last executing test programs: 15.942617539s ago: executing program 3 (id=1683): bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x9d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000100)={0xfff, 0x0}, 0x8) r3 = socket(0x11, 0x800000003, 0x0) r4 = socket(0x10, 0x3, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r9 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r9, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r9, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10) sendto$inet(r9, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0xfff0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x5b, 0x2, {{0x2, [], 0x0, [0x4, 0x2], [0x0, 0x4]}, [@TCA_MQPRIO_MODE={0x6, 0x4}]}}}]}, 0x90}}, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000010000000000000000000000950000000000000046682d562c31aa909594c57a164463536e83a7f6ac12a8b52f", @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040ac052a0200000000000109022400010000000009040000010300020009210000f6012200000905"], 0x0) 12.556550348s ago: executing program 4 (id=1692): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="fb00000002b1cd4b52000000020000000000009f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x6, 0x4, 0x9, 0xfb, 0x8, 0x501}, 0xc) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) pipe2$watch_queue(&(0x7f0000001180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r9 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe) keyctl$KEYCTL_WATCH_KEY(0x20, r9, r7, 0x0) pipe2$watch_queue(&(0x7f0000000380), 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r9, r8, 0xffffffffffffffff) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x9, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x400000}, 0x1c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp6=r2}, 0x20) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000100), 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 11.689166451s ago: executing program 4 (id=1694): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="fb00000002b1cd4b52000000020000000000009f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0) pipe2$watch_queue(&(0x7f0000000380), 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp6=r2}, 0x20) close_range(r0, 0xffffffffffffffff, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c00000002060104000000000000000000000000050004000000090005000100060000000d000300686173683a6d6163000000000500050000000000140007800800124000050000050015000c000000090002"], 0x5c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 11.31617528s ago: executing program 3 (id=1696): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010bd28710000000000000109022400010000000009040100010300000009210200000122050009058103"], 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) get_robust_list(0xffffffffffffffff, &(0x7f0000000280)=&(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)}}, &(0x7f0000000300)=0x18) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, {0x0, 0x0, 0x10000}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010101, 0x4d5, 0x32}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) shutdown(r2, 0x1) sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$int_in(r4, 0x5421, 0x0) r5 = dup(r4) setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000002980)={0x8, 0x0, [{0x14000, 0xa, &(0x7f0000000340)=""/10}, {0xf000, 0x53, &(0x7f0000000400)=""/83}, {0x8080000, 0x1000, &(0x7f0000000980)=""/4096}, {0x8000000, 0x1000, &(0x7f0000001980)=""/4096}, {0xeeee8000, 0xf3, &(0x7f00000004c0)=""/243}, {0x3000, 0xe3, &(0x7f00000005c0)=""/227}, {0x1000, 0xd3, &(0x7f0000000740)=""/211}, {0x4, 0x89, &(0x7f0000000840)=""/137}]}) 10.786987774s ago: executing program 4 (id=1697): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) timerfd_create(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x4089, 0x80}, &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r3, 0x0, &(0x7f0000000100), 0x0, 0x2, 0x1}) io_uring_enter(r3, 0x47f6, 0xb277, 0x0, 0x0, 0x0) 9.754229547s ago: executing program 0 (id=1699): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADDDEF(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6(0xa, 0x6, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0x1, &(0x7f00000000c0)=0x9, 0x3f) r2 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r2, &(0x7f0000000000)={0x18, 0x2, {0x0, @loopback}}, 0x1e) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="5300000002"], 0x8) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) syz_io_uring_setup(0x235, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x2}, 0x0, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) socket(0x1a, 0x3, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 9.512867287s ago: executing program 0 (id=1700): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) 8.754776039s ago: executing program 0 (id=1701): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000240)=ANY=[@ANYBLOB="20050500002266c523d10036652c53d36d5a1a2afd6f1286b7db9d9bb4a89fe2355e258b6edd1861dbd9334f02a9f594ca8bace181bc1be90e75b065d2a01817fd6ceb14de67e056db7ade5f030a3f9b8962396385c0580d42c67dc8c9edb7ffb036f8e732000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) 8.608681414s ago: executing program 2 (id=1702): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x28031, 0xffffffffffffffff, 0x8000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = socket$kcm(0x29, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, 0x0) (fail_nth: 2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$SNDCTL_DSP_GETISPACE(0xffffffffffffffff, 0xc0045003, &(0x7f0000001100)) socket$nl_route(0x10, 0x3, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000140)=0x1ffffe, 0x4, 0x2) 7.806339106s ago: executing program 3 (id=1703): ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000040)={0x1, 0x3, 0x1}) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) sched_setscheduler(r0, 0x6, 0x0) syz_clone(0x80000600, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa150835f7519d5f73b4f5d80eb4881a5b98cb9fb96d225d602392f816d0bdcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r1, &(0x7f0000000240)="c4", 0xfdef, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c) r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) r3 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x2, 0x2de}, &(0x7f0000000100), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_NAPI(r3, 0x1b, 0x0, 0x1) execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 7.62269938s ago: executing program 1 (id=1704): socket$netlink(0x10, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x41000000}], 0x0) 7.595065629s ago: executing program 2 (id=1705): gettid() mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780"], 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r7 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r7, &(0x7f0000000140), 0x4924b68, 0x0) close(r6) open(&(0x7f0000000000)='.\x00', 0x800, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) 7.54961085s ago: executing program 3 (id=1706): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000240)=@assoc_value, &(0x7f0000000080)=0x8) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2, 0x0, @void, @value}, 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="00000000f507843f344cfe4496554402dc2180dc48b141fffae5f385ed3dd4f23fbb2bdb80d09dc498ed330fe14ce98f84b380bed836d27ed44e1a3b064a4fdf47d70ddfc5d6fdf2534efde7c53733e59deb7d51d79c8c4e63d90dc4e9596d65f9483a63364332359dc92bd2589f288b8cbb06c6340d196732421e99a35520c08da41ced30b21aff6079352b082758618f43018c710be3f4fa6773a9763a185c23e1c9107d8002431f1285276a4f71da5e692a77c8519a448e6b9b67b9d2f4e19fd5f5354cb700b22fb6ede47aef42c0fec06802b35a", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r5, 0x2, 0x1, 0x12, &(0x7f0000000280)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) 6.58647322s ago: executing program 2 (id=1707): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="fb00000002b1cd4b52000000020000000000009f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0) pipe2$watch_queue(&(0x7f0000000380), 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp6=r2}, 0x20) close_range(r0, 0xffffffffffffffff, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c00000002060104000000000000000000000000050004000000090005000100060000000d000300686173683a6d6163000000000500050000000000140007800800124000050000050015000c000000090002"], 0x5c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 6.564748397s ago: executing program 3 (id=1708): socket$tipc(0x1e, 0x2, 0x0) socket$tipc(0x1e, 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x101, 0x0) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="010000000000000000001000000018000180140002"], 0x34}}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000540)='kmem_cache_free\x00', r6}, 0x18) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca7193"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) ppoll(&(0x7f0000000500), 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) sendto$inet6(r2, &(0x7f0000000480)='&', 0x1, 0x0, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000380)=@gcm_256={{0x304}, "480ca6eda49ed6a6", "3a2cc8b276a753b0e23e2a8436b0e1d53d11b70c57abe2e932240e766d3aebfd", '\x00\x00\t\x00', "e96e232f2004a832"}, 0x38) syz_open_dev$tty1(0xc, 0x4, 0x1) pselect6(0x40, &(0x7f0000000600)={0x11, 0xfffffffffffffffc, 0x2, 0x0, 0xfffffffffffffffe, 0x0, 0x4, 0x8}, 0x0, &(0x7f0000000680)={0x7fc, 0x2, 0x800000, 0x0, 0x0, 0xc3ad}, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600)={0x6, 0x0, 0x0, 0x40, 0x2, 0xd, 0x0, 0x7}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x9, 0x7, 0x7, 0x0, 0x5, 0x7}, 0x0, 0x0) 6.502895109s ago: executing program 4 (id=1709): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) mlock(&(0x7f00002fb000/0x4000)=nil, 0x4000) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000340)=0x0) quotactl$Q_GETQUOTA(0xffffffff80000702, &(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, r5, &(0x7f00000004c0)) setuid(r5) syz_open_dev$sndmidi(0x0, 0x2, 0x141101) r6 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0x0, 0x200}, &(0x7f00000000c0)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r6, 0x3f70, 0x0, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 6.253375671s ago: executing program 3 (id=1710): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADDDEF(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6(0xa, 0x6, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0x1, &(0x7f00000000c0)=0x9, 0x3f) r2 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r2, &(0x7f0000000000)={0x18, 0x2, {0x0, @loopback}}, 0x1e) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="5300000002"], 0x8) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) syz_io_uring_setup(0x235, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x2}, 0x0, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) socket(0x1a, 0x3, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 6.252460291s ago: executing program 1 (id=1711): socket$netlink(0x10, 0x3, 0x2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x41000000}], 0x0) 5.634700516s ago: executing program 2 (id=1712): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000440)={0x0, 0x58c5, 0x10, 0xfffffffe}, &(0x7f0000000300)=0x0, &(0x7f00000008c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xfffffffffffffffd, &(0x7f0000000100)=[0xffffffffffffffff], 0x1}) io_uring_enter(r3, 0x3516, 0xa0e1, 0x0, 0x0, 0x0) (fail_nth: 2) 4.738543512s ago: executing program 2 (id=1713): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010bd28710000000000000109022400010000000009040100010300000009210200000122050009058103"], 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) get_robust_list(0xffffffffffffffff, &(0x7f0000000280)=&(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)}}, &(0x7f0000000300)=0x18) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, {0x0, 0x0, 0x10000}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010101, 0x4d5, 0x32}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) shutdown(r2, 0x1) sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$int_in(r4, 0x5421, 0x0) r5 = dup(r4) setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000002980)={0x8, 0x0, [{0x14000, 0xa, &(0x7f0000000340)=""/10}, {0xf000, 0x53, &(0x7f0000000400)=""/83}, {0x8080000, 0x1000, &(0x7f0000000980)=""/4096}, {0x8000000, 0x1000, &(0x7f0000001980)=""/4096}, {0xeeee8000, 0xf3, &(0x7f00000004c0)=""/243}, {0x3000, 0xe3, &(0x7f00000005c0)=""/227}, {0x1000, 0xd3, &(0x7f0000000740)=""/211}, {0x4, 0x89, &(0x7f0000000840)=""/137}]}) 4.703396967s ago: executing program 0 (id=1714): r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80400, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x88c0) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtfilter={0x6c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {}, {0xe}}, [@filter_kind_options=@f_basic={{0xa}, {0x3c, 0x2, [@TCA_BASIC_ACT={0x38, 0x3, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0x6c}}, 0x0) r4 = getpid() r5 = syz_pidfd_open(r4, 0x0) process_madvise(r5, &(0x7f0000000040)=[{&(0x7f0000000000)='v', 0x1}, {0x0}], 0x2, 0x19, 0x0) 4.586906124s ago: executing program 1 (id=1715): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r7 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1f00c0e90101c7bb0000b00000000000", 0x26) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000400), 0x4) sendto(0xffffffffffffffff, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) mknodat$loop(r7, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) 4.30359263s ago: executing program 0 (id=1716): sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='m\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082abd7000fedbdf25660000000c009900040000002e0000000400b8000800b7009a0000000800a000ff0700000800a0000bc20000080022015e0300000500190106000000050018011600000008009f000200000005001901050000000800b700080000"], 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x40840) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x769}) syz_io_uring_setup(0x27f3, 0x0, &(0x7f0000000280), &(0x7f0000000100)) syz_io_uring_setup(0x1868, &(0x7f00000003c0)={0x0, 0x6848, 0x4000, 0x0, 0x142}, &(0x7f0000000040), &(0x7f0000000180)) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) socket(0x10, 0x2, 0x0) bind$qrtr(0xffffffffffffffff, &(0x7f0000000380)={0x2a, 0x1, 0x3fff}, 0xc) 3.518643627s ago: executing program 1 (id=1717): r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0xfdef}], 0x1, 0x0) getxattr(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000280)=""/46, 0x2e) sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0xdd02}], 0xc, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r5, 0x405c5503, &(0x7f0000000140)={{0x0, 0x2}, 'syz0\x00'}) r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0) r7 = eventfd(0x8000000) r8 = eventfd(0x8) ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f0000000040)={0x1, r8}) ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f0000000cc0)={0x1, r7}) ioctl$UI_SET_KEYBIT(r5, 0x40045565, 0xee) ioctl$UI_DEV_CREATE(r5, 0x5501) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0x40046f41, 0x20000502) 1.138725603s ago: executing program 4 (id=1718): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r7 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1f00c0e90101c7bb0000b00000000000", 0x26) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000400), 0x4) sendto(0xffffffffffffffff, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) mknodat$loop(r7, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) 1.138555611s ago: executing program 0 (id=1719): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0) 1.082775853s ago: executing program 1 (id=1720): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="fb00000002b1cd4b52000000020000000000009f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x6, 0x4, 0x9, 0xfb, 0x8, 0x501}, 0xc) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) pipe2$watch_queue(&(0x7f0000001180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r9 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe) keyctl$KEYCTL_WATCH_KEY(0x20, r9, r7, 0x0) pipe2$watch_queue(&(0x7f0000000380), 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r9, r8, 0xffffffffffffffff) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x9, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x400000}, 0x1c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp6=r2}, 0x20) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000100), 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 82.488168ms ago: executing program 2 (id=1721): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r6 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1f00c0e90101c7bb0000b00000000000", 0x26) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000400), 0x4) sendto(0xffffffffffffffff, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) mknodat$loop(r6, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) 69.891966ms ago: executing program 4 (id=1722): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x5c}}, 0x0) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) bind$netrom(r1, &(0x7f0000000000)={{0x6, @rose}, [@default, @bcast, @netrom, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) sendto(r1, 0x0, 0x0, 0x0, &(0x7f00000000c0)=@ieee802154={0x24, @long}, 0x80) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x1c, 0x0, 0x1, 0x70bd2d, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x4}, @ETHTOOL_A_LINKMODES_OURS={0x4}]}, 0x1c}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r2, 0x0, 0x4000000) socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) r3 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_mreqsrc(r3, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f00000000c0)=0x2c) fremovexattr(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[@ANYBLOB='s']) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x47, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0xff, 0xff}) ioctl$KVM_RUN(r5, 0xae80, 0x0) socket$nl_route(0x10, 0x3, 0x0) 0s ago: executing program 1 (id=1723): dup(0xffffffffffffffff) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) socket$kcm(0x2, 0x2, 