last executing test programs: 1m10.392960799s ago: executing program 1 (id=365): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0xd) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f0000000140)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r4, &(0x7f0000000000)='./file0\x00') socket$inet_tcp(0x2, 0x1, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c4) 1m5.100132661s ago: executing program 1 (id=383): r0 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYRES32=r1, @ANYBLOB="00000000000000002400128009000100626f6e640000000014000280080000"], 0x44}}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1, 0x0, 0x0, 0xfffffffe}, 0x0) 1m3.743092376s ago: executing program 1 (id=388): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000000)="0fb3162f00760c66360f09ded926f36df30fa0ed66b9630300000f320f01c90fc75e00ba430066b84b00000066ef", 0x2e}], 0x1, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000000c000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x41, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xb00000000000000) 1m2.432805809s ago: executing program 1 (id=392): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0) ppoll(&(0x7f0000002640)=[{r0, 0x81}], 0x1, &(0x7f0000002680)={0x0, 0x989680}, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) 1m1.724971382s ago: executing program 1 (id=396): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0x1, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioperm(0x0, 0x2, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x4634e85576f00408, &(0x7f00000004c0)=ANY=[]) pipe2$9p(&(0x7f0000000240), 0x0) (async) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15) (async) write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15) syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(&(0x7f00000001c0)='.\x00', 0x20000, 0x0) (async) r1 = open(&(0x7f00000001c0)='.\x00', 0x20000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) (async) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) (async) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0) (async) ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) socket$inet6(0xa, 0x805, 0x0) (async) r2 = socket$inet6(0xa, 0x805, 0x0) getsockopt$bt_hci(r2, 0x84, 0x7b, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec) (async) getsockopt$bt_hci(r2, 0x84, 0x7b, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec) 1m0.850330717s ago: executing program 1 (id=401): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fedbdf250600000008000100", @ANYRES32=0x0, @ANYBLOB="08000e0022"], 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x4010) mknodat(0xffffffffffffffff, 0x0, 0x1000, 0x2) socket$inet6_sctp(0xa, 0x5, 0x84) userfaultfd(0x801) r3 = syz_open_procfs(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r4 = socket(0x10, 0x3, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000100)={'syztnl0\x00', 0x0}) sendmsg$kcm(r3, &(0x7f00000004c0)={&(0x7f0000000200)=@ll={0x11, 0x1, 0x0, 0x1, 0x3}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000340)="dddb4561a4707779d390ef0b84f830dec5d7837fa14b1389075051bd380a4e32b06777ff8b0634c7ae1b9de30b4c919a8f7dfa148bcece4eddb9f2ce95f78f4dbc1e2eec99dc9034b90b2106769c8eac45ba420a3ae20d70b3c79e9c8a02103603f38cac577787e508adff0cf07650830d7fefacd46455f68bb9af3b5ed566261f8e79a35eb0c593530b53df2f53878e0432fd96ea07c921088ffe2cc24867793c26f580f22c2ed1e25e3667456f864f848f54fe4e3adc51a7de6b46114ef4f12211b99708afc8d4", 0xc8}, {&(0x7f0000000540)="dc2503cab1fbd568294fad8cfef238683de1069696120af446c673795514a40a3d30cbf9c4c2d1ec7a9e1321cff271764fbc9fd3112794ab94175da02a003cd4342983f2331beed3e3b6ebf3c11d68c884dbf94d39e52741d0c5220db581d82afa4c24359e51890633d996124c24b56465ca41d400fef8eb24576703c83269c6fdc220bd68beef2a4c78eb763555634a1ab75f464425927a25ac487f3ecd979074e8f5644fde154b223b4b31d61b000d61811eb0efe2bc28729988d935992dd5c926a5c5bfaa9f1a280848196431d9c463b38f0b432e858c8c234a7392c94929038b7958296ee3dd6a6d712d8df224f5b8f66f88401ac9e3bb770662b1ae92", 0xff}, {&(0x7f0000000180)}], 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="7800000000000000150100000400001028a5129d046d82746bd709cb63ff2e840b4e8d6042727875936b8df766cf0ca2eda31ef051c52108441122289594922d5a59add84fcb0d1e348874590e09703b640aff025f240739416b51b80817e204cafc75adb089bd123b958ebe7f9f98ee58788fde8c000000"], 0x78}, 0x40000) 45.574469215s ago: executing program 32 (id=401): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fedbdf250600000008000100", @ANYRES32=0x0, @ANYBLOB="08000e0022"], 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x4010) mknodat(0xffffffffffffffff, 0x0, 0x1000, 0x2) socket$inet6_sctp(0xa, 0x5, 0x84) userfaultfd(0x801) r3 = syz_open_procfs(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r4 = socket(0x10, 0x3, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000100)={'syztnl0\x00', 0x0}) sendmsg$kcm(r3, &(0x7f00000004c0)={&(0x7f0000000200)=@ll={0x11, 0x1, 0x0, 0x1, 0x3}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000340)="dddb4561a4707779d390ef0b84f830dec5d7837fa14b1389075051bd380a4e32b06777ff8b0634c7ae1b9de30b4c919a8f7dfa148bcece4eddb9f2ce95f78f4dbc1e2eec99dc9034b90b2106769c8eac45ba420a3ae20d70b3c79e9c8a02103603f38cac577787e508adff0cf07650830d7fefacd46455f68bb9af3b5ed566261f8e79a35eb0c593530b53df2f53878e0432fd96ea07c921088ffe2cc24867793c26f580f22c2ed1e25e3667456f864f848f54fe4e3adc51a7de6b46114ef4f12211b99708afc8d4", 0xc8}, {&(0x7f0000000540)="dc2503cab1fbd568294fad8cfef238683de1069696120af446c673795514a40a3d30cbf9c4c2d1ec7a9e1321cff271764fbc9fd3112794ab94175da02a003cd4342983f2331beed3e3b6ebf3c11d68c884dbf94d39e52741d0c5220db581d82afa4c24359e51890633d996124c24b56465ca41d400fef8eb24576703c83269c6fdc220bd68beef2a4c78eb763555634a1ab75f464425927a25ac487f3ecd979074e8f5644fde154b223b4b31d61b000d61811eb0efe2bc28729988d935992dd5c926a5c5bfaa9f1a280848196431d9c463b38f0b432e858c8c234a7392c94929038b7958296ee3dd6a6d712d8df224f5b8f66f88401ac9e3bb770662b1ae92", 0xff}, {&(0x7f0000000180)}], 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="7800000000000000150100000400001028a5129d046d82746bd709cb63ff2e840b4e8d6042727875936b8df766cf0ca2eda31ef051c52108441122289594922d5a59add84fcb0d1e348874590e09703b640aff025f240739416b51b80817e204cafc75adb089bd123b958ebe7f9f98ee58788fde8c000000"], 0x78}, 0x40000) 36.30863999s ago: executing program 3 (id=484): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x21000000, [{0x0, 0x2, 0x1000000}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x52, 0x0, 0x1, 0x0, 0x0, @void, @value=0x12000000}, 0x28) 36.213432107s ago: executing program 3 (id=486): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000240)=ANY=[@ANYBLOB="0000050000000500b1"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000001480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGFEATURE(r1, 0xc0404807, &(0x7f00000001c0)={0x1, "5fbaf77c49a9e363eed255a8164a43edd3fbf3f53506ab88ceae7536ba00c7498731efa3dafb0258a1a0e6dacafa3ba666a4c94f7af45941f84c2857c71600b2"}) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) recvfrom$inet(r2, 0x0, 0x0, 0x1, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) rt_sigsuspend(0x0, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, 0x0, 0x0) write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f0000000080)={0x7, 0x8}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r6, &(0x7f0000000180)={0x1, 0x10, 0xfa00, {&(0x7f0000000140)}}, 0x18) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_DEL(r7, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) 31.250056753s ago: executing program 3 (id=497): ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000180)=ANY=[@ANYRESDEC], 0x118) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48) socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7a917000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0x2000009, "5660359c3245d1ed51000000000000000100", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f00000001c0)={0x80000, "340bcf501922d69f2827001bc50f0000002ddc7d00", 0xffffffffffffffff}) fchown(0xffffffffffffffff, 0x0, 0x0) ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r7}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f0000000240)=@add_del={0x2, &(0x7f0000000180)='syzkaller0\x00'}) socket$inet6(0xa, 0x2, 0x0) r8 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000340)={0x0, 0x0, r0, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r8, 0xc06864ce, &(0x7f00000001c0)={r9, 0x2, 0x22540000, 0x0, 0x0, [], [0x0, 0x0, 0xffff], [0x0, 0x3, 0x100, 0xd], [0x0, 0x0, 0xfffffffffffffffd]}) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 29.066208471s ago: executing program 3 (id=500): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)) socket$kcm(0x21, 0x2, 0x2) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000280)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x2384278a5ae9450f}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) preadv(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, 0x0, 0x0) socket(0x10, 0x803, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, 0x0, 0x0) 27.602268399s ago: executing program 3 (id=503): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_udp(0xa, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x9e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000480)={'veth1_to_bond\x00', 0x0}) r4 = openat$pfkey(0xffffff9c, &(0x7f0000000680), 0x3a1900, 0x0) r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000780)=@o_path={&(0x7f0000000740)='./file0\x00', 0x0, 0x2000, r0}, 0x14) r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000800)=@generic={&(0x7f00000007c0)='./file0\x00', 0x0, 0x10}, 0x14) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x6, 0x1e, &(0x7f00000009c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_idx_val={0x18, 0x2, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x200}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000240)='GPL\x00', 0x200, 0x0, 0x0, 0x41100, 0x4d, '\x00', r3, 0x25, r4, 0x8, &(0x7f00000006c0)={0x100006, 0x5}, 0x8, 0x10, &(0x7f0000000700)={0x0, 0x7, 0x39, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)=[r5, r6, 0xffffffffffffffff], 0x0, 0x10, 0xfaf, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r7 = getpid() sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) prctl$PR_GET_TSC(0x43, &(0x7f0000000040)) prctl$PR_MCE_KILL(0x43, 0x0, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x7, &(0x7f00000008c0)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}, {}, {0x85, 0x0, 0x0, 0x16}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r11 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r11, 0x29, 0xcd, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) ustat(0x801, &(0x7f0000000300)) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000)=0x5) 26.438549731s ago: executing program 3 (id=507): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) dup(0xffffffffffffffff) timer_create(0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) io_uring_setup(0x178e, &(0x7f00000000c0)={0x0, 0x52c1}) syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x148) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r4 = dup(r3) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',cache=mmap']) chmod(&(0x7f0000000340)='./file0\x00', 0x0) open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmsg$kcm(r6, &(0x7f00000009c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)='W', 0x1}, {&(0x7f00000002c0)="592eb75b3ad6fbbf04a8cdb64a61fce6", 0x10}], 0x2}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) r8 = syz_open_dev$loop(&(0x7f0000000000), 0x5, 0x80000) ioctl$BLKREPORTZONE(r8, 0xc0101282, &(0x7f00000001c0)={0x1}) ftruncate(r7, 0x57) r9 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9) 23.462495559s ago: executing program 4 (id=513): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)) socket$kcm(0x21, 0x2, 0x2) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000280)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x2384278a5ae9450f}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) preadv(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, 0x0, 0x0) socket(0x10, 0x803, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 22.596803863s ago: executing program 2 (id=514): r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300)={0x73622a85, 0x1000}) setresuid(0xee01, 0x0, 0xffffffffffffffff) setfsuid(0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000810}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) openat$kvm(0xffffffffffffff9c, 0x0, 0x43, 0x0) dup(r2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="b409000000000000611110000000000018060000006c6c25000000000020206fad3220f3422fe2bb20"], 0x0, 0x4, 0xc1, &(0x7f000000cf3d)=""/193, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000000107014200000076c0d16c"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x44814) 22.428306921s ago: executing program 4 (id=515): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, 0x0, 0x4c000) 22.361422241s ago: executing program 4 (id=516): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f00000003c0)=0x6, 0x4) pipe(&(0x7f0000000000)={0xffffffffffffffff}) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, 0x0, 0x2, 0x200, 0x0, 0x0, {0x3, 0x0, 0xa}, [@CTA_EXPECT_MASK={0x3c, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}]}, 0x50}}, 0x4000014) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}], 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_SET(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001880)={0x44, r3, 0x1, 0x0, 0x0, {0x2a}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x58, 0x1}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x4}]}, 0x44}}, 0x0) sendmsg$DEVLINK_CMD_SB_GET(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r3, 0x0, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x8005) 21.573746066s ago: executing program 4 (id=517): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="020000000000238a9bab1e0d5b2c1fefb76abc500000000000004000000006000000000000000008000000000000"]) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2384278a5ae9450f}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_io_uring_setup(0x363d, &(0x7f0000000540)={0x0, 0x0, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r5, r6, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r8, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103}) io_uring_enter(r4, 0x46f3, 0x0, 0x0, 0x0, 0x0) r9 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8) read(r9, &(0x7f0000000740)=""/384, 0x200008c0) write(r7, &(0x7f0000000200)='~', 0x1) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x25, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 21.572904477s ago: executing program 2 (id=518): r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000080)={0x0, 0x1}, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000000)="0fb3162f00760c66360f09ded926f36df30fa0ed66b9630300000f320f01c90fc75e00ba430066b84b00000066ef", 0x2e}], 0x1, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000000c000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x41, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) dup3(r4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x80) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r8 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r8, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x100, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0) 20.596908438s ago: executing program 4 (id=519): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x23108000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$describe(0x6, 0x0, &(0x7f0000000080)=""/72, 0x48) r3 = io_uring_setup(0x29ea, &(0x7f0000000480)={0x0, 0x0, 0x2}) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r3, 0x13, &(0x7f0000000080), 0x2) 20.459432791s ago: executing program 2 (id=521): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) syz_open_dev$sg(&(0x7f00000000c0), 0xf522, 0x6a7002) modify_ldt$read(0x0, 0x0, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, 