syzkaller login: [ 24.377921][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 24.377945][ T29] audit: type=1400 audit(1736155525.643:73): avc: denied { read } for pid=2909 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=400 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 24.408057][ T29] audit: type=1400 audit(1736155525.643:74): avc: denied { open } for pid=2909 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=400 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 24.886316][ T29] audit: type=1400 audit(1736155526.153:75): avc: denied { transition } for pid=2926 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 24.908605][ T29] audit: type=1400 audit(1736155526.153:76): avc: denied { noatsecure } for pid=2926 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 24.927900][ T29] audit: type=1400 audit(1736155526.163:77): avc: denied { write } for pid=2926 comm="sh" path="pipe:[1328]" dev="pipefs" ino=1328 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 24.950279][ T29] audit: type=1400 audit(1736155526.163:78): avc: denied { rlimitinh } for pid=2926 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 24.970098][ T29] audit: type=1400 audit(1736155526.163:79): avc: denied { siginh } for pid=2926 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 29.798793][ T2927] sshd (2927) used greatest stack depth: 23696 bytes left Warning: Permanently added '10.128.1.39' (ED25519) to the list of known hosts. executing program [ 38.907437][ T29] audit: type=1400 audit(1736155540.173:80): avc: denied { execmem } for pid=2942 comm="syz-executor412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.929752][ T29] audit: type=1400 audit(1736155540.183:81): avc: denied { read write } for pid=2943 comm="syz-executor412" name="raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 38.953664][ T29] audit: type=1400 audit(1736155540.183:82): avc: denied { open } for pid=2943 comm="syz-executor412" path="/dev/raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 38.977527][ T29] audit: type=1400 audit(1736155540.183:83): avc: denied { ioctl } for pid=2943 comm="syz-executor412" path="/dev/raw-gadget" dev="devtmpfs" ino=236 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 39.148665][ T9] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 39.310840][ T9] usb 1-1: config 1 interface 0 altsetting 245 endpoint 0x81 has invalid maxpacket 53698, setting to 64 [ 39.322131][ T9] usb 1-1: config 1 interface 0 altsetting 245 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 39.335159][ T9] usb 1-1: config 1 interface 0 has no altsetting 0 [ 39.343855][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=024d, bcdDevice= 0.40 [ 39.353064][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 39.361195][ T9] usb 1-1: Product: syz [ 39.365367][ T9] usb 1-1: Manufacturer: syz [ 39.370045][ T9] usb 1-1: SerialNumber: syz [ 39.378328][ T2943] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 39.590972][ T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input5 [ 39.988021][ T2829] ------------[ cut here ]------------ [ 39.993708][ T2829] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 40.000311][ T2829] WARNING: CPU: 0 PID: 2829 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 [ 40.009974][ T2829] Modules linked in: [ 40.013898][ T2829] CPU: 0 UID: 0 PID: 2829 Comm: acpid Not tainted 6.13.0-rc4-syzkaller-00080-gf1a2241778d9 #0 [ 40.024217][ T2829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 40.034373][ T2829] RIP: 0010:usb_submit_urb+0xe4b/0x1730 [ 40.040034][ T2829] Code: 84 3c 02 00 00 e8 25 e8 f1 fc 4c 89 ef e8 bd bc d5 fe 45 89 e0 89 e9 4c 89 f2 48 89 c6 48 c7 c7 60 c8 a1 87 e8 b6 e2 b5 fc 90 <0f> 0b 90 90 e9 e9 f8 ff ff e8 f7 e7 f1 fc 49 81 c4 b8 05 00 00 e9 [ 40.059742][ T2829] RSP: 0018:ffffc9000178f7f0 EFLAGS: 00010286 [ 40.065838][ T2829] RAX: 