Warning: Permanently added '[localhost]:38473' (ED25519) to the list of known hosts. 2025/05/02 08:27:30 ignoring optional flag "sandboxArg"="0" 2025/05/02 08:27:30 ignoring optional flag "type"="qemu" 2025/05/02 08:27:30 parsed 1 programs [ 69.712727][ T40] audit: type=1400 audit(1746174450.876:132): avc: denied { getattr } for pid=6041 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 69.722778][ T40] audit: type=1400 audit(1746174450.876:133): avc: denied { read } for pid=6041 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 69.731948][ T40] audit: type=1400 audit(1746174450.876:134): avc: denied { open } for pid=6041 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 69.819640][ T40] audit: type=1400 audit(1746174450.986:135): avc: denied { unlink } for pid=6047 comm="syz-executor" name="swap-file" dev="sda1" ino=1931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 71.552859][ T6047] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2025/05/02 08:27:32 executed programs: 0 [ 71.646238][ T67] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.666711][ T67] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.673633][ T67] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.679448][ T67] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.683860][ T67] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.696973][ T40] audit: type=1400 audit(1746174452.856:136): avc: denied { mounton } for pid=6068 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 71.869354][ T6068] chnl_net:caif_netlink_parms(): no params data found [ 71.979852][ T6068] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.983097][ T6068] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.985955][ T6068] bridge_slave_0: entered allmulticast mode [ 71.990055][ T6068] bridge_slave_0: entered promiscuous mode [ 71.995435][ T6068] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.000121][ T6068] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.003341][ T6068] bridge_slave_1: entered allmulticast mode [ 72.007241][ T6068] bridge_slave_1: entered promiscuous mode [ 72.064964][ T6068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.071495][ T6068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.120299][ T6068] team0: Port device team_slave_0 added [ 72.125185][ T6068] team0: Port device team_slave_1 added [ 72.159491][ T6068] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.161917][ T6068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.173133][ T6068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.179416][ T6068] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.182503][ T6068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.194338][ T6068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.245598][ T6068] hsr_slave_0: entered promiscuous mode [ 72.247983][ T6068] hsr_slave_1: entered promiscuous mode [ 72.821076][ T6068] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 72.826134][ T6068] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 72.830751][ T6068] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 72.835087][ T6068] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 72.851928][ T6068] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.854249][ T6068] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.856746][ T6068] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.859018][ T6068] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.890903][ T6068] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.901285][ T1261] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.904416][ T1261] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.917153][ T6068] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.925054][ T1261] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.927369][ T1261] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.935339][ T96] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.938344][ T96] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.060035][ T6068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.103295][ T6068] veth0_vlan: entered promiscuous mode [ 73.111771][ T6068] veth1_vlan: entered promiscuous mode [ 73.129676][ T6068] veth0_macvtap: entered promiscuous mode [ 73.135875][ T6068] veth1_macvtap: entered promiscuous mode [ 73.153585][ T6068] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.167698][ T6068] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.174636][ T6068] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.178505][ T6068] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.182105][ T6068] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.185400][ T6068] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.359307][ T1261] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.392798][ T1261] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.423767][ T96] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.427934][ T96] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.528563][ T40] audit: type=1400 audit(1746174454.696:137): avc: denied { mounton } for pid=6140 comm="syz-executor.0" path="/syzkaller-testdir4257143175/syzkaller.UUdb1x/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 73.530527][ T6142] jffs2: notice: (6142) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found. [ 73.552375][ T40] audit: type=1400 audit(1746174454.726:138): avc: denied { mount } for pid=6140 