0x0, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a3100000000681c0000060a010400000000000000000100000008000b4000000000401c0480441701800e000100696d6d65646961746500000030170280080001400000000000020280da000100eacc8759c940812b39f267d0d50d0499c80ced83ec4e58ded054b8c4a69ce3e9988eede7727e27e3dbff7e874cb1b05d587c253d495a053c719492db971f200e5bcf9a3bc095a26b61c9223f919be897ec511a8f508c6a5c8b12302d7734616c27da2316dd53a73312d3b378520796a6e349b06f99806394ad060919c8e6ec0702663f3c0ab0d9ed5f5944b8c19374ca21c2d2af8a899321e4549923584914221e95e35a16e33def4b5fbd5a78387388356f070ebdf992da0d227e98833e7d1ac7b846b257489164571ad67de3a54982f48f6538870e0000280002800800018000000000080003400000000008000340000000000900020073797a32000000005400028008000180000000000900020073797a31000000000900020073797a31000000000800034000000000080003400000000008000340000000000900020073797a30000000000900020073797a3000000000100002800900020073797a320000000094000100a601cb73261b6882237a065ff363762d4e1f15598e444ff364754c34b4528543748c9b79c430aa603175a7e3b5b9d190a2c2c4188b7c26120148c094d265a74365a97767ab9cbb31397039ab3f063f96a0d751f68f1af1a4f74a3f5d1cd4c3f29834815f07d702f399b124dfd3b860402c6998b9ad7d6cab6628759fc92df931a9e7e7bb6acbcb7ef909c15a79d6479a0800014000000000b41102806000010065fe9bb27826716fe37215876f3fdda74da914f0fe731980c3a4996a301da00f85e6a0d1e57217beef5c385d81f53cda9f47f7a3be67cf71ac8f58d16c169cfd9eba864d0d4d18181c1553667bc0f38b5d57f6db4617cf5aaee197826b000100f04fae3424364745390144ae9195c1d849951647176fbdd72c494fc2c8de4c3944c44516d2102eb25df75495a12cc963f6a65ea08d592069903d9ee593f218fb2d283c99fd01863a445de39926371b52a915a28c9fb94599947edf821d946b401a8b5693727aad002400028008000340000000000900020073797a32000000000900020073797a32000000000400028020000100a1d1361784d5d07d33e06b7ce747466cd48ee5496c948e573baa0d077c0001007cec8b0057578ebd97c694cb01a31ef11e6f6f569023457553731f08213dcee163ae01b55a7a5fd908b8b74bfb5976c6b37dc1869e7383660478b5ff689033897f8792462855aef9e6222e794a93f8e9e1f6908c646c7b0bc78eb6bfa6fd829658a286d8b211229ec22252f93aa88bb87d05a35cf8e88d2c0c0002800800018000000000040002800c000280080003400000000004100100a50dccc20bdba1839e7e75a6bd58dac9063761500001c99a5a3edac0be788c5e3a0bd46472e7f5b6e49c7d9a9bec4b199c37e72b6e37497d9a7ff6911f9e588b3f5973c3bb9d22d90fede8ff634ed65fd5e4c0aa24a8f81e7ffc690221569c425c0e98c4c76a0b2fcc283328eee6e7fbb9348622add94e22229754b31f66b336bf5fa31b7d628a9024383408755f9d90e9050cb637524ca1b83f22b2009944656cec2b6696b528571e10fd82b0526b9dd7c128953863376e0bb9931b085db2572561e67b227763010f1f41dd5eb52b076900354c6c39279e0ee4d9d42f002b923518d13a0e5c092ce532d9f4b74fa8039549eaee57f6db389b0fa08604caa4edadef0cc3825133d26a4db36770cc2384822cb67efcb1fda960bb9b30b43f0f480bb38f9695d244153d411d407180c42f0b7edbc2a67dc0127442be628e5923eb9ede3579666fe9054afae87fc70928a7f65acf020628ef352f0e536a73d0cad686607d8958ffa02caa38305c0d6c5757569479c7d24f2f77828d029c6caf99bd9ebe723187521c9a90860a71bcb2756eda673f05138112c46cf01452d493ca5c7169fdd9b072f249f465e06e98c4e14fe87eebe28712ef7ff84c6501cb708ad2a8a256a2a6996bd449a62e6f08ec4338be46d84c129fb555ffb8857a9662098cb0123f82cb348dff614cb0d5fd9bd88b0052981dae9375edc65939f6a372dd26b9fd6da8e7aa60d2b77870a388477575683e4b071f8df923b38dadafff09eae68dbad4932d70a9a76cff3bb7c2deb3efe1c311ab212380cc51986cd9eacad9ef77b0e3d7212fdacc25707ac72518ee9b9ac136fb3297fb3197ef04e489aef2cdb5c21ddadea7ac8eb4a5b411c24e9ad00de7b07e8b2299fa6b85f8eed59aca91622bf9ebafc8051413ff279e88b8c835f486e9e169d0d0b71a86182a0f153db5c74e2bfba3355b21b155ef77a1aaf39f4031132281a99171455d6801c435073d5d8143b24d9241bba82b7553e7b36c44062fc4047bf4bc8d6c9d594dd6bb220297616256ae9d30d98d33c1fad934f2f392bcc977d417d6463f84feb16f410045772bb92ed2d7eb93fec3dbe9490f10b4e7e293a50c1e196b8c4b9479013b9f9ad74eb96d7e828e0843f56a0c652b1054e7c20740cd540eb78c45d46ab7ee71e908b2fe1f072b5066ff2b8c232992ce6e38629f3acdfc6876dbc6f67e91ca069b8aa785b94d6569667f4a5675b1ad3274f96c411a8cdb500c4a50d56951d196a5849d7d4651cf38d73b88c66a6e9ac9d6103ded9f686fda7a56d262b5f7aca3661329ff505152d61bb10306e03338bc331096513123926b8b3005bf63486b8179ffbeba6c2122d53caa76ba756e1b8c5dd2d64915017d0ac348aac7e20280700b0379604c57988f4d13760e16ff4c29fd6ad76775d8c1619cc9a286958ea390635c90957aeac760caab20f297765091e8c4620e4041c256e3e063c4a75ad4e1b8563e84393f77f36212baba9c6644735de1b09acc0c33d88ec1c86f016e6fb8c0662645d2755a5470043c1bd2059079723ca0d0acb27c1916bf3821309606b8876ca60b87e52dce1fee4c697fc606406ed9d5aea44646891df32dfa567e9b93c02fcdff6e8a3583bd0c8507974805c0786895489f69d19c8970a762b03448894187f3150fcf433b00ead09987cee6473e28492532e74c846d0ab6e7908e260571f62e712fd8d0212030e41681b1e23c8f60af3c458eba1d41c1a365901039adee88ccc1f8dd06911ec37048509acbb56491ed5bc91d274faad42ca11e2b3d02f14c95d20aab34e313f1b91928408142d19570b217237b39a6281322b7cc7d8dee6a07145cd3827dff0e55b7ac5ac618e8e81b42002efb045fff6c08915888470bbe430749693c0d65c182c3483561624b7c309e19e94ba194f403ee8a1406d5f09df5cfa3839e1017d99b226b40a6baa06aff4b17a6fe995a6a83c56bba65a118bd93432d27d44fcc125e395f818fef7b82360eccc399ed0f03e1f0be86baeec92b67b54fcab9389bb5fdcb8b4303b6c2a4262ee30b37b917c6e14f2b52d481d2e5ad02739851b203b8602b983dc19bffdd3748fd0b29dc6b70054e68534888c02cdef58d15c79258c9880dd32ad90fbd2c766b2a68b880e7f0262640fc3e32c88e913dac1cf34201adda0cd457e87013889dc6f69d17bf1318b11c6293c1fb429050dcd33af8b7e31ce38990d358da60c5b31d16dadd46c6aad637b92ccad11b6249679998be4918d50e8208dd8286b1e325b8e023cbd9d707481752ecc6c5bfdb12aa88e14a154db4e79a64daa5ee9a53ac35b42c0000f07a9e427c3f215f11deef388b8f9960ac15251f2bb02ec282c858605061006211958260a8ce394f55a1c70883271709f24c1eb3f64eff2c2b69fb1368cce3d0f8d3d62e6192fc8b2368b0ae1311da57a8633060153293435ba8945249b9226ea630b2b6aa33d181cacddda6d3338fe6e9f1779d966d14c1f156757d5f5fb15102002c39421cb41b97b142853b6da4b86bb88aadf526447c5a12b4c324f9a1604cb7956b9afb5c596641f9cd9fc6be37eff82f32ce45d0515bf1cc966b8e57397986817399c98047622c87acfb1c6bfb0a37f326d285e22f6308bd1384c1e8681d44762dae45e073d246b52f6414eedecb90217057d42f985a2f8e2acd041af03e61d69e67e1689459a267090993e3d98f45314b9d43570a482c21ef678793f85f181eb677b4f73981c5d0a1ca8c6e65249359ca95093185cc8640e1f1cec8abfef53ba9c7fc24f0ca20389e9606dcfbaa93f5426e084d9cf522b3c75411aa34c22b289b1a7bd3ab01efebc27a1e09ee81056a113839234c0400dba9696c219eeacae13623505cdded580bc54819974c06ffcbb87c45d377c0bedf25907327bb7f4d07b600c9a816620815275c75aca418ade32ea85c965b379e8af6d8c8a32aa7f546978617cd907d39e75aab3221bb030194559e73d93e74d897b114b39d53ec305d332310b7abbef44569307703e916f7514b8497b6f3fb6f0daccd7bd301f67cad840419cf7128aa0b6264c6bbfd0c21eb6771bfbcc8590cbf7de3e6d9aa83667deb776715736c9194bb8825d0abce6d9b2693f93aa81ca67eb0ac9566456d6dababb75ccef060df30c8c23be41560e58f9f846debbf43765649047187cc7549d6728190675e7be45b3f56ed71564ae74b544b493e567459503b237a811a84036512e0728879eecc085ed1807613eb097ed784237c8746e96b73912be98f20dd2e2d4a79d0f6df706cf2366acbd01eafad1de8930d04bef65a5ee17ee453d5cb648d6279dd602814445d2967af8c1b1e92dc049ad9bee6f3b746ba5d8323b02f3ad671538f71efb65dd31fb86c090b77de525a678c12be72b86a62d1d850a1ab62ec46e0f11d34f43dac738bb2c2f925af7cc9d46a2b63f54077f0bc0035848da6f4ffff071ef4e1b8ba9a4fe2e4e1778c4f715a97787c29a4187c718dedf0459a4a6c736d0cefd2d6e2c49b7332d68ede037fe6f4281fee0afeccdd2c22763783f681ed014461aa805fdce74a1712a79473b5d99ab08b9dd4c3c6eae5d16f689ec2084382bf1b44fb1ac891e0a5adddcefb1b11f755ff2eadfa2d992c740826b246d3a91346a87f8802796e269323151f9c359715c6199338c003e19f8dfc474bc898bc3f0ef4a9b8d47cea6c655840dc9cc685c6e16104beadca4b069957fd54b62c6077c717f1b8ff6052aa89237ce8b71c44ca4f2fcedcee464774eb56132ddf1c037def1ad39a14e00f76f1fe84d90b48dd3c28bbbfeb157416b659b740bc35949765e8644a50eca9116c043718e233f80a307cf78c93cd6e38a2cf143faaaf602806556dc293d4907f5aa4e541901ee12267697cfc7fa35d979d6aaf8312e21c4f571dd32b506fc488da3843629ff5b63db55a5021286346b691ce7d8f930cdbcb4d07411f585de89696b33e0a8f32bc42ec9f6699f4a8af2fd74d1359898558ea0158342ff7703611af8d5a98c537b3bf6856bdfec88c73013b9cdcf987a12c9df591aa75d28ead7537e975479b9712d713b36744e5dc4ffd05f168be52bd0f4ffeb4ae6a638f2e415ef1a2d5d4d9d9a9e8bdb08265492b49e2ca6651a93230ed3ba9c09bc112591117939b043016732a083be675327b92c4624cbc62113c85253e653d001c157d23a3d1784a1cc1cf6d564bdb1c910a492d351c3471ee5486887c1f32555fb286da41ae46f3910516ed3bc4c8262cf6a668d0fb4f472dd7ffd23f9c5dbaa9f22f0f5a97905effdcb7877aba1213a2412bc5bd5fc6d8e7d0e7be5baa3c09dcc2b2299a72450adf04667244c930e638d4ce768386f8d954fba62a4fdc723c7cb8432361addbf15c086b4c1321463f2ec34d623426c4de8f4724b403ca013d5ea473be184d44716c3d7bc74d802e7f3898799346a752130aa3db94962ef7625fad6d2fa3b3ce37ba6ece06a4fde35b6490285bb66718551ca883edef903d3885deb852dd05df86eedec946b3543cf85cc5f3f89f13dae6cdc9d3b238fce59f4aae66ff2aba8c99ffd7c14b07a069fbade76084bdfbcecc00492147356d3d931bf15cf4b759981c290b9951d7abee0e43a6f9fac598c174d2ae0894dc5697633a0d051c5ace7f295376b53cfbfb5b49d01d09e56912d74d9494741c6fde0562004c5397c9f477a80be0db173a5336cfd74afa55f8afb1f0b93f2d6cc8b18cc3bbc954291a69c889f8361d0d93ccd9f1e0d950e08e1030eed47957c369e64c97aef34c289a778863d34684d90f54ec29a1a45b058d96dcd77d4708c8ce8fa087dc212f0f4785b1e145c7e6c734fcc8ec0a0fdc457cb60c57bc1259d05ed92ddacc9ba2d8e810ffde8ccf67ec43ac8f05c5f9dff3efbafe67271a7cbfd85dc90f870a3a2be2145b767edfa0e666a041ca7b99ac6cf09379df560e27bf00b60acc8bdc28bf765fd1a3a6daf20905e5f0a2dd473b3fbe1eaa414e5af8d4fa9847af219db7118d609cf28a45d810cfc2cbc9dfcdd1676816309165d89cf3a138fb785f4e41adb7e15cf40e6401ca684bfb976d4a7989b4fe6666fd926857366da896815d243c033fa243f6d02c683091d8b9ba613225246ab1f661f8085da9f18682e410e9aa771e6f30cb8b00d17e7cfaefd9d9b80a8760506f34ba04e0844b5dc8ec53cdf578d2a0bbdbe3ba4c92ff75d85caa97b396405f06dcecf136a3a73944a44e333df258a86960285f6cf2a5185b9e1afdd6feadef8f25b0836ab644eaedaa39b7f840332b6ba4a2e2ca4007dc02a8009e81d23428651a597437155d03a177e9c8501fbfca334d2515cbbde3116e5db438de268eb4ed4c29c7e19a421e7581969919449ea4982018a0ab283790a3741495572568476abc5ef7110db461167846cdfb21f5af30692724a3930b34a95fbfd2fea886ae5c3d30ab3737a5df1689ca3e30e24c1a907196e34002247bec3c7b58ead4c5b374f2ff6408bfc8f513c6bf7e8cf3a493046c16340459053a569fedf652bd4f6b04c43fa770b084defa3b2d7182feff095c4f0fd23e33ba1a3513e7a9c6a42ac35afa085083fe1ec331a1b1d4b11c5fc9573cfaf984027c98191ef52ec14e23477ce2b8ebc8523f3dc74fea42984d8711c2d5a98a92bfa26e8b92053e448f1d0aa9b3ad6bb159e08eb923d710e50784166e2d0021a933de490eb0542e45072c178646a6f674a5eabdde0aff8c20ef266c41bcb3150a8e2948e46e618988d44305ccb39dd77909f24704000280b80002809c000100875ba50afb7c4103b226f60ec3155234e3877c38dfdddca157704e58f963af3fd3ab9cddf625c2c3b44632f25af3de897f9aef70806700bc24c712677751fe844e94e44aa78410a88d4d32cc8fc592535e47a2045b6b13fec2acff1c57ec2e44789220c6ad86cde3262c0e29767d0793beb652eaa9ef1c9befb0a0641870d88c46e54141d2d8882c844b51249f0528a3413711f0c9b13a3b170001004310bc2a4e2de1f78da171e70703a65b8066da0004000280e0010280490001003342d233e05edebf6453ad40ffb8fdc32e50e78270ec9bdf6e7643df95e8d153f0fc5e15f615da4801b0fdb192177422b143dbbe14ee95b9f90e9d8797ca929c8a7ca57574000000e40001006aa6eaac6f4b461864c9dbab56133eaaa9f50b6770a119a9d89fec6e4376b5b2c32f661be94a4fe7c0755fd642f4b8d4752b9660d5b61226062d8871599bbcfa7c8206e27495557f57bc4647d209c70145e88dfe8b23aab7743c420ca8d3bffa2d96d91374fa565ac88aba12fb8163ec8d485eda1ff86f398f947db05a51b74abee278e6add982c178c4e08fb5aa9ef689629f74947a06d3b2d653216aaba7124ab6cf2a2bb2662834fc66fa32961f2065450b967516aaa8bed092ee58639c4fa0afe229c4a5e5c6f0d899360b0a26467db5b4f43fb3228fab59ae84be114ba08800010000000001290ad3eb30b6f62075fa7597f1fd84d9549fb819d48dc0632c14e96918cc653ec6718691516a727a180f8cd727f98394328b476bd4496f31fbdbecac89913ab041d49d9083286f1919c157b091587e87ec3ece2bfeb2c64400e7f8d1919215eb96d3f0919ae61554cf4911b5c2b6e2332e869e337ab23d2de9544ec2b5304dc52400028008000340000000000800018000000000080003400000000008000180000000004800028044000280080003400000000008000180000000000900020073797a3100000000080003400000000008000180000000000900020073797a3000000000080001800000000048000280340002800900020073797a300000000008000340000000000900020073797a300000000008000340000000000800018000000000100002800900020073797a32000000003800028034000280080001800000000008000340000000000800034000000000080001800000000008000180fffffffd0800034000000000b40401800c0001006269747769736500a4040280080003400000000008000240000000000800064000000000080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340000000000800034000000000080003400000000008000180000000006200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034000000000080003400000000008000180000000000800014000000000600004804000028008000180000000000900020073797a3000000000080001800000000008000180000000000900020073797a31000000000900020073797a31000000001c0002800900020073797a31000000000900020073797a32000000000800024000000000ac010480b200010006687351802453c1b314541f275193ac658985478517d01198c7d90f63dbcb74fce872904af6593131bccce0ef918bcbf359a0d8aa2801d0f31fc8aae73107413f6112724ccec7e130fb84435e63fed1d71f589f8b071b95bb38e0532478f6d3592922c17c635ea7a8f7ad3260e620447bf7f845e6017d17014e26504fe91922a2b5e10b8511169b2a9ac673e340506a052cea05d8a429d989757a396fe43535df4fe926987ed7fc41dd6acfdf2600000b0001000bca99f460f4b0002800028008000180000000000900020073797a30000000000800034000000000080003400000000004000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d6574610000000024000280080002400000000008000340000000000800035000000000080003400000003cd43137800a0001006c696d69740000000900010073797a30"], 0x1cdc}, 0x1, 0x0, 0x0, 0x4fb2e2d1d045fac2}, 0x0) r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000040)={@any, 0x4}) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) socket$inet6(0xa, 0x6, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000087}, 0x0) r5 = syz_open_dev$vim2m(0x0, 0x3, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f00000001c0)={0x13, 0x1, 0x3, "10e2dd61014b3841d23c1960672f1000", 0x38303553}) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0xfffffffd, '\x00', 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b9af8ff0000000026090200760000007b9af0ff00000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb50200000800000018280000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000014000000760000f0bf910000000000001f080000000000008500000005000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 19.523212864s ago: executing program 0 (id=522): openat$kvm(0xffffffffffffff9c, 0x0, 0x327fa1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) ioperm(0x0, 0x1fb, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r4, 0x80, 0xa2, 0x8}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xb}}]}, 0x28}}, 0x10) 19.466652105s ago: executing program 2 (id=523): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="000000156b000000280012000900010076657468"], 0x48}}, 0x0) 19.31655482s ago: executing program 2 (id=524): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)) socket$kcm(0x21, 0x2, 0x2) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000280)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x2384278a5ae9450f}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) preadv(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, 0x0, 0x0) socket(0x10, 0x803, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 18.416143017s ago: executing program 0 (id=525): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4c000) 18.361500501s ago: executing program 2 (id=526): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x2, &(0x7f0000000280)=[@cr0={0x0, 0xc0040000}], 0x1) (async) socket$vsock_stream(0x28, 0x1, 0x0) 18.310760323s ago: executing program 0 (id=527): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000ffb000000007000000ee0016055e0301000000000064050000000000006916300000000000bf07000000000000260507000fff07206706000020000000470600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 17.324293925s ago: executing program 0 (id=528): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)}, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = syz_open_dev$usbmon(&(0x7f00000001c0), 0x0, 0x0) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000427bd7000ffdbdf25020000400800040002000000080002000700000008000700ac1414bb0800010069666500"], 0x34}, 0x1, 0x0, 0x0, 0x8014}, 0x20040000) ioctl$MON_IOCG_STATS(r4, 0x80089203, &(0x7f0000000080)) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0xf8}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x823ea55d3d28d2ab}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r6, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r7 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) preadv(0xffffffffffffffff, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0) fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) 17.152920878s ago: executing program 4 (id=529): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000100), 0x4) (async) socket$netlink(0x10, 0x3, 0x8) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) openat$cuse(0xffffffffffffff9c, &(0x7f0000001f80), 0x2, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5) (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) (async) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) socket$inet6_tcp(0xa, 0x1, 0x0) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) (async) socket$packet(0x11, 0x0, 0x300) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) syz_open_dev$amidi(&(0x7f0000000000), 0x100, 0x200) (async) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r4, 0x6, 0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) 16.209499492s ago: executing program 0 (id=530): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [{0x0, 0x0, 0x6}, {0x987, 0x0, 0x800}]}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2384278a5ae9450f}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x25, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (fail_nth: 2) socket(0x10, 0x803, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) 15.252485553s ago: executing program 0 (id=531): ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000180)=ANY=[@ANYRESDEC], 0x118) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48) socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7a917000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0x2000009, "5660359c3245d1ed51000000000000000100", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f00000001c0)={0x80000, "340bcf501922d69f2827001bc50f0000002ddc7d00", 0xffffffffffffffff}) fchown(0xffffffffffffffff, 0x0, 0x0) ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r7}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f0000000240)=@add_del={0x2, &(0x7f0000000180)='syzkaller0\x00'}) socket$inet6(0xa, 0x2, 0x0) r8 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000340)={0x0, 0x0, r0, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r8, 0xc06864ce, &(0x7f00000001c0)={r9, 0x2, 0x22540000, 0x0, 0x0, [], [0x0, 0x0, 0xffff], [0x0, 0x3, 0x100, 0xd], [0x0, 0x0, 0xfffffffffffffffd]}) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 11.015037619s ago: executing program 33 (id=507): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) dup(0xffffffffffffffff) timer_create(0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) io_uring_setup(0x178e, &(0x7f00000000c0)={0x0, 0x52c1}) syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x148) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r4 = dup(r3) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',cache=mmap']) chmod(&(0x7f0000000340)='./file0\x00', 0x0) open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif\x00'}, 0x58) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmsg$kcm(r6, &(0x7f00000009c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)='W', 0x1}, {&(0x7f00000002c0)="592eb75b3ad6fbbf04a8cdb64a61fce6", 0x10}], 0x2}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) r8 = syz_open_dev$loop(&(0x7f0000000000), 0x5, 0x80000) ioctl$BLKREPORTZONE(r8, 