0x0) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000080c0)="c6cfdab7e6f83fe5e44dd3a8d886a720a29cfb7e50ef99fcf38be6c3b9a9f8c9fdb7b1332c99b85247977ad2d66a577e6f0853366c7561476cb35cf07e6fc1c21d33853a21771a8835a50d941d35a4ccb511cb67ed64259c99811f0e6f176fba1e0fa45fefe030a588f0cf64895fb12a794fd0bd176a38440328d3c6c24c85f50e95c5190eb03fb04f1eb34cae287ed75c8ca8fab2c04dc1fafa14ef93e2a721a12238700dfdabd057e94e697534e1af81921756270313d22a185c146852a5e94300bc8de9904e8c6948d5d2aed05337b9572ee74b77209c6b4710e87fa6661b19283079a46f70a538d96f484b63171bdc3622fcbab6d9bafeaacd755923209c07b8c2f39c04ea713020bcd9e6f1120ea3fbc8dd0b55986c05aa0c0b13ad52f250e9505ba53a887ed7c857e0f56282d6dd5932930efe384bbb198c50aae4b9a65e6a6ccc2904a9121a28df865011c39a54fb0f890cc1f7ef5f5172754f1c2aa8e8acf8c754f22efa88ffea91f2a14133e0a7a8a06bc80d042ce1affa2ebc74b49b48169404b33c62915e54c554d10bc432ec988f7081a8690335d58d0a819d33296db1377af876d84fd557f9a2018ee91f7d39819fc72b0a9bbdd05d6efe6cc459cd42e16f955dcb1a6a2b8b2a71b3a7e1bfa82816abf8c7d3688d53decbc480eaa3821cef557290284d9c504a63768852e15b39841ef3648f14c7edab005230c7bd518f300df6ff307c0740150dddfdab1e408edb96b2e6ed612b0bc2fca570fa1813d86160a766fe6c11cdbc7a67014fa7645b4b1d3aad378bcce27aa4725ecf7675b2682cc5a15673136e7181ed5ef122017dc72df65af147dcb9ac702f8a6a2eb3f6824ba7db3c32fa4bfbf63dcd45e42a49b6edee22856fc2a43aeb6a3eea91dbd53a231b559ca7b38564853be3bdee7f820966faa916ed4fd335159328f8b727ba068b0ade0e11c9f2c2af4d5244f5d49f9c9f94105a6fe4c71112bcacf9c3dd2861d06cb3fa6b2159bc2028e513298b594ca7da60f4ed30edd7b066c23ca7d9b7d9555b47e687b43b7b5ca3210d939e34dd3d176d8b3d3d2f32f28518aa8b5169362fee4a4ede7d3d218db0ecc3de14789344df20188d907093bbf621fe67ab2a1f29221b2ec334dadc15345fc829005f4f81fc13ad0f5590742295812a7f2108cbbbc37387a7d4174592bf4f94f272306942e6c44b23e96d92911ef416b4159e81b19f267aad20c2aabf7fd285330cbf4c1bb8ac86493e0ef84de88eb7953fcf833e6cc5ebdd50b706bcc148971d24e9d3736ed66e28f75e6a1e2c9a4e2abba887b27815d2f5739fe5f8afe7240841337bfe7a69308186180fed5736fe3cbc2892cb991d0f4400d66952459c54a16448f06fd49995aa65501631d5c42e2abd8f0d890a6bbe49b384bfe27599afd536493981be5f7dbb15bfbc198fcd8ebfca182c53156742e237df31c1dca495e40cf030623a8a081e3bec3b8e5109ba05c0830ef00ff98a4419bae14762d8e0a790c1d517f1f683bb1712a6a0951f024a46efb5c2122460495fa0f4ebaae86286b8a626be2052874f947f18b0c2860ce681a33d5f4217415363fe7a6f8fca125742f03433988d88a5b8e2bf4f3079eb990b6e1ff381b7199717fb885f4f37351bf18bedbeeca351b7bfca5b791b91be0dcf8d169914c449829669e0577d1ebc4fa783d57e0c695cafae201014831a16d8fec47f22d9b79c2acc820f4dba9d1a2986731681ed1f8dd1e83bc2d491302d2f769e6b0bc47040492ffaef4267d15182adc6f5073220590d1ce89a520b6d51d6903dd54360cd7047aed76e0a6cd3c3625e67b7c1636fd627aa48f1ee6dd567730c6ec19d1634f62a77f70c64736532455f0d2ae85003e7bb32f06b480a9f7fba5e6917305fd77e38f6936e49c1a3b2a07e242ccc2f9d629d7992937a035574b3efefd515096e30058cb60cc89d8565205f15e71d805ba5d1c4f7b971918e32bd81611a574fc651bc8094f7f3aef8a3ebf95aef1c062ec66e288b1d1ee17ab75723bc46b031744a25cf055c1bc8b083313e38d0fd5d60e832ef28fbff4c93d2d2ed283575a486167c7158e08fe7094d23984bdf38cf6000db39c5d0f7db72325af909b18247d8fddd89eff8831c294d52194a11dae2339938a79ae903eb63bc6e5535796e1c0416cdad01e1493a3075930a0b3b50ad904ff760bec5c6406b10808bf13251df73b4d6fd149a378ac277ccbbfddd9536abdf5c7a8d29e128a290f0d56c9635540f4c9a3ff1d3e0e2b974b50497ebd690dc9393f8b3acfd1650627db8ab784233727f997dab536f1e993980a41f510fa0128d6bf2c8445ed1578b25a36e05f7170b9fbe8ca63e1b4a7235c27f56790c4dd38168ce26358d12b143e9dbae1d01406778250f1c77c80643016ffd4a7a6703b9c3dfa4e7b51fa1d59605d57c9712159eb34c306a988ac95eeb15c3225ccd022d2ccf5f31a81009d2a25891b83e60efe8f718d6c124202f108d23e5e6c89e269890bda8e5681315db361cdf30e4269f2cb530a188f26621a8b263f22bb385d779b3c4eebd16656451087457892e15074abb1c796f0b7f635b9496f3a17220716c449c11c0e82b67b8f1ee6a2709a20676f40f2751df3d74db503db6cb73c955ae1d6983da44de4d349004f3d9db4ba40124416a67bd18d1d9b3c1e4706ddbb2099a2ae16e99c144860d46ef66bc6844963c0563fe2cb8c4049dea32ce5656fbfec6d1aff7ef48bac92c932c9787d9e4cb0c78fc3d70f730c452c20d077b4d9ea304f1b8a2967b1e7af7f05fd35f84d633bf5095b1af53a506f6f61abc99186eba707843e9db2a18fc1c6c77dd79ab9353eaad6457245709acbe9cb381d4458eb5571fa4f4df069ae668b1df2c97f91271be5fc2040031c3980c7555af2d4186875ea4599c873ffaf47aa08c27a0580ceef6251dce4cfd6eb175a1bf36c1fd750826f4e14966e6f196b68da0a524baf86f49ce8c09430554b50a0b387c02ebd59fae9caa1054cba1304aa6732f3990ce6b7bca6b65237f0fc3c79a102e2989dcf3f884002f2efe83e25a3fb217c24c4f66e0973e7ca62483bb52c943ccfbf31324f2b7938de0555a54f47256c903ab65489906c382d7d1022f7f302b186d18b5775e042ba83b874793420a6d854aaec01e3c819d0b11b51558fb9c10b1e2ff96639fb119d90f80aa302c9a6420b4b1230d79fd1e8105259c4ebf9cc3f1eac67f15bcb9d49ae537084c96994ad08214ac07db663c1bbce6499b5665fb5a949ab3d65062467824a2065a9de2f1edc243e03ad38f0ef227519de50a3dc2e8f4a38538be5557c5de56d0110a0759fe96b0e66d20fcb6066995f77fba9c7468434a53892cf2b3f41d58e08bd2ea3b1da2a1178acf50249d77757353943cd126b511098230698782ca88d018381f233f4331d3980f72f30caf915a18794de1253734b89303f25826a80ddd75a9bdf14c6f01690833190872ca5431ab92ab3dca92595983b11de0076125059234720906641119dab9c96be9c10d60fb54267bda61fcb85a491df037cd563b229eea02cd192796d36803b04691d385471a5f68bb76afafe9df28f50dcabfefc8e2eb334bcace928b8eb8f6449116fb5a0fa4a0c51e21b8b1f99308d396db60418cb5385bdf6bce7227e514f6cbc9a9fc50b79e8b0530fd51b21679ea1c404dba52811b3c9487f670e622ac7b1ce8028eadbd882d4325663d8dc4f0960c047c5f3099c90c6256bc11e8eef6b325e0f1ed00279a695f2828762f28ecacdc726aedf42064727ec100ffa74d38d47f383946b9f856e53cb939a619f205e030a302628ffb9b2cfcc2e881e239f33844a118a4de2a5c3d6b857c5105db775a61c5d54d1d82048670e8cd2c44a032904005125eb9f999e845efba3a063e3e26b06298f28799975b51118eece2b7fec02d4b888bfb90919bec287aba71296c66dcf749efa3abcddfccee6ef80d03a1638045f18fb96131cbd9a93e657c29eb74de40f433969e1988ac335bdd9c671b5b75ce6e2440be247775f9d597b4d8523c283e774ed0987e10b88e0c5616720502149db329babc91b225359927f88e0b42f02d41a4c9e0ad7c55a0d2c52cf45da6152c0c742f661b562c3a8ecff1145cac3f63fc053e1a14fe7a57742ab709581604fabe54ff13172b5049434d12f6ed9623265af643f725efea21e2ac1b82365033b9cff4158318f40c8894d2bcffdc954fcf7068c97ca2d2b1bf19b9232b918864e3f63fd59f4c8c578821ec5083e46363d9158451c5a92b425e68081b2c7572df44658a4aae41a439c6bb4bdd2f26ff2a357fa2946e5be5cd97ba25f73bbcc6c05fa966d0aa0cf2e45f22e0021468b37d5afebbfba3233e2cd4fd64e1578be72c38891224cd6c70c4cfd146df6a8142f1493772d48650f808000000ff704e02ec121e9f43de623eff8070f88a623cd395a02b6b1ffe4ea7ae7f443dc8bdac2cfaa126d4ac9d7788dc972c88fd87d3c8758853f1882532e4ff298b466e7d198daa9015127f2937544b34aaf545f39ee00d74e0e1017a30ff2edff701d53f3a13fc61b31fe7d9032a6c4a517c7527e48c0c44a2beebc9a9f9e6f989bc6c255e05bec5ff99547658143d9eb43a1d96aa5288638b4477aa1f84c59d41194335c09d9d5d660640acb84b53520482fb200ca616e1a6f486e6da3e6721479e85d0676ba142d95ecdf1acc76a49e9bf016f951d8b95adc7e8d4317ddbb28b678135a4a9b98fb8b8b5948b682ee70e04a31f7e3c49c52a11acbb29bd8152bbb4fedd2aae8e7ad5330365213d207677855e6cd72bf93502c14b11bd2f2d6e797efc2cc5bc198730e5cc51c92751ece5c167b3328a6deed4bd73c62623bb3874c9ef18e24997e3ac93b0ad9ca7ddd4c0401ec1b942cb21dfe6abfd3aefe2588ac1684bf6b37dc09d9b9d932d5534c707ef8fe0812a403e057d00955559ca3e0f7e70d3cdfab918b8d125061fd53374c97bd0c9d19e68bacb3db46974d36cb1c96b4475acaf4d46b88a5760d2cac9432f2ce030cce4c3f853a9fd669ca36c36ff1f0432713f60e6d6bc789fdae7c7fcf4049e6166b63a12aaa3da6fc35d8783020ceb92f7f90082d4826735618905fc9fdbeb65990882ce130a7e5ebfcdc796ef293019925e80af5074bfed5f62833d9d98e324dd54e30e1d69a15e4beed5da9c6ec01a32978aa29cd26c5703a28e504e7c9264e0421718422b88ef90f6fb4e51c619f29b5fc2f600f88be036eaf28d7f5433715bd493ce55811901a59964f20ac0b06dc3a555eac123c40d3b397053501523a51e8b53a92bbd99ec3bdcd57904cfac3c0d7bcc6613b11a771d32f0f6c60c05449b42820c0a41f757ea1efebebb37f8ea567b2f7dcc4a67ebbdc00716a70f5fe255b9232e27ba05888e034fc50ac0934a43c84577183b83019008edbeb27546e8be7d8402a4c1852198c0e050296129fd66247c39abff19338300fc3cbe20a395e5805d8bc64c2d87ba27264716e211ab023765e8d454b637aa1320cb18eb4a3dbfa94027a4d75a9a2cc784cbdc22694a8f7e97bd6cea5a4e26b538be9a9dde5637be2d386a85a79ed4df541ab7d0b1370d99d2cfd1f7bf1458bedd0a53f5e6972ee424ed08acb4b49db83cae427d315d1fea4e680258e73b3fc50fdb77692c8798bcda57ac0c34823d69a8ead14c41e9613813838ef80f63138cc9ba3a6b83dfc77b6aa1248678409bd96b64c0b625e88e33262fa0bbee94fec8f3bffedaf8b12d229d0f637848a1dba01892d80f5a5596d37ac1c9c54d32dec3ca56b49aa1157583074af418d0d95a5a46fc3c234814e377963dd4c9c8a5f7cc35aacc892afb9bcede477760688e06f0b2c5a702954f4532c715151eda02f78830129b2612de8fc62fb992d1ba52da164920eb1d1dbc7d1f8f16e31c763581f4c478cf7a84cf01ca904160475a1eabae393bcb852fd550374002bad1ba0827dadcf3f6a2354a3f8f67e6da4f567fe21f55cc34840e79f6af947561c79a141721f6da4625a20fb203f96bd1a3b7322a14a0ab4a38835e1f235f772a18643824cbb9f76664b1212c785055ae17e89f590fdb1b81535e1e3e8a726a9aaf67ae2a8e67eab8f32781bc21027cb1babd932d63bafe7faf48bc57820c5e32288583db4cf369a7fbb479e1e97ca67f63b1880fb33ccf2661d7af9041ea1afc0e90ee0b4b510d094268e4576584a17fcb21b3c3f68bf1e1c4748177cb4cab92df4c254e0d0759d507e5eb096861efcf1aa66805474e3bd32f7055a7d53d47f416d24a5ac7d5fc953206db3a012234d8693e0ff662457ddaf977eaf37d043c407a7ade1fa8eaf85b6e1b1456aec3064ee858742f4e22f2d6084e3881a4783b3a9086009202eb6eb77fc1ce2236d6384cbc62c7db9cecd2fdb06f328d49c066562cf1dee863d33b48288fbb1d4d5bcafcd1b6391879e670c7189bbebafe48214d6e2b405e36192e1067eb8d0363777a174e630467673ca968ea51476b0b8a04d598f6fc593d3f3267ab37e17831dab86a67aac3ec8336c5b6e9e416b1f46d0a9e8ec6c515d86e773baa409e2afae30ea1744f2bc777af11c42f2bf6177e95245c6d601f7cb7b589ccda76a2a314dab023da8128c667a0df682f5c7bbf842a2bb51d4d842cd09d02d67444e5d8ae1f3260c4ef2da5a1c4121fdd47e953d03ff6fea10e35db2c0c110704f513b9d1c57c9da80881ced16d92faf1be60471dc4d82529ea50fd6060be18e8e6deffb15e0a0df4e36117dc22d78bd43b3fedb24cba54c2f2e3bba015bc4c817f70fc1e8b21adb04a9d8c229e9ec178fee0f35d4f169bb7dadd14f40000000062da4e21e42270a4ed0d60b4034db31ee1e13c97d8d941b2627b255d4283cf0af9044a65765ba88dcb2010fae98a6aeb0a5605d8a904d1cfa0cf8fa67a9d29670a108f014a1b21862e20d4f0f3f0cb99c97f289c657dbd08237aba2f616804ebb0e71819fa46df1a018d8336b534391596cd24b0720dd8a95e5c74b9d047da1da93d653b2aa98e67a65c3868a0c464ad24d427c3c81b41f0b2fb78f6aecd5487c29f4fd871bec21f54d22b661eeed67c866cdf057d585beace568ed52a4399dfdcc8c9a80c94f3cb92f0974b9b33ed893e8db33cf95220e03f3d28edd8b80991b0754010e7252392d1e846011defb6c46c73ee015bcb9b288f6945771af90ddd8c548eb6649efff32b0a2b36e743e46135e47fc65d1eb3f7a580104c22bbcc75ec041813cf2496a4793d17112f40333e3c874e0bcbcd889a6bb484e43632b2f9a628a461a2a5d58808b848751642b5c426c50fd82398894dc78c56ed1f0358b626cde2a0167dcb210c8ae2f6d9c95356331cf2a21ed0dfd5165bcac2681ce070f60fff5a32d246c838552cbb35a6dfdb6ea54c4ecf0ad16990901b7a72280872fc807eda1de4fdce2c223f0400e0f0eac84c1e2980b9b5a032dd1294bd2eb49372f55b9b4cf4d3c1b14050bec1344d71a8316e173bd36f5917100de4dfedfff896517a04468006e5c632c8ad15521324f3abd72545b47df874a4a95d3bb30915ebcc3ed371528f89c7e943286a8cf4ff2cca3f3496ded16b139658bd5d3323ae9007b4dab665cd24e7888735de2cce7bc1b3af39a6d92d787dd237f8d72283f7aab1d99985f3783e5cb0661cadb552293f189f75e7f3fa933c775a27415a3ad22239986364ba7a582f2d9c31e7247aa8d44d5a7e8169fec65daaf62756b34dd307ebc7fbe8a8023aac1553fbf15b48a8ee3bd0c35c7ced684f667500ab2997aa75382475eb35888e72b30ad5aad3910c5ead6797f4182adce92dafc2073f1529ff5f1a42daf3c78e499039864e8e768fb11b33c0d7779e6128579d882761f9b21fcc0696da03eeb049c90b86da8dba548058f0caddb83ec9051a04f3133341e9a17a17b72ac20cd9e242fb383365f6a2f5c795087c7ee682555adadb7305bfe2886a57f3718f30f24b52d481aa35eb2c40417df5ea9d8af1b7b871ce37fb1c84402d269e3a01a5c9a00d3c7d6ff21c90d437066850ea92773288ba925294f9368b74fd1f3c4512ae8be2f86b73641507480f3db07634df10fca86bb4431664ade710d5a8894c368660c95f7a0b8ce5ffcdae136b5c8b4ed8c3b4cd9b71079dfd6d1501df9b7f1477b516f3cceecb2def619c05061502b253af7e3deccc839de56292c95a3912e809b100897a85705cf59af66e194143d13c12b6dc1a31cd15a74fe57666931e3fd6b75512d22f063c68576b1bd6a1ab6d7f4065447daee300b7d4fe330daeda866beb44eb8ed4041d0a36bfa49871e0623eb6f5d7b967e8f969985063e2fc4f4097c2a5189b10c1776713f78193c6e0e847025936b36eaa2e817ebb45c375f18350247f6586214a200f2f17536b52b8fa196d4a6a77317807075d130a77badf745a6076b1241e47942501cba893fd0db02545e49f559e9712a60ffce9f3154459c69984de49e11192266196497c81b7c5b45997c1369c8e8490b1a748985fd4c9ab8929d17a51c331dc160c8ae8d2961351ef103e0400299e4f28faff6ac1905be2814cb02511472c7232bd104ac438d846b4a727df2ed24364e061f157c2447e7d5265b1cd75797603e220a9d2e280868f3c2c56befbc6b1b1a07be1070b293adf324b3aee5140ef5f643c952726d9b770989b07f2cdea2e1d6951027e8b386faccff07b2547dd78aa85cc113b599ab168ef602e40fc097396341a8e5b97b59032110ddf114129feaed96e85237bb4bb886b287279b96234c18947ce7d2d5e92dd5c68829edd271bfccff21b87f6a061c9b43b51252add291c8f59be1a222d00fb7719664a8b89c452e78cf1d491a036107f0a521545fd96d2548735847e278065c196153028b91f59c7b70f9883f14cfb3343bb230f4af9bd51132cc62ee5459e34e77bb2983d30e65e65ab769fa0a0578bed01f33c76f4138208659a97fbbf380f1321336c14d21012f3cc4ee2101d42321f0123d51377e319e4ff4551f7f83ca62ff9448a28b6134da582f609be7dea5d70370772ef2552f12e97cf390ee2697022168d622ae0c813d86a43c25c758162ab0aadf25c84c790fb32a459997068be01325e473871cb024ff030070434d197558b8df442e1d2ad0c7b33fe021fa6cd57b7477dd76c6a802ddf405e909d48d23321e986d791b44d32d417d63638246fcdd661e6a1453d1411ec85fa0b750354aecdd4f4b90a420d2d4f67c514f15a8fe590735f660dc5eaa7f2873c7841edaf2c0d46a92fc07c6cd22fc978f74bac72e468d96ba370fb88f9a629d4de0a8a83d43c1949aae33fe24859c1bbf8663adc6936e305cf9c56aacc84e7515caf18d0d049bec2f0a484b75a8c2c23abbca66b039a52e606f08df0a3cdd2dc6449e84ce463206d2878de0e4d0f438764a0fe360e95494e9e61581001785b081254971197024460a68ec029052f2d8841dac7e714798027696067e739cd1525df28ac9514c02e25f8ea1146e356fc5941e4661cd244dccee4a1450e4334a20cb572b842d44a8431abf4d5bb82ac6b78ce3c6d394e5969c6fe8216805f6e2db2889f27849e0dd26a5a387958a36c833a8b3d861033c00ffef267e4b09350ca1b819d5c83025e4ad69328970db92520e6ce569d5632caeb6dc42c8f6f8759256ad9c1ffe8c34a92b795bf00544714c957d5d982a4e91ec7a30dfdcacbd41ceb61f208e5442f7f7ce19ba2f0dddf50020ed1c271afe5007277e2496c3bc7f3101d6fa7f0ea2627a99de0c441a11c6afbb721037dcfc897fc5d9e0ed644b9c3aee328bc2beb3801d2bf43b1e360759c1056c74a63aa33cb6e5933b7a0b4f654113ea5830de7e8374e939e4c794be77f1f0c1e1bcedc8f584a56db0c38b6c8da60bad62b41d754d9b6cbf3379374a6126db0ef1ee2da5862acaf117408ad26c66ec8ee4f9f1844fb4cc64bc61212b303c7c622f05d29b7fd540bdc253bc948d373886e5cd4dc9bc1b551dfc514f12cc64ecc3b276ab43a4adc2142fea9c5ecf983b0841729d1771b51c2ff787ac2439f305ca3fe31cdbe24f034fcd3d41141cc0ed5cdd82e3171be1381ad4f0bf81b3be200524c98cad5a3dee3ee618c97d0678c7b4fcf729dbc2baaa2385fb63e6b906b08681c19d55200924c0edb4c3b48463fd9c2ac86510ce1e0a641def11e9e7b7fa74a629895221b06a15c995cafe55dee6c06e01b34f4f18e5ffeb76ffb412277bdfa4cee10823a1e55832c3d1d19ba5b84560668b33fafc672cfba1a85c60c61c45bd562506d9d28542c4b4795ed011a8005862f7add9dc2533dd29d0ddd534eb0a3b537b391c423b527b3ae4ce0c829a6efcf8671e9e5224df6ed6c1f20452cb46cd578a620788f9af325d45825ced3043ef3693ffebf7b881518ba2c71587251edf150772ae1e24f4415f9d9307151b8fbcb83d0da908f4b6c762b777dc406991353e962f181bc06e892ff9e000000009dafd09b291f79720b866e46bcf14d5bd1ed15a468a8996ecec8ce3d9890fb45c96804dddfe5b7280c0e30934f129e14b344506f70d484eea40baac63b89dc71b030a6c8149ffca2434c773bffe76bbf2e778f0034666970a96bf336ee5240e765ea3715382bd8fe19c5ce5a8814717d87d4d6304a3b0d6581a6fed44975ef8a8186c19a513f5c6c0610acbd31fd58e2cb683162464cf7f50ade879461ee91f433b09d1febe058c101a0ff96cbffd547c2beab15ca343cfe592ea435f980ff03e0aeadcc80d64383d287997a6a937fc22221cec2a1aa6e8dfc1dc6e0f2e02060a18c09957376a72e165728acddf73873a958f43bcd2e9c6c71a83f744bf14c75f5e8308523a7d39bcbfd832c6597b2928b07630ae50540bb71b44b5b4040a1d172fabe8dbfb96a99e7498b12dcc8ed9e43fb36c202d019b4fbe11f715f5de76bede175c22d8355323eb004c5021d892fbe48fa7b6bf382eb03d0e447a38c63bb7fa1154c2cdf08a1cf5fa95ec75a5aa9037ebf8916cb78e6da650016a0c7ed34290e25e2122be24e4373c49c4fc81c39ec1a1ce4b658e1b80562bf911a1f6a5fc2e69d2554d4abf5ad79d9c9b7d9ac8c4122c11f590a35dcf3e7cf975027832b4e2a71ebc591a60bb874b36b415b455bd942fe1a69a92b70ce1a1c867c85138449529cab5f63feab609a2ba3344191c416d8409b59962bcee1c4a40874069e28432fcade20f07c9259dec75fb978a6b84b6e8f50fdb341c7c19f55a8fa389cf085f44661c9618d56d32be0bdb3b2928fc2c372e86ea109afaee022bb832e80e869c7cb1053921b862b27599d3665f7fabfd6436743ea893ec43e4e4daa598127df8ee3249be4668d717117a038f0e734a894457df4c64dd76a9d9d42efc29f2311085c9e6fcef385f40af94f283edca078797e96b79719875aed3900252c3acc6a92e23083b3fa24057d9ebf7886df99d652e7068cbd445560a0afc81bf7c011777837f94b32094fa1bc99472cc2a40bff245abb27d3f628b1b649fd00", 0x2000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0xbfd1, 0x0) kernel console output (not intermixed with test programs): t_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 566.482173][ T29] audit: type=1400 audit(1737507628.052:2678): avc: denied { node_bind } for pid=11272 comm="syz.1.1286" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 566.520874][ T29] audit: type=1400 audit(1737507628.062:2679): avc: denied { getopt } for pid=11272 comm="syz.1.1286" laddr=::ffff:0.0.0.0 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 566.554053][ T29] audit: type=1400 audit(1737507628.062:2680): avc: denied { connect } for pid=11272 comm="syz.1.1286" laddr=::ffff:0.0.0.0 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 566.583909][ T29] audit: type=1400 audit(1737507628.062:2681): avc: denied { name_connect } for pid=11272 comm="syz.1.1286" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 566.647321][ T29] audit: type=1400 audit(1737507628.602:2682): avc: denied { create } for pid=11277 comm="syz.4.1289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 566.677497][ T29] audit: type=1400 audit(1737507628.792:2683): avc: denied { bind } for pid=11277 comm="syz.4.1289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 566.697838][ T29] audit: type=1400 audit(1737507628.822:2684): avc: denied { write } for pid=11277 comm="syz.4.1289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 566.730287][ T8] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 566.738351][ T5866] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 566.904049][T11321] syz.3.1298: attempt to access beyond end of device [ 566.904049][T11321] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 566.952362][ T8] usb 2-1: unable to get BOS descriptor or descriptor too short [ 566.990471][ T5866] usb 5-1: device descriptor read/64, error -71 [ 567.011503][ T8] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 567.055535][ T8] usb 2-1: config 1 has no interface number 1 [ 567.093236][ T8] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 567.190669][ T8] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 567.235033][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 567.391696][ T5866] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 567.410723][ T8] usb 2-1: Product: syz [ 567.416364][ T8] usb 2-1: Manufacturer: syz [ 567.430245][ T8] usb 2-1: SerialNumber: syz [ 568.211411][T11330] netlink: 300 bytes leftover after parsing attributes in process `syz.0.1301'. [ 568.248341][ T5866] usb 5-1: device descriptor read/64, error -71 [ 568.301916][ T8] usb 2-1: found format II with max.bitrate = 26774, frame size=2 [ 568.325785][ T8] usb 2-1: found format II with max.bitrate = 26774, frame size=2 [ 568.383180][ T5866] usb usb5-port1: attempt power cycle [ 568.419855][ T8] usb 2-1: failed to enable PITCH for EP 0x82 [ 569.334639][T11341] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 569.508829][ T8] usb 2-1: USB disconnect, device number 59 [ 569.764383][ T5899] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 570.191911][ T5930] udevd[5930]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 570.270530][ T5899] usb 4-1: Using ep0 maxpacket: 32 [ 570.296577][ T5899] usb 4-1: too many configurations: 47, using maximum allowed: 8 [ 570.316948][ T5899] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 570.334062][ T5899] usb 4-1: can't read configurations, error -61 [ 571.190501][ T5899] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 571.282401][T11352] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1306'. [ 571.374655][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 571.374672][ T29] audit: type=1400 audit(1737507637.022:2716): avc: denied { read } for pid=11358 comm="syz.4.1308" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 571.404415][ T5899] usb 4-1: Using ep0 maxpacket: 32 [ 571.587932][T11361] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1308'. [ 571.598905][ T29] audit: type=1400 audit(1737507637.022:2717): avc: denied { open } for pid=11358 comm="syz.4.1308" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 571.848772][ T5899] usb 4-1: device descriptor read/all, error -71 [ 571.863793][ T5899] usb usb4-port1: attempt power cycle [ 571.947310][ T29] audit: type=1400 audit(1737507637.082:2718): avc: denied { read } for pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 571.971020][ T29] audit: type=1400 audit(1737507637.082:2719): avc: denied { search } for pid=5172 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 572.006441][T11363] netlink: 'syz.2.1309': attribute type 10 has an invalid length. [ 572.031067][ T29] audit: type=1400 audit(1737507637.082:2720): avc: denied { open } for pid=5172 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 572.214268][T11368] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 572.256707][T11368] syz.1.1311: attempt to access beyond end of device [ 572.256707][T11368] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 572.268855][T11363] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1309'. [ 572.340295][ T29] audit: type=1400 audit(1737507637.082:2721): avc: denied { getattr } for pid=5172 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 572.368119][T11375] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 572.386218][T11375] syz.0.1310: attempt to access beyond end of device [ 572.386218][T11375] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 572.502908][ T29] audit: type=1400 audit(1737507637.282:2722): avc: denied { ioctl } for pid=11358 comm="syz.4.1308" path="socket:[29347]" dev="sockfs" ino=29347 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 573.123108][ T29] audit: type=1400 audit(1737507637.522:2723): avc: denied { create } for pid=11362 comm="syz.2.1309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 573.170367][ T29] audit: type=1400 audit(1737507637.552:2724): avc: denied { create } for pid=11362 comm="syz.2.1309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 573.236507][T11382] kvm: pic: non byte write [ 573.242363][ T29] audit: type=1400 audit(1737507637.602:2725): avc: denied { bind } for pid=11362 comm="syz.2.1309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 573.346238][ T25] usb 5-1: new high-speed USB device number 60 using dummy_hcd [ 573.359298][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1312'. [ 573.492725][ T25] usb 5-1: device descriptor read/64, error -71 [ 573.570915][T11388] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 574.330606][ T25] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 574.629793][ T25] usb 5-1: device descriptor read/64, error -71 [ 574.740665][ T934] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 575.072207][ T25] usb usb5-port1: attempt power cycle [ 575.310917][ T934] usb 3-1: unable to get BOS descriptor or descriptor too short [ 575.326054][ T934] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 575.989725][ T934] usb 3-1: config 1 has no interface number 1 [ 576.005528][ T934] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 576.029612][ T934] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 576.038884][ T934] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 576.170341][ T934] usb 3-1: Product: syz [ 576.174554][ T934] usb 3-1: Manufacturer: syz [ 576.194529][ T934] usb 3-1: SerialNumber: syz [ 576.604740][ T29] kauditd_printk_skb: 53 callbacks suppressed [ 576.604778][ T29] audit: type=1400 audit(1737507642.252:2779): avc: denied { create } for pid=11404 comm="syz.4.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 577.020503][ T29] audit: type=1400 audit(1737507642.272:2780): avc: denied { connect } for pid=11404 comm="syz.4.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 577.304878][ T934] usb 3-1: 2:1 : no UAC_FORMAT_TYPE desc [ 577.320071][ T29] audit: type=1400 audit(1737507642.282:2781): avc: denied { map } for pid=11404 comm="syz.4.1320" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 577.379857][ T934] usb 3-1: USB disconnect, device number 38 [ 577.477714][ T29] audit: type=1400 audit(1737507642.282:2782): avc: denied { execute } for pid=11404 comm="syz.4.1320" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 577.512254][ T29] audit: type=1400 audit(1737507642.382:2783): avc: denied { create } for pid=11410 comm="syz.3.1322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 577.537645][ T29] audit: type=1400 audit(1737507642.392:2784): avc: denied { getopt } for pid=11410 comm="syz.3.1322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 577.561946][ T29] audit: type=1400 audit(1737507642.492:2785): avc: denied { mount } for pid=11410 comm="syz.3.1322" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 577.588935][ T29] audit: type=1400 audit(1737507642.692:2786): avc: denied { bind } for pid=11404 comm="syz.4.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 577.617122][ T29] audit: type=1400 audit(1737507642.692:2787): avc: denied { listen } for pid=11404 comm="syz.4.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 577.720505][ T29] audit: type=1400 audit(1737507642.702:2788): avc: denied { write } for pid=11404 comm="syz.4.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 577.744089][ T5819] udevd[5819]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 577.826004][T11420] netlink: 'syz.1.1323': attribute type 3 has an invalid length. [ 577.834510][T11420] netlink: 'syz.1.1323': attribute type 1 has an invalid length. [ 577.850250][T11420] tmpfs: Bad value for 'mpol' [ 578.960657][T10044] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 579.160488][T10044] usb 3-1: Using ep0 maxpacket: 16 [ 579.576222][T10044] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 579.595977][T10044] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 579.621306][T10044] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 579.630580][T10044] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 579.638752][T10044] usb 3-1: Product: syz [ 579.648013][T10044] usb 3-1: Manufacturer: syz [ 579.655837][T10044] usb 3-1: SerialNumber: syz [ 579.722093][T10044] usb 3-1: config 0 descriptor?? [ 579.784308][T10044] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 579.786746][T11439] FAULT_INJECTION: forcing a failure. [ 579.786746][T11439] name failslab, interval 1, probability 0, space 0, times 0 [ 579.806701][T11439] CPU: 0 UID: 0 PID: 11439 Comm: syz.3.1329 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 579.817123][T11439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 579.827159][T11439] Call Trace: [ 579.830423][T11439] [ 579.833347][T11439] dump_stack_lvl+0x16c/0x1f0 [ 579.838013][T11439] should_fail_ex+0x497/0x5b0 [ 579.842671][T11439] ? fs_reclaim_acquire+0xae/0x150 [ 579.847761][T11439] should_failslab+0xc2/0x120 [ 579.852434][T11439] __kmalloc_node_noprof+0xd1/0x510 [ 579.857613][T11439] ? lock_acquire+0x2f/0xb0 [ 579.862107][T11439] ? __might_fault+0xe3/0x190 [ 579.866799][T11439] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 579.872267][T11439] __kvmalloc_node_noprof+0xad/0x1a0 [ 579.877539][T11439] xt_alloc_table_info+0x3e/0xa0 [ 579.882492][T11439] do_ipt_set_ctl+0x5b3/0xbe0 [ 579.887168][T11439] ? __mutex_lock+0x1cc/0xa60 [ 579.891822][T11439] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 579.896996][T11439] ? __mutex_unlock_slowpath+0x164/0x690 [ 579.902609][T11439] ? sockopt_release_sock+0x52/0x60 [ 579.907787][T11439] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 579.913757][T11439] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 579.919722][T11439] nf_setsockopt+0x8a/0xf0 [ 579.924121][T11439] ip_setsockopt+0xcb/0xf0 [ 579.928517][T11439] udp_setsockopt+0x7d/0xd0 [ 579.933001][T11439] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 579.938874][T11439] do_sock_setsockopt+0x222/0x480 [ 579.943879][T11439] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 579.949403][T11439] ? lock_acquire+0x2f/0xb0 [ 579.953893][T11439] __sys_setsockopt+0x1a0/0x230 [ 579.958723][T11439] __x64_sys_setsockopt+0xbd/0x160 [ 579.963816][T11439] ? do_syscall_64+0x91/0x250 [ 579.968472][T11439] ? lockdep_hardirqs_on+0x7c/0x110 [ 579.973656][T11439] do_syscall_64+0xcd/0x250 [ 579.978141][T11439] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.984033][T11439] RIP: 0033:0x7f2cadb85d29 [ 579.988447][T11439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.008040][T11439] RSP: 002b:00007f2cae9f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 580.016434][T11439] RAX: ffffffffffffffda RBX: 00007f2cadd76080 RCX: 00007f2cadb85d29 [ 580.024386][T11439] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000006 [ 580.032348][T11439] RBP: 00007f2cae9f9090 R08: 0000000000000a98 R09: 0000000000000000 [ 580.040301][T11439] R10: 00000000200019c0 R11: 0000000000000246 R12: 0000000000000001 [ 580.048254][T11439] R13: 0000000000000000 R14: 00007f2cadd76080 R15: 00007ffd6c888248 [ 580.056226][T11439] [ 580.060072][T10044] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 580.926446][T10044] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 581.021928][T10044] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 581.037641][T10044] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 581.160563][ T5869] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 581.333181][T10044] em28xx 3-1:0.0: No AC97 audio processor [ 581.369956][T10044] usb 3-1: USB disconnect, device number 39 [ 581.450313][ T5869] usb 4-1: device descriptor read/64, error -71 [ 581.587437][T10044] em28xx 3-1:0.0: Disconnecting em28xx [ 581.615972][T10044] em28xx 3-1:0.0: Freeing device [ 581.843407][ T5869] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 582.020364][ T5869] usb 4-1: device descriptor read/64, error -71 [ 582.297032][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 582.297068][ T29] audit: type=1400 audit(1737507647.832:2794): avc: denied { read write } for pid=11451 comm="syz.2.1332" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 582.670775][ T5869] usb usb4-port1: attempt power cycle [ 582.741598][ T29] audit: type=1400 audit(1737507647.832:2795): avc: denied { open } for pid=11451 comm="syz.2.1332" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 582.844692][ T29] audit: type=1400 audit(1737507647.852:2796): avc: denied { mount } for pid=11451 comm="syz.2.1332" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 583.276071][ T29] audit: type=1400 audit(1737507647.942:2797): avc: denied { create } for pid=11451 comm="syz.2.1332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 583.320274][ T5869] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 583.931699][ T29] audit: type=1400 audit(1737507647.942:2798): avc: denied { bind } for pid=11451 comm="syz.2.1332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 584.040976][ T29] audit: type=1400 audit(1737507647.952:2799): avc: denied { accept } for pid=11451 comm="syz.2.1332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 584.140292][ T5869] usb 4-1: device not accepting address 45, error -71 [ 584.224649][ T29] audit: type=1400 audit(1737507648.462:2800): avc: denied { unmount } for pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 584.904820][ T29] audit: type=1400 audit(1737507648.702:2801): avc: denied { create } for pid=11456 comm="syz.0.1333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 584.988661][ T29] audit: type=1400 audit(1737507648.712:2802): avc: denied { setopt } for pid=11456 comm="syz.0.1333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 585.077981][ T29] audit: type=1400 audit(1737507648.732:2803): avc: denied { bind } for pid=11456 comm="syz.0.1333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 585.253119][ T5869] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 585.419473][ T5869] usb 4-1: Using ep0 maxpacket: 32 [ 586.037774][ T5869] usb 4-1: too many configurations: 47, using maximum allowed: 8 [ 586.114193][ T5869] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 586.187714][ T5869] usb 4-1: can't read configurations, error -61 [ 586.230874][ T5869] usb usb4-port1: unable to enumerate USB device [ 587.237695][T11490] kvm: pic: non byte write [ 588.179975][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 588.179991][ T29] audit: type=1326 audit(1737507652.952:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 588.312594][ T29] audit: type=1326 audit(1737507653.032:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 588.343117][ T29] audit: type=1326 audit(1737507653.032:2829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 588.374369][ T29] audit: type=1400 audit(1737507653.042:2830): avc: denied { create } for pid=11497 comm="syz.4.1342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 588.468365][ T29] audit: type=1326 audit(1737507653.832:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 588.778047][ T29] audit: type=1326 audit(1737507653.832:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 588.801576][ C0] vkms_vblank_simulate: vblank timer overrun [ 588.845672][ T29] audit: type=1326 audit(1737507653.832:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 588.869233][ C0] vkms_vblank_simulate: vblank timer overrun [ 589.001310][ T29] audit: type=1326 audit(1737507653.872:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2cadb84690 code=0x7ffc0000 [ 589.380392][ T5869] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 589.636941][ T29] audit: type=1326 audit(1737507653.872:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 589.665865][ T29] audit: type=1326 audit(1737507653.872:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11501 comm="syz.3.1345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 589.689314][ C0] vkms_vblank_simulate: vblank timer overrun [ 589.800854][ T5869] usb 2-1: device descriptor read/64, error -71 [ 589.900267][ T25] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 590.052768][ T25] usb 5-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 590.061909][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 590.072687][ T25] usb 5-1: config 0 descriptor?? [ 590.093173][ T25] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 590.100739][ T5869] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 590.241369][ T5869] usb 2-1: device descriptor read/64, error -71 [ 590.362350][ T5869] usb usb2-port1: attempt power cycle [ 590.440390][T11529] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 590.454086][T11529] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 590.630767][ T25] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -110 [ 590.642363][ T25] pac7311 5-1:0.0: probe with driver pac7311 failed with error -110 [ 590.696185][T11529] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 590.730507][ T5869] usb 2-1: new high-speed USB device number 62 using dummy_hcd [ 590.746526][T11529] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 590.791712][ T5869] usb 2-1: device descriptor read/8, error -71 [ 590.807677][ T8] usb 5-1: USB disconnect, device number 63 [ 591.050591][ T5869] usb 2-1: new high-speed USB device number 63 using dummy_hcd [ 591.291049][ T5869] usb 2-1: device descriptor read/8, error -71 [ 591.400881][ T5869] usb usb2-port1: unable to enumerate USB device [ 591.678202][T11554] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 592.197614][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 592.841533][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 593.309710][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 593.309727][ T29] audit: type=1400 audit(1737507658.962:2860): avc: denied { append } for pid=11582 comm="syz.1.1363" name="dlm-control" dev="devtmpfs" ino=94 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 593.360005][ T5899] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 593.421792][ T29] audit: type=1400 audit(1737507659.082:2861): avc: denied { create } for pid=11582 comm="syz.1.1363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 593.443713][T11585] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1363'. [ 593.454701][T11585] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=48480 sclass=netlink_route_socket pid=11585 comm=syz.1.1363 [ 593.509528][ T29] audit: type=1400 audit(1737507659.162:2862): avc: denied { write } for pid=11558 comm="syz.4.1358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 593.630607][ T5899] usb 3-1: Using ep0 maxpacket: 16 [ 593.763029][ T5899] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 593.874007][ T5899] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 593.909996][ T5899] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 594.033765][ T5899] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 594.047090][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 594.058897][ T5899] usb 3-1: Product: syz [ 594.065360][ T5899] usb 3-1: Manufacturer: syz [ 594.086076][ T29] audit: type=1400 audit(1737507659.732:2863): avc: denied { write } for pid=11567 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 594.086367][ T5899] usb 3-1: SerialNumber: syz [ 594.165234][ T29] audit: type=1400 audit(1737507659.732:2864): avc: denied { add_name } for pid=11567 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 594.275922][ T29] audit: type=1400 audit(1737507659.732:2865): avc: denied { create } for pid=11567 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 594.369859][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 594.387154][ T29] audit: type=1400 audit(1737507659.732:2866): avc: denied { write } for pid=11567 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.sl0.link" dev="tmpfs" ino=6724 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 594.480858][ T29] audit: type=1400 audit(1737507659.732:2867): avc: denied { append } for pid=11567 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" dev="tmpfs" ino=6724 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 594.582190][T11576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 594.626828][T11576] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 594.716463][ T29] audit: type=1400 audit(1737507659.932:2868): avc: denied { remove_name } for pid=11602 comm="rm" name="resolv.conf.sl0.link" dev="tmpfs" ino=6724 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 594.751469][ T29] audit: type=1400 audit(1737507659.932:2869): avc: denied { unlink } for pid=11602 comm="rm" name="resolv.conf.sl0.link" dev="tmpfs" ino=6724 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 595.472568][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 595.740439][ T5869] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 596.028584][T11610] No such timeout policy "syz1" [ 596.035352][ T5869] usb 1-1: device descriptor read/64, error -71 [ 596.143035][ T5899] usb 3-1: 0:2 : does not exist [ 596.160998][ T5899] usb 3-1: 1:0: cannot get min/max values for control 4 (id 1) [ 596.343612][ T5869] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 596.355492][ T5899] usb 3-1: USB disconnect, device number 40 [ 596.540290][ T5869] usb 1-1: device descriptor read/64, error -71 [ 596.595251][ T5819] udevd[5819]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 596.660577][ T5869] usb usb1-port1: attempt power cycle [ 597.453972][ T5869] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 597.525744][ T5869] usb 1-1: device descriptor read/8, error -71 [ 598.659873][T11672] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 598.777415][T11672] syz.1.1379: attempt to access beyond end of device [ 598.777415][T11672] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 599.647024][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 599.647041][ T29] audit: type=1400 audit(1737507665.292:2877): avc: denied { unmount } for pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 599.711064][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1383'. [ 599.721761][T11679] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode broadcast(3) [ 599.860447][ T25] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 600.030355][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 600.184834][T11684] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1384'. [ 600.190241][ T25] usb 1-1: config 0 has no interfaces? [ 600.304999][ T25] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 600.375187][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 600.421413][ T25] usb 1-1: Product: syz [ 600.425765][ T25] usb 1-1: Manufacturer: syz [ 600.449612][ T25] usb 1-1: SerialNumber: syz [ 600.537953][ T25] usb 1-1: config 0 descriptor?? [ 600.839501][T11688] kvm: pic: non byte write [ 601.522852][ T29] audit: type=1400 audit(1737507667.182:2878): avc: denied { ioctl } for pid=11674 comm="syz.0.1381" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=30435 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 601.809230][ T25] usb 2-1: new high-speed USB device number 64 using dummy_hcd [ 602.012336][ T25] usb 2-1: device descriptor read/64, error -71 [ 602.270498][ T25] usb 2-1: new high-speed USB device number 65 using dummy_hcd [ 602.420568][ T25] usb 2-1: device descriptor read/64, error -71 [ 602.750490][ T25] usb usb2-port1: attempt power cycle [ 602.882313][ T934] usb 1-1: USB disconnect, device number 50 [ 602.963215][T11718] binder: 11717:11718 ioctl c0306201 20000080 returned -11 [ 603.000293][ T29] audit: type=1400 audit(1737507668.592:2879): avc: denied { read } for pid=11717 comm="syz.2.1394" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 603.110358][ T29] audit: type=1400 audit(1737507668.592:2880): avc: denied { open } for pid=11717 comm="syz.2.1394" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 603.134781][ T29] audit: type=1400 audit(1737507668.592:2881): avc: denied { ioctl } for pid=11717 comm="syz.2.1394" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 603.528823][ T25] usb 2-1: new high-speed USB device number 66 using dummy_hcd [ 603.617775][ T29] audit: type=1400 audit(1737507668.592:2882): avc: denied { set_context_mgr } for pid=11717 comm="syz.2.1394" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 604.035146][T11720] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 604.060121][T11720] syz.0.1393: attempt to access beyond end of device [ 604.060121][T11720] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 604.074213][ T29] audit: type=1400 audit(1737507668.602:2883): avc: denied { map } for pid=11717 comm="syz.2.1394" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 604.117506][ T29] audit: type=1400 audit(1737507668.612:2884): avc: denied { write } for pid=11717 comm="syz.2.1394" path="socket:[30463]" dev="sockfs" ino=30463 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 604.141954][ T29] audit: type=1326 audit(1737507668.612:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11717 comm="syz.2.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 604.172287][ T29] audit: type=1326 audit(1737507668.612:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11717 comm="syz.2.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 604.219626][T11726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1395'. [ 604.285902][T11726] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode broadcast(3) [ 604.305088][ T25] usb 2-1: device not accepting address 66, error -71 [ 604.432071][T11732] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1396'. [ 606.781977][ T25] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 606.861764][ T9540] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 607.010537][ T9540] usb 5-1: device descriptor read/64, error -71 [ 607.016882][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 607.037093][ T25] usb 3-1: config 0 has no interfaces? [ 607.282935][ T25] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 607.300348][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.308465][ T25] usb 3-1: Product: syz [ 607.313603][ T25] usb 3-1: Manufacturer: syz [ 607.319199][ T25] usb 3-1: SerialNumber: syz [ 607.326135][ T25] usb 3-1: config 0 descriptor?? [ 607.431766][T11776] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 607.527406][ T9540] usb 5-1: new high-speed USB device number 65 using dummy_hcd [ 607.804536][ T9540] usb 5-1: device descriptor read/64, error -71 [ 608.080125][ T9540] usb usb5-port1: attempt power cycle [ 608.430633][ T9540] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 608.513690][ T9540] usb 5-1: device descriptor read/8, error -71 [ 608.820635][ T9540] usb 5-1: new high-speed USB device number 67 using dummy_hcd [ 608.994112][ T9540] usb 5-1: device descriptor read/8, error -71 [ 609.158123][ T29] kauditd_printk_skb: 40 callbacks suppressed [ 609.158141][ T29] audit: type=1400 audit(1737507674.812:2927): avc: denied { execute } for pid=11789 comm="syz.3.1410" path="/290/cpu.stat" dev="tmpfs" ino=1669 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 609.226048][ T9540] usb usb5-port1: unable to enumerate USB device [ 609.441183][ T29] audit: type=1400 audit(1737507675.092:2928): avc: denied { unmount } for pid=5813 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 609.869892][ T29] audit: type=1400 audit(1737507675.092:2929): avc: denied { recv } for pid=5802 comm="syz-executor" saddr=10.128.0.169 src=30006 daddr=10.128.1.164 dest=58808 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 609.927951][ T29] audit: type=1400 audit(1737507675.132:2930): avc: denied { create } for pid=11795 comm="syz.3.1413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 610.076587][ T934] usb 3-1: USB disconnect, device number 41 [ 610.087198][ T29] audit: type=1400 audit(1737507675.132:2931): avc: denied { read } for pid=11795 comm="syz.3.1413" dev="nsfs" ino=4026532943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 610.423888][ T29] audit: type=1400 audit(1737507675.132:2932): avc: denied { open } for pid=11795 comm="syz.3.1413" path="net:[4026532943]" dev="nsfs" ino=4026532943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 610.773919][ T29] audit: type=1400 audit(1737507675.142:2933): avc: denied { read } for pid=11795 comm="syz.3.1413" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 610.842872][ T29] audit: type=1400 audit(1737507675.142:2934): avc: denied { open } for pid=11795 comm="syz.3.1413" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 610.898990][ T29] audit: type=1400 audit(1737507675.242:2935): avc: denied { create } for pid=11795 comm="syz.3.1413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 610.942378][ T29] audit: type=1400 audit(1737507675.242:2936): avc: denied { create } for pid=11795 comm="syz.3.1413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 614.060785][ T9540] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 614.226034][ T29] kauditd_printk_skb: 68 callbacks suppressed [ 614.226051][ T29] audit: type=1400 audit(1737507679.882:3005): avc: denied { read write } for pid=11847 comm="syz.4.1424" name="vmci" dev="devtmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 614.255558][ T9540] usb 1-1: Using ep0 maxpacket: 16 [ 614.263901][ T29] audit: type=1400 audit(1737507679.892:3006): avc: denied { create } for pid=11849 comm="syz.1.1425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 614.286330][ T29] audit: type=1400 audit(1737507679.892:3007): avc: denied { write } for pid=11849 comm="syz.1.1425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 614.323805][ T9540] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 614.356105][ T9540] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 614.393292][ T9540] usb 1-1: New USB device found, idVendor=0955, idProduct=721c, bcdDevice= 0.00 [ 614.410389][ T29] audit: type=1400 audit(1737507679.922:3008): avc: denied { open } for pid=11847 comm="syz.4.1424" path="/dev/vmci" dev="devtmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 614.447034][ T9540] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 614.504224][ T9540] usb 1-1: config 0 descriptor?? [ 614.647228][ T29] audit: type=1400 audit(1737507680.092:3009): avc: denied { mounton } for pid=11851 comm="syz.1.1426" path="/270/file0" dev="tmpfs" ino=1545 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 614.808318][ T29] audit: type=1400 audit(1737507680.092:3010): avc: denied { mount } for pid=11851 comm="syz.1.1426" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 614.879667][ T9540] usb 1-1: string descriptor 0 read error: -71 [ 614.976024][ T9540] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 615.011119][ T9540] usb 1-1: USB disconnect, device number 51 [ 615.059908][ T29] audit: type=1400 audit(1737507680.092:3011): avc: denied { create } for pid=11851 comm="syz.1.1426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 615.115349][ T29] audit: type=1400 audit(1737507680.102:3012): avc: denied { read } for pid=11852 comm="syz.4.1427" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 615.225279][ T29] audit: type=1400 audit(1737507680.102:3013): avc: denied { open } for pid=11852 comm="syz.4.1427" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 615.300244][ T29] audit: type=1400 audit(1737507680.112:3014): avc: denied { read } for pid=11851 comm="syz.1.1426" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 615.524665][T11868] input: syz0 as /devices/virtual/input/input33 [ 616.764671][T11882] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 619.073233][T11895] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 619.411836][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 619.411853][ T29] audit: type=1400 audit(1737507685.072:3061): avc: denied { mounton } for pid=11906 comm="syz.2.1440" path="/285/file0" dev="tmpfs" ino=1661 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 619.440680][ C0] vkms_vblank_simulate: vblank timer overrun [ 619.467832][ T29] audit: type=1400 audit(1737507685.072:3062): avc: denied { mount } for pid=11906 comm="syz.2.1440" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 619.497529][ T29] audit: type=1400 audit(1737507685.122:3063): avc: denied { create } for pid=11906 comm="syz.2.1440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 620.592938][ T29] audit: type=1400 audit(1737507685.122:3064): avc: denied { read } for pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 620.774030][ T29] audit: type=1400 audit(1737507685.122:3065): avc: denied { search } for pid=5172 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 620.802988][ T29] audit: type=1400 audit(1737507685.122:3066): avc: denied { append } for pid=5172 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 620.864280][ T29] audit: type=1400 audit(1737507685.122:3067): avc: denied { open } for pid=5172 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 620.886799][ C0] vkms_vblank_simulate: vblank timer overrun [ 620.945898][ T29] audit: type=1400 audit(1737507685.122:3068): avc: denied { getattr } for pid=5172 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 621.072237][T11914] kvm: pic: non byte write [ 621.085156][ T29] audit: type=1400 audit(1737507685.122:3069): avc: denied { create } for pid=11906 comm="syz.2.1440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 621.105733][ C0] vkms_vblank_simulate: vblank timer overrun [ 621.227540][T11922] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 621.275311][ T29] audit: type=1400 audit(1737507685.122:3070): avc: denied { create } for pid=11906 comm="syz.2.1440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 624.374049][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.833890][ T29] kauditd_printk_skb: 49 callbacks suppressed [ 624.864059][ T29] audit: type=1400 audit(1737507690.482:3120): avc: denied { create } for pid=11947 comm="syz.0.1449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 625.009912][T11951] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1447'. [ 625.039669][ T29] audit: type=1400 audit(1737507690.482:3121): avc: denied { setopt } for pid=11947 comm="syz.0.1449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 625.168187][ T29] audit: type=1400 audit(1737507690.662:3122): avc: denied { ioctl } for pid=11937 comm="syz.3.1447" path="socket:[31926]" dev="sockfs" ino=31926 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 625.272141][ T29] audit: type=1400 audit(1737507690.932:3123): avc: denied { unmount } for pid=5824 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 625.343937][ T29] audit: type=1400 audit(1737507690.982:3124): avc: denied { unlink } for pid=5824 comm="syz-executor" name="bus" dev="tmpfs" ino=1569 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 625.389135][ T29] audit: type=1400 audit(1737507691.002:3125): avc: denied { unmount } for pid=5824 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 626.370531][ T29] audit: type=1400 audit(1737507692.002:3126): avc: denied { search } for pid=5484 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 626.476375][ T29] audit: type=1400 audit(1737507692.002:3127): avc: denied { read } for pid=5484 comm="dhcpcd" name="n162" dev="tmpfs" ino=6862 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 626.510237][ T29] audit: type=1400 audit(1737507692.002:3128): avc: denied { open } for pid=5484 comm="dhcpcd" path="/run/udev/data/n162" dev="tmpfs" ino=6862 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 626.567385][ T29] audit: type=1400 audit(1737507692.002:3129): avc: denied { getattr } for pid=5484 comm="dhcpcd" path="/run/udev/data/n162" dev="tmpfs" ino=6862 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 630.644963][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 630.645013][ T29] audit: type=1400 audit(1737507696.302:3138): avc: denied { create } for pid=11988 comm="syz.0.1459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 630.720269][ T29] audit: type=1400 audit(1737507696.312:3139): avc: denied { bind } for pid=11988 comm="syz.0.1459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 630.764211][T11997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1458'. [ 630.820375][ T29] audit: type=1400 audit(1737507696.312:3140): avc: denied { write } for pid=11988 comm="syz.0.1459" path="socket:[32937]" dev="sockfs" ino=32937 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 630.950686][ T29] audit: type=1400 audit(1737507696.312:3141): avc: denied { create } for pid=11988 comm="syz.0.1459" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 631.026923][ T29] audit: type=1400 audit(1737507696.312:3142): avc: denied { map } for pid=11988 comm="syz.0.1459" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=32938 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 631.864292][T12011] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 631.986138][T12011] syz.1.1462: attempt to access beyond end of device [ 631.986138][T12011] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 632.083190][ T29] audit: type=1400 audit(1737507696.312:3143): avc: denied { read write } for pid=11988 comm="syz.0.1459" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=32938 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 632.637150][ T29] audit: type=1400 audit(1737507696.312:3144): avc: denied { create } for pid=11988 comm="syz.0.1459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 632.673180][ T29] audit: type=1400 audit(1737507696.332:3145): avc: denied { setopt } for pid=11988 comm="syz.0.1459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 632.718186][T12020] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 632.777277][ T29] audit: type=1400 audit(1737507696.332:3146): avc: denied { bind } for pid=11988 comm="syz.0.1459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 632.852249][T12022] FAULT_INJECTION: forcing a failure. [ 632.852249][T12022] name failslab, interval 1, probability 0, space 0, times 0 [ 632.865041][T12022] CPU: 0 UID: 0 PID: 12022 Comm: syz.4.1465 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 632.875448][T12022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 632.885481][T12022] Call Trace: [ 632.888736][T12022] [ 632.891650][T12022] dump_stack_lvl+0x16c/0x1f0 [ 632.896322][T12022] should_fail_ex+0x497/0x5b0 [ 632.900983][T12022] ? fs_reclaim_acquire+0xae/0x150 [ 632.906070][T12022] should_failslab+0xc2/0x120 [ 632.910724][T12022] __kmalloc_noprof+0xcb/0x510 [ 632.915466][T12022] iovec_from_user.part.0+0xf3/0x130 [ 632.920742][T12022] __import_iovec+0xd6/0x6d0 [ 632.925315][T12022] import_iovec+0x108/0x140 [ 632.929794][T12022] copy_msghdr_from_user+0xfa/0x160 [ 632.934971][T12022] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 632.940752][T12022] ? __lock_acquire+0xcc5/0x3c40 [ 632.945681][T12022] ___sys_sendmsg+0xff/0x1e0 [ 632.950258][T12022] ? __pfx____sys_sendmsg+0x10/0x10 [ 632.955436][T12022] ? trace_lock_acquire+0x14e/0x1f0 [ 632.960617][T12022] __sys_sendmmsg+0x201/0x420 [ 632.965277][T12022] ? __pfx___sys_sendmmsg+0x10/0x10 [ 632.970455][T12022] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 632.976420][T12022] ? fput+0x67/0x440 [ 632.980293][T12022] ? ksys_write+0x1ba/0x250 [ 632.984770][T12022] ? __pfx_ksys_write+0x10/0x10 [ 632.989611][T12022] __x64_sys_sendmmsg+0x9c/0x100 [ 632.994534][T12022] ? lockdep_hardirqs_on+0x7c/0x110 [ 632.999712][T12022] do_syscall_64+0xcd/0x250 [ 633.004193][T12022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.010065][T12022] RIP: 0033:0x7fc5d9d85d29 [ 633.014458][T12022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 633.034050][T12022] RSP: 002b:00007fc5d7bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 633.042438][T12022] RAX: ffffffffffffffda RBX: 00007fc5d9f75fa0 RCX: 00007fc5d9d85d29 [ 633.050398][T12022] RDX: 0400000000000172 RSI: 0000000020003cc0 RDI: 0000000000000003 [ 633.058341][T12022] RBP: 00007fc5d7bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 633.066290][T12022] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001 [ 633.074238][T12022] R13: 0000000000000000 R14: 00007fc5d9f75fa0 R15: 00007ffd5c8e0b68 [ 633.082192][T12022] [ 633.116880][ T29] audit: type=1400 audit(1737507696.332:3147): avc: denied { name_bind } for pid=11988 comm="syz.0.1459" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 633.227709][T12025] kvm: pic: non byte write [ 633.249125][T12032] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 633.409369][T12039] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1468'. [ 633.427510][T12037] syz.0.1464: attempt to access beyond end of device [ 633.427510][T12037] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 636.434800][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 636.434818][ T29] audit: type=1400 audit(1737507702.092:3169): avc: denied { create } for pid=12073 comm="syz.0.