731][   T21] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.359474][ T2749] Bluetooth: hci0: command 0x0409 tx timeout
[   43.409378][   T21] usb 1-1: string descriptor 0 read error: -71
[   44.299362][   T21] usb 1-1: reset high-speed USB device number 2 using dummy_hcd
[   44.869723][ T3215] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   44.933745][   T26] usb 1-1: driver   API: 1.9.9 2016-02-15 [1-1]
[   44.940026][   T26] usb 1-1: firmware API: 1.9.6 2012-07-07
[   44.946073][   T21] ------------[ cut here ]------------
[   44.951738][   T21] usb 1-1: BOGUS urb xfer, pipe 1 != type 3
[   44.957947][   T21] WARNING: CPU: 1 PID: 21 at drivers/usb/core/urb.c:504 usb_submit_urb+0x442/0x690
[   44.967247][   T21] Modules linked in:
[   44.971249][   T21] CPU: 1 PID: 21 Comm: kworker/1:0 Not tainted 6.5.0-rc6-syzkaller #0
[   44.979504][   T21] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   44.989562][   T21] Workqueue: usb_hub_wq hub_event
[   44.994587][   T21] RIP: 0010:usb_submit_urb+0x442/0x690
[   45.000418][   T21] Code: 48 89 54 24 10 44 89 44 24 0c e8 f9 b9 c8 ff 44 8b 44 24 0c 89 d9 48 c7 c7 a0 ef 70 83 48 8b 54 24 10 48 89 c6 e8 6e e6 15 ff <0f> 0b 41 80 fe 01 41 8b 4d 5c 0f 85 85 fd ff ff 89 cb 81 e3 86 03
[   45.020378][   T21] RSP: 0018:ffffc900002cf6f0 EFLAGS: 00010282
[   45.026427][   T21] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[   45.034497][   T21] RDX: 0000000000000002 RSI: ffffffff835e846b RDI: 00000000ffffffff
[   45.043001][   T21] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff83ab2960
[   45.051078][   T21] R10: ffffc900002cf590 R11: ffffffff83b929a8 R12: ffff8881151de800
[   45.059200][   T21] R13: ffff888109ab5a80 R14: 0000000000000002 R15: 00000000ffffff01
[   45.067168][   T21] FS:  0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
[   45.076100][   T21] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   45.082671][   T21] CR2: 00007fe8461de111 CR3: 000000011488b000 CR4: 00000000003506e0
[   45.090644][   T21] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   45.098589][   T21] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   45.106557][   T21] Call Trace:
[   45.109826][   T21]  <TASK>
[   45.112730][   T21]  ? __warn+0x7f/0x180
[   45.116772][   T21]  ? usb_submit_urb+0x442/0x690
[   45.121701][   T21]  ? report_bug+0x18d/0x1c0
[   45.126347][   T21]  ? tick_nohz_tick_stopped+0x11/0x30
[   45.131741][   T21]  ? handle_bug+0x3c/0x60
[   45.136174][   T21]  ? exc_invalid_op+0x17/0x60
[   45.140937][   T21]  ? asm_exc_invalid_op+0x1a/0x20
[   45.145942][   T21]  ? usb_submit_urb+0x442/0x690
[   45.150960][   T21]  carl9170_usb_submit_cmd_urb+0x5a/0x90
[   45.156653][   T21]  carl9170_usb_disconnect+0x60/0x70
[   45.161930][   T21]  usb_unbind_interface+0x8c/0x270
[   45.167027][   T21]  device_release_driver_internal+0x1a0/0x210
[   45.173103][   T21]  usb_forced_unbind_intf+0x4c/0xa0
[   45.178818][   T21]  usb_reset_device+0xe3/0x270