0xc0101282, &(0x7f00000001c0)={0x1}) ftruncate(r7, 0x57) r9 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9) 2.502575862s ago: executing program 34 (id=526): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x2, &(0x7f0000000280)=[@cr0={0x0, 0xc0040000}], 0x1) (async) socket$vsock_stream(0x28, 0x1, 0x0) 2.0071392s ago: executing program 35 (id=529): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000100), 0x4) (async) socket$netlink(0x10, 0x3, 0x8) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) openat$cuse(0xffffffffffffff9c, &(0x7f0000001f80), 0x2, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5) (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) (async) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) socket$inet6_tcp(0xa, 0x1, 0x0) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) (async) socket$packet(0x11, 0x0, 0x300) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) syz_open_dev$amidi(&(0x7f0000000000), 0x100, 0x200) (async) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r4, 0x6, 0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) 0s ago: executing program 36 (id=531): ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000180)=ANY=[@ANYRESDEC], 0x118) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48) socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7a917000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0x2000009, "5660359c3245d1ed51000000000000000100", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f00000001c0)={0x80000, "340bcf501922d69f2827001bc50f0000002ddc7d00", 0xffffffffffffffff}) fchown(0xffffffffffffffff, 0x0, 0x0) ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r7}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f0000000240)=@add_del={0x2, &(0x7f0000000180)='syzkaller0\x00'}) socket$inet6(0xa, 0x2, 0x0) r8 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000340)={0x0, 0x0, r0, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r8, 0xc06864ce, &(0x7f00000001c0)={r9, 0x2, 0x22540000, 0x0, 0x0, [], [0x0, 0x0, 0xffff], [0x0, 0x3, 0x100, 0xd], [0x0, 0x0, 0xfffffffffffffffd]}) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) kernel console output (not intermixed with test programs): T6057] RSP: 002b:00007f9844fca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.128069][ T6057] RAX: ffffffffffffffda RBX: 00007f9844376160 RCX: 00007f9844185d29 [ 80.136050][ T6057] RDX: 000000000004c000 RSI: 0000000020000000 RDI: 0000000000000007 [ 80.144033][ T6057] RBP: 00007f9844fca090 R08: 0000000000000000 R09: 0000000000000000 [ 80.152010][ T6057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.159983][ T6057] R13: 0000000000000000 R14: 00007f9844376160 R15: 00007ffcbf7655b8 [ 80.167975][ T6057] [ 80.501515][ T9] usb 5-1: unable to read config index 0 descriptor/all [ 80.514992][ T9] usb 5-1: can't read configurations, error -71 [ 80.783329][ T29] audit: type=1400 audit(1735816704.383:210): avc: denied { setopt } for pid=6052 comm="syz.3.45" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 80.883894][ T6065] openvswitch: netlink: Flow key attr not present in new flow. [ 81.108448][ T29] audit: type=1400 audit(1735816704.723:211): avc: denied { create } for pid=6059 comm="syz.4.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 81.128329][ C0] vkms_vblank_simulate: vblank timer overrun [ 81.159920][ T6072] netlink: 28 bytes leftover after parsing attributes in process `syz.2.52'. [ 81.175167][ T6074] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.189073][ T29] audit: type=1400 audit(1735816704.723:212): avc: denied { write } for pid=6059 comm="syz.4.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 81.208872][ C0] vkms_vblank_simulate: vblank timer overrun [ 81.247675][ T29] audit: type=1400 audit(1735816704.903:213): avc: denied { ioctl } for pid=6071 comm="syz.3.51" path="socket:[9298]" dev="sockfs" ino=9298 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 81.493394][ T6072] netlink: 80 bytes leftover after parsing attributes in process `syz.2.52'. [ 82.837736][ T29] audit: type=1400 audit(1735816706.523:214): avc: denied { read write } for pid=6059 comm="syz.4.47" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 82.860977][ C0] vkms_vblank_simulate: vblank timer overrun [ 83.233076][ T29] audit: type=1400 audit(1735816706.913:215): avc: denied { open } for pid=6059 comm="syz.4.47" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 83.764952][ T6066] infiniband syz2: set active [ 83.771212][ T6066] infiniband syz2: added team_slave_1 [ 83.856891][ T6097] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 84.225862][ T29] audit: type=1400 audit(1735816707.913:216): avc: denied { bind } for pid=6092 comm="syz.2.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 84.258965][ T6066] RDS/IB: syz2: added [ 84.275050][ T6066] smc: adding ib device syz2 with port count 1 [ 84.285096][ T29] audit: type=1400 audit(1735816707.933:217): avc: denied { accept } for pid=6092 comm="syz.2.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 84.327280][ T6066] smc: ib device syz2 port 1 has pnetid [ 84.431126][ T8] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 84.647385][ T29] audit: type=1400 audit(1735816708.333:218): avc: denied { create } for pid=6110 comm="syz.3.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 84.708356][ T6111] netlink: 12 bytes leftover after parsing attributes in process `syz.3.61'. [ 84.721175][ T29] audit: type=1400 audit(1735816708.393:219): avc: denied { write } for pid=6110 comm="syz.3.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 85.120959][ T6111] netlink: 12 bytes leftover after parsing attributes in process `syz.3.61'. [ 85.192098][ T29] audit: type=1400 audit(1735816708.393:220): avc: denied { nlmsg_write } for pid=6110 comm="syz.3.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 85.270706][ T29] audit: type=1400 audit(1735816708.493:221): avc: denied { create } for pid=6105 comm="syz.0.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 85.812707][ T6121] netlink: 12 bytes leftover after parsing attributes in process `syz.0.63'. [ 85.823557][ T6121] netlink: 12 bytes leftover after parsing attributes in process `syz.0.63'. [ 86.201220][ T6123] mmap: syz.3.64 (6123) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 86.251375][ T6130] tipc: Started in network mode [ 86.269404][ T6130] tipc: Node identity 7f000001, cluster identity 4711 [ 86.322572][ T6130] tipc: Enabled bearer , priority 10 [ 87.181167][ T29] audit: type=1400 audit(1735816710.863:222): avc: denied { write } for pid=6137 comm="syz.2.68" name="ip_mr_cache" dev="proc" ino=4026533092 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 87.357933][ T9] tipc: Node number set to 2130706433 [ 87.536171][ T29] audit: type=1400 audit(1735816711.063:223): avc: denied { read append } for pid=6137 comm="syz.2.68" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 88.456710][ T6151] openvswitch: netlink: Flow actions attr not present in new flow. [ 88.528463][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 88.528478][ T29] audit: type=1400 audit(1735816712.213:227): avc: denied { read } for pid=6152 comm="syz.0.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 88.728073][ T6159] netlink: 12 bytes leftover after parsing attributes in process `syz.2.75'. [ 88.769485][ T6159] netlink: 12 bytes leftover after parsing attributes in process `syz.2.75'. [ 88.826531][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 88.836510][ T8] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 88.844253][ T8] usb 5-1: can't read configurations, error -71 [ 89.466239][ T6166] 9pnet_fd: Insufficient options for proto=fd [ 89.677718][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 89.685830][ T9] usb 4-1: config 0 has an invalid interface number: 126 but max is 0 [ 89.699436][ T9] usb 4-1: config 0 has no interface number 0 [ 89.706040][ T9] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 89.758277][ T9] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 89.768708][ T9] usb 4-1: config 0 interface 126 has no altsetting 0 [ 89.892626][ T8] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 89.990484][ T6174] syz.1.79 uses obsolete (PF_INET,SOCK_PACKET) [ 90.023586][ T9] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 90.039011][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.040829][ T29] audit: type=1400 audit(1735816713.723:228): avc: denied { ioctl } for pid=6167 comm="syz.2.78" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 90.067711][ T9] usb 4-1: Product: syz [ 90.099194][ T9] usb 4-1: Manufacturer: syz [ 90.107667][ T29] audit: type=1400 audit(1735816713.793:229): avc: denied { sys_module } for pid=6171 comm="syz.1.79" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 90.111047][ T9] usb 4-1: SerialNumber: syz [ 90.160764][ T6173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.78'. [ 90.173296][ T9] usb 4-1: config 0 descriptor?? [ 90.184833][ T6149] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 90.194064][ T6149] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 90.202495][ T8] usb 5-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 90.661364][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.682628][ T8] usb 5-1: config 0 descriptor?? [ 90.692382][ T8] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 90.711581][ T6149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.730930][ T6149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.766318][ T9] ir_usb 4-1:0.126: IR Dongle converter detected [ 90.791240][ T9] usb 4-1: IRDA class descriptor not found, device not bound [ 90.819496][ T9] usb 4-1: USB disconnect, device number 2 [ 90.831363][ T29] audit: type=1400 audit(1735816714.513:230): avc: denied { create } for pid=6183 comm="syz.1.82" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 90.893141][ T8] gspca_sn9c2028: read1 error 0 [ 90.974440][ T6189] FAULT_INJECTION: forcing a failure. [ 90.974440][ T6189] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.989361][ T6189] CPU: 0 UID: 0 PID: 6189 Comm: syz.1.83 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 90.999869][ T6189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 91.009915][ T6189] Call Trace: [ 91.011213][ T1201] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 91.013190][ T6189] [ 91.013216][ T6189] dump_stack_lvl+0x16c/0x1f0 [ 91.028251][ T6189] should_fail_ex+0x497/0x5b0 [ 91.032937][ T6189] _copy_to_user+0x32/0xd0 [ 91.037368][ T6189] simple_read_from_buffer+0xd0/0x160 [ 91.042746][ T6189] proc_fail_nth_read+0x198/0x270 [ 91.047768][ T6189] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 91.053320][ T6189] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 91.058876][ T6189] vfs_read+0x1df/0xbe0 [ 91.063032][ T6189] ? __fget_files+0x1fc/0x3a0 [ 91.067712][ T6189] ? __pfx___mutex_lock+0x10/0x10 [ 91.072750][ T6189] ? __pfx_vfs_read+0x10/0x10 [ 91.077433][ T6189] ? __fget_files+0x206/0x3a0 [ 91.082115][ T6189] ksys_read+0x12b/0x250 [ 91.086352][ T6189] ? __pfx_ksys_read+0x10/0x10 [ 91.091117][ T6189] do_syscall_64+0xcd/0x250 [ 91.095619][ T6189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.101512][ T6189] RIP: 0033:0x7f0b8d18473c [ 91.105920][ T6189] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 91.125523][ T6189] RSP: 002b:00007f0b8df2d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 91.133926][ T6189] RAX: ffffffffffffffda RBX: 00007f0b8d375fa0 RCX: 00007f0b8d18473c [ 91.141887][ T6189] RDX: 000000000000000f RSI: 00007f0b8df2d0a0 RDI: 0000000000000004 [ 91.149846][ T6189] RBP: 00007f0b8df2d090 R08: 0000000000000000 R09: 0000000000000000 [ 91.157806][ T6189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.165767][ T6189] R13: 0000000000000000 R14: 00007f0b8d375fa0 R15: 00007fff62f8ec98 [ 91.173740][ T6189] [ 91.188993][ T6164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 91.198365][ T8] gspca_sn9c2028: read1 error 0 [ 91.209601][ T6164] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.247287][ T8] gspca_sn9c2028: read1 error -71 [ 91.257511][ T8] sn9c2028 5-1:0.0: probe with driver sn9c2028 failed with error -71 [ 91.261832][ T1201] usb 3-1: Using ep0 maxpacket: 32 [ 91.270820][ T8] usb 5-1: USB disconnect, device number 5 [ 91.358530][ T1201] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 91.367924][ T1201] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.378796][ T1201] usb 3-1: Product: syz [ 91.390291][ T1201] usb 3-1: Manufacturer: syz [ 91.447902][ T1201] usb 3-1: SerialNumber: syz [ 91.490410][ T29] audit: type=1400 audit(1735816715.173:231): avc: denied { bind } for pid=6195 comm="syz.4.85" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 91.497968][ T1201] usb 3-1: config 0 descriptor?? [ 91.651176][ T29] audit: type=1400 audit(1735816715.173:232): avc: denied { ioctl } for pid=6195 comm="syz.4.85" path="socket:[9461]" dev="sockfs" ino=9461 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 91.861692][ T8] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 91.973550][ T29] audit: type=1400 audit(1735816715.663:233): avc: denied { setopt } for pid=6206 comm="syz.0.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 92.023697][ T6207] input: syz1 as /devices/virtual/input/input7 [ 92.205215][ T8] usb 5-1: config 0 has an invalid interface number: 69 but max is 0 [ 92.213542][ T8] usb 5-1: config 0 has no interface number 0 [ 92.219658][ T8] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64 [ 92.257435][ T8] usb 5-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 92.279938][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.299126][ T8] usb 5-1: Product: syz [ 92.311682][ T8] usb 5-1: Manufacturer: syz [ 92.322462][ T8] usb 5-1: SerialNumber: syz [ 92.363254][ T8] usb 5-1: config 0 descriptor?? [ 92.378104][ T6200] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 92.393866][ T8] cyberjack 5-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 92.416763][ T8] cyberjack ttyUSB0: usb_submit_urb(read int) failed [ 92.442967][ T8] usb 5-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 92.470507][ T29] audit: type=1400 audit(1735816716.153:234): avc: denied { bind } for pid=6181 comm="syz.2.81" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 92.585351][ T29] audit: type=1400 audit(1735816716.273:235): avc: denied { accept } for pid=6181 comm="syz.2.81" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 92.650738][ T29] audit: type=1400 audit(1735816716.273:236): avc: denied { write } for pid=6181 comm="syz.2.81" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 92.808549][ T1201] peak_usb 3-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 92.818711][ T1201] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 92.825607][ T1201] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 92.841431][ T6182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 92.852186][ T6182] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 93.012622][ T1201] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -22 [ 93.026829][ T1201] usb 3-1: USB disconnect, device number 2 [ 93.136215][ T6224] netlink: 28 bytes leftover after parsing attributes in process `syz.0.92'. [ 93.329042][ T5825] Bluetooth: hci1: unexpected event for opcode 0x0c03 [ 93.341109][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 93.664476][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 93.685257][ T9] usb 2-1: config 0 has an invalid interface number: 35 but max is 0 [ 93.693691][ T9] usb 2-1: config 0 has no interface number 0 [ 94.332478][ T6227] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 94.366334][ T9] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 94.378708][ T6226] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 94.399652][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.421193][ T6226] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 94.452019][ T9] usb 2-1: Product: syz [ 94.472557][ T9] usb 2-1: Manufacturer: syz [ 94.482476][ T6226] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 94.495234][ T8] usb 5-1: USB disconnect, device number 6 [ 94.528537][ T6226] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 94.545837][ T9] usb 2-1: SerialNumber: syz [ 94.590340][ T8] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 94.613558][ T6226] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 94.660226][ T6226] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 94.674443][ T8] cyberjack 5-1:0.69: device disconnected [ 94.734752][ T9] usb 2-1: config 0 descriptor?? [ 94.822935][ T6226] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 94.836769][ T6226] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 94.858722][ T6226] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 94.888156][ T6226] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 94.915886][ T6226] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 94.941299][ T6226] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 94.954658][ T6226] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 94.972456][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 94.972470][ T29] audit: type=1400 audit(1735816718.653:241): avc: denied { mounton } for pid=6243 comm="syz.4.98" path="/11/file0" dev="tmpfs" ino=73 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 95.061293][ T6246] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 95.244902][ T9] radio-si470x 2-1:0.35: DeviceID=0x2512 ChipID=0x8a48 [ 95.480637][ T9] radio-si470x 2-1:0.35: si470x_get_report: usb_control_msg returned -71 [ 95.505130][ T9] radio-si470x 2-1:0.35: si470x_get_scratch: si470x_get_report returned -71 [ 95.518939][ T9] radio-si470x 2-1:0.35: probe with driver radio-si470x failed with error -5 [ 95.564907][ T9] radio-raremono 2-1:0.35: this is not Thanko's Raremono. [ 