comm="syz-executor.0" name="/" dev="jffs2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 73.574649][ T40] audit: type=1400 audit(1746174454.736:139): avc: denied { write } for pid=6140 comm="syz-executor.0" name="/" dev="jffs2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 73.589314][ T40] audit: type=1400 audit(1746174454.736:140): avc: denied { setattr } for pid=6140 comm="syz-executor.0" name="/" dev="jffs2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 73.597166][ T6068] ------------[ cut here ]------------ [ 73.601761][ T40] audit: type=1400 audit(1746174454.746:141): avc: denied { unmount } for pid=6068 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 73.619509][ T6068] kernel BUG at fs/jffs2/nodelist.c:462! [ 73.631883][ T6068] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 73.683480][ T6068] CPU: 1 UID: 0 PID: 6068 Comm: syz-executor.0 Not tainted 6.15.0-rc4-syzkaller-gebd297a2affa #0 PREEMPT(full) [ 73.687432][ T6068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.692360][ T6068] RIP: 0010:jffs2_del_ino_cache+0x24f/0x2c0 [ 73.694912][ T6068] Code: 4c 89 e2 49 8b 5e 18 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 71 49 89 1c 24 e9 42 ff ff ff e8 62 92 a5 fe 90 <0f> 0b e8 9a 0d 0b ff e9 5b fe ff ff e8 60 0d 0b ff e9 59 ff ff ff [ 73.718946][ T6068] RSP: 0018:ffffc900033c7af8 EFLAGS: 00010293 [ 73.721548][ T6068] RAX: 0000000000000000 RBX: ffff88804311e000 RCX: 0000000000000000 [ 73.724977][ T6068] RDX: ffff88803102c880 RSI: ffffffff8315a08e RDI: ffff888024fa9020 [ 73.741420][ T6068] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffed1008623c6d [ 73.749570][ T6068] R10: ffff88804311e36b R11: 0000000000000000 R12: ffff888038948000 [ 73.753031][ T6068] R13: dffffc0000000000 R14: ffff888024fa9000 R15: ffff8880389480b8 [ 73.774189][ T6068] FS: 000055557a7dc480(0000) GS:ffff8880d6ae2000(0000) knlGS:0000000000000000 [ 73.777863][ T6068] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.781180][ T6068] CR2: 000055557a7e5938 CR3: 0000000028e27000 CR4: 0000000000352ef0 [ 73.784315][ T5285] Bluetooth: hci0: command tx timeout [ 73.801336][ T6068] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.801356][ T6068] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.801366][ T6068] Call Trace: [ 73.801374][ T6068] [ 73.801383][ T6068] jffs2_do_clear_inode+0x3c0/0x470 [ 73.801406][ T6068] ? __pfx_jffs2_evict_inode+0x10/0x10 [ 73.801423][ T6068] evict+0x3e3/0x920 [ 73.801442][ T6068] ? __pfx_evict+0x10/0x10 [ 73.801460][ T6068] ? find_held_lock+0x2b/0x80 [ 73.801477][ T6068] ? find_held_lock+0x2b/0x80 [ 73.801496][ T6068] dispose_list+0x117/0x1e0 [ 73.801515][ T6068] evict_inodes+0x398/0x4a0 [ 73.801532][ T6068] ? __pfx_evict_inodes+0x10/0x10 [ 73.801551][ T6068] ? sync_blockdev+0x51/0x70 [ 73.801570][ T6068] generic_shutdown_super+0xb2/0x390 [ 73.801589][ T6068] kill_mtd_super+0x1d/0x80 [ 73.801613][ T6068] jffs2_kill_sb+0x7c/0xb0 [ 73.801630][ T6068] deactivate_locked_super+0xbe/0x1a0 [ 73.801652][ T6068] deactivate_super+0xde/0x100 [ 73.801672][ T6068] cleanup_mnt+0x225/0x450 [ 73.801695][ T6068] task_work_run+0x14d/0x240 [ 73.801711][ T6068] ? __pfx_task_work_run+0x10/0x10 [ 73.801726][ T6068] ? __pfx___x64_sys_umount+0x10/0x10 [ 73.801753][ T6068] syscall_exit_to_user_mode+0x27b/0x2a0 [ 73.801830][ T6068] do_syscall_64+0xda/0x260 [ 73.801849][ T6068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.801867][ T6068] RIP: 0033:0x7fa778e7f117 [ 73.801880][ T6068] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 73.801894][ T6068] RSP: 002b:00007fffaf0fa058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 73.801914][ T6068] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa778e7f117 [ 73.801924][ T6068] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00007fffaf0fa110 [ 73.801934][ T6068] RBP: 00007fffaf0fa110 R08: 0000000000000000 R09: 0000000000000000 [ 73.801943][ T6068] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffaf0fb1d0 [ 73.801952][ T6068] R13: 00007fa778ec93b9 R14: 0000000000011eb3 R15: 0000000000000003 [ 73.801965][ T6068] [ 73.801972][ T6068] Modules linked in: [ 73.802226][ T6068] ---[ end trace 0000000000000000 ]--- [ 73.803199][ T6068] RIP: 0010:jffs2_del_ino_cache+0x24f/0x2c0 [ 73.803226][ T6068] Code: 4c 89 e2 49 8b 5e 18 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 71 49 89 1c 24 e9 42 ff ff ff e8 62 92 a5 fe 90 <0f> 0b e8 9a 0d 0b ff e9 5b fe ff ff e8 60 0d 0b ff e9 59 ff ff ff [ 73.803242][ T6068] RSP: 0018:ffffc900033c7af8 EFLAGS: 00010293 [ 73.803256][ T6068] RAX: 0000000000000000 RBX: ffff88804311e000 RCX: 0000000000000000 [ 73.803266][ T6068] RDX: ffff88803102c880 RSI: ffffffff8315a08e RDI: ffff888024fa9020 [ 73.803277][ T6068] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffed1008623c6d [ 73.803285][ T6068] R10: ffff88804311e36b R11: 0000000000000000 R12: ffff888038948000 [ 73.803295][ T6068] R13: dffffc0000000000 R14: ffff888024fa9000 R15: ffff8880389480b8 [ 73.803306][ T6068] FS: 000055557a7dc480(0000) GS:ffff8880d6ae2000(0000) knlGS:0000000000000000 [ 73.803339][ T6068] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.803351][ T6068] CR2: 000055557a7e5938 CR3: 0000000028e27000 CR4: 0000000000352ef0 [ 73.803360][ T6068] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.803371][ T6068] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.803382][ T6068] Kernel panic - not syncing: Fatal exception [ 73.824236][ T6068] Kernel Offset: disabled