[   45.183743][   T21]  carl9170_usb_probe+0x23/0x4b0
[   45.188654][   T21]  usb_probe_interface+0xe7/0x2c0
[   45.193665][   T21]  really_probe+0xb6/0x3c0
[   45.198056][   T21]  ? driver_probe_device+0x90/0x90
[   45.203165][   T21]  __driver_probe_device+0x73/0x150
[   45.208336][   T21]  driver_probe_device+0x1a/0x90
[   45.213258][   T21]  __device_attach_driver+0x75/0xf0
[   45.218428][   T21]  bus_for_each_drv+0x90/0xe0
[   45.223090][   T21]  __device_attach+0xaf/0x1b0
[   45.227740][   T21]  bus_probe_device+0x90/0xa0
[   45.232412][   T21]  device_add+0x6be/0x8d0
[   45.236903][   T21]  usb_set_configuration+0x687/0x9f0
[   45.242188][   T21]  ? preempt_count_add+0x42/0x90
[   45.247107][   T21]  ? kernfs_add_one+0x13a/0x170
[   45.251948][   T21]  usb_generic_driver_probe+0x53/0x90
[   45.257671][   T21]  usb_probe_device+0x33/0xf0
[   45.262350][   T21]  really_probe+0xb6/0x3c0
[   45.266832][   T21]  ? driver_probe_device+0x90/0x90
[   45.272219][   T21]  __driver_probe_device+0x73/0x150
[   45.277390][   T21]  driver_probe_device+0x1a/0x90
[   45.282324][   T21]  __device_attach_driver+0x75/0xf0
[   45.287587][   T21]  bus_for_each_drv+0x90/0xe0
[   45.292275][   T21]  __device_attach+0xaf/0x1b0
[   45.297100][   T21]  bus_probe_device+0x90/0xa0
[   45.301780][   T21]  device_add+0x6be/0x8d0
[   45.306087][   T21]  usb_new_device+0x2c5/0x650
[   45.310844][   T21]  hub_event+0x1318/0x1c70
[   45.315320][   T21]  process_one_work+0x2b1/0x580
[   45.320165][   T21]  worker_thread+0x4e/0x3a0
[   45.324744][   T21]  ? rescuer_thread+0x390/0x390
[   45.329781][   T21]  kthread+0xf2/0x120
[   45.333836][   T21]  ? kthread_complete_and_exit+0x20/0x20
[   45.339467][   T21]  ret_from_fork+0x2c/0x40
[   45.343858][   T21]  ? kthread_complete_and_exit+0x20/0x20
[   45.349484][   T21]  ret_from_fork_asm+0x11/0x20
[   45.354228][   T21]  </TASK>
[   45.357215][   T21] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   45.364573][   T21] CPU: 1 PID: 21 Comm: kworker/1:0 Not tainted 6.5.0-rc6-syzkaller #0
[   45.372688][   T21] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   45.382711][   T21] Workqueue: usb_hub_wq hub_event
[   45.387789][   T21] Call Trace:
[   45.391046][   T21]  <TASK>
[   45.393970][   T21]  dump_stack_lvl+0x3d/0x60
[   45.398461][   T21]  panic+0x2eb/0x320
[   45.402684][   T21]  ? usb_submit_urb+0x442/0x690
[   45.407502][   T21]  check_panic_on_warn+0x3b/0x50
[   45.412498][   T21]  __warn+0x8b/0x180
[   45.416369][   T21]  ? usb_submit_urb+0x442/0x690
[   45.421184][   T21]  report_bug+0x18d/0x1c0
[   45.425673][   T21]  ? tick_nohz_tick_stopped+0x11/0x30
[   45.431010][   T21]  handle_bug+0x3c/0x60
[   45.435131][   T21]  exc_invalid_op+0x17/0x60
[   45.439695][   T21]  asm_exc_invalid_op+0x1a/0x20
[   45.444509][   T21] RIP: 0010:usb_submit_urb+0x442/0x690
