Warning: Permanently added '10.128.10.40' (ECDSA) to the list of known hosts. 2022/07/08 16:08:13 parsed 1 programs [ 66.631656][ T27] audit: type=1400 audit(1657296493.447:188): avc: denied { mounton } for pid=4031 comm="syz-executor" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 66.642562][ T4031] cgroup: Unknown subsys name 'net' [ 66.664001][ T4031] cgroup: Unknown subsys name 'rlimit' 2022/07/08 16:08:13 executed programs: 0 [ 66.672400][ T27] audit: type=1400 audit(1657296493.487:189): avc: denied { mounton } for pid=4031 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 66.698572][ T27] audit: type=1400 audit(1657296493.497:190): avc: denied { mount } for pid=4031 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 66.723744][ T27] audit: type=1400 audit(1657296493.497:191): avc: denied { create } for pid=4031 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 66.746271][ T27] audit: type=1400 audit(1657296493.497:192): avc: denied { write } for pid=4031 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 66.767932][ T27] audit: type=1400 audit(1657296493.497:193): avc: denied { read } for pid=4031 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 66.788749][ T27] audit: type=1400 audit(1657296493.527:194): avc: denied { read } for pid=3182 comm="dhcpcd" name="n79" dev="tmpfs" ino=1536 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 66.810969][ T27] audit: type=1400 audit(1657296493.527:195): avc: denied { open } for pid=3182 comm="dhcpcd" path="/run/udev/data/n79" dev="tmpfs" ino=1536 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 66.834085][ T27] audit: type=1400 audit(1657296493.527:196): avc: denied { getattr } for pid=3182 comm="dhcpcd" path="/run/udev/data/n79" dev="tmpfs" ino=1536 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 66.857999][ T27] audit: type=1400 audit(1657296493.587:197): avc: denied { create } for pid=4038 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 69.920141][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 71.203087][ T6] cfg80211: failed to load regulatory.db [ 74.080055][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 76.171501][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 76.171511][ T27] audit: type=1400 audit(1657296502.987:202): avc: denied { ioctl } for pid=4067 comm="syz-executor.0" path="socket:[29735]" dev="sockfs" ino=29735 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 76.172612][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.212088][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.220099][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.229413][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.237281][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.244871][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.259352][ T27] audit: type=1400 audit(1657296503.067:203): avc: denied { read } for pid=4067 comm="syz-executor.0" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 76.281597][ T27] audit: type=1400 audit(1657296503.067:204): avc: denied { open } for pid=4067 comm="syz-executor.0" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 76.306589][ T27] audit: type=1400 audit(1657296503.067:205): avc: denied { mounton } for pid=4067 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 76.343589][ T4067] chnl_net:caif_netlink_parms(): no params data found [ 76.382958][ T4067] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.391607][ T4067] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.399336][ T4067] device bridge_slave_0 entered promiscuous mode [ 76.407636][ T4067] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.415025][ T4067] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.422899][ T4067] device bridge_slave_1 entered promiscuous mode [ 76.442946][ T4067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.453967][ T4067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.478198][ T4067] team0: Port device team_slave_0 added [ 76.485621][ T4067] team0: Port device team_slave_1 added [ 76.505598][ T4067] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.512724][ T4067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.539014][ T4067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.551339][ T4067] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.558479][ T4067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.585136][ T4067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.610737][ T4067] device hsr_slave_0 entered promiscuous mode [ 76.619214][ T4067] device hsr_slave_1 entered promiscuous mode [ 76.678309][ T4067] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.685616][ T4067] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.693064][ T4067] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.700545][ T4067] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.738747][ T4067] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.749744][ T3602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.759649][ T3602] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.768097][ T3602] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.776586][ T3602] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 76.790403][ T4067] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.801226][ T3676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.810280][ T3676] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.817460][ T3676] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.828895][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 76.838782][ T3603] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.845904][ T3603] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.869709][ T4067] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 76.880916][ T4067] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.893704][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 76.904402][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 76.913040][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 76.921631][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 76.931457][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 76.939148][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 76.957348][ T4067] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.965965][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 76.974175][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 77.130420][ T3676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 77.144105][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 77.153278][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 77.161792][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 77.171840][ T4067] device veth0_vlan entered promiscuous mode [ 77.183142][ T4067] device veth1_vlan entered promiscuous mode [ 77.199718][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 77.208212][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 77.216453][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 77.226631][ T4067] device veth0_macvtap entered promiscuous mode [ 77.236870][ T4067] device veth1_macvtap entered promiscuous mode [ 77.252079][ T4067] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.263245][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.272277][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 77.283950][ T4067] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.292095][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.343587][ T976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.352145][ T976] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.364323][ T3676] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.384422][ T976] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.392751][ T976] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.404110][ T3676] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.412986][ T27] audit: type=1400 audit(1657296504.227:206): avc: denied { mounton } for pid=4067 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=2313 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 77.464611][ T27] audit: type=1400 audit(1657296504.277:207): avc: denied { ioctl } for pid=4085 comm="syz-executor.0" path="/dev/raw-gadget" dev="devtmpfs" ino=730 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 77.730135][ T6] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 78.031159][ T6] usb 1-1: too many configurations: 186, using maximum allowed: 8 [ 78.331137][ T3602] Bluetooth: hci0: command 0x0409 tx timeout [ 78.950071][ T6] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 78.959383][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.967894][ T6] usb 1-1: Product: syz [ 78.972362][ T6] usb 1-1: Manufacturer: syz [ 78.976978][ T6] usb 1-1: SerialNumber: syz [ 79.033596][ T6] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 79.730787][ T6] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 80.142466][ C0] divide error: 0000 [#1] PREEMPT SMP KASAN [ 80.149219][ C0] CPU: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 5.19.0-rc5-syzkaller #0 [ 80.157693][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 80.167729][ C0] RIP: 0010:ath9k_htc_swba+0x18b/0xb10 [ 80.173256][ C0] Code: c0 40 84 c6 0f 85 b1 08 00 00 48 8b 55 00 0f b7 c9 bd 01 00 00 00 48 0f ca 48 89 d0 c1 ea 0a 48 c1 e8 20 c1 e0 16 09 d0 31 d2 f1 8d 04 12 31 d2 f7 f1 29 c5 48 8d 83 b0 03 00 00 48 89 c7 48 [ 80.193025][ C0] RSP: 0018:ffffc9000035fcb0 EFLAGS: 00010246 [ 80.199064][ C0] RAX: 0000000000000000 RBX: ffff88806fa13340 RCX: 0000000000000000 [ 80.207099][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 80.215130][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000001 [ 80.223157][ C0] R10: ffffed1002bec63e R11: 0000000000000001 R12: 0000000000000000 [ 80.231101][ C0] R13: 0000000000001002 R14: ffff88806fa13340 R15: ffff88807919fe40 [ 80.239057][ C0] FS: 0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 80.248756][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.255416][ C0] CR2: 0000000020001038 CR3: 00000000720bd000 CR4: 00000000003506f0 [ 80.263378][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.271333][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.279461][ C0] Call Trace: [ 80.282724][ C0] [ 80.285648][ C0] ? ath9k_wmi_event_tasklet+0x156/0x430 [ 80.291263][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 80.296176][ C0] ? ath9k_htc_beaconep+0x10/0x10 [ 80.301171][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 80.307127][ C0] ? lockdep_hardirqs_on_prepare+0x17b/0x400 [ 80.313177][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 80.318955][ C0] ath9k_wmi_event_tasklet+0x2c2/0x430 [ 80.324505][ C0] tasklet_action_common.constprop.0+0x201/0x2e0 [ 80.331164][ C0] __do_softirq+0x29b/0x9c2 [ 80.335651][ C0] ? __irq_exit_rcu+0x180/0x180 [ 80.340473][ C0] ? smpboot_thread_fn+0x66/0x8c0 [ 80.345476][ C0] run_ksoftirqd+0x2d/0x60 [ 80.349897][ C0] smpboot_thread_fn+0x548/0x8c0 [ 80.354930][ C0] ? sort_range+0x20/0x20 [ 80.359253][ C0] kthread+0x299/0x340 [ 80.363301][ C0] ? kthread_complete_and_exit+0x20/0x20 [ 80.368911][ C0] ret_from_fork+0x1f/0x30 [ 80.373321][ C0] [ 80.377029][ C0] Modules linked in: [ 80.381056][ C0] ---[ end trace 0000000000000000 ]--- [ 80.386682][ C0] RIP: 0010:ath9k_htc_swba+0x18b/0xb10 [ 80.392150][ C0] Code: c0 40 84 c6 0f 85 b1 08 00 00 48 8b 55 00 0f b7 c9 bd 01 00 00 00 48 0f ca 48 89 d0 c1 ea 0a 48 c1 e8 20 c1 e0 16 09 d0 31 d2 f1 8d 04 12 31 d2 f7 f1 29 c5 48 8d 83 b0 03 00 00 48 89 c7 48 [ 80.411837][ T26] Bluetooth: hci0: command 0x041b tx timeout [ 80.417806][ C0] RSP: 0018:ffffc9000035fcb0 EFLAGS: 00010246 [ 80.423883][ C0] RAX: 0000000000000000 RBX: ffff88806fa13340 RCX: 0000000000000000 [ 80.432038][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 80.440117][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000001 [ 80.448091][ C0] R10: ffffed1002bec63e R11: 0000000000000001 R12: 0000000000000000 [ 80.456438][ C0] R13: 0000000000001002 R14: ffff88806fa13340 R15: ffff88807919fe40 [ 80.469455][ C0] FS: 0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 80.478631][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.485239][ C0] CR2: 0000000020001038 CR3: 00000000720bd000 CR4: 00000000003506f0 [ 80.493231][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.501211][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.509597][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 80.517131][ C0] Kernel Offset: disabled [ 80.521509][ C0] Rebooting in 86400 seconds..