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 636.501588][ T29] audit: type=1400 audit(1737507702.092:3170): avc: denied { read } for pid=12073 comm="syz.0.1474" name="sg0" dev="devtmpfs" ino=756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 636.646106][T12079] FAULT_INJECTION: forcing a failure. [ 636.646106][T12079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 636.678622][ T29] audit: type=1400 audit(1737507702.092:3171): avc: denied { open } for pid=12073 comm="syz.0.1474" path="/dev/sg0" dev="devtmpfs" ino=756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 636.731817][T12080] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1475'. [ 636.770455][T12079] CPU: 1 UID: 0 PID: 12079 Comm: syz.0.1474 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 636.780897][T12079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 636.790936][T12079] Call Trace: [ 636.794194][T12079] [ 636.797104][T12079] dump_stack_lvl+0x16c/0x1f0 [ 636.801768][T12079] should_fail_ex+0x497/0x5b0 [ 636.806429][T12079] _copy_from_user+0x2e/0xd0 [ 636.811025][T12079] core_sys_select+0x361/0xb80 [ 636.815789][T12079] ? __pfx_core_sys_select+0x10/0x10 [ 636.821065][T12079] ? get_pid_task+0xfc/0x250 [ 636.825658][T12079] ? set_user_sigmask+0x217/0x2a0 [ 636.830681][T12079] ? __pfx_set_user_sigmask+0x10/0x10 [ 636.836057][T12079] do_pselect.constprop.0+0x1a0/0x1f0 [ 636.841412][T12079] ? __pfx_do_pselect.constprop.0+0x10/0x10 [ 636.847290][T12079] __x64_sys_pselect6+0x183/0x240 [ 636.852294][T12079] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 636.857820][T12079] do_syscall_64+0xcd/0x250 [ 636.862303][T12079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.868178][T12079] RIP: 0033:0x7f6beb585d29 [ 636.872570][T12079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 636.892166][T12079] RSP: 002b:00007f6be93f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 636.901449][T12079] RAX: ffffffffffffffda RBX: 00007f6beb776160 RCX: 00007f6beb585d29 [ 636.909401][T12079] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040 [ 636.917358][T12079] RBP: 00007f6be93f6090 R08: 0000000000000000 R09: 0000000000000000 [ 636.925306][T12079] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001 [ 636.933254][T12079] R13: 0000000000000001 R14: 00007f6beb776160 R15: 00007ffed11bd688 [ 636.941215][T12079] [ 637.054439][ T29] audit: type=1400 audit(1737507702.152:3172): avc: denied { read write } for pid=12073 comm="syz.0.1474" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 637.081406][ T29] audit: type=1400 audit(1737507702.152:3173): avc: denied { open } for pid=12073 comm="syz.0.1474" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 637.522376][T12091] FAULT_INJECTION: forcing a failure. [ 637.522376][T12091] name failslab, interval 1, probability 0, space 0, times 0 [ 637.535346][T12091] CPU: 0 UID: 0 PID: 12091 Comm: syz.0.1476 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 637.546207][T12091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 637.556264][T12091] Call Trace: [ 637.559555][T12091] [ 637.562485][T12091] dump_stack_lvl+0x16c/0x1f0 [ 637.567184][T12091] should_fail_ex+0x497/0x5b0 [ 637.571867][T12091] ? fs_reclaim_acquire+0xae/0x150 [ 637.576993][T12091] should_failslab+0xc2/0x120 [ 637.581678][T12091] __kmalloc_noprof+0xcb/0x510 [ 637.586453][T12091] alloc_pipe_info+0x1ec/0x590 [ 637.591224][T12091] splice_direct_to_actor+0x793/0xa40 [ 637.596689][T12091] ? __pfx_direct_splice_actor+0x10/0x10 [ 637.602329][T12091] ? __pfx___schedule+0x10/0x10 [ 637.607188][T12091] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 637.613084][T12091] ? __pfx___might_resched+0x10/0x10 [ 637.618377][T12091] do_splice_direct+0x178/0x250 [ 637.623232][T12091] ? __pfx_do_splice_direct+0x10/0x10 [ 637.628607][T12091] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 637.634528][T12091] do_sendfile+0xaed/0xe30 [ 637.638952][T12091] ? __pfx_do_sendfile+0x10/0x10 [ 637.643889][T12091] ? __pfx___schedule+0x10/0x10 [ 637.648745][T12091] ? __fget_files+0x206/0x3a0 [ 637.653430][T12091] __x64_sys_sendfile64+0x1da/0x220 [ 637.658633][T12091] ? ksys_write+0x1ba/0x250 [ 637.663138][T12091] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 637.668870][T12091] do_syscall_64+0xcd/0x250 [ 637.673376][T12091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.679276][T12091] RIP: 0033:0x7f6beb585d29 [ 637.683687][T12091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.703315][T12091] RSP: 002b:00007f6be93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 637.711737][T12091] RAX: ffffffffffffffda RBX: 00007f6beb776160 RCX: 00007f6beb585d29 [ 637.719708][T12091] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 637.727679][T12091] RBP: 00007f6be93f6090 R08: 0000000000000000 R09: 0000000000000000 [ 637.735660][T12091] R10: 00000000001000a3 R11: 0000000000000246 R12: 0000000000000001 [ 637.743637][T12091] R13: 0000000000000000 R14: 00007f6beb776160 R15: 00007ffed11bd688 [ 637.751626][T12091] [ 637.933155][T12093] kvm: pic: non byte write [ 638.007616][T12100] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1477'. [ 638.617039][T12118] input: syz0 as /devices/virtual/input/input34 [ 638.698277][ T29] audit: type=1400 audit(1737507704.242:3174): avc: denied { ioctl } for pid=12113 comm="syz.0.1478" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 639.127608][ T29] audit: type=1400 audit(1737507704.252:3175): avc: denied { write } for pid=12113 comm="syz.0.1478" name="vhost-vsock" dev="devtmpfs" ino=1275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 639.197698][ T29] audit: type=1400 audit(1737507704.302:3176): avc: denied { read } for pid=5175 comm="acpid" name="event4" dev="devtmpfs" ino=3321 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 639.373187][ T29] audit: type=1400 audit(1737507704.302:3177): avc: denied { open } for pid=5175 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3321 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 639.562321][ T29] audit: type=1400 audit(1737507704.302:3178): avc: denied { ioctl } for pid=5175 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3321 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 639.620405][ T934] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 639.770442][ T934] usb 3-1: Using ep0 maxpacket: 32 [ 639.782890][ T934] usb 3-1: config 0 interface 0 has no altsetting 0 [ 639.801821][ T934] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 639.818877][ T934] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 639.852480][ T934] usb 3-1: Product: syz [ 639.856771][ T934] usb 3-1: Manufacturer: syz [ 639.867174][ T934] usb 3-1: SerialNumber: syz [ 639.883141][ T934] usb 3-1: config 0 descriptor?? [ 640.236123][T12132] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 640.315279][ T934] gs_usb 3-1:0.0: Configuring for 202 interfaces [ 640.348750][ T934] gs_usb 3-1:0.0: Driver cannot handle more that 3 CAN interfaces [ 640.394869][ T934] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -22 [ 641.937478][ T29] audit: type=1400 audit(1737507707.552:3179): avc: denied { bind } for pid=12143 comm="syz.4.1483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 642.267921][ T29] audit: type=1400 audit(1737507707.632:3180): avc: denied { getopt } for pid=12143 comm="syz.4.1483" laddr=::ffff:0.0.0.0 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 642.281099][T12147] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1484'. [ 642.456159][ T29] audit: type=1400 audit(1737507707.632:3181): avc: denied { connect } for pid=12143 comm="syz.4.1483" laddr=::ffff:0.0.0.0 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 643.078859][T12121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 643.118561][T10044] usb 3-1: USB disconnect, device number 42 [ 643.164959][ T29] audit: type=1400 audit(1737507707.632:3182): avc: denied { name_connect } for pid=12143 comm="syz.4.1483" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 643.293685][ T29] audit: type=1326 audit(1737507707.922:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12146 comm="syz.1.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 643.369461][ T29] audit: type=1326 audit(1737507707.922:3184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12146 comm="syz.1.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 643.394054][ T29] audit: type=1326 audit(1737507707.922:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12146 comm="syz.1.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 643.430356][ T29] audit: type=1326 audit(1737507707.922:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12146 comm="syz.1.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 643.550343][ T29] audit: type=1326 audit(1737507707.922:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12146 comm="syz.1.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 643.556454][T12161] kvm: pic: non byte write [ 644.176937][ T29] audit: type=1326 audit(1737507707.922:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12146 comm="syz.1.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 644.364254][T12159] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1489'. [ 644.602133][T12178] kvm: pic: non byte write [ 646.460721][T12204] FAULT_INJECTION: forcing a failure. [ 646.460721][T12204] name failslab, interval 1, probability 0, space 0, times 0 [ 646.500342][T12204] CPU: 1 UID: 0 PID: 12204 Comm: syz.2.1500 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 646.510803][T12204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 646.520848][T12204] Call Trace: [ 646.524131][T12204] [ 646.527060][T12204] dump_stack_lvl+0x16c/0x1f0 [ 646.531752][T12204] should_fail_ex+0x497/0x5b0 [ 646.536436][T12204] ? fs_reclaim_acquire+0xae/0x150 [ 646.541549][T12204] should_failslab+0xc2/0x120 [ 646.546225][T12204] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 646.551594][T12204] ? security_inode_alloc+0x3b/0x2b0 [ 646.556883][T12204] security_inode_alloc+0x3b/0x2b0 [ 646.561988][T12204] inode_init_always_gfp+0xce4/0x1030 [ 646.567352][T12204] alloc_inode+0x82/0x230 [ 646.571679][T12204] sock_alloc+0x40/0x280 [ 646.575928][T12204] do_accept+0xf8/0x530 [ 646.580071][T12204] ? do_raw_spin_lock+0x12d/0x2c0 [ 646.585091][T12204] ? __pfx_do_accept+0x10/0x10 [ 646.589868][T12204] __sys_accept4+0xfe/0x1b0 [ 646.594357][T12204] ? __pfx___sys_accept4+0x10/0x10 [ 646.599456][T12204] ? __pfx_ksys_write+0x10/0x10 [ 646.604299][T12204] __x64_sys_accept4+0x96/0x100 [ 646.609139][T12204] ? lockdep_hardirqs_on+0x7c/0x110 [ 646.614333][T12204] do_syscall_64+0xcd/0x250 [ 646.618821][T12204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 646.624712][T12204] RIP: 0033:0x7f82c7985d29 [ 646.629133][T12204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 646.648740][T12204] RSP: 002b:00007f82c77f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 646.657159][T12204] RAX: ffffffffffffffda RBX: 00007f82c7b75fa0 RCX: 00007f82c7985d29 [ 646.665124][T12204] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 646.673085][T12204] RBP: 00007f82c77f9090 R08: 0000000000000000 R09: 0000000000000000 [ 646.681049][T12204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 646.689013][T12204] R13: 0000000000000000 R14: 00007f82c7b75fa0 R15: 00007fff76581e78 [ 646.697007][T12204] [ 646.928373][T12192] loop9: detected capacity change from 0 to 1 [ 647.024178][T12213] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 647.225755][T12192] loop9: [POWERTEC] p1 p2 p3 [ 647.497171][T12192] loop9: p1 start 251723956 is beyond EOD, truncated [ 647.701604][T12192] loop9: p2 start 1661300723 is beyond EOD, truncated [ 647.782635][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 647.782651][ T29] audit: type=1400 audit(1737507713.442:3214): avc: denied { bind } for pid=12189 comm="syz.3.1496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 647.826582][T12192] loop9: p3 start 2635344306 is beyond EOD, truncated [ 647.934141][ T29] audit: type=1400 audit(1737507713.492:3215): avc: denied { accept } for pid=12189 comm="syz.3.1496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 648.010661][ T29] audit: type=1400 audit(1737507713.632:3216): avc: denied { read write } for pid=12215 comm="syz.1.1502" name="video36" dev="devtmpfs" ino=1044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 648.116458][ T29] audit: type=1400 audit(1737507713.632:3217): avc: denied { open } for pid=12215 comm="syz.1.1502" path="/dev/video36" dev="devtmpfs" ino=1044 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 648.292810][ T29] audit: type=1400 audit(1737507713.632:3218): avc: denied { name_bind } for pid=12215 comm="syz.1.1502" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 648.297289][T12220] kvm: pic: non byte write [ 648.552056][T12225] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1503'. [ 648.568192][ T29] audit: type=1400 audit(1737507713.632:3219): avc: denied { node_bind } for pid=12215 comm="syz.1.1502" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 649.489449][ T29] audit: type=1400 audit(1737507715.142:3220): avc: denied { create } for pid=12231 comm="syz.0.1507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 651.495997][ T29] audit: type=1400 audit(1737507717.152:3221): avc: denied { write } for pid=12231 comm="syz.0.1507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 652.543879][ T29] audit: type=1400 audit(1737507717.442:3222): avc: denied { bind } for pid=12236 comm="syz.3.1509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 652.620044][ T29] audit: type=1400 audit(1737507717.442:3223): avc: denied { setopt } for pid=12236 comm="syz.3.1509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 653.103276][ T29] audit: type=1400 audit(1737507718.152:3224): avc: denied { wake_alarm } for pid=12236 comm="syz.3.1509" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 653.945663][T12266] fuse: Unknown parameter 'fd0x0000000000000004' [ 654.311952][ T29] audit: type=1400 audit(1737507719.962:3225): avc: denied { recv } for pid=0 comm="swapper/0" saddr=10.128.0.169 src=44068 daddr=10.128.1.164 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 654.490410][ T9540] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 654.650449][ T9540] usb 3-1: Using ep0 maxpacket: 32 [ 654.662527][ T9540] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 654.698894][ T9540] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 654.798395][ T9540] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 654.818114][ T9540] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 654.833154][ T9540] usb 3-1: config 0 descriptor?? [ 655.468155][ T9540] hub 3-1:0.0: USB hub found [ 655.845655][ T9540] hub 3-1:0.0: 1 port detected [ 656.426347][T12264] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1514'. [ 656.460339][T12264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1514'. [ 656.543680][ T9540] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 656.556060][ T9540] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 656.757806][T12314] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 656.851058][T12316] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 657.359100][T12314] fuse: Bad value for 'fd' [ 657.446935][ T9540] usbhid 3-1:0.0: can't add hid device: -71 [ 657.455478][ T9540] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 657.491965][ T9540] usb 3-1: USB disconnect, device number 43 [ 657.680541][ T29] audit: type=1326 audit(1737507723.322:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12320 comm="syz.4.1524" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5d9d85d29 code=0x0 [ 657.801384][T10044] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 658.070027][T10044] usb 4-1: config 0 has an invalid descriptor of length 86, skipping remainder of the config [ 658.152747][ T29] audit: type=1400 audit(1737507723.702:3227): avc: denied { ioctl } for pid=12322 comm="syz.3.1527" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 658.246342][T10044] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 658.252450][ T29] audit: type=1400 audit(1737507723.722:3228): avc: denied { read } for pid=12306 comm="syz.0.1521" dev="nsfs" ino=4026533234 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 658.263782][T10044] usb 4-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00 [ 658.534201][T12338] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1528'. [ 658.570336][T10044] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 658.581552][T10044] usb 4-1: config 0 descriptor?? [ 658.588053][ T29] audit: type=1400 audit(1737507723.722:3229): avc: denied { open } for pid=12306 comm="syz.0.1521" path="net:[4026533234]" dev="nsfs" ino=4026533234 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 658.670134][ T29] audit: type=1400 audit(1737507723.722:3230): avc: denied { create } for pid=12306 comm="syz.0.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 658.708981][ T29] audit: type=1400 audit(1737507723.802:3231): avc: denied { bind } for pid=12306 comm="syz.0.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 658.817323][T12342] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1529'. [ 658.871265][T12324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 658.883924][T12324] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 660.816162][ T29] audit: type=1400 audit(1737507723.802:3232): avc: denied { write } for pid=12306 comm="syz.0.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 661.152472][ T29] audit: type=1400 audit(1737507723.802:3233): avc: denied { read } for pid=12306 comm="syz.0.