[   45.450019][   T21] Code: 48 89 54 24 10 44 89 44 24 0c e8 f9 b9 c8 ff 44 8b 44 24 0c 89 d9 48 c7 c7 a0 ef 70 83 48 8b 54 24 10 48 89 c6 e8 6e e6 15 ff <0f> 0b 41 80 fe 01 41 8b 4d 5c 0f 85 85 fd ff ff 89 cb 81 e3 86 03
[   45.470120][   T21] RSP: 0018:ffffc900002cf6f0 EFLAGS: 00010282
[   45.476326][   T21] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[   45.484284][   T21] RDX: 0000000000000002 RSI: ffffffff835e846b RDI: 00000000ffffffff
[   45.492316][   T21] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff83ab2960
[   45.500519][   T21] R10: ffffc900002cf590 R11: ffffffff83b929a8 R12: ffff8881151de800
[   45.508466][   T21] R13: ffff888109ab5a80 R14: 0000000000000002 R15: 00000000ffffff01
[   45.516586][   T21]  carl9170_usb_submit_cmd_urb+0x5a/0x90
[   45.522195][   T21]  carl9170_usb_disconnect+0x60/0x70
[   45.527544][   T21]  usb_unbind_interface+0x8c/0x270
[   45.532661][   T21]  device_release_driver_internal+0x1a0/0x210
[   45.539736][   T21]  usb_forced_unbind_intf+0x4c/0xa0
[   45.545021][   T21]  usb_reset_device+0xe3/0x270
[   45.549755][   T21]  carl9170_usb_probe+0x23/0x4b0
[   45.554757][   T21]  usb_probe_interface+0xe7/0x2c0
[   45.559833][   T21]  really_probe+0xb6/0x3c0
[   45.564231][   T21]  ? driver_probe_device+0x90/0x90
[   45.569390][   T21]  __driver_probe_device+0x73/0x150
[   45.574587][   T21]  driver_probe_device+0x1a/0x90
[   45.579487][   T21]  __device_attach_driver+0x75/0xf0
[   45.584776][   T21]  bus_for_each_drv+0x90/0xe0
[   45.589437][   T21]  __device_attach+0xaf/0x1b0
[   45.594174][   T21]  bus_probe_device+0x90/0xa0
[   45.598907][   T21]  device_add+0x6be/0x8d0
[   45.603385][   T21]  usb_set_configuration+0x687/0x9f0
[   45.608764][   T21]  ? preempt_count_add+0x42/0x90
[   45.613670][   T21]  ? kernfs_add_one+0x13a/0x170
[   45.618618][   T21]  usb_generic_driver_probe+0x53/0x90
[   45.624059][   T21]  usb_probe_device+0x33/0xf0
[   45.628746][   T21]  really_probe+0xb6/0x3c0
[   45.633158][   T21]  ? driver_probe_device+0x90/0x90
[   45.638335][   T21]  __driver_probe_device+0x73/0x150
[   45.643511][   T21]  driver_probe_device+0x1a/0x90
[   45.648416][   T21]  __device_attach_driver+0x75/0xf0
[   45.653599][   T21]  bus_for_each_drv+0x90/0xe0
[   45.658327][   T21]  __device_attach+0xaf/0x1b0
[   45.663161][   T21]  bus_probe_device+0x90/0xa0
[   45.667897][   T21]  device_add+0x6be/0x8d0
[   45.673412][   T21]  usb_new_device+0x2c5/0x650
[   45.678149][   T21]  hub_event+0x1318/0x1c70
[   45.682533][   T21]  process_one_work+0x2b1/0x580
[   45.687352][   T21]  worker_thread+0x4e/0x3a0
[   45.691819][   T21]  ? rescuer_thread+0x390/0x390
[   45.696635][   T21]  kthread+0xf2/0x120
[   45.700682][   T21]  ? kthread_complete_and_exit+0x20/0x20
[   45.706454][   T21]  ret_from_fork+0x2c/0x40
[   45.710926][   T21]  ? kthread_complete_and_exit+0x20/0x20
[   45.716578][   T21]  ret_from_fork_asm+0x11/0x20
[   45.721306][   T21]  </TASK>
[   45.724509][   T21] Kernel Offset: disabled
[   45.729618][   T21] Rebooting in 86400 seconds..