95.601266][ T9] usb 2-1: USB disconnect, device number 3 [ 96.556176][ T29] audit: type=1326 audit(1735816720.183:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 96.557769][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 96.591370][ T29] audit: type=1326 audit(1735816720.183:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 96.624312][ T29] audit: type=1326 audit(1735816720.193:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 96.632707][ T6261] veth0_to_team: entered promiscuous mode [ 96.653518][ T6261] veth0_to_team: entered allmulticast mode [ 96.805883][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 96.889606][ T29] audit: type=1326 audit(1735816720.193:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 96.918229][ T5825] Bluetooth: hci4: command 0x0c1a tx timeout [ 96.921178][ T29] audit: type=1326 audit(1735816720.193:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 96.924315][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 97.032149][ T29] audit: type=1326 audit(1735816720.193:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 97.056741][ T29] audit: type=1326 audit(1735816720.193:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 97.081087][ T29] audit: type=1326 audit(1735816720.193:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 97.104824][ T29] audit: type=1326 audit(1735816720.193:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6263 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1f2785d29 code=0x7ffc0000 [ 97.649838][ T6282] netlink: 8 bytes leftover after parsing attributes in process `syz.0.106'. [ 97.854405][ T5904] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 97.871985][ T6287] netlink: 24 bytes leftover after parsing attributes in process `syz.0.108'. [ 97.901779][ T6284] FAULT_INJECTION: forcing a failure. [ 97.901779][ T6284] name failslab, interval 1, probability 0, space 0, times 1 [ 97.929438][ T6284] CPU: 0 UID: 0 PID: 6284 Comm: syz.1.107 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 97.940071][ T6284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 97.950141][ T6284] Call Trace: [ 97.953432][ T6284] [ 97.956367][ T6284] dump_stack_lvl+0x16c/0x1f0 [ 97.961065][ T6284] should_fail_ex+0x497/0x5b0 [ 97.965767][ T6284] ? fs_reclaim_acquire+0xae/0x150 [ 97.970892][ T6284] should_failslab+0xc2/0x120 [ 97.975593][ T6284] __kmalloc_noprof+0xcb/0x510 [ 97.980381][ T6284] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 97.986032][ T6284] tomoyo_realpath_from_path+0xb9/0x720 [ 97.991631][ T6284] ? tomoyo_path_number_perm+0x235/0x590 [ 97.997288][ T6284] ? tomoyo_path_number_perm+0x235/0x590 [ 98.002940][ T6284] tomoyo_path_number_perm+0x248/0x590 [ 98.008423][ T6284] ? tomoyo_path_number_perm+0x235/0x590 [ 98.011179][ T5904] usb 3-1: Using ep0 maxpacket: 32 [ 98.014057][ T6284] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 98.014123][ T6284] ? __pfx_lock_release+0x10/0x10 [ 98.030209][ T6284] ? trace_lock_acquire+0x14e/0x1f0 [ 98.035437][ T6284] ? lock_acquire+0x2f/0xb0 [ 98.035789][ T5904] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 98.039941][ T6284] ? __fget_files+0x40/0x3a0 [ 98.039972][ T6284] ? __fget_files+0x206/0x3a0 [ 98.039996][ T6284] security_file_ioctl+0x9b/0x240 [ 98.056519][ T5904] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.058226][ T6284] __x64_sys_ioctl+0xb7/0x200 [ 98.074750][ T5904] usb 3-1: Product: syz [ 98.075860][ T6284] do_syscall_64+0xcd/0x250 [ 98.080089][ T5904] usb 3-1: Manufacturer: syz [ 98.084495][ T6284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.084526][ T6284] RIP: 0033:0x7f0b8d185d29 [ 98.084543][ T6284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.084560][ T6284] RSP: 002b:00007f0b8df2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 98.084580][ T6284] RAX: ffffffffffffffda RBX: 00007f0b8d375fa0 RCX: 00007f0b8d185d29 [ 98.084592][ T6284] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 98.084602][ T6284] RBP: 00007f0b8df2d090 R08: 0000000000000000 R09: 0000000000000000 [ 98.084614][ T6284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.084625][ T6284] R13: 0000000000000000 R14: 00007f0b8d375fa0 R15: 00007fff62f8ec98 [ 98.084651][ T6284] [ 98.155504][ T6284] ERROR: Out of memory at tomoyo_realpath_from_path. [ 98.188171][ T5904] usb 3-1: SerialNumber: syz [ 98.208061][ T5904] usb 3-1: config 0 descriptor?? [ 98.710320][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout [ 98.836387][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 99.131216][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout [ 99.137265][ T5825] Bluetooth: hci4: command 0x0c1a tx timeout [ 99.217219][ T6301] warning: `syz.1.112' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 99.450359][ T5904] peak_usb 3-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 99.504994][ T5904] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 99.524706][ T6307] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 99.703552][ T5904] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 99.735827][ T6280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 99.973270][ T6280] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 100.150620][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 100.150635][ T29] audit: type=1400 audit(1735816723.823:276): avc: denied { setopt } for pid=6310 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 100.208753][ T6314] loop2: detected capacity change from 0 to 7 [ 100.231706][ T5904] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -22 [ 100.244930][ T6314] Dev loop2: unable to read RDB block 7 [ 100.250723][ T6314] loop2: unable to read partition table [ 100.256833][ T6314] loop2: partition table beyond EOD, truncated [ 100.265316][ T6314] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 100.322314][ T5904] usb 3-1: USB disconnect, device number 3 [ 100.703084][ T29] audit: type=1400 audit(1735816724.383:277): avc: denied { getattr } for pid=6318 comm="syz.1.117" name="/" dev="pidfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 101.152173][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 101.152249][ T5129] Bluetooth: hci4: command 0x0c1a tx timeout [ 101.158213][ T54] Bluetooth: hci3: command 0x0c1a tx timeout [ 101.182203][ T6326] IPv6: Can't replace route, no match found [ 101.198456][ T29] audit: type=1400 audit(1735816724.873:278): avc: denied { execute } for pid=6312 comm="syz.4.115" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=9658 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 101.590478][ T29] audit: type=1400 audit(1735816725.273:279): avc: denied { read write } for pid=6330 comm="syz.0.121" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 101.614106][ T29] audit: type=1400 audit(1735816725.273:280): avc: denied { open } for pid=6330 comm="syz.0.121" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 101.637779][ T29] audit: type=1400 audit(1735816725.273:281): avc: denied { map } for pid=6330 comm="syz.0.121" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 101.661654][ T29] audit: type=1400 audit(1735816725.273:282): avc: denied { execute } for pid=6330 comm="syz.0.121" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 101.734590][ T29] audit: type=1400 audit(1735816725.353:283): avc: denied { map } for pid=6330 comm="syz.0.121" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 102.825681][ T29] audit: type=1400 audit(1735816726.513:284): avc: denied { create } for pid=6347 comm="syz.1.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 103.236816][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout [ 104.268203][ T6369] netlink: 28 bytes leftover after parsing attributes in process `syz.2.126'. [ 104.579383][ T6369] netlink: 80 bytes leftover after parsing attributes in process `syz.2.126'. [ 104.821706][ T5904] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 105.196821][ T6379] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 105.960085][ T5904] usb 1-1: Using ep0 maxpacket: 32 [ 105.967395][ T5904] usb 1-1: unable to get BOS descriptor or descriptor too short [ 105.971762][ T6382] openvswitch: netlink: Flow actions attr not present in new flow. [ 105.976192][ T5904] usb 1-1: config 7 interface 0 has no altsetting 0 [ 106.006185][ T5904] usb 1-1: New USB device found, idVendor=0471, idProduct=0312, bcdDevice=bc.45 [ 106.023124][ T5904] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.031177][ T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 106.032433][ T5904] usb 1-1: Product: syz [ 106.064561][ T5904] usb 1-1: Manufacturer: syz [ 106.077210][ T5904] usb 1-1: SerialNumber: syz [ 106.192186][ T6389] loop2: detected capacity change from 0 to 7 [ 106.217419][ T5904] usb 1-1: can't set config #7, error -71 [ 106.243264][ T5904] usb 1-1: USB disconnect, device number 3 [ 106.249288][ T6389] Dev loop2: unable to read RDB block 7 [ 106.259958][ T6384] netlink: 72 bytes leftover after parsing attributes in process `syz.1.136'. [ 106.304367][ T6389] loop2: unable to read partition table [ 106.328921][ T6389] loop2: partition table beyond EOD, truncated [ 106.335293][ T6389] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 106.401151][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 106.415570][ T9] usb 5-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 106.444484][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.461923][ T9] usb 5-1: Product: syz [ 106.471220][ T9] usb 5-1: Manufacturer: syz [ 106.482839][ T9] usb 5-1: SerialNumber: syz [ 106.496560][ T29] audit: type=1400 audit(1735816730.183:285): avc: denied { create } for pid=6399 comm="syz.1.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 106.525703][ T29] audit: type=1400 audit(1735816730.213:286): avc: denied { ioctl } for pid=6399 comm="syz.1.139" path="socket:[8959]" dev="sockfs" ino=8959 ioctlcmd=0x89ea scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 106.565991][ T9] usb 5-1: config 0 descriptor?? [ 107.800746][ T29] audit: type=1400 audit(1735816731.483:287): avc: denied { setopt } for pid=6410 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 107.835055][ T29] audit: type=1400 audit(1735816731.513:288): avc: denied { listen } for pid=6410 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 108.041478][ T29] audit: type=1400 audit(1735816731.513:289): avc: denied { write } for pid=6410 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 108.060928][ T29] audit: type=1400 audit(1735816731.513:290): avc: denied { accept } for pid=6410 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 108.813803][ T29] audit: type=1400 audit(1735816732.503:291): avc: denied { read } for pid=6410 comm="syz.0.142" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 108.851838][ T6424] binder: 6410:6424 ioctl 1267 200002c0 returned -22 [ 108.870318][ T29] audit: type=1400 audit(1735816732.503:292): avc: denied { open } for pid=6410 comm="syz.0.142" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 108.936965][ T6428] netlink: 8 bytes leftover after parsing attributes in process `syz.2.146'. [ 108.942630][ T29] audit: type=1400 audit(1735816732.503:293): avc: denied { write } for pid=6410 comm="syz.0.142" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 108.961561][ T9] peak_usb 5-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 108.974206][ T29] audit: type=1400 audit(1735816732.503:294): avc: denied { ioctl } for pid=6410 comm="syz.0.142" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 108.989982][ T9] peak_usb 5-1:0.0 can0: sending command failure: -22 [ 109.116678][ T9] peak_usb 5-1:0.0 can0: sending command failure: -22 [ 109.158301][ T6432] netlink: 668 bytes leftover after parsing attributes in process `syz.2.147'. [ 109.185369][ T6372] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 109.195978][ T6432] netlink: 668 bytes leftover after parsing attributes in process `syz.2.147'. [ 109.200857][ T6372] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 109.221478][ T9] peak_usb 5-1:0.0: probe with driver peak_usb failed with error -22 [ 109.262324][ T9] usb 5-1: USB disconnect, device number 7 [ 109.370475][ T6434] vxcan3: entered promiscuous mode [ 109.415009][ T6434] vxcan3: entered allmulticast mode [ 111.764568][ T6434] netlink: 104 bytes leftover after parsing attributes in process `syz.3.148'. [ 112.309947][ T6465] netlink: 12 bytes leftover after parsing attributes in process `syz.1.157'. [ 112.407858][ T6465] netlink: 12 bytes leftover after parsing attributes in process `syz.1.157'. [ 112.420122][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 112.420136][ T29] audit: type=1400 audit(1735816736.113:301): avc: denied { ioctl } for pid=6467 comm="syz.0.158" path="socket:[9030]" dev="sockfs" ino=9030 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 112.422085][ T6470] netlink: 28 bytes leftover after parsing attributes in process `syz.3.159'. [ 112.429550][ T29] audit: type=1400 audit(1735816736.113:302): avc: denied { accept } for pid=6467 comm="syz.0.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 112.462482][ T6472] netlink: 668 bytes leftover after parsing attributes in process `syz.2.160'. [ 112.488560][ T6470] netlink: 80 bytes leftover after parsing attributes in process `syz.3.159'. [ 112.653745][ T6472] netlink: 668 bytes leftover after parsing attributes in process `syz.2.160'. [ 113.551438][ T25] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 113.566965][ T5864] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 113.713905][ T25] usb 4-1: config 0 has an invalid interface number: 133 but max is 0 [ 113.726917][ T25] usb 4-1: config 0 has no interface number 0 [ 113.746186][ T5864] usb 2-1: Using ep0 maxpacket: 32 [ 113.755361][ T25] usb 4-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 113.769878][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.779989][ T25] usb 4-1: Product: syz [ 113.790613][ T5864] usb 2-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 113.800905][ T5864] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.814458][ T25] usb 4-1: Manufacturer: syz [ 113.819078][ T25] usb 4-1: SerialNumber: syz [ 113.829134][ T5864] usb 2-1: Product: syz [ 113.845520][ T5864] usb 2-1: Manufacturer: syz [ 113.850148][ T5864] usb 2-1: SerialNumber: syz [ 113.882539][ T25] usb 4-1: config 0 descriptor?? [ 113.893665][ T5864] usb 2-1: config 0 descriptor?? [ 114.894033][ T25] keyspan 4-1:0.133: Keyspan 1 port adapter converter detected [ 114.902910][ T25] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 81 [ 114.911206][ T25] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 1 [ 114.919350][ T25] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 2 [ 114.958858][ T25] usb 4-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 115.327372][ T6477] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6477 comm=syz.3.162 [ 115.404094][ T6508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.404295][ T6508] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.133577][ T29] audit: type=1400 audit(1735816739.823:303): avc: denied { create } for pid=6510 comm="syz.0.171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 116.152822][ C0] vkms_vblank_simulate: vblank timer overrun [ 116.178492][ T46] usb 4-1: USB disconnect, device number 3 [ 116.208447][ T6514] netlink: 'syz.2.172': attribute type 10 has an invalid length. [ 116.238450][ T6514] syz_tun: entered promiscuous mode [ 116.301679][ T6514] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 116.382949][ T5864] peak_usb 2-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 116.393041][ T5864] peak_usb 2-1:0.0 can0: sending command failure: -22 [ 116.399821][ T5864] peak_usb 2-1:0.0 can0: sending command failure: -22 [ 116.408577][ T46] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 116.419160][ T46] keyspan 4-1:0.133: device disconnected [ 116.864145][ T6481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.883922][ T6481] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.981402][ T5864] peak_usb 2-1:0.0: probe with driver peak_usb failed with error -22 [ 116.997860][ T5864] usb 2-1: USB disconnect, device number 4 [ 117.244934][ T6529] pim6reg527: entered allmulticast mode [ 118.268243][ T29] audit: type=1400 audit(1735816741.013:304): avc: denied { create } for pid=6522 comm="syz.3.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 120.631176][ T5862] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 121.994452][ T29] audit: type=1400 audit(1735816745.683:305): avc: denied { write } for pid=6555 comm="syz.3.