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 661.249230][T12350] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 661.277974][T12350] syz.1.1530: attempt to access beyond end of device [ 661.277974][T12350] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 661.372891][ T29] audit: type=1400 audit(1737507723.802:3234): avc: denied { write } for pid=12306 comm="syz.0.1521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 661.461904][ T29] audit: type=1400 audit(1737507723.912:3235): avc: denied { append } for pid=5172 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 661.512110][ T29] audit: type=1400 audit(1737507723.942:3236): avc: denied { recv } for pid=10044 comm="kworker/1:8" saddr=10.128.0.169 src=30006 daddr=10.128.1.164 dest=58808 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 661.808468][T10044] usb 4-1: string descriptor 0 read error: -71 [ 661.819526][T10044] usb 4-1: USB disconnect, device number 47 [ 662.239138][T12363] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 662.799629][T12367] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 662.808584][T12367] fuse: Bad value for 'fd' [ 663.299440][ T29] kauditd_printk_skb: 56 callbacks suppressed [ 663.299459][ T29] audit: type=1326 audit(1737507728.942:3293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 663.429651][ T29] audit: type=1326 audit(1737507728.942:3294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 663.662109][T12377] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 663.778150][T12377] syz.4.1539: attempt to access beyond end of device [ 663.778150][T12377] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 664.272005][ T29] audit: type=1400 audit(1737507729.932:3295): avc: denied { unmount } for pid=5815 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 664.332696][ T29] audit: type=1400 audit(1737507729.972:3296): avc: denied { unmount } for pid=5815 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 664.428427][T12380] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1541'. [ 664.982377][ T29] audit: type=1400 audit(1737507730.642:3297): avc: denied { search } for pid=5484 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 665.072601][ T29] audit: type=1400 audit(1737507730.642:3298): avc: denied { read } for pid=5484 comm="dhcpcd" name="n171" dev="tmpfs" ino=7028 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 665.138927][ T29] audit: type=1400 audit(1737507730.642:3299): avc: denied { open } for pid=5484 comm="dhcpcd" path="/run/udev/data/n171" dev="tmpfs" ino=7028 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 665.182527][ T29] audit: type=1400 audit(1737507730.642:3300): avc: denied { getattr } for pid=5484 comm="dhcpcd" path="/run/udev/data/n171" dev="tmpfs" ino=7028 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 665.230438][ T29] audit: type=1400 audit(1737507730.792:3301): avc: denied { module_request } for pid=12387 comm="syz.1.1544" kmod="fs-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 665.260730][T12391] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1544'. [ 665.271660][T12391] netlink: 'syz.1.1544': attribute type 19 has an invalid length. [ 665.282842][ T29] audit: type=1326 audit(1737507730.942:3302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.1.1544" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1b9c185d29 code=0x0 [ 665.440249][T10044] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 665.751650][T10044] usb 3-1: config 0 has an invalid descriptor of length 86, skipping remainder of the config [ 665.753555][T12400] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1548'. [ 665.779893][T10044] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 665.815996][T10044] usb 3-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00 [ 665.844457][T10044] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.874869][T10044] usb 3-1: config 0 descriptor?? [ 666.076886][T12402] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 666.088820][T12402] fuse: Bad value for 'fd' [ 666.098193][T12388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 666.120938][T12388] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 668.169478][T10044] usb 3-1: string descriptor 0 read error: -71 [ 668.211447][T10044] usb 3-1: USB disconnect, device number 44 [ 669.220352][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 669.220397][ T29] audit: type=1400 audit(1737507734.872:3318): avc: denied { create } for pid=12420 comm="syz.2.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 669.557037][ T29] audit: type=1400 audit(1737507734.922:3319): avc: denied { bind } for pid=12420 comm="syz.2.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 669.580330][ T29] audit: type=1400 audit(1737507734.932:3320): avc: denied { create } for pid=12420 comm="syz.2.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 669.600897][ T29] audit: type=1400 audit(1737507734.962:3321): avc: denied { bind } for pid=12420 comm="syz.2.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 669.620901][ T29] audit: type=1400 audit(1737507734.972:3322): avc: denied { write } for pid=12420 comm="syz.2.1555" path="socket:[34263]" dev="sockfs" ino=34263 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 669.645640][ T29] audit: type=1400 audit(1737507734.992:3323): avc: denied { create } for pid=12420 comm="syz.2.1555" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 669.720314][ T29] audit: type=1400 audit(1737507734.992:3324): avc: denied { map } for pid=12420 comm="syz.2.1555" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=34264 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 669.768651][ T29] audit: type=1400 audit(1737507734.992:3325): avc: denied { read write } for pid=12420 comm="syz.2.1555" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=34264 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 669.794399][ T29] audit: type=1400 audit(1737507735.032:3326): avc: denied { setopt } for pid=12420 comm="syz.2.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 669.816098][ T29] audit: type=1400 audit(1737507735.032:3327): avc: denied { bind } for pid=12420 comm="syz.2.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 669.887790][T12428] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1556'. [ 669.930235][T12428] netlink: 'syz.4.1556': attribute type 19 has an invalid length. [ 670.924925][T12442] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1560'. [ 671.254714][T12448] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1561'. [ 674.161282][T12469] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 674.187186][T12469] syz.2.1567: attempt to access beyond end of device [ 674.187186][T12469] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 674.520856][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 674.520893][ T29] audit: type=1400 audit(1737507740.172:3343): avc: denied { read } for pid=12475 comm="syz.1.1569" name="event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 674.649437][ T29] audit: type=1400 audit(1737507740.222:3344): avc: denied { open } for pid=12475 comm="syz.1.1569" path="/dev/input/event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 674.740412][ T29] audit: type=1400 audit(1737507740.372:3345): avc: denied { write } for pid=12459 comm="syz.4.1566" path="socket:[34344]" dev="sockfs" ino=34344 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 674.871829][ T29] audit: type=1326 audit(1737507740.532:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.0.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6beb585d29 code=0x7ffc0000 [ 674.885378][T12484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1571'. [ 674.946406][ T29] audit: type=1326 audit(1737507740.532:3347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.0.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6beb585d29 code=0x7ffc0000 [ 675.021093][ T29] audit: type=1326 audit(1737507740.532:3348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.0.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7f6beb585d29 code=0x7ffc0000 [ 675.065138][ T29] audit: type=1326 audit(1737507740.532:3349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.0.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6beb585d29 code=0x7ffc0000 [ 675.111248][ T29] audit: type=1326 audit(1737507740.532:3350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.0.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6beb585d29 code=0x7ffc0000 [ 675.134745][ C0] vkms_vblank_simulate: vblank timer overrun [ 675.150301][ T29] audit: type=1326 audit(1737507740.542:3351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.0.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6beb585d29 code=0x7ffc0000 [ 675.150405][ T9540] usb 2-1: new high-speed USB device number 68 using dummy_hcd [ 675.218143][ T29] audit: type=1326 audit(1737507740.542:3352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.0.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6beb585d29 code=0x7ffc0000 [ 675.431668][T10044] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 675.510909][ T9540] usb 2-1: Using ep0 maxpacket: 8 [ 675.532445][ T9540] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 675.541601][ T9540] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 675.549800][ T9540] usb 2-1: Product: syz [ 675.554921][ T9540] usb 2-1: Manufacturer: syz [ 675.559591][ T9540] usb 2-1: SerialNumber: syz [ 675.567907][ T9540] usb 2-1: config 0 descriptor?? [ 675.600377][T10044] usb 4-1: Using ep0 maxpacket: 16 [ 675.612833][T10044] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 675.653986][T12497] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'. [ 675.662192][T10044] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 675.703409][T10044] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 675.747864][T10044] usb 4-1: Product: syz [ 675.754220][T10044] usb 4-1: Manufacturer: syz [ 675.759034][T10044] usb 4-1: SerialNumber: syz [ 675.821209][T10044] usb 4-1: config 0 descriptor?? [ 675.840303][ T9540] dvb_usb_rtl28xxu 2-1:0.0: chip type detection failed -71 [ 675.847637][ T9540] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 675.882114][ T9540] usb 2-1: USB disconnect, device number 68 [ 678.804922][T12528] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 679.014087][T12528] syz.1.1581: attempt to access beyond end of device [ 679.014087][T12528] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 679.182035][ T8] usb 4-1: USB disconnect, device number 48 [ 679.475386][T12537] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1585'. [ 679.539505][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 679.539524][ T29] audit: type=1400 audit(1737507745.192:3394): avc: denied { ioctl } for pid=12538 comm="syz.2.1586" path="/dev/vbi8" dev="devtmpfs" ino=1006 ioctlcmd=0x5627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 679.608136][ T29] audit: type=1400 audit(1737507745.252:3395): avc: denied { create } for pid=12538 comm="syz.2.1586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 679.726589][ T29] audit: type=1400 audit(1737507745.362:3396): avc: denied { connect } for pid=12538 comm="syz.2.1586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 679.811735][ T29] audit: type=1400 audit(1737507745.422:3397): avc: denied { write } for pid=12543 comm="syz.4.1588" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 679.833190][ C1] vkms_vblank_simulate: vblank timer overrun [ 679.924696][ T29] audit: type=1400 audit(1737507745.542:3398): avc: denied { read } for pid=12547 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 679.982750][ T9540] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 679.990356][ T29] audit: type=1400 audit(1737507745.542:3399): avc: denied { open } for pid=12547 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 679.990395][ T29] audit: type=1400 audit(1737507745.542:3400): avc: denied { getattr } for pid=12547 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 679.990431][ T29] audit: type=1400 audit(1737507745.612:3401): avc: denied { ioctl } for pid=12548 comm="syz.0.1587" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 680.015574][ C1] vkms_vblank_simulate: vblank timer overrun [ 680.070790][ C1] vkms_vblank_simulate: vblank timer overrun [ 680.177552][ T29] audit: type=1400 audit(1737507745.832:3402): avc: denied { create } for pid=12548 comm="syz.0.1587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 680.247488][ T29] audit: type=1400 audit(1737507745.862:3403): avc: denied { bind } for pid=12548 comm="syz.0.1587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 680.683245][ T9540] usb 3-1: device descriptor read/64, error -71 [ 680.691865][T12564] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1589'. [ 681.225023][ T9540] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 681.604134][ T9540] usb 3-1: device descriptor read/64, error -71 [ 681.731963][ T9540] usb usb3-port1: attempt power cycle [ 681.800758][T12545] Bluetooth: hci4: command 0x0406 tx timeout [ 681.880222][T12578] fuse: Bad value for 'fd' [ 682.152252][T12569] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 682.200309][ T9540] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 682.245193][ T9540] usb 3-1: device descriptor read/8, error -71 [ 682.532128][ T9540] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 682.883655][ T9540] usb 3-1: device not accepting address 48, error -71 [ 682.950659][ T9540] usb usb3-port1: unable to enumerate USB device [ 685.711410][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 685.711425][ T29] audit: type=1326 audit(1737507751.372:3414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 685.746309][T12621] tmpfs: Unknown parameter 'qzÅÄö˜Ò' [ 685.809586][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.215041][ T29] audit: type=1326 audit(1737507751.372:3415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 686.248893][ T29] audit: type=1326 audit(1737507751.372:3416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 686.427450][ T29] audit: type=1326 audit(1737507751.372:3417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 686.432235][T12630] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 687.044294][ T29] audit: type=1326 audit(1737507751.372:3418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 687.222319][ T29] audit: type=1326 audit(1737507751.402:3419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f82c7984690 code=0x7ffc0000 [ 687.350641][ T29] audit: type=1326 audit(1737507751.402:3420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 687.586988][ T29] audit: type=1326 audit(1737507751.402:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 687.677565][ T29] audit: type=1326 audit(1737507751.402:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 687.825370][ T29] audit: type=1326 audit(1737507751.402:3423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12592 comm="syz.2.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82c7985d29 code=0x7ffc0000 [ 689.838010][T12678] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1611'. [ 691.570245][T12694] input: syz0 as /devices/virtual/input/input35 [ 691.820411][ T29] kauditd_printk_skb: 48 callbacks suppressed [ 691.820430][ T29] audit: type=1400 audit(1737507757.452:3472): avc: denied { read } for pid=5175 comm="acpid" name="event4" dev="devtmpfs" ino=3333 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 692.231702][ T29] audit: type=1400 audit(1737507757.452:3473): avc: denied { open } for pid=5175 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3333 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 692.255173][ C1] vkms_vblank_simulate: vblank timer overrun [ 692.390401][ T29] audit: type=1400 audit(1737507757.452:3474): avc: denied { ioctl } for pid=5175 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3333 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 692.419061][T12704] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1615'. [ 692.579890][ T29] audit: type=1326 audit(1737507758.112:3475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.0.1615" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6beb585d29 code=0x0 [ 693.138797][T12720] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1618'. [ 693.209338][ T29] audit: type=1400 audit(1737507758.862:3476): avc: denied { block_suspend } for pid=12715 comm="syz.4.1619" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 694.571248][T12740] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 695.404632][T12752] tmpfs: Unknown parameter 'qzÅÄö˜Ò' [ 695.412746][ T29] audit: type=1326 audit(1737507761.062:3477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12734 comm="syz.3.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 695.493685][T12753] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 696.163469][ T29] audit: type=1326 audit(1737507761.062:3478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12734 comm="syz.3.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 696.200367][ T29] audit: type=1326 audit(1737507761.062:3479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12734 comm="syz.3.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 696.329582][ T29] audit: type=1326 audit(1737507761.062:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12734 comm="syz.3.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 696.403307][ T29] audit: type=1326 audit(1737507761.062:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12734 comm="syz.3.1621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 696.730403][T12763] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1627'. [ 697.960427][T12777] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1630'. [ 698.024482][ T29] kauditd_printk_skb: 40 callbacks suppressed [ 698.024527][ T29] audit: type=1400 audit(1737507763.682:3522): avc: denied { read } for pid=12775 comm="syz.0.1629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 698.377956][ T29] audit: type=1326 audit(1737507763.712:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12772 comm="syz.4.1630" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5d9d85d29 code=0x0 [ 698.449253][ T29] audit: type=1400 audit(1737507763.732:3524): avc: denied { append } for pid=12775 comm="syz.0.1629" name="iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 698.527876][ T29] audit: type=1400 audit(1737507763.732:3525): avc: denied { ioctl } for pid=12775 comm="syz.0.1629" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 698.612460][ T29] audit: type=1400 audit(1737507763.892:3526): avc: denied { execute } for pid=12775 comm="syz.0.1629" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=34800 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 699.202223][T12787] overlayfs: unescaped trailing colons in lowerdir mount option. [ 701.738354][T12810] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 702.295120][T12812] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1639'. [ 702.328524][ T29] audit: type=1400 audit(1737507767.982:3527): avc: denied { ioctl } for pid=12811 comm="syz.3.1639" path="socket:[35896]" dev="sockfs" ino=35896 ioctlcmd=0x52c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 702.401938][ T29] audit: type=1400 audit(1737507767.982:3528): avc: denied { connect } for pid=12815 comm="syz.2.1640" lport=256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 702.426323][ T934] usb 5-1: new high-speed USB device number 68 using dummy_hcd [ 702.483390][ T29] audit: type=1400 audit(1737507768.032:3529): avc: denied { write } for pid=12815 comm="syz.2.1640" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 702.760408][ T934] usb 5-1: Using ep0 maxpacket: 16 [ 702.771691][ T934] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 702.779860][ T934] usb 5-1: config 0 has no interface number 0 [ 702.787530][ T934] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 703.759805][ T934] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 704.105615][ T934] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 704.114787][ T934] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 704.129595][ T934] usb 5-1: config 0 descriptor?? [ 704.450372][ T29] audit: type=1400 audit(1737507770.102:3530): avc: denied { create } for pid=12807 comm="syz.4.1638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 704.523877][ T29] audit: type=1400 audit(1737507770.142:3531): avc: denied { execute_no_trans } for pid=12831 comm="syz.2.1644" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 705.324360][T12842] tmpfs: Unknown parameter 'qzÅÄö˜Ò' [ 705.374429][ T29] audit: type=1400 audit(1737507770.152:3532): avc: denied { ioctl } for pid=12831 comm="syz.2.1644" path="socket:[35921]" dev="sockfs" ino=35921 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 705.399288][ T29] audit: type=1326 audit(1737507770.962:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12827 comm="syz.3.