0000000000000000 RBX: ffff888111b22d00 RCX: ffffffff811f67f9 [ 40.073887][ T2829] RDX: ffff888116bb1d40 RSI: ffffffff811f6806 RDI: 0000000000000001 [ 40.081932][ T2829] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 40.089976][ T2829] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000003 [ 40.098034][ T2829] R13: ffff88810c6dd0a8 R14: ffff888104a81540 R15: ffff888111b22d7c [ 40.106183][ T2829] FS: 00007fc12fb99740(0000) GS:ffff8881f5800000(0000) knlGS:0000000000000000 [ 40.115240][ T2829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.121905][ T2829] CR2: 00007fe82122f010 CR3: 0000000116b56000 CR4: 00000000003506f0 [ 40.130005][ T2829] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.138101][ T2829] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.146146][ T2829] Call Trace: [ 40.149498][ T2829] <TASK> [ 40.152449][ T2829] ? __warn+0xea/0x3c0 [ 40.156557][ T2829] ? usb_submit_urb+0xe4b/0x1730 [ 40.161575][ T2829] ? report_bug+0x3c0/0x580 [ 40.166145][ T2829] ? handle_bug+0x54/0xa0 [ 40.170581][ T2829] ? exc_invalid_op+0x17/0x50 [ 40.175324][ T2829] ? asm_exc_invalid_op+0x1a/0x20 [ 40.180489][ T2829] ? __warn_printk+0x199/0x350 executing program [ 40.185308][ T2829] ? __warn_printk+0x1a6/0x350 [ 40.190160][ T2829] ? usb_submit_urb+0xe4b/0x1730 [ 40.192450][ T24] usb 1-1: USB disconnect, device number 2 [ 40.195150][ T2829] bcm5974_start_traffic+0xb8/0x180 [ 40.206286][ T2829] bcm5974_open+0xa2/0x180 [ 40.210847][ T2829] input_open_device+0x22c/0x390 [ 40.215852][ T2829] ? __pfx_bcm5974_open+0x10/0x10 [ 40.221030][ T2829] evdev_open+0x52d/0x690 [ 40.225447][ T2829] ? __pfx_evdev_open+0x10/0x10 [ 40.230424][ T2829] chrdev_open+0x237/0x6a0 [ 40.234926][ T2829] ? __pfx_chrdev_open+0x10/0x10 [ 40.239998][ T2829] ? lockref_get+0x15/0x50 [ 40.244493][ T2829] do_dentry_open+0x6cb/0x1390 [ 40.249342][ T2829] ? __pfx_chrdev_open+0x10/0x10 [ 40.254353][ T2829] ? inode_permission+0xdd/0x5f0 [ 40.259385][ T2829] vfs_open+0x82/0x3f0 [ 40.263528][ T2829] ? may_open+0x1f2/0x400 [ 40.267894][ T2829] path_openat+0x1e6a/0x2d60 [ 40.272595][ T2829] ? __pfx_path_openat+0x10/0x10 [ 40.277600][ T2829] ? __pfx___lock_acquire+0x10/0x10 [ 40.282901][ T2829] ? lock_acquire.part.0+0x11b/0x380 [ 40.288261][ T2829] ? find_held_lock+0x2d/0x110 [ 40.293140][ T2829] do_filp_open+0x20c/0x470 [ 40.297826][ T2829] ? __pfx_do_filp_open+0x10/0x10 [ 40.302946][ T2829] ? find_held_lock+0x2d/0x110 [ 40.307817][ T2829] ? alloc_fd+0x41f/0x760 [ 40.312279][ T2829] do_sys_openat2+0x17a/0x1e0 [ 40.317043][ T2829] ? __pfx_do_sys_openat2+0x10/0x10 [ 40.322759][ T2829] ? sigprocmask+0xf0/0x330 [ 40.327320][ T2829] ? __might_fault+0xe3/0x190 [ 40.332093][ T2829] __x64_sys_openat+0x175/0x210 [ 40.336996][ T2829] ? __pfx___x64_sys_openat+0x10/0x10 [ 40.342465][ T2829] ? ksys_read+0x1ba/0x250 [ 40.346950][ T2829] do_syscall_64+0xcd/0x250 [ 40.351547][ T2829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 40.357510][ T2829] RIP: 0033:0x7fc12fc639a4 [ 40.362041][ T2829] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 40.381744][ T2829] RSP: 002b:00007ffc009fee70 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 40.390324][ T2829] RAX: ffffffffffffffda RBX: 00007ffc009ff158 RCX: 00007fc12fc639a4 [ 40.398397][ T2829] RDX: 0000000000080800 RSI: 00007ffc009ff058 RDI: 00000000ffffff9c [ 40.406483][ T2829] RBP: 00007ffc009ff058 R08: 00000000000000f4 R09: 00007ffc009ff058 [ 40.414539][ T2829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080800 [ 40.422580][ T2829] R13: 0000000000000020 R14: 00007ffc009ff158 R15: 00007ffc009ff058 [ 40.430644][ T2829] </TASK> [ 40.433707][ T2829] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 40.440997][ T2829] CPU: 0 UID: 0 PID: 2829 Comm: acpid Not tainted 6.13.0-rc4-syzkaller-00080-gf1a2241778d9 #0 [ 40.451255][ T2829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 40.461327][ T2829] Call Trace: [ 40.464639][ T2829] <TASK> [ 40.467593][ T2829] dump_stack_lvl+0x3d/0x1f0 [ 40.472228][ T2829] panic+0x71d/0x800 [ 40.476214][ T2829] ? __pfx_panic+0x10/0x10 [ 40.480667][ T2829] ? show_trace_log_lvl+0x29d/0x3d0 [ 40.485926][ T2829] ? check_panic_on_warn+0x1f/0xb0 [ 40.491070][ T2829] ? usb_submit_urb+0xe4b/0x1730 [ 40.496116][ T2829] check_panic_on_warn+0xab/0xb0 [ 40.501095][ T2829] __warn+0xf6/0x3c0 [ 40.505013][ T2829] ? usb_submit_urb+0xe4b/0x1730 [ 40.509969][ T2829] report_bug+0x3c0/0x580 [ 40.514328][ T2829] handle_bug+0x54/0xa0 [ 40.518518][ T2829] exc_invalid_op+0x17/0x50 [ 40.523045][ T2829] asm_exc_invalid_op+0x1a/0x20 [ 40.527942][ T2829] RIP: 0010:usb_submit_urb+0xe4b/0x1730 [ 40.533504][ T2829] Code: 84 3c 02 00 00 e8 25 e8 f1 fc 4c 89 ef e8 bd bc d5 fe 45 89 e0 89 e9 4c 89 f2 48 89 c6 48 c7 c7 60 c8 a1 87 e8 b6 e2 b5 fc 90 <0f> 0b 90 90 e9 e9 f8 ff ff e8 f7 e7 f1 fc 49 81 c4 b8 05 00 00 e9 [ 40.553134][ T2829] RSP: 0018:ffffc9000178f7f0 EFLAGS: 00010286 [ 40.559231][ T2829] RAX: 0000000000000000 RBX: ffff888111b22d00 RCX: ffffffff811f67f9 [ 40.567220][ T2829] RDX: ffff888116bb1d40 RSI: ffffffff811f6806 RDI: 0000000000000001 [ 40.575207][ T2829] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 40.583191][ T2829] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000003 [ 40.591261][ T2829] R13: ffff88810c6dd0a8 R14: ffff888104a81540 R15: ffff888111b22d7c [ 40.599257][ T2829] ? __warn_printk+0x199/0x350 [ 40.604043][ T2829] ? __warn_printk+0x1a6/0x350 [ 40.608843][ T2829] bcm5974_start_traffic+0xb8/0x180 [ 40.614086][ T2829] bcm5974_open+0xa2/0x180 [ 40.618535][ T2829] input_open_device+0x22c/0x390 [ 40.623489][ T2829] ? __pfx_bcm5974_open+0x10/0x10 [ 40.628588][ T2829] evdev_open+0x52d/0x690 [ 40.632963][ T2829] ? __pfx_evdev_open+0x10/0x10 [ 40.637833][ T2829] chrdev_open+0x237/0x6a0 [ 40.642275][ T2829] ? __pfx_chrdev_open+0x10/0x10 [ 40.647267][ T2829] ? lockref_get+0x15/0x50 [ 40.651716][ T2829] do_dentry_open+0x6cb/0x1390 [ 40.656515][ T2829] ? __pfx_chrdev_open+0x10/0x10 [ 40.661488][ T2829] ? inode_permission+0xdd/0x5f0 [ 40.666445][ T2829] vfs_open+0x82/0x3f0 [ 40.670560][ T2829] ? may_open+0x1f2/0x400 [ 40.674915][ T2829] path_openat+0x1e6a/0x2d60 [ 40.679539][ T2829] ? __pfx_path_openat+0x10/0x10 [ 40.684500][ T2829] ? __pfx___lock_acquire+0x10/0x10 [ 40.689751][ T2829] ? lock_acquire.part.0+0x11b/0x380 [ 40.695060][ T2829] ? find_held_lock+0x2d/0x110 [ 40.699857][ T2829] do_filp_open+0x20c/0x470 [ 40.704383][ T2829] ? __pfx_do_filp_open+0x10/0x10 [ 40.709450][ T2829] ? find_held_lock+0x2d/0x110 [ 40.714263][ T2829] ? alloc_fd+0x41f/0x760 [ 40.718633][ T2829] do_sys_openat2+0x17a/0x1e0 [ 40.723370][ T2829] ? __pfx_do_sys_openat2+0x10/0x10 [ 40.728601][ T2829] ? sigprocmask+0xf0/0x330 [ 40.733130][ T2829] ? __might_fault+0xe3/0x190 [ 40.737837][ T2829] __x64_sys_openat+0x175/0x210 [ 40.742714][ T2829] ? __pfx___x64_sys_openat+0x10/0x10 [ 40.748116][ T2829] ? ksys_read+0x1ba/0x250 [ 40.752660][ T2829] do_syscall_64+0xcd/0x250 [ 40.757244][ T2829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 40.763241][ T2829] RIP: 0033:0x7fc12fc639a4 [ 40.767698][ T2829] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 40.787385][ T2829] RSP: 002b:00007ffc009fee70 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 40.795834][ T2829] RAX: ffffffffffffffda RBX: 00007ffc009ff158 RCX: 00007fc12fc639a4 [ 40.803934][ T2829] RDX: 0000000000080800 RSI: 00007ffc009ff058 RDI: 00000000ffffff9c [ 40.811935][ T2829] RBP: 00007ffc009ff058 R08: 00000000000000f4 R09: 00007ffc009ff058 [ 40.819928][ T2829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080800 [ 40.827911][ T2829] R13: 0000000000000020 R14: 00007ffc009ff158 R15: 00007ffc009ff058 [ 40.835917][ T2829] </TASK> [ 40.839286][ T2829] Kernel Offset: disabled [ 40.843665][ T2829] Rebooting in 86400 seconds..