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 121.998416][ T5862] usb 2-1: Using ep0 maxpacket: 16 [ 122.020071][ T5862] usb 2-1: device descriptor read/all, error -71 [ 122.143779][ T6568] netlink: 'syz.2.186': attribute type 10 has an invalid length. [ 122.671177][ T46] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 122.852995][ T46] usb 3-1: Using ep0 maxpacket: 32 [ 122.878663][ T46] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 122.936694][ T6579] netlink: 28 bytes leftover after parsing attributes in process `syz.4.191'. [ 122.949138][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.962946][ T46] usb 3-1: Product: syz [ 122.967204][ T46] usb 3-1: Manufacturer: syz [ 122.972028][ T46] usb 3-1: SerialNumber: syz [ 123.967947][ T46] usb 3-1: config 0 descriptor?? [ 124.504906][ T29] audit: type=1400 audit(1735816747.993:306): avc: denied { unlink } for pid=6591 comm="syz.0.195" name="#1" dev="tmpfs" ino=274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 124.528246][ T29] audit: type=1400 audit(1735816748.003:307): avc: denied { mount } for pid=6591 comm="syz.0.195" name="/" dev="overlay" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 124.567012][ T29] audit: type=1400 audit(1735816748.253:308): avc: denied { read write } for pid=6578 comm="syz.4.191" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 124.595987][ T29] audit: type=1400 audit(1735816748.283:309): avc: denied { open } for pid=6578 comm="syz.4.191" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 124.710599][ T46] peak_usb 3-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 124.720695][ T46] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 124.731611][ T46] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 124.801789][ T46] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -22 [ 124.939398][ T6607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.972417][ T6607] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 125.069630][ T46] usb 3-1: USB disconnect, device number 4 [ 125.266951][ T6619] Invalid logical block size (32) [ 125.281194][ T29] audit: type=1400 audit(1735816748.963:310): avc: denied { unmount } for pid=5817 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 125.721116][ T46] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 125.761382][ T29] audit: type=1400 audit(1735816749.423:311): avc: denied { mounton } for pid=6626 comm="syz.3.204" path="/36/file0" dev="tmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 125.988869][ T46] usb 5-1: device descriptor read/64, error -71 [ 126.271553][ T46] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 126.597846][ T46] usb 5-1: device descriptor read/64, error -71 [ 126.697676][ T6642] netlink: 8 bytes leftover after parsing attributes in process `syz.3.208'. [ 126.722588][ T46] usb usb5-port1: attempt power cycle [ 126.765555][ T6644] xt_TPROXY: Can be used only with -p tcp or -p udp [ 126.767760][ T6642] netlink: 12 bytes leftover after parsing attributes in process `syz.3.208'. [ 126.786437][ T6642] netlink: 'syz.3.208': attribute type 6 has an invalid length. [ 127.022727][ T29] audit: type=1400 audit(1735816750.713:312): avc: denied { write } for pid=6653 comm="syz.3.212" name="sg0" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 127.052295][ T29] audit: type=1400 audit(1735816750.713:313): avc: denied { open } for pid=6653 comm="syz.3.212" path="/dev/sg0" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 127.185642][ T46] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 127.910967][ T6661] sg_write: process 140 (syz.3.212) changed security contexts after opening file descriptor, this is not allowed. [ 127.930155][ T29] audit: type=1400 audit(1735816751.583:314): avc: denied { ioctl } for pid=6653 comm="syz.3.212" path="/dev/sg0" dev="devtmpfs" ino=743 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 127.995827][ T970] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 128.028339][ T46] usb 5-1: device descriptor read/8, error -71 [ 128.326280][ T970] usb 1-1: Using ep0 maxpacket: 16 [ 128.370040][ T970] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 128.971222][ T970] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 128.980306][ T970] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.999286][ T970] usb 1-1: config 0 descriptor?? [ 129.021884][ T970] pxrc 1-1:0.0: Could not find endpoint [ 129.135393][ T46] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 129.302225][ T970] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 129.362194][ T5864] usb 1-1: USB disconnect, device number 4 [ 129.380213][ T46] usb 5-1: device not accepting address 11, error -71 [ 129.420666][ T46] usb usb5-port1: unable to enumerate USB device [ 129.461110][ T970] usb 4-1: Using ep0 maxpacket: 32 [ 129.667904][ T970] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 129.677064][ T970] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.689993][ T970] usb 4-1: Product: syz [ 129.701197][ T970] usb 4-1: Manufacturer: syz [ 129.705823][ T970] usb 4-1: SerialNumber: syz [ 129.803834][ T6686] (syz.1.219,6686,0):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "€" or missing value [ 129.815066][ T6686] (syz.1.219,6686,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 130.489948][ T970] usb 4-1: config 0 descriptor?? [ 130.587165][ T6695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.224'. [ 130.901330][ T46] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 131.267493][ T46] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96 [ 131.400171][ T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.453713][ T46] usb 1-1: Product: syz [ 131.623948][ T970] peak_usb 4-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 131.628036][ T46] usb 1-1: Manufacturer: syz [ 131.638641][ T46] usb 1-1: SerialNumber: syz [ 131.643577][ T970] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 131.651921][ T46] usb 1-1: config 0 descriptor?? [ 131.671200][ T970] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 132.216403][ T970] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -22 [ 132.246219][ T6667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 132.282635][ T6667] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.565640][ T5864] usb 4-1: USB disconnect, device number 4 [ 132.572194][ T46] peak_usb 1-1:0.0: PEAK-System PCAN-USB FD v212 fw v90.0.0 (1 channels) [ 132.628441][ T46] peak_usb 1-1:0.0 can1: unable to request usb[type=2 value=5] err=-71 [ 133.429122][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.438992][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.448827][ T46] peak_usb 1-1:0.0: unable to tell PCAN-USB FD driver is loaded (err -71) [ 133.787527][ T6720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.229'. [ 133.797722][ T6720] netlink: 36 bytes leftover after parsing attributes in process `syz.2.229'. [ 133.819126][ T6722] netlink: 'syz.3.230': attribute type 6 has an invalid length. [ 134.091831][ T46] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -71 [ 134.128857][ T46] usb 1-1: USB disconnect, device number 5 [ 134.999567][ T29] audit: type=1400 audit(1735816758.533:315): avc: denied { shutdown } for pid=6731 comm="syz.0.235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 135.029683][ T1201] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 135.047795][ T6734] netlink: 12 bytes leftover after parsing attributes in process `syz.2.233'. [ 135.062873][ T6734] netlink: 12 bytes leftover after parsing attributes in process `syz.2.233'. [ 135.095464][ T29] audit: type=1400 audit(1735816758.653:316): avc: denied { write } for pid=6731 comm="syz.0.235" path="socket:[11498]" dev="sockfs" ino=11498 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 135.203703][ T6743] (syz.3.234,6743,1):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "€" or missing value [ 135.214660][ T6743] (syz.3.234,6743,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 135.725384][ T29] audit: type=1400 audit(1735816758.823:317): avc: denied { create } for pid=6739 comm="syz.1.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 135.761241][ T8] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 135.804117][ T29] audit: type=1400 audit(1735816758.823:318): avc: denied { write } for pid=6739 comm="syz.1.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 135.862639][ T29] audit: type=1400 audit(1735816758.823:319): avc: denied { nlmsg_read } for pid=6739 comm="syz.1.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 135.889188][ T29] audit: type=1400 audit(1735816759.533:320): avc: denied { write } for pid=6746 comm="syz.2.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 135.939533][ T29] audit: type=1400 audit(1735816759.533:321): avc: denied { connect } for pid=6746 comm="syz.2.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 135.940052][ T29] audit: type=1400 audit(1735816759.533:322): avc: denied { name_connect } for pid=6746 comm="syz.2.237" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 135.997222][ T8] usb 1-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=32.00 [ 136.021798][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.038525][ T8] usb 1-1: Product: syz [ 136.054254][ T8] usb 1-1: Manufacturer: syz [ 136.147212][ T1201] usb 5-1: Using ep0 maxpacket: 16 [ 136.156477][ T1201] usb 5-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config [ 136.173436][ T8] usb 1-1: SerialNumber: syz [ 136.185716][ T8] usb 1-1: config 0 descriptor?? [ 136.186963][ T1201] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 136.194426][ T8] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 136.201858][ T29] audit: type=1400 audit(1735816759.863:323): avc: denied { accept } for pid=6746 comm="syz.2.237" laddr=::1 lport=60943 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 136.210919][ T8] usb 1-1: Detected FT233HP [ 136.269487][ T6755] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 136.717027][ T1201] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 136.727763][ T1201] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 136.932400][ T1201] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 136.941792][ T1201] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 136.950069][ T1201] usb 5-1: Manufacturer: syz [ 136.998450][ T1201] usb 5-1: config 0 descriptor?? [ 137.039314][ T8] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 137.087217][ T29] audit: type=1400 audit(1735816760.693:324): avc: denied { connect } for pid=6751 comm="syz.1.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 137.273398][ T970] usb 5-1: USB disconnect, device number 12 [ 137.611667][ T8] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 137.629419][ T8] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 137.667048][ T8] usb 1-1: USB disconnect, device number 6 [ 137.723070][ T8] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 137.741216][ T8] ftdi_sio 1-1:0.0: device disconnected [ 138.967223][ T6775] netlink: 96 bytes leftover after parsing attributes in process `syz.1.245'. [ 139.254099][ T6783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.288259][ T6783] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.889419][ T6786] ======================================================= [ 139.889419][ T6786] WARNING: The mand mount option has been deprecated and [ 139.889419][ T6786] and is ignored by this kernel. Remove the mand [ 139.889419][ T6786] option from the mount to silence this warning. [ 139.889419][ T6786] ======================================================= [ 140.104132][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 140.110646][ T29] audit: type=1400 audit(1735816763.573:339): avc: denied { mounton } for pid=6785 comm="syz.1.246" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 140.304553][ T6798] netlink: 52 bytes leftover after parsing attributes in process `syz.2.248'. [ 140.313870][ T29] audit: type=1400 audit(1735816763.863:340): avc: denied { write } for pid=6769 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 140.350331][ T29] audit: type=1400 audit(1735816763.863:341): avc: denied { add_name } for pid=6769 comm="dhcpcd-run-hook" name="resolv.conf.wlan2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 140.373128][ T29] audit: type=1400 audit(1735816763.863:342): avc: denied { create } for pid=6769 comm="dhcpcd-run-hook" name="resolv.conf.wlan2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 140.395692][ T29] audit: type=1400 audit(1735816763.863:343): avc: denied { write } for pid=6769 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.wlan2.link" dev="tmpfs" ino=2714 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 140.423232][ T29] audit: type=1400 audit(1735816763.863:344): avc: denied { append } for pid=6769 comm="dhcpcd-run-hook" name="resolv.conf.wlan2.link" dev="tmpfs" ino=2714 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 140.577906][ T8] usb 1-1: new low-speed USB device number 7 using dummy_hcd [ 140.762642][ T29] audit: type=1400 audit(1735816764.443:345): avc: denied { remove_name } for pid=6802 comm="rm" name="resolv.conf.wlan2.link" dev="tmpfs" ino=2714 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 140.790181][ T8] usb 1-1: config index 0 descriptor too short (expected 1307, got 27) [ 140.799159][ T8] usb 1-1: config 0 has an invalid interface number: 0 but max is -1 [ 140.816380][ T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 140.827347][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 140.831943][ T29] audit: type=1400 audit(1735816764.503:346): avc: denied { unlink } for pid=6802 comm="rm" name="resolv.conf.wlan2.link" dev="tmpfs" ino=2714 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 140.923182][ T6809] netlink: 24 bytes leftover after parsing attributes in process `syz.4.252'. [ 140.937442][ T29] audit: type=1400 audit(1735816764.583:347): avc: denied { search } for pid=5484 comm="dhcpcd" name="netdev:wlan2" dev="debugfs" ino=11553 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 140.939428][ T8] usb 1-1: string descriptor 0 read error: -22 [ 140.977178][ T8] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 140.984563][ T6805] vxcan3: entered promiscuous mode [ 140.989325][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.997550][ T6805] vxcan3: entered allmulticast mode [ 141.002299][ T8] usb 1-1: config 0 descriptor?? [ 141.013549][ T8] hub 1-1:0.0: bad descriptor, ignoring hub [ 141.019485][ T8] hub 1-1:0.0: probe with driver hub failed with error -5 [ 141.041760][ T6812] netlink: 668 bytes leftover after parsing attributes in process `syz.3.253'. [ 141.097749][ T6812] netlink: 668 bytes leftover after parsing attributes in process `syz.3.253'. [ 141.361930][ T8] usb 1-1: USB disconnect, device number 7 [ 141.781207][ T8] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 141.791118][ T5864] usb 3-1: new low-speed USB device number 6 using dummy_hcd [ 142.551374][ T5864] usb 3-1: Invalid ep0 maxpacket: 32 [ 142.631375][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 142.660312][ T8] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 142.826087][ T29] audit: type=1400 audit(1735816766.383:348): avc: denied { name_connect } for pid=6830 comm="syz.0.256" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 142.947970][ T8] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 143.165956][ T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 143.181195][ T5864] usb 3-1: new low-speed USB device number 7 using dummy_hcd [ 143.204524][ T8] usb 5-1: config 1 has no interface number 0 [ 143.270687][ T8] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 143.283358][ T8] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 143.298179][ T8] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 143.321089][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.331336][ T5864] usb 3-1: Invalid ep0 maxpacket: 32 [ 143.357987][ T5864] usb usb3-port1: attempt power cycle [ 143.364317][ T8] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 143.565849][ T8] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 144.623986][ T8] snd_usb_pod 5-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22) [ 144.630708][ T5864] usb 3-1: new low-speed USB device number 8 using dummy_hcd [ 144.864753][ T5864] usb 3-1: device not accepting address 8, error -71 [ 145.230010][ T1201] usb 5-1: USB disconnect, device number 13 [ 145.237287][ T1201] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 146.448811][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 146.448822][ T29] audit: type=1400 audit(1735816769.743:352): avc: denied { bind } for pid=6860 comm="syz.2.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 146.474813][ T29] audit: type=1400 audit(1735816769.773:353): avc: denied { setopt } for pid=6860 comm="syz.2.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 146.565033][ T6873] netlink: 28 bytes leftover after parsing attributes in process `syz.0.264'. [ 146.708811][ T29] audit: type=1400 audit(1735816770.393:354): avc: denied { unmount } for pid=5828 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 147.511716][ T29] audit: type=1400 audit(1735816771.193:355): avc: denied { read } for pid=6871 comm="syz.4.