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 705.460298][ T29] audit: type=1326 audit(1737507770.972:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12827 comm="syz.3.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 705.605037][ T934] usbhid 5-1:0.1: can't add hid device: -71 [ 705.608526][ T29] audit: type=1326 audit(1737507770.972:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12827 comm="syz.3.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 705.616028][ T934] usbhid 5-1:0.1: probe with driver usbhid failed with error -71 [ 705.682121][ T934] usb 5-1: USB disconnect, device number 68 [ 705.704319][ T29] audit: type=1326 audit(1737507770.972:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12827 comm="syz.3.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 705.728949][ T29] audit: type=1326 audit(1737507770.972:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12827 comm="syz.3.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 705.772022][ T29] audit: type=1326 audit(1737507770.972:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12827 comm="syz.3.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2cadb84690 code=0x7ffc0000 [ 705.811155][T12852] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 705.865947][ T29] audit: type=1326 audit(1737507770.972:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12827 comm="syz.3.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cadb85d29 code=0x7ffc0000 [ 707.271277][T12868] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 710.270281][ T5869] usb 5-1: new high-speed USB device number 69 using dummy_hcd [ 710.360687][T12889] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1657'. [ 710.450682][ T5869] usb 5-1: Using ep0 maxpacket: 16 [ 710.504000][ T5869] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 710.569572][ T5869] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 710.579262][ T5869] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 710.590541][ T5869] usb 5-1: Product: syz [ 710.594810][ T5869] usb 5-1: Manufacturer: syz [ 710.603884][ T5869] usb 5-1: SerialNumber: syz [ 710.915380][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 710.915398][ T29] audit: type=1400 audit(1737507776.562:3577): avc: denied { create } for pid=12890 comm="syz.0.1658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 710.942161][ T5869] usb 5-1: config 0 descriptor?? [ 711.097234][ T5831] Bluetooth: hci0: Malformed LE Event: 0x0d [ 711.652408][ T29] audit: type=1400 audit(1737507776.702:3578): avc: denied { write } for pid=12890 comm="syz.0.1658" path="/dev/vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 712.302248][ T29] audit: type=1400 audit(1737507777.952:3579): avc: denied { setopt } for pid=12904 comm="syz.1.1662" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 712.851449][ T5869] usb 5-1: USB disconnect, device number 69 [ 712.957856][ T29] audit: type=1400 audit(1737507778.612:3580): avc: denied { create } for pid=12910 comm="syz.2.1664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 715.422921][T12937] overlayfs: overlapping lowerdir path [ 715.682714][ T29] audit: type=1400 audit(1737507781.322:3581): avc: denied { audit_write } for pid=12941 comm="syz.0.1669" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 715.965688][ T29] audit: type=1400 audit(1737507781.372:3582): avc: denied { read } for pid=12941 comm="syz.0.1669" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 716.044290][ T29] audit: type=1400 audit(1737507781.372:3583): avc: denied { open } for pid=12941 comm="syz.0.1669" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 716.444415][ T29] audit: type=1400 audit(1737507782.102:3584): avc: denied { mount } for pid=12949 comm="syz.0.1670" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 717.129609][T12962] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1672'. [ 717.219327][ T29] audit: type=1400 audit(1737507782.872:3585): avc: denied { ioctl } for pid=12967 comm="syz.3.1673" path="socket:[35553]" dev="sockfs" ino=35553 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 717.270740][T12968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1673'. [ 717.296224][T12968] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode broadcast(3) [ 717.325944][ T29] audit: type=1326 audit(1737507782.912:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12956 comm="syz.4.1672" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5d9d85d29 code=0x0 [ 717.519655][ T29] audit: type=1400 audit(1737507783.172:3587): avc: denied { unmount } for pid=5813 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 717.550663][ T29] audit: type=1400 audit(1737507783.172:3588): avc: denied { create } for pid=12976 comm="syz.3.1677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 717.621661][ T29] audit: type=1400 audit(1737507783.272:3589): avc: denied { read } for pid=12976 comm="syz.3.1677" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 717.646680][ T29] audit: type=1400 audit(1737507783.272:3590): avc: denied { open } for pid=12976 comm="syz.3.1677" path="/345/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 717.707313][ T5869] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 717.840371][T10044] usb 2-1: new high-speed USB device number 69 using dummy_hcd [ 717.980351][ T5869] usb 3-1: Using ep0 maxpacket: 32 [ 718.120324][T10044] usb 2-1: Using ep0 maxpacket: 16 [ 718.152773][T10044] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 718.163633][ T5869] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 12336, setting to 1024 [ 718.195888][ T5869] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024 [ 718.313737][T10044] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 718.468599][ T5869] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 718.478396][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 718.486880][ T5869] usb 3-1: Product: syz [ 718.492160][ T5869] usb 3-1: Manufacturer: syz [ 718.497132][ T5869] usb 3-1: SerialNumber: syz [ 718.502030][T10044] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 718.511095][T10044] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 718.528116][T10044] usb 2-1: Product: syz [ 718.528368][T12972] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 718.533026][T10044] usb 2-1: Manufacturer: syz [ 718.544808][T10044] usb 2-1: SerialNumber: syz [ 718.559918][T10044] usb 2-1: config 0 descriptor?? [ 718.662053][ T29] audit: type=1400 audit(1737507784.322:3591): avc: denied { ioctl } for pid=13002 comm="syz.3.1681" path="socket:[35590]" dev="sockfs" ino=35590 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 718.932265][ T5869] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 49 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 719.424895][ T5869] usb 3-1: USB disconnect, device number 49 [ 719.630010][ T5869] usblp0: removed [ 720.149442][T13023] FAULT_INJECTION: forcing a failure. [ 720.149442][T13023] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 720.163799][T13023] CPU: 0 UID: 0 PID: 13023 Comm: syz.0.1685 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 720.174213][T13023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 720.184251][T13023] Call Trace: [ 720.187507][T13023] [ 720.190417][T13023] dump_stack_lvl+0x16c/0x1f0 [ 720.195077][T13023] should_fail_ex+0x497/0x5b0 [ 720.199739][T13023] _copy_from_user+0x2e/0xd0 [ 720.204315][T13023] memdup_user+0x71/0xd0 [ 720.208541][T13023] strndup_user+0x78/0xe0 [ 720.212844][T13023] __x64_sys_mount+0x138/0x310 [ 720.217585][T13023] ? __pfx___x64_sys_mount+0x10/0x10 [ 720.222861][T13023] do_syscall_64+0xcd/0x250 [ 720.227354][T13023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.233247][T13023] RIP: 0033:0x7f6beb585d29 [ 720.237648][T13023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 720.257246][T13023] RSP: 002b:00007f6bec2da038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 720.265646][T13023] RAX: ffffffffffffffda RBX: 00007f6beb776080 RCX: 00007f6beb585d29 [ 720.273607][T13023] RDX: 0000000020000180 RSI: 0000000020000040 RDI: 0000000000000000 [ 720.281564][T13023] RBP: 00007f6bec2da090 R08: 0000000000000000 R09: 0000000000000000 [ 720.289520][T13023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 720.297474][T13023] R13: 0000000000000000 R14: 00007f6beb776080 R15: 00007ffed11bd688 [ 720.305439][T13023] [ 720.722063][T13021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1683'. [ 721.011319][T13031] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1688'. [ 721.022954][T13032] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1686'. [ 721.033640][T13031] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode broadcast(3) [ 721.081707][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 721.081722][ T29] audit: type=1326 audit(1737507786.692:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.2.1686" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f82c7985d29 code=0x0 [ 721.148778][ T29] audit: type=1400 audit(1737507786.802:3597): avc: denied { create } for pid=13033 comm="syz.4.1689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 721.185060][ T29] audit: type=1400 audit(1737507786.842:3598): avc: denied { connect } for pid=13033 comm="syz.4.1689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 721.206486][ T29] audit: type=1400 audit(1737507786.842:3599): avc: denied { read } for pid=13033 comm="syz.4.1689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 721.230260][T10044] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 721.240686][ T29] audit: type=1400 audit(1737507786.892:3600): avc: denied { write } for pid=13033 comm="syz.4.1689" path="socket:[36456]" dev="sockfs" ino=36456 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 721.434304][T10044] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 721.502550][T10044] usb 4-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00 [ 721.761426][T10044] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 721.793070][T10044] usb 4-1: config 0 descriptor?? [ 721.808050][T10044] appletouch 4-1:0.0: Could not find int-in endpoint [ 721.843500][T10044] appletouch 4-1:0.0: probe with driver appletouch failed with error -5 [ 721.868795][ T8] usb 2-1: USB disconnect, device number 69 [ 721.879638][T10044] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 722.515638][T13046] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1691'. [ 722.598824][ T29] audit: type=1326 audit(1737507788.252:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13045 comm="syz.1.1691" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1b9c185d29 code=0x0 [ 723.342806][T10044] usb 4-1: USB disconnect, device number 49 [ 723.405650][ T8] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 723.570410][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 723.612916][ T8] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 723.633761][ T8] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 723.666411][ T8] usb 3-1: Product: syz [ 723.882813][ T8] usb 3-1: Manufacturer: syz [ 723.922391][ T8] usb 3-1: SerialNumber: syz [ 724.200765][T10044] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 724.285673][ T8] usb 3-1: config 0 descriptor?? [ 724.660333][ T29] audit: type=1400 audit(1737507790.312:3602): avc: denied { create } for pid=13053 comm="syz.2.1693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 724.700357][T10044] usb 4-1: Using ep0 maxpacket: 16 [ 724.744186][T10044] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 724.806817][T10044] usb 4-1: config 0 has no interface number 0 [ 724.886637][T10044] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 724.963911][T10044] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 725.034001][T10044] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 725.111548][T10044] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 725.157168][T10044] usb 4-1: config 0 descriptor?? [ 725.198116][ T5869] usb 3-1: USB disconnect, device number 50 [ 726.172193][ T29] audit: type=1400 audit(1737507791.832:3603): avc: denied { write } for pid=13098 comm="syz.0.1700" path="socket:[36556]" dev="sockfs" ino=36556 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 726.373129][ T29] audit: type=1400 audit(1737507792.032:3604): avc: denied { write } for pid=13079 comm="syz.1.1698" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 726.520335][ T8] usb 1-1: new high-speed USB device number 52 using dummy_hcd [ 726.701582][T13112] FAULT_INJECTION: forcing a failure. [ 726.701582][T13112] name failslab, interval 1, probability 0, space 0, times 0 [ 726.714372][T13112] CPU: 1 UID: 0 PID: 13112 Comm: syz.2.1702 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 726.724797][T13112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 726.734850][T13112] Call Trace: [ 726.738128][T13112] [ 726.741056][T13112] dump_stack_lvl+0x16c/0x1f0 [ 726.745748][T13112] should_fail_ex+0x497/0x5b0 [ 726.750432][T13112] ? fs_reclaim_acquire+0xae/0x150 [ 726.755549][T13112] should_failslab+0xc2/0x120 [ 726.760247][T13112] __kmalloc_noprof+0xcb/0x510 [ 726.765023][T13112] ? rcu_is_watching+0x12/0xc0 [ 726.769797][T13112] tomoyo_encode2+0x100/0x3e0 [ 726.774487][T13112] tomoyo_encode+0x29/0x50 [ 726.778908][T13112] tomoyo_realpath_from_path+0x19d/0x720 [ 726.784558][T13112] ? tomoyo_path_number_perm+0x235/0x590 [ 726.790197][T13112] tomoyo_path_number_perm+0x248/0x590 [ 726.795660][T13112] ? tomoyo_path_number_perm+0x235/0x590 [ 726.801299][T13112] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 726.807294][T13112] ? __schedule+0x3d6c/0x5ad0 [ 726.811979][T13112] ? lockdep_hardirqs_on+0x7c/0x110 [ 726.817198][T13112] ? __pfx_lock_release+0x10/0x10 [ 726.822237][T13112] ? trace_lock_acquire+0x14e/0x1f0 [ 726.827441][T13112] ? __pfx___schedule+0x10/0x10 [ 726.832301][T13112] ? lock_acquire+0x2f/0xb0 [ 726.836807][T13112] ? __fget_files+0x40/0x3a0 [ 726.841404][T13112] ? __fget_files+0x206/0x3a0 [ 726.846086][T13112] security_file_ioctl+0x9b/0x240 [ 726.851118][T13112] __x64_sys_ioctl+0xb7/0x200 [ 726.855805][T13112] do_syscall_64+0xcd/0x250 [ 726.860312][T13112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.866216][T13112] RIP: 0033:0x7f82c7985d29 [ 726.870628][T13112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.890240][T13112] RSP: 002b:00007f82c77b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 726.898653][T13112] RAX: ffffffffffffffda RBX: 00007f82c7b76160 RCX: 00007f82c7985d29 [ 726.906622][T13112] RDX: 0000000000000000 RSI: 00000000000089e0 RDI: 0000000000000005 [ 726.914587][T13112] RBP: 00007f82c77b7090 R08: 0000000000000000 R09: 0000000000000000 [ 726.922558][T13112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 726.930527][T13112] R13: 0000000000000000 R14: 00007f82c7b76160 R15: 00007fff76581e78 [ 726.938512][T13112] [ 726.942410][T13112] ERROR: Out of memory at tomoyo_realpath_from_path. [ 727.030565][ T29] audit: type=1400 audit(1737507792.602:3605): avc: denied { ioctl } for pid=13108 comm="syz.2.1702" path="socket:[35731]" dev="sockfs" ino=35731 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 727.030850][ T8] usb 1-1: Using ep0 maxpacket: 16 [ 727.065659][ T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 727.077088][ T8] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 727.092089][ T8] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 727.103044][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 727.120194][ T8] usb 1-1: Product: syz [ 727.132206][ T8] usb 1-1: Manufacturer: syz [ 727.142103][ T8] usb 1-1: SerialNumber: syz [ 727.153028][T10044] usbhid 4-1:0.1: can't add hid device: -71 [ 727.162598][T10044] usbhid 4-1:0.1: probe with driver usbhid failed with error -71 [ 727.178404][T10044] usb 4-1: USB disconnect, device number 50 [ 727.186572][ T8] usb 1-1: config 0 descriptor?? [ 727.756390][T13126] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1705'. [ 728.043865][ T29] audit: type=1326 audit(1737507793.482:3606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13119 comm="syz.2.1705" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f82c7985d29 code=0x0 [ 728.832277][ T1133] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 728.841036][ T29] audit: type=1326 audit(1737507794.492:3607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13140 comm="syz.1.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 728.891904][ T29] audit: type=1326 audit(1737507794.492:3608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13140 comm="syz.1.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 728.976837][ T29] audit: type=1326 audit(1737507794.502:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13140 comm="syz.1.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 729.034634][ T1133] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 729.086291][ T29] audit: type=1326 audit(1737507794.502:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13140 comm="syz.1.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 729.217126][ T29] audit: type=1326 audit(1737507794.502:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13140 comm="syz.1.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 729.274692][ T1133] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 729.362849][ T29] audit: type=1326 audit(1737507794.582:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13140 comm="syz.1.