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 147.564830][ T6878] binder: BINDER_SET_CONTEXT_MGR already set [ 147.579006][ T6878] binder: 6871:6878 ioctl 4018620d 200001c0 returned -16 [ 147.586979][ T29] audit: type=1400 audit(1735816771.253:356): avc: denied { ioctl } for pid=6871 comm="syz.4.265" path="socket:[10604]" dev="sockfs" ino=10604 ioctlcmd=0x9425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 147.706654][ T6898] netlink: 'syz.2.270': attribute type 10 has an invalid length. [ 147.816492][ T1201] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 149.031138][ T1201] usb 4-1: Using ep0 maxpacket: 32 [ 149.038003][ T1201] usb 4-1: config 0 has an invalid interface number: 126 but max is 0 [ 149.081134][ T1201] usb 4-1: config 0 has no interface number 0 [ 149.096315][ T1201] usb 4-1: config 0 interface 126 altsetting 16 endpoint 0x6 has invalid maxpacket 17407, setting to 1024 [ 149.155531][ T1201] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1024 [ 149.225838][ T1201] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 149.302980][ T1201] usb 4-1: config 0 interface 126 has no altsetting 0 [ 149.503555][ T1201] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 149.512723][ T1201] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.520732][ T1201] usb 4-1: Product: syz [ 149.525137][ T1201] usb 4-1: Manufacturer: syz [ 149.529758][ T1201] usb 4-1: SerialNumber: syz [ 149.537621][ T1201] usb 4-1: config 0 descriptor?? [ 149.546532][ T6884] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 149.553962][ T6884] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 150.263418][ T6931] netlink: 28 bytes leftover after parsing attributes in process `syz.1.277'. [ 150.571248][ T25] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 150.881114][ T25] usb 5-1: device descriptor read/64, error -71 [ 151.627587][ T1201] ir_usb 4-1:0.126: IR Dongle converter detected [ 151.634845][ T1201] usb 4-1: IRDA class descriptor not found, device not bound [ 151.682071][ T25] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 151.707564][ T1201] usb 4-1: USB disconnect, device number 5 [ 151.930448][ T25] usb 5-1: device descriptor read/64, error -71 [ 152.044174][ T25] usb usb5-port1: attempt power cycle [ 153.141133][ T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 154.047938][ T25] usb 5-1: device descriptor read/8, error -71 [ 154.550036][ T6970] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 155.197919][ T6973] netlink: 24 bytes leftover after parsing attributes in process `syz.2.286'. [ 155.495388][ T29] audit: type=1400 audit(1735816779.183:357): avc: denied { name_bind } for pid=6979 comm="syz.0.290" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 155.538011][ T6984] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pid=6984 comm=syz.1.291 [ 155.578835][ T29] audit: type=1400 audit(1735816779.183:358): avc: denied { node_bind } for pid=6979 comm="syz.0.290" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 155.758672][ T29] audit: type=1326 audit(1735816779.223:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6976 comm="syz.2.289" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9844185d29 code=0x0 [ 155.952823][ T29] audit: type=1400 audit(1735816779.243:360): avc: denied { bind } for pid=6980 comm="syz.1.291" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 155.975375][ T29] audit: type=1400 audit(1735816779.243:361): avc: denied { name_bind } for pid=6980 comm="syz.1.291" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 156.006455][ T29] audit: type=1400 audit(1735816779.243:362): avc: denied { node_bind } for pid=6980 comm="syz.1.291" saddr=255.255.255.255 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 156.063373][ T29] audit: type=1400 audit(1735816779.313:363): avc: denied { mount } for pid=6979 comm="syz.0.290" name="/" dev="autofs" ino=12016 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 156.336928][ T29] audit: type=1400 audit(1735816779.333:364): avc: denied { unmount } for pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 156.368584][ T29] audit: type=1400 audit(1735816779.813:365): avc: denied { create } for pid=6990 comm="syz.0.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 157.050022][ T29] audit: type=1400 audit(1735816779.813:366): avc: denied { setopt } for pid=6990 comm="syz.0.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 157.691235][ T1201] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 157.827433][ T7027] netlink: 24 bytes leftover after parsing attributes in process `syz.1.301'. [ 157.871289][ T1201] usb 4-1: Using ep0 maxpacket: 16 [ 157.928382][ T1201] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 157.973596][ T1201] usb 4-1: config 0 has no interface number 0 [ 157.993732][ T1201] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 158.007583][ T1201] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 158.016820][ T1201] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 158.038430][ T7031] vxcan5: entered promiscuous mode [ 158.086597][ T7031] vxcan5: entered allmulticast mode [ 158.093991][ T1201] usb 4-1: Product: syz [ 158.104438][ T1201] usb 4-1: SerialNumber: syz [ 158.301764][ T1201] usb 4-1: config 0 descriptor?? [ 158.323735][ T1201] usbhid 4-1:0.8: couldn't find an input interrupt endpoint [ 158.326635][ T7035] QAT: Invalid ioctl 1075883590 [ 158.405591][ T7036] netlink: 104 bytes leftover after parsing attributes in process `syz.1.302'. [ 159.138477][ T7040] QAT: Invalid ioctl -2147191718 [ 159.145837][ T7035] QAT: Invalid ioctl 1075883590 [ 159.160882][ T7035] QAT: Invalid ioctl 1075883590 [ 159.736828][ T7016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 159.754025][ T7035] QAT: Invalid ioctl 1075883590 [ 159.761935][ T7035] QAT: Invalid ioctl 1075883590 [ 159.768357][ T7035] QAT: Invalid ioctl 1075883590 [ 159.795432][ T7035] QAT: Invalid ioctl 1075883590 [ 159.800446][ T7035] QAT: Invalid ioctl 1075883590 [ 159.806576][ T7035] QAT: Invalid ioctl 1075883590 [ 159.881521][ T7016] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 159.958770][ T8] usb 4-1: USB disconnect, device number 6 [ 160.739006][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 160.739021][ T29] audit: type=1400 audit(1735816784.403:370): avc: denied { ioctl } for pid=7044 comm="syz.0.306" path="socket:[12138]" dev="sockfs" ino=12138 ioctlcmd=0x891b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 161.035112][ T29] audit: type=1400 audit(1735816784.723:371): avc: denied { write } for pid=7061 comm="syz.0.311" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 161.145045][ T29] audit: type=1400 audit(1735816784.803:372): avc: denied { mount } for pid=7061 comm="syz.0.311" name="/" dev="configfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 161.169958][ T29] audit: type=1400 audit(1735816784.833:373): avc: denied { search } for pid=7061 comm="syz.0.311" name="/" dev="configfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 161.199148][ T29] audit: type=1400 audit(1735816784.833:374): avc: denied { setattr } for pid=7061 comm="syz.0.311" name="/" dev="configfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 161.227686][ T29] audit: type=1400 audit(1735816784.913:375): avc: denied { map } for pid=7061 comm="syz.0.311" path="/dev/video3" dev="devtmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 161.306414][ T7065] openvswitch: netlink: Flow key attr not present in new flow. [ 161.401560][ T1201] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 161.785516][ T1201] usb 4-1: config 0 has an invalid interface number: 107 but max is 0 [ 161.794475][ T1201] usb 4-1: config 0 has no interface number 0 [ 161.800663][ T1201] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid maxpacket 12336, setting to 64 [ 161.876445][ T1201] usb 4-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 161.888355][ T1201] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 161.898010][ T1201] usb 4-1: Product: syz [ 161.940093][ T1201] usb 4-1: Manufacturer: syz [ 161.967806][ T1201] usb 4-1: SerialNumber: syz [ 161.983449][ T1201] usb 4-1: config 0 descriptor?? [ 161.992991][ T7074] tmpfs: Unknown parameter 'czÝcA2¥y9<+/?:€8Õ$@a' [ 162.182934][ T1201] keyspan 4-1:0.107: Keyspan 4 port adapter converter detected [ 162.190699][ T1201] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 81 [ 162.223914][ T1201] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 1 [ 162.252074][ T29] audit: type=1400 audit(1735816785.933:376): avc: denied { getopt } for pid=7056 comm="syz.3.309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 162.733041][ T29] audit: type=1400 audit(1735816786.153:377): avc: denied { ioctl } for pid=7073 comm="syz.1.313" path="socket:[12278]" dev="sockfs" ino=12278 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 162.757600][ C1] vkms_vblank_simulate: vblank timer overrun [ 162.978344][ T1201] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 162.988063][ T1201] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 2 [ 162.996936][ T1201] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 163.005975][ T1201] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 4 [ 163.021114][ T1201] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 163.030050][ T1201] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 6 [ 163.043843][ T1201] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 163.106008][ T1201] usb 4-1: USB disconnect, device number 7 [ 163.147429][ T1201] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 163.172633][ T1201] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 163.206949][ T1201] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 163.236492][ T1201] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 163.261111][ T1201] keyspan 4-1:0.107: device disconnected [ 163.268482][ T7091] Invalid logical block size (6656) [ 163.360634][ T29] audit: type=1400 audit(1735816787.043:378): avc: denied { connect } for pid=7092 comm="syz.4.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 163.390944][ T7096] openvswitch: netlink: Flow actions attr not present in new flow. [ 163.445028][ T29] audit: type=1400 audit(1735816787.043:379): avc: denied { accept } for pid=7092 comm="syz.4.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 164.654199][ T7127] openvswitch: netlink: Flow key attr not present in new flow. [ 165.757863][ T7140] ip6gretap0: entered promiscuous mode [ 165.910620][ T7147] Invalid logical block size (8192) [ 166.011160][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 166.729741][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 166.777525][ T9] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 166.801296][ T9] usb 4-1: config 0 has no interface number 0 [ 166.847431][ T9] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 166.944589][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 166.944604][ T29] audit: type=1400 audit(1735816790.633:383): avc: denied { write } for pid=7145 comm="syz.2.329" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 166.948161][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.972910][ T29] audit: type=1400 audit(1735816790.633:384): avc: denied { unlink } for pid=5828 comm="syz-executor" name="file0" dev="tmpfs" ino=427 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 167.002272][ C1] vkms_vblank_simulate: vblank timer overrun [ 167.016371][ T9] usb 4-1: Product: syz [ 167.021249][ T9] usb 4-1: Manufacturer: syz [ 167.025860][ T9] usb 4-1: SerialNumber: syz [ 167.036001][ T9] usb 4-1: config 0 descriptor?? [ 167.457317][ T9] radio-si470x 4-1:0.35: DeviceID=0x2512 ChipID=0x8a48 [ 167.472283][ T29] audit: type=1400 audit(1735816790.733:385): avc: denied { open } for pid=7145 comm="syz.2.329" path="/73/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 167.776731][ T7176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.786453][ T7176] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.819414][ T9] radio-si470x 4-1:0.35: si470x_get_report: usb_control_msg returned -71 [ 168.389157][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 168.415984][ T9] radio-si470x 4-1:0.35: si470x_get_scratch: si470x_get_report returned -71 [ 168.427777][ T9] radio-si470x 4-1:0.35: probe with driver radio-si470x failed with error -5 [ 168.461472][ T9] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 168.584813][ T9] usb 4-1: USB disconnect, device number 8 [ 168.611284][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 168.695500][ T8] usb 2-1: config 0 has an invalid interface number: 29 but max is 0 [ 168.703906][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 168.714345][ T8] usb 2-1: config 0 has no interface number 0 [ 168.720499][ T8] usb 2-1: config 0 interface 29 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 169.717455][ T8] usb 2-1: New USB device found, idVendor=03f0, idProduct=0207, bcdDevice= 0.01 [ 169.727443][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.735548][ T8] usb 2-1: Product: syz [ 169.739724][ T8] usb 2-1: Manufacturer: syz [ 170.153579][ T7193] netlink: 52 bytes leftover after parsing attributes in process `syz.0.337'. [ 170.395208][ T8] usb 2-1: SerialNumber: syz [ 170.406390][ T8] usb 2-1: config 0 descriptor?? [ 170.490091][ T8] ums-usbat 2-1:0.29: USB Mass Storage device detected [ 170.507652][ T8] ums-usbat 2-1:0.29: This device (03f0,0207,0001 S 05 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 6.13.0-rc5-syzkaller-00006-g56e6a3499e14) [ 170.507652][ T8] Please send a copy of this message to and [ 170.663527][ T8] usb 2-1: USB disconnect, device number 7 [ 171.263337][ T29] audit: type=1400 audit(1735816794.613:386): avc: denied { setopt } for pid=7197 comm="syz.0.340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 171.308405][ T7207] openvswitch: netlink: Flow actions attr not present in new flow. [ 172.641681][ T7221] netlink: 668 bytes leftover after parsing attributes in process `syz.2.348'. [ 172.650863][ T7221] netlink: 668 bytes leftover after parsing attributes in process `syz.2.348'. [ 172.734067][ T7222] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 173.733216][ T7229] netlink: 'syz.2.349': attribute type 1 has an invalid length. [ 173.861167][ T9] usb 4-1: new low-speed USB device number 9 using dummy_hcd [ 174.139695][ T9] usb 4-1: config index 0 descriptor too short (expected 1307, got 27) [ 174.148227][ T9] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 174.156387][ T9] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 174.165350][ T9] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 174.176388][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 174.181130][ T5864] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 174.186510][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 174.204271][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 174.231107][ T9] usb 4-1: string descriptor 0 read error: -22 [ 174.237360][ T9] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 174.251199][ T5865] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 174.251551][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.278008][ T9] usb 4-1: config 0 descriptor?? [ 174.296608][ T9] hub 4-1:0.0: bad descriptor, ignoring hub [ 174.302754][ T9] hub 4-1:0.0: probe with driver hub failed with error -5 [ 174.307210][ T9] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input12 [ 174.325879][ T29] audit: type=1400 audit(1735816798.013:387): avc: denied { read } for pid=5175 comm="acpid" name="mouse1" dev="devtmpfs" ino=2820 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 174.357674][ T29] audit: type=1400 audit(1735816798.043:388): avc: denied { open } for pid=5175 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2820 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 174.358006][ T5864] usb 3-1: config 0 has an invalid interface number: 133 but max is 0 [ 174.437137][ T5865] usb 1-1: Using ep0 maxpacket: 8 [ 174.442683][ T5864] usb 3-1: config 0 has no interface number 0 [ 174.450295][ T5865] usb 1-1: config 0 has an invalid interface number: 29 but max is 0 [ 174.464635][ T5865] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 174.482919][ T5864] usb 3-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 174.492309][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.502429][ T5865] usb 1-1: config 0 has no interface number 0 [ 174.508546][ T5865] usb 1-1: config 0 interface 29 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 174.526368][ T5864] usb 3-1: Product: syz [ 174.530561][ T5864] usb 3-1: Manufacturer: syz [ 174.536975][ T5864] usb 3-1: SerialNumber: syz [ 174.560923][ T5864] usb 3-1: config 0 descriptor?? [ 174.570933][ T5865] usb 1-1: New USB device found, idVendor=03f0, idProduct=0207, bcdDevice= 0.01 [ 174.580805][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.599786][ T5865] usb 1-1: Product: syz [ 174.607000][ T5865] usb 1-1: Manufacturer: syz [ 174.616616][ T5865] usb 1-1: SerialNumber: syz [ 174.624405][ T5865] usb 1-1: config 0 descriptor?? [ 174.633498][ T5865] ums-usbat 1-1:0.29: USB Mass Storage device detected [ 174.713254][ T5865] ums-usbat 1-1:0.29: This device (03f0,0207,0001 S 05 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 6.13.0-rc5-syzkaller-00006-g56e6a3499e14) [ 174.713254][ T5865] Please send a copy of this message to and [ 174.837420][ T5864] keyspan 3-1:0.133: Keyspan 1 port adapter converter detected [ 174.849746][ T5864] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 81 [ 174.858453][ T5864] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 1 [ 174.866768][ T5864] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 2 [ 174.876258][ T5864] usb 3-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 175.363653][ T8] usb 4-1: USB disconnect, device number 9 [ 175.883205][ T5865] usb 1-1: USB disconnect, device number 8 [ 175.923326][ T29] audit: type=1400 audit(1735816799.613:389): avc: denied { connect } for pid=7262 comm="syz.3.358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 175.981348][ T7265] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pid=7265 comm=syz.3.358 [ 176.057400][ T7235] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7235 comm=syz.2.352 [ 177.515315][ T7281] Invalid logical block size (21760) [ 177.622837][ T7282] (syz.1.362,7282,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 177.632548][ T7282] (syz.1.362,7282,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 178.443258][ T7290] netlink: 8 bytes leftover after parsing attributes in process `syz.0.366'. [ 179.030477][ T8] usb 3-1: USB disconnect, device number 10 [ 179.038102][ T8] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 179.084761][ T8] keyspan 3-1:0.133: device disconnected [ 179.422713][ T29] audit: type=1400 audit(1735816803.013:390): avc: denied { read write } for pid=7296 comm="syz.3.368" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 179.854322][ T29] audit: type=1400 audit(1735816803.013:391): avc: denied { open } for pid=7296 comm="syz.3.368" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 180.486163][ T7315] netlink: 668 bytes leftover after parsing attributes in process `syz.3.372'. [ 180.505524][ T7315] netlink: 668 bytes leftover after parsing attributes in process `syz.3.372'. [ 180.651464][ T7319] netlink: 4 bytes leftover after parsing attributes in process `syz.0.374'. [ 180.870467][ T29] audit: type=1400 audit(1735816804.553:392): avc: denied { unmount } for pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 181.072186][ T7326] (syz.4.376,7326,0):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "€" or missing value [ 181.083222][ T7326] (syz.4.376,7326,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 181.839081][ T8] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 182.001192][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 182.007579][ T8] usb 3-1: config 0 has an invalid interface number: 29 but max is 0 [ 182.025884][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 182.999153][ T8] usb 3-1: config 0 has no interface number 0 [ 183.005997][ T8] usb 3-1: config 0 interface 29 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 183.026493][ T8] usb 3-1: New USB device found, idVendor=03f0, idProduct=0207, bcdDevice= 0.01 [ 183.035612][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.043854][ T8] usb 3-1: Product: syz [ 183.048133][ T8] usb 3-1: Manufacturer: syz [ 183.052896][ T8] usb 3-1: SerialNumber: syz [ 183.423410][ T8] usb 3-1: config 0 descriptor?? [ 183.430278][ T8] ums-usbat 3-1:0.29: USB Mass Storage device detected [ 183.446250][ T8] ums-usbat 3-1:0.29: This device (03f0,0207,0001 S 05 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 6.13.0-rc5-syzkaller-00006-g56e6a3499e14) [ 183.446250][ T8] Please send a copy of this message to and [ 183.522082][ T7342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.381'. [ 183.733905][ T8] usb 3-1: USB disconnect, device number 11 [ 184.396961][ T7350] netlink: 'syz.1.383': attribute type 10 has an invalid length. [ 184.446269][ T7350] syz_tun: entered promiscuous mode [ 184.481812][ T7350] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 184.909113][ T8] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 185.403911][ T8] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 185.413327][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.421480][ T8] usb 4-1: Product: syz [ 185.425798][ T8] usb 4-1: Manufacturer: syz [ 185.440344][ T8] usb 4-1: SerialNumber: syz [ 186.241113][ T46] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 186.295539][ T7378] (syz.0.390,7378,0):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "€" or missing value [ 186.306484][ T7378] (syz.0.390,7378,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 186.892729][ T46] usb 3-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=26.ea [ 186.913432][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.923347][ T8] usb 4-1: config 0 descriptor?? [ 186.928742][ T8] usb 4-1: can't set config #0, error -71 [ 186.935805][ T8] usb 4-1: USB disconnect, device number 10 [ 187.255222][ T46] usb 3-1: config 0 descriptor?? [ 187.297075][ T46] usb 3-1: Invalid firmware size=18. [ 187.344839][ T7399] netlink: 16 bytes leftover after parsing attributes in process `syz.0.399'. [ 187.441210][ T8] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 187.474149][ T1201] usb 3-1: USB disconnect, device number 12 [ 187.594838][ T29] audit: type=1400 audit(1735816811.283:394): avc: denied { mounton } for pid=7389 comm="syz.1.396" path="/90/file1/file0" dev="autofs" ino=13689 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 187.620803][ T29] audit: type=1400 audit(1735816811.283:393): avc: denied { mounton } for pid=7389 comm="syz.1.396" path="/90/file1/file0" dev="autofs" ino=13689 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 187.651326][ T46] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 187.721297][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 187.728086][ T8] usb 4-1: config 0 has an invalid interface number: 29 but max is 0 [ 187.736346][ T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 187.788151][ T29] audit: type=1400 audit(1735816811.433:395): avc: denied { mount } for pid=7389 comm="syz.1.396" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 187.792357][ T8] usb 4-1: config 0 has no interface number 0 [ 187.810664][ T29] audit: type=1400 audit(1735816811.473:396): avc: denied { unmount } for pid=5828 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 187.837953][ T46] usb 5-1: Using ep0 maxpacket: 16 [ 187.848897][ T46] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 187.860502][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 187.873028][ T8] usb 4-1: config 0 interface 29 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 187.894102][ T8] usb 4-1: New USB device found, idVendor=03f0, idProduct=0207, bcdDevice= 0.01 [ 187.903535][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.917246][ T8] usb 4-1: Product: syz [ 187.921994][ T46] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 187.922138][ T8] usb 4-1: Manufacturer: syz [ 187.941072][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.941982][ T8] usb 4-1: SerialNumber: syz [ 187.959240][ T46] usb 5-1: Product: syz [ 187.966019][ T8] usb 4-1: config 0 descriptor?? [ 187.971333][ T46] usb 5-1: Manufacturer: syz [ 187.978697][ T8] ums-usbat 4-1:0.29: USB Mass Storage device detected [ 187.982070][ T46] usb 5-1: SerialNumber: syz [ 187.994884][ T8] ums-usbat 4-1:0.29: This device (03f0,0207,0001 S 05 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 6.13.0-rc5-syzkaller-00006-g56e6a3499e14) [ 187.994884][ T8] Please send a copy of this message to and [ 187.996100][ T46] usb 5-1: config 0 descriptor?? [ 188.033944][ T46] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 188.057996][ T46] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 188.198427][ T8] usb 4-1: USB disconnect, device number 11 [ 188.552715][ T29] audit: type=1400 audit(1735816812.113:397): avc: denied { create } for pid=7411 comm="syz.0.402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 188.907036][ T29] audit: type=1400 audit(1735816812.113:398): avc: denied { read } for pid=7411 comm="syz.0.402" path="socket:[13704]" dev="sockfs" ino=13704 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 189.372405][ T46] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 189.383664][ T46] em28xx 5-1:0.0: Config register raw data: 0xfffffffb [ 189.404436][ T46] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 189.807220][ T46] em28xx 5-1:0.0: No AC97 audio processor [ 190.277569][ T46] usb 5-1: USB disconnect, device number 18 [ 190.293668][ T46] em28xx 5-1:0.0: Disconnecting em28xx [ 190.390116][ T46] em28xx 5-1:0.0: Freeing device [ 190.681432][ T7446] netlink: 52 bytes leftover after parsing attributes in process `syz.2.411'. [ 191.243099][ T7444] netlink: 48 bytes leftover after parsing attributes in process `syz.0.413'. [ 191.357016][ T7456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.417'. [ 191.671541][ T8] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 191.851442][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 191.946428][ T8] usb 3-1: config 0 has an invalid interface number: 29 but max is 0 [ 192.085803][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 192.140984][ T8] usb 3-1: config 0 has no interface number 0 [ 192.160664][ T8] usb 3-1: config 0 interface 29 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 192.259419][ T8] usb 3-1: New USB device found, idVendor=03f0, idProduct=0207, bcdDevice= 0.01 [ 192.268549][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.277786][ T8] usb 3-1: Product: syz [ 192.295729][ T8] usb 3-1: Manufacturer: syz [ 192.300529][ T8] usb 3-1: SerialNumber: syz [ 192.309361][ T8] usb 3-1: config 0 descriptor?? [ 192.332023][ T8] ums-usbat 3-1:0.29: USB Mass Storage device detected [ 192.523336][ T8] ums-usbat 3-1:0.29: This device (03f0,0207,0001 S 05 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 6.13.0-rc5-syzkaller-00006-g56e6a3499e14) [ 192.523336][ T8] Please send a copy of this message to and [ 192.629592][ T970] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 192.763838][ T8] usb 3-1: USB disconnect, device number 13 [ 192.796819][ T970] usb 4-1: config 16 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0 [ 192.818771][ T970] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 192.830011][ T970] usb 4-1: config 16 has no interfaces? [ 192.837355][ T970] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 192.884405][ T970] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.130078][ T8] usb 4-1: USB disconnect, device number 12 [ 193.352156][ T970] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 194.061166][ T970] usb 1-1: device descriptor read/64, error -71 [ 194.277422][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.284776][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.415906][ T970] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 194.763789][ T970] usb 1-1: device descriptor read/64, error -71 [ 194.839135][ T29] audit: type=1400 audit(1735816818.523:399): avc: denied { bind } for pid=7492 comm="syz.4.429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 194.916159][ T7497] netlink: 'syz.4.429': attribute type 7 has an invalid length. [ 194.992467][ T970] usb usb1-port1: attempt power cycle [ 195.184176][ T29] audit: type=1400 audit(1735816818.873:400): avc: denied { create } for pid=7496 comm="syz.2.430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 195.205934][ T7503] openvswitch: netlink: Flow actions attr not present in new flow. [ 195.397014][ T29] audit: type=1400 audit(1735816819.083:401): avc: denied { create } for pid=7510 comm="syz.2.434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 195.423655][ T970] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 195.525332][ T5865] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 195.793042][ T970] usb 1-1: device descriptor read/8, error -71 [ 195.945625][ T5865] usb 4-1: config 0 has an invalid interface number: 137 but max is 0 [ 195.960304][ T5865] usb 4-1: config 0 has no interface number 0 [ 195.968293][ T5865] usb 4-1: config 0 interface 137 has no altsetting 0 [ 195.975451][ T5865] usb 4-1: New USB device found, idVendor=10b8, idProduct=1f9c, bcdDevice=90.83 [ 195.984799][ T5865] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.997840][ T5865] usb 4-1: config 0 descriptor?? [ 196.031244][ T970] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 196.051693][ T970] usb 1-1: device descriptor read/8, error -71 [ 196.140007][ T7515] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 196.150721][ T11] Bluetooth: hci5: Frame reassembly failed (-84) [ 196.158590][ T11] Bluetooth: hci5: Frame reassembly failed (-84) [ 196.165789][ T970] usb usb1-port1: unable to enumerate USB device [ 196.210890][ T5865] dvb-usb: found a 'DiBcom TFE8096P reference design' in warm state. [ 196.225655][ T5865] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 196.236178][ T5865] dvbdev: DVB: registering new adapter (DiBcom TFE8096P reference design) [ 196.245556][ T5865] usb 4-1: media controller created [ 196.264418][ T5865] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 196.316188][ T5865] DVB: Unable to find symbol dib8000_attach() [ 196.325820][ T5865] dvb-usb: no frontend was attached by 'DiBcom TFE8096P reference design' [ 196.381391][ T5865] rc_core: IR keymap rc-dib0700-rc5 not found [ 196.387621][ T5865] Registered IR keymap rc-empty [ 196.393798][ T5865] dvb-usb: could not initialize remote control. [ 196.401125][ T5865] dvb-usb: DiBcom TFE8096P reference design successfully initialized and connected. [ 196.449473][ T7526] netlink: 'syz.0.439': attribute type 5 has an invalid length. [ 196.457395][ T7526] netlink: 8 bytes leftover after parsing attributes in process `syz.0.439'. [ 196.585393][ T7526] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 196.591822][ T7526] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 196.605013][ T7526] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 196.610940][ T7526] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 196.620581][ T7526] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 196.627528][ T7526] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 196.630888][ T5865] usb 4-1: USB disconnect, device number 13 [ 196.639105][ T7526] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 196.647416][ T7526] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 196.660659][ T7526] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 196.668234][ T7526] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 196.693072][ T5865] dvb-usb: DiBcom TFE8096P reference design successfully deinitialized and disconnected. [ 198.221127][ T5824] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 198.227583][ T5825] Bluetooth: hci5: command 0x1003 tx timeout [ 199.015294][ T7547] netlink: 44 bytes leftover after parsing attributes in process `syz.2.444'. [ 199.030898][ T7547] netlink: 12 bytes leftover after parsing attributes in process `syz.2.444'. [ 199.045873][ T29] audit: type=1400 audit(1735816822.703:402): avc: denied { read } for pid=7546 comm="syz.2.444" name="btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 199.098982][ T29] audit: type=1400 audit(1735816822.703:403): avc: denied { open } for pid=7546 comm="syz.2.444" path="/dev/btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 199.135281][ T7547] netlink: 40 bytes leftover after parsing attributes in process `syz.2.444'. [ 199.421229][ T970] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 199.491114][ T46] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 199.571158][ T970] usb 1-1: Using ep0 maxpacket: 32 [ 199.577592][ T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.601088][ T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 199.610873][ T970] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 199.641133][ T970] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.653035][ T46] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 199.661921][ T970] usb 1-1: config 0 descriptor?? [ 199.667846][ T46] usb 3-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 199.680233][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.696293][ T46] usb 3-1: config 0 descriptor?? [ 200.646072][ T7558] netlink: 'syz.4.447': attribute type 12 has an invalid length. [ 201.141055][ C1] hrtimer: interrupt took 54198 ns [ 201.198137][ T7567] netlink: 24 bytes leftover after parsing attributes in process `syz.3.450'. [ 201.320549][ T29] audit: type=1400 audit(1735816825.003:404): avc: denied { append } for pid=7572 comm="syz.4.451" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 201.416921][ T29] audit: type=1400 audit(1735816825.103:405): avc: denied { create } for pid=7572 comm="syz.4.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 201.448822][ T29] audit: type=1400 audit(1735816825.113:406): avc: denied { getopt } for pid=7572 comm="syz.4.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 201.563353][ T7587] vivid-002: disconnect [ 202.025881][ T970] usbhid 1-1:0.0: can't add hid device: -71 [ 202.032124][ T970] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 202.054854][ T7583] vivid-002: reconnect [ 202.105034][ T970] usb 1-1: USB disconnect, device number 13 [ 202.767700][ T46] usb 3-1: USB disconnect, device number 14 [ 202.778342][ T29] audit: type=1400 audit(1735816826.463:407): avc: denied { map } for pid=7592 comm="syz.3.454" path="socket:[14263]" dev="sockfs" ino=14263 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 202.829753][ T29] audit: type=1400 audit(1735816826.463:408): avc: denied { read accept } for pid=7592 comm="syz.3.454" path="socket:[14263]" dev="sockfs" ino=14263 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 202.864879][ T29] audit: type=1400 audit(1735816826.463:409): avc: denied { create } for pid=7592 comm="syz.3.454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 202.894865][ T29] audit: type=1400 audit(1735816826.493:410): avc: denied { map } for pid=7592 comm="syz.3.454" path="socket:[14265]" dev="sockfs" ino=14265 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 202.937006][ T7600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.455'. [ 203.111355][ T29] audit: type=1400 audit(1735816826.493:411): avc: denied { accept } for pid=7592 comm="syz.3.454" path="socket:[14265]" dev="sockfs" ino=14265 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 203.223979][ T29] audit: type=1400 audit(1735816826.893:412): avc: denied { lock } for pid=7605 comm="syz.0.457" path="socket:[14293]" dev="sockfs" ino=14293 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 203.246933][ C1] vkms_vblank_simulate: vblank timer overrun [ 204.161237][ T5825] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 204.171812][ T5825] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 204.181262][ T5825] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 204.216882][ T5825] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 204.231727][ T5825] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 204.239135][ T5825] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 204.256085][ T5824] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 204.350474][ T5824] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 204.364587][ T7628] syz.4.463(7628): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 204.392949][ T5824] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 204.400374][ T29] audit: type=1400 audit(1735816828.053:413): avc: denied { append } for pid=7627 comm="syz.4.463" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 204.930719][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 204.951151][ T5824] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 204.996834][ T5824] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 205.121313][ T5824] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 205.431184][ T46] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 205.882130][ T5828] bond0: (slave syz_tun): Releasing backup interface [ 205.892417][ T46] usb 5-1: Using ep0 maxpacket: 16 [ 206.232623][ T46] usb 5-1: config 0 has no interfaces? [ 206.238138][ T46] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 206.247631][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.257863][ T46] usb 5-1: config 0 descriptor?? [ 206.580033][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 206.580044][ T29] audit: type=1400 audit(1735816830.263:418): avc: denied { setrlimit } for pid=7654 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 206.606005][ T5864] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 206.762795][ T5864] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 206.789576][ T7114] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.821673][ T5864] usb 3-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 206.830774][ T5864] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.860886][ T970] usb 5-1: USB disconnect, device number 19 [ 206.874755][ T5864] usb 3-1: config 0 descriptor?? [ 207.771327][ T5825] Bluetooth: hci5: command tx timeout [ 207.780900][ T29] audit: type=1400 audit(1735816831.453:419): avc: denied { unmount } for pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 207.933587][ T7114] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.948891][ T7673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.469'. [ 208.618541][ T7114] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.294687][ T5825] Bluetooth: hci5: command tx timeout [ 210.340104][ T7114] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.463067][ T7612] chnl_net:caif_netlink_parms(): no params data found [ 210.495775][ T5864] usb 3-1: USB disconnect, device number 15 [ 210.607961][ T7710] netlink: 24 bytes leftover after parsing attributes in process `syz.0.475'. [ 210.798144][ T7711] netlink: 52 bytes leftover after parsing attributes in process `syz.2.476'. [ 210.837889][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 211.468034][ T5864] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 211.537414][ T7612] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.546432][ T29] audit: type=1400 audit(1735816835.233:420): avc: denied { listen } for pid=7730 comm="syz.3.