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b9c185d29 code=0x7ffc0000 [ 729.435022][ T1133] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.180374][ T5869] usb 1-1: USB disconnect, device number 52 [ 730.406682][T12545] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 730.426526][T12545] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 730.442058][T12545] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 730.522673][T12545] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 730.530889][T12545] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 730.544015][T12545] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 730.570398][ T8] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 730.693326][ T1133] bridge_slave_1: left allmulticast mode [ 730.699472][ T1133] bridge_slave_1: left promiscuous mode [ 731.040541][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state [ 731.340282][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 731.351842][ T8] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 731.370145][ T1133] bridge_slave_0: left allmulticast mode [ 731.386058][ T8] usb 3-1: config 0 has no interface number 0 [ 731.399491][ T1133] bridge_slave_0: left promiscuous mode [ 731.415442][ T8] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.427330][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state [ 731.448908][ T934] usb 1-1: new high-speed USB device number 53 using dummy_hcd [ 731.487377][ T8] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 731.518645][ T8] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 731.549304][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.572790][ T8] usb 3-1: config 0 descriptor?? [ 731.644295][ T934] usb 1-1: Using ep0 maxpacket: 16 [ 731.662163][ T934] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 731.696104][ T934] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 731.787739][ T934] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 731.799114][ T934] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 731.810015][ T934] usb 1-1: Product: syz [ 731.820047][ T934] usb 1-1: Manufacturer: syz [ 732.049062][T13175] input: syz0 as /devices/virtual/input/input36 [ 732.084860][ T934] usb 1-1: SerialNumber: syz [ 732.678932][T12545] Bluetooth: hci4: command tx timeout [ 733.831575][ T934] usb 1-1: config 0 descriptor?? [ 733.842166][ T934] usb 1-1: can't set config #0, error -71 [ 733.864920][ T934] usb 1-1: USB disconnect, device number 53 [ 734.245898][T13190] overlayfs: failed to resolve './file0': -2 [ 734.795035][ T8] usbhid 3-1:0.1: can't add hid device: -71 [ 734.810568][ T8] usbhid 3-1:0.1: probe with driver usbhid failed with error -71 [ 734.828098][ T8] usb 3-1: USB disconnect, device number 51 [ 734.886791][T12545] Bluetooth: hci4: command tx timeout [ 734.967310][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 734.967326][ T29] audit: type=1400 audit(1737507800.622:3620): avc: denied { bind } for pid=13194 comm="syz.4.1722" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 734.998165][ T29] audit: type=1400 audit(1737507800.622:3621): avc: denied { write } for pid=13194 comm="syz.4.1722" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 735.053032][ T29] audit: type=1400 audit(1737507800.712:3622): avc: denied { getopt } for pid=13194 comm="syz.4.1722" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 735.157183][T13198] kvm: pic: non byte write [ 735.432013][T13204] [ 735.434375][T13204] ====================================================== [ 735.441384][T13204] WARNING: possible circular locking dependency detected [ 735.448389][T13204] 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 Not tainted [ 735.455139][T13204] ------------------------------------------------------ [ 735.462148][T13204] syz.1.1723/13204 is trying to acquire lock: [ 735.468203][T13204] ffff88802a040c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500 [ 735.477537][T13204] [ 735.477537][T13204] but task is already holding lock: [ 735.484892][T13204] ffff88801b732c68 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80 [ 735.493172][T13204] [ 735.493172][T13204] which lock already depends on the new lock. [ 735.493172][T13204] [ 735.503563][T13204] [ 735.503563][T13204] the existing dependency chain (in reverse order) is: [ 735.512569][T13204] [ 735.512569][T13204] -> #3 (&pipe->mutex){+.+.}-{4:4}: [ 735.519958][T13204] __mutex_lock+0x19b/0xa60 [ 735.524987][T13204] pipe_lock+0x64/0x80 [ 735.529575][T13204] iter_file_splice_write+0x1eb/0x10b0 [ 735.535538][T13204] do_splice+0x145c/0x1f60 [ 735.540464][T13204] __do_splice+0x327/0x360 [ 735.545395][T13204] __x64_sys_splice+0x187/0x250 [ 735.550746][T13204] do_syscall_64+0xcd/0x250 [ 735.555752][T13204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.562159][T13204] [ 735.562159][T13204] -> #2 (sb_writers#6){.+.+}-{0:0}: [ 735.569521][T13204] mnt_want_write+0x6f/0x450 [ 735.574610][T13204] ovl_create_object+0x12e/0x300 [ 735.580060][T13204] lookup_open.isra.0+0x11c8/0x1580 [ 735.585783][T13204] path_openat+0x904/0x2d70 [ 735.590798][T13204] do_filp_open+0x20c/0x470 [ 735.595806][T13204] do_sys_openat2+0x17a/0x1e0 [ 735.600996][T13204] __x64_sys_creat+0xcd/0x120 [ 735.606202][T13204] do_syscall_64+0xcd/0x250 [ 735.611206][T13204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.617610][T13204] [ 735.617610][T13204] -> #1 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}: [ 735.626273][T13204] down_read+0x9a/0x330 [ 735.630926][T13204] walk_component+0x342/0x5b0 [ 735.636099][T13204] path_lookupat+0x17f/0x770 [ 735.641195][T13204] filename_lookup+0x221/0x5f0 [ 735.646501][T13204] kern_path+0x35/0x50 [ 735.651068][T13204] lookup_bdev+0xd9/0x280 [ 735.655918][T13204] resume_store+0x1d8/0x460 [ 735.660932][T13204] kobj_attr_store+0x55/0x80 [ 735.666033][T13204] sysfs_kf_write+0x117/0x170 [ 735.671241][T13204] kernfs_fop_write_iter+0x33d/0x500 [ 735.677031][T13204] vfs_write+0x5ae/0x1150 [ 735.681866][T13204] ksys_write+0x12b/0x250 [ 735.686703][T13204] do_syscall_64+0xcd/0x250 [ 735.691703][T13204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.698129][T13204] [ 735.698129][T13204] -> #0 (&of->mutex){+.+.}-{4:4}: [ 735.705322][T13204] __lock_acquire+0x249e/0x3c40 [ 735.710679][T13204] lock_acquire.part.0+0x11b/0x380 [ 735.716292][T13204] __mutex_lock+0x19b/0xa60 [ 735.721308][T13204] kernfs_fop_write_iter+0x27b/0x500 [ 735.727125][T13204] iter_file_splice_write+0x90f/0x10b0 [ 735.733088][T13204] do_splice+0x145c/0x1f60 [ 735.738005][T13204] __do_splice+0x327/0x360 [ 735.742921][T13204] __x64_sys_splice+0x187/0x250 [ 735.748271][T13204] do_syscall_64+0xcd/0x250 [ 735.753272][T13204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.759677][T13204] [ 735.759677][T13204] other info that might help us debug this: [ 735.759677][T13204] [ 735.769882][T13204] Chain exists of: [ 735.769882][T13204] &of->mutex --> sb_writers#6 --> &pipe->mutex [ 735.769882][T13204] [ 735.781949][T13204] Possible unsafe locking scenario: [ 735.781949][T13204] [ 735.789391][T13204] CPU0 CPU1 [ 735.794738][T13204] ---- ---- [ 735.800073][T13204] lock(&pipe->mutex); [ 735.804207][T13204] lock(sb_writers#6); [ 735.810871][T13204] lock(&pipe->mutex); [ 735.817543][T13204] lock(&of->mutex); [ 735.821515][T13204] [ 735.821515][T13204] *** DEADLOCK *** [ 735.821515][T13204] [ 735.829640][T13204] 2 locks held by syz.1.1723/13204: [ 735.834815][T13204] #0: ffff8880314aa420 (sb_writers#9){.+.+}-{0:0}, at: __do_splice+0x327/0x360 [ 735.843863][T13204] #1: ffff88801b732c68 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80 [ 735.852557][T13204] [ 735.852557][T13204] stack backtrace: [ 735.858425][T13204] CPU: 1 UID: 0 PID: 13204 Comm: syz.1.1723 Not tainted 6.13.0-syzkaller-01005-gb9d8a295ed6b #0 [ 735.868817][T13204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 735.878852][T13204] Call Trace: [ 735.882114][T13204] [ 735.885029][T13204] dump_stack_lvl+0x116/0x1f0 [ 735.889704][T13204] print_circular_bug+0x419/0x5d0 [ 735.894716][T13204] check_noncircular+0x31a/0x400 [ 735.899643][T13204] ? __pfx_check_noncircular+0x10/0x10 [ 735.905089][T13204] ? mark_held_locks+0x9f/0xe0 [ 735.909838][T13204] ? lockdep_lock+0xc6/0x200 [ 735.914423][T13204] ? __pfx_lockdep_lock+0x10/0x10 [ 735.919435][T13204] ? __switch_to+0x749/0x1190 [ 735.924105][T13204] __lock_acquire+0x249e/0x3c40 [ 735.928947][T13204] ? __pfx___lock_acquire+0x10/0x10 [ 735.934132][T13204] ? __pfx___schedule+0x10/0x10 [ 735.938979][T13204] lock_acquire.part.0+0x11b/0x380 [ 735.944080][T13204] ? kernfs_fop_write_iter+0x27b/0x500 [ 735.949532][T13204] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 735.955152][T13204] ? rcu_is_watching+0x12/0xc0 [ 735.959908][T13204] ? trace_lock_acquire+0x14e/0x1f0 [ 735.965088][T13204] ? kernfs_fop_write_iter+0x27b/0x500 [ 735.970537][T13204] ? lock_acquire+0x2f/0xb0 [ 735.975023][T13204] ? kernfs_fop_write_iter+0x27b/0x500 [ 735.980476][T13204] __mutex_lock+0x19b/0xa60 [ 735.984962][T13204] ? kernfs_fop_write_iter+0x27b/0x500 [ 735.990412][T13204] ? kernfs_fop_write_iter+0x27b/0x500 [ 735.995859][T13204] ? __pfx___mutex_lock+0x10/0x10 [ 736.000866][T13204] ? __pfx__copy_from_iter+0x10/0x10 [ 736.006135][T13204] ? __virt_addr_valid+0x5e/0x590 [ 736.011152][T13204] ? __phys_addr_symbol+0x30/0x80 [ 736.016166][T13204] ? kernfs_fop_write_iter+0x27b/0x500 [ 736.021612][T13204] kernfs_fop_write_iter+0x27b/0x500 [ 736.026898][T13204] iter_file_splice_write+0x90f/0x10b0 [ 736.032349][T13204] ? __pfx_iter_file_splice_write+0x10/0x10 [ 736.038233][T13204] ? lockdep_hardirqs_on+0x7c/0x110 [ 736.043428][T13204] ? preempt_schedule_thunk+0x1a/0x30 [ 736.048785][T13204] ? __pfx_iter_file_splice_write+0x10/0x10 [ 736.054661][T13204] do_splice+0x145c/0x1f60 [ 736.059064][T13204] ? irqentry_exit+0x3b/0x90 [ 736.063647][T13204] ? lockdep_hardirqs_on+0x7c/0x110 [ 736.068837][T13204] ? __pfx_do_splice+0x10/0x10 [ 736.073585][T13204] ? __pfx_pipe_clear_nowait+0x10/0x10 [ 736.079038][T13204] ? __sanitizer_cov_trace_pc+0x66/0x70 [ 736.084577][T13204] __do_splice+0x327/0x360 [ 736.088978][T13204] ? __pfx___do_splice+0x10/0x10 [ 736.093898][T13204] ? __fget_files+0x206/0x3a0 [ 736.098563][T13204] __x64_sys_splice+0x187/0x250 [ 736.103400][T13204] do_syscall_64+0xcd/0x250 [ 736.107887][T13204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.113777][T13204] RIP: 0033:0x7f1b9c185d29 [ 736.118175][T13204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 736.137770][T13204] RSP: 002b:00007f1b9cecf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 736.146169][T13204] RAX: ffffffffffffffda RBX: 00007f1b9c376080 RCX: 00007f1b9c185d29 [ 736.154124][T13204] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 736.162077][T13204] RBP: 00007f1b9c201b08 R08: 000000000000bfd1 R09: 0000000000000000 [ 736.170032][T13204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 736.177986][T13204] R13: 0000000000000001 R14: 00007f1b9c376080 R15: 00007ffe3e5d8618 [ 736.185945][T13204] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 736.217755][ T29] audit: type=1400 audit(1737507801.852:3623): avc: denied { write } for pid=5802 comm="syz-executor" path="pipe:[5176]" dev="pipefs" ino=5176 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 736.246606][ T29] audit: type=1400 audit(1737507801.902:3624): avc: denied { recv } for pid=13201 comm="syz.1.1723" saddr=10.128.0.169 src=44068 daddr=10.128.1.164 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 736.450632][ T1133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 736.493595][ T1133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 736.526663][ T1133] bond0 (unregistering): Released all slaves [ 736.873590][ T1133] hsr_slave_0: left promiscuous mode [ 736.910258][ T1133] hsr_slave_1: left promiscuous mode [ 736.920808][T12545] Bluetooth: hci4: command tx timeout [ 736.930544][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 736.949821][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 736.969685][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 736.978963][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 737.000461][ T1133] veth1_macvtap: left promiscuous mode [ 737.005962][ T1133] veth0_macvtap: left promiscuous mode [ 737.011780][ T1133] veth1_vlan: left promiscuous mode [ 737.017029][ T1133] veth0_vlan: left promiscuous mode [ 737.138322][ T1133] team0 (unregistering): Port device team_slave_1 removed [ 737.161736][ T1133] team0 (unregistering): Port device team_slave_0 removed [ 737.568670][ T1133] IPVS: stop unused estimator thread 0... [ 737.639393][ T1133] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 737.683913][ T1133] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 737.756598][ T1133] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 737.815704][ T1133] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 737.898554][ T1133] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 737.954645][ T1133] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.006707][ T1133] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.067781][ T1133] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.141697][ T1133] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.198868][ T1133] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.255302][ T1133] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.297270][ T1133] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.395279][ T1133] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.434113][ T1133] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.498898][ T1133] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.534554][ T1133] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.591883][ T1133] bridge_slave_1: left allmulticast mode [ 738.598876][ T1133] bridge_slave_1: left promiscuous mode [ 738.611695][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.620053][ T1133] bridge_slave_0: left allmulticast mode [ 738.628612][ T1133] bridge_slave_0: left promiscuous mode [ 738.634667][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.644772][ T1133] bridge_slave_1: left allmulticast mode [ 738.650859][ T1133] bridge_slave_1: left promiscuous mode [ 738.656496][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.664542][ T1133] bridge_slave_0: left allmulticast mode [ 738.670839][ T1133] bridge_slave_0: left promiscuous mode [ 738.676489][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.685189][ T1133] bridge_slave_1: left allmulticast mode [ 738.691219][ T1133] bridge_slave_1: left promiscuous mode [ 738.697565][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.705476][ T1133] bridge_slave_0: left allmulticast mode [ 738.711248][ T1133] bridge_slave_0: left promiscuous mode [ 738.716877][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.726311][ T1133] bridge_slave_1: left allmulticast mode [ 738.732174][ T1133] bridge_slave_1: left promiscuous mode [ 738.737756][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.746022][ T1133] bridge_slave_0: left allmulticast mode [ 738.751708][ T1133] bridge_slave_0: left promiscuous mode [ 738.757286][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.899985][ T1133] bond1 (unregistering): (slave gretap1): Releasing active interface [ 739.194805][ T1133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 739.204434][ T1133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 739.214733][ T1133] bond0 (unregistering): Released all slaves [ 739.225087][ T1133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 739.234961][ T1133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 739.244183][ T1133] bond0 (unregistering): Released all slaves [ 739.254503][ T1133] bond1 (unregistering): Released all slaves [ 739.265794][ T1133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 739.277663][ T1133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 739.286879][ T1133] bond0 (unregistering): Released all slaves [ 739.297892][ T1133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 739.308919][ T1133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 739.318869][ T1133] bond0 (unregistering): Released all slaves [ 739.328167][ T1133] bond1 (unregistering): Released all slaves [ 739.353352][ T29] audit: type=1400 audit(1737507805.012:3625): avc: denied { sys_chroot } for pid=13337 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 739.375056][ T29] audit: type=1400 audit(1737507805.012:3626): avc: denied { setgid } for pid=13337 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 739.398912][ T29] audit: type=1400 audit(1737507805.012:3627): avc: denied { setrlimit } for pid=13337 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 739.891502][ T1133] hsr_slave_0: left promiscuous mode [ 739.897182][ T1133] hsr_slave_1: left promiscuous mode [ 739.905729][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 739.913305][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 739.921081][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 739.928470][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 739.937956][ T1133] hsr_slave_0: left promiscuous mode [ 739.943864][ T1133] hsr_slave_1: left promiscuous mode [ 739.949497][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 739.957129][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 739.964856][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 739.972394][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 739.982334][ T1133] hsr_slave_0: left promiscuous mode [ 739.987964][ T1133] hsr_slave_1: left promiscuous mode [ 739.993916][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 740.001568][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 740.008951][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 740.018137][ T1133] hsr_slave_0: left promiscuous mode [ 740.023728][ T1133] hsr_slave_1: left promiscuous mode [ 740.029284][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 740.037022][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 740.045172][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 740.052567][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 740.063533][ T1133] veth1_macvtap: left promiscuous mode [ 740.068995][ T1133] veth0_macvtap: left promiscuous mode [ 740.074534][ T1133] veth1_vlan: left promiscuous mode [ 740.079762][ T1133] veth0_vlan: left promiscuous mode [ 740.085567][ T1133] veth1_macvtap: left promiscuous mode [ 740.091064][ T1133] veth0_macvtap: left promiscuous mode [ 740.096554][ T1133] veth1_vlan: left promiscuous mode [ 740.101885][ T1133] veth0_vlan: left promiscuous mode [ 740.108227][ T1133] veth1_macvtap: left promiscuous mode [ 740.113715][ T1133] veth0_macvtap: left promiscuous mode [ 740.119201][ T1133] veth1_vlan: left promiscuous mode [ 740.124553][ T1133] veth0_vlan: left promiscuous mode [ 740.130396][ T1133] veth1_macvtap: left promiscuous mode [ 740.135850][ T1133] veth0_macvtap: left promiscuous mode [ 740.141407][ T1133] veth1_vlan: left promiscuous mode [ 740.146626][ T1133] veth0_vlan: left promiscuous mode [ 740.323972][ T1133] team0 (unregistering): Port device team_slave_1 removed [ 740.345489][ T1133] team0 (unregistering): Port device team_slave_0 removed [ 740.484827][ T1133] team0 (unregistering): Port device team_slave_1 removed [ 740.509731][ T1133] team0 (unregistering): Port device team_slave_0 removed [ 740.664945][ T1133] team0 (unregistering): Port device team_slave_1 removed [ 740.685374][ T1133] team0 (unregistering): Port device team_slave_0 removed [ 740.823102][ T1133] team0 (unregistering): Port device team_slave_1 removed [ 740.844266][ T1133] team0 (unregistering): Port device team_slave_0 removed [ 740.983169][ T825] infiniband syz0: ib_query_port failed (-19) [ 741.741862][ T1133] IPVS: stop unused estimator thread 0... [ 741.748532][ T1133] IPVS: stop unused estimator thread 0... [ 741.755411][ T1133] IPVS: stop unused estimator thread 0... [ 741.762175][ T1133] IPVS: stop unused estimator thread 0...