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 211.556698][ T7612] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.575398][ T7612] bridge_slave_0: entered allmulticast mode [ 211.583795][ T29] audit: type=1400 audit(1735816835.233:421): avc: denied { accept } for pid=7730 comm="syz.3.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 211.592423][ T7612] bridge_slave_0: entered promiscuous mode [ 211.682946][ T5864] usb 3-1: Using ep0 maxpacket: 16 [ 211.703707][ T7733] CUSE: unknown device info "€" [ 211.706025][ T5864] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 211.713848][ T7612] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.725583][ T7733] CUSE: zero length info key specified [ 211.822178][ T5864] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 211.921087][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.926488][ T7612] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.050112][ T5864] usb 3-1: Product: syz [ 212.052625][ T7612] bridge_slave_1: entered allmulticast mode [ 212.132497][ T5864] usb 3-1: Manufacturer: syz [ 212.146977][ T7612] bridge_slave_1: entered promiscuous mode [ 212.156605][ T5864] usb 3-1: SerialNumber: syz [ 212.233067][ T7612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.251850][ T5864] usb 3-1: config 0 descriptor?? [ 212.260743][ T5864] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 212.270015][ T5864] em28xx 3-1:0.0: DVB interface 0 found: bulk [ 212.306586][ T7612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 212.358164][ T5824] Bluetooth: hci5: command tx timeout [ 212.383529][ T7612] team0: Port device team_slave_0 added [ 212.389832][ T7114] bridge_slave_1: left allmulticast mode [ 212.396156][ T7114] bridge_slave_1: left promiscuous mode [ 212.405366][ T7114] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.468175][ T7114] bridge_slave_0: left allmulticast mode [ 212.474565][ T7114] bridge_slave_0: left promiscuous mode [ 212.480699][ T7114] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.745249][ T5864] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 213.088231][ T5864] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 213.104454][ T5864] em28xx 3-1:0.0: board has no eeprom [ 213.171388][ T5864] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 213.179561][ T5864] em28xx 3-1:0.0: dvb set to bulk mode. [ 213.197941][ T46] em28xx 3-1:0.0: Binding DVB extension [ 213.234168][ T5864] usb 3-1: USB disconnect, device number 16 [ 213.246861][ T5864] em28xx 3-1:0.0: Disconnecting em28xx [ 213.300750][ T46] em28xx 3-1:0.0: Registering input extension [ 213.307883][ T5864] em28xx 3-1:0.0: Closing input extension [ 213.344012][ T5904] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 213.364721][ T5864] em28xx 3-1:0.0: Freeing device [ 213.515929][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.527921][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.538282][ T5904] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 213.547473][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.565627][ T5904] usb 4-1: config 0 descriptor?? [ 213.605519][ T9] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 213.699475][ T7114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 213.717302][ T7114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 213.730258][ T7114] bond0 (unregistering): Released all slaves [ 213.750927][ T7612] team0: Port device team_slave_1 added [ 213.762214][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 213.774931][ T7751] bridge0: entered promiscuous mode [ 213.793618][ T7751] macvlan2: entered promiscuous mode [ 213.800769][ T9] usb 5-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 213.818235][ T7751] bridge0: port 3(macvlan2) entered blocking state [ 213.830116][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.846511][ T7751] bridge0: port 3(macvlan2) entered disabled state [ 213.860640][ T7751] macvlan2: entered allmulticast mode [ 213.866271][ T9] usb 5-1: Product: syz [ 213.870471][ T9] usb 5-1: Manufacturer: syz [ 213.871091][ T7751] bridge0: entered allmulticast mode [ 213.881615][ T9] usb 5-1: SerialNumber: syz [ 213.888262][ T9] usb 5-1: config 0 descriptor?? [ 213.902749][ T7751] macvlan2: left allmulticast mode [ 213.908278][ T7751] bridge0: left allmulticast mode [ 214.441467][ T5824] Bluetooth: hci5: command tx timeout [ 214.448678][ T7751] bridge0: left promiscuous mode [ 214.450729][ T5904] hid-steam 0003:28DE:1142.0003: unknown main item tag 0x0 [ 214.466818][ T5904] hid-steam 0003:28DE:1142.0003: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0 [ 214.551367][ T5904] hid-steam 0003:28DE:1142.0003: Steam wireless receiver connected [ 214.565772][ T5904] hid-steam 0003:28DE:1142.0004: unknown main item tag 0x0 [ 214.586176][ T5904] hid-steam 0003:28DE:1142.0004: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0 [ 214.963563][ T7768] FAULT_INJECTION: forcing a failure. [ 214.963563][ T7768] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 215.211171][ T7768] CPU: 1 UID: 0 PID: 7768 Comm: syz.2.489 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 215.221803][ T7768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 215.231869][ T7768] Call Trace: [ 215.235147][ T7768] [ 215.238081][ T7768] dump_stack_lvl+0x16c/0x1f0 [ 215.242774][ T7768] should_fail_ex+0x497/0x5b0 [ 215.247476][ T7768] _copy_from_user+0x2e/0xd0 [ 215.252082][ T7768] copy_msghdr_from_user+0x99/0x160 [ 215.257284][ T7768] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 215.263106][ T7768] ___sys_sendmsg+0xff/0x1e0 [ 215.267701][ T7768] ? irqentry_exit+0x3b/0x90 [ 215.272305][ T7768] ? __pfx____sys_sendmsg+0x10/0x10 [ 215.277522][ T7768] ? __pfx_lock_release+0x10/0x10 [ 215.282554][ T7768] ? trace_lock_acquire+0x14e/0x1f0 [ 215.287778][ T7768] ? __fget_files+0x206/0x3a0 [ 215.292470][ T7768] __sys_sendmsg+0x16e/0x220 [ 215.297066][ T7768] ? __pfx___sys_sendmsg+0x10/0x10 [ 215.302198][ T7768] do_syscall_64+0xcd/0x250 [ 215.306719][ T7768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.312624][ T7768] RIP: 0033:0x7f9844185d29 [ 215.317047][ T7768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.336663][ T7768] RSP: 002b:00007f9844fca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 215.345094][ T7768] RAX: ffffffffffffffda RBX: 00007f9844376160 RCX: 00007f9844185d29 [ 215.353069][ T7768] RDX: 0000000000000000 RSI: 0000000020001440 RDI: 000000000000000c [ 215.361049][ T7768] RBP: 00007f9844fca090 R08: 0000000000000000 R09: 0000000000000000 [ 215.369051][ T7768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.377028][ T7768] R13: 0000000000000000 R14: 00007f9844376160 R15: 00007ffcbf7655b8 [ 215.385021][ T7768] [ 215.388117][ C1] vkms_vblank_simulate: vblank timer overrun [ 215.454603][ T9] peak_usb 5-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 215.466011][ T9] peak_usb 5-1:0.0 can0: sending command failure: -22 [ 215.474386][ T9] peak_usb 5-1:0.0 can0: sending command failure: -22 [ 215.565987][ T7612] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.574387][ T7612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.600267][ C1] vkms_vblank_simulate: vblank timer overrun [ 215.606654][ T7612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.619156][ T7612] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.626286][ T7612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.654874][ T7612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.718843][ T7763] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 215.726806][ T29] audit: type=1400 audit(1735816839.143:422): avc: denied { mount } for pid=7749 comm="syz.3.486" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 215.727514][ T7763] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 215.753795][ T29] audit: type=1400 audit(1735816839.173:423): avc: denied { read } for pid=7749 comm="syz.3.486" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 215.776943][ C1] vkms_vblank_simulate: vblank timer overrun [ 216.045071][ T46] usb 4-1: reset high-speed USB device number 14 using dummy_hcd [ 216.171598][ T9] peak_usb 5-1:0.0: probe with driver peak_usb failed with error -22 [ 216.199216][ T9] usb 5-1: USB disconnect, device number 20 [ 216.276465][ T7612] hsr_slave_0: entered promiscuous mode [ 216.290897][ T7612] hsr_slave_1: entered promiscuous mode [ 216.315846][ T7612] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 216.345988][ T7612] Cannot create hsr debugfs directory [ 216.794353][ T7114] hsr_slave_0: left promiscuous mode [ 216.800387][ T7114] hsr_slave_1: left promiscuous mode [ 216.814546][ T7114] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 216.915768][ T7114] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 216.983445][ T7114] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 217.026516][ T7114] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 217.089367][ T7801] netlink: 104 bytes leftover after parsing attributes in process `syz.4.494'. [ 217.102561][ T7114] veth1_macvtap: left promiscuous mode [ 217.116266][ T7114] veth0_macvtap: left promiscuous mode [ 217.126887][ T7114] veth1_vlan: left promiscuous mode [ 217.216234][ T7114] veth0_vlan: left promiscuous mode [ 217.558253][ T7807] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 218.507334][ T5904] usb 4-1: USB disconnect, device number 14 [ 218.558971][ T5904] hid-steam 0003:28DE:1142.0003: Steam wireless receiver disconnected [ 219.024196][ T7114] team0 (unregistering): Port device team_slave_1 removed [ 219.064237][ T7114] team0 (unregistering): Port device team_slave_0 removed [ 219.346812][ T29] audit: type=1400 audit(1735816843.033:424): avc: denied { ioctl } for pid=7818 comm="syz.0.498" path="mnt:[4026532798]" dev="nsfs" ino=4026532798 ioctlcmd=0x940a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 219.726373][ T29] audit: type=1400 audit(1735816843.413:425): avc: denied { ioctl } for pid=7825 comm="syz.4.499" path="socket:[15699]" dev="sockfs" ino=15699 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 219.935872][ T29] audit: type=1400 audit(1735816843.553:426): avc: denied { getopt } for pid=7825 comm="syz.4.499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 221.024925][ T7612] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 221.133186][ T7612] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 221.221478][ T7612] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 221.459048][ T7612] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 222.179667][ T7861] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 222.350929][ T7612] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.416030][ T7612] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.552489][ T6440] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.559624][ T6440] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.571211][ T5862] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 222.782817][ T5862] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 222.794467][ T6440] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.801533][ T6440] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.886885][ T7880] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 223.432494][ T5862] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 223.572387][ T5862] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 223.581703][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.589685][ T5862] usb 3-1: Product: syz [ 223.593928][ T5862] usb 3-1: Manufacturer: syz [ 223.599186][ T5862] usb 3-1: SerialNumber: syz [ 223.637184][ T5862] usb 3-1: config 0 descriptor?? [ 223.713820][ T5862] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 223.772332][ T5830] udevd[5830]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 223.830464][ T29] audit: type=1400 audit(1735816847.503:427): avc: denied { getopt } for pid=7887 comm="syz.0.510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 224.488956][ T7612] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 224.595811][ T7903] netlink: 8 bytes leftover after parsing attributes in process `syz.4.511'. [ 225.345316][ T29] audit: type=1400 audit(1735816849.023:428): avc: denied { append } for pid=7910 comm="syz.0.512" name="loop7" dev="devtmpfs" ino=654 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 225.369170][ T7912] input: syz0 as /devices/virtual/input/input15 [ 225.507237][ T29] audit: type=1400 audit(1735816849.193:429): avc: denied { ioctl } for pid=5175 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2904 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 225.554852][ T9] usb 3-1: USB disconnect, device number 17 [ 226.409228][ T7559] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 226.631730][ T7559] usb 1-1: Using ep0 maxpacket: 8 [ 227.029266][ T7559] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 227.131253][ T7559] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 227.144801][ T7559] usb 1-1: New USB device found, idVendor=0d46, idProduct=2012, bcdDevice=70.57 [ 227.154370][ T7559] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.165585][ T7559] usb 1-1: config 0 descriptor?? [ 227.184601][ T7559] kobil_sct 1-1:0.0: required endpoints missing [ 227.389426][ T8] usb 1-1: USB disconnect, device number 14 [ 227.414815][ T29] audit: type=1400 audit(1735816851.103:430): avc: denied { read } for pid=7932 comm="syz.4.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 227.803262][ T7612] veth0_vlan: entered promiscuous mode [ 227.813515][ T7612] veth1_vlan: entered promiscuous mode [ 227.854351][ T7612] veth0_macvtap: entered promiscuous mode [ 227.869620][ T7612] veth1_macvtap: entered promiscuous mode [ 227.924707][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.939088][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.957917][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.968462][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.978539][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.999475][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.009972][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.031194][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.130472][ T7612] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.182987][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.225678][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.279278][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.306739][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.325205][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.340491][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.361910][ T7612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.391158][ T7612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.423975][ T7612] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.499215][ T7612] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.518245][ T7612] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.539163][ T7612] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.548159][ T7612] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.296313][ T7970] netlink: 24 bytes leftover after parsing attributes in process `syz.2.523'. [ 230.011179][ T5824] Bluetooth: hci5: command 0x0c1a tx timeout [ 230.215045][ T5864] Bluetooth: hci5: Opcode 0x0c1a failed: -110 [ 230.221518][ T5864] Bluetooth: hci5: Error when powering off device on rfkill (-110) [ 232.748578][ T8032] FAULT_INJECTION: forcing a failure. [ 232.748578][ T8032] name failslab, interval 1, probability 0, space 0, times 0 [ 232.761422][ T8032] CPU: 1 UID: 0 PID: 8032 Comm: syz.0.530 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 232.772029][ T8032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 232.782099][ T8032] Call Trace: [ 232.785386][ T8032] [ 232.788326][ T8032] dump_stack_lvl+0x16c/0x1f0 [ 232.793027][ T8032] should_fail_ex+0x497/0x5b0 [ 232.797729][ T8032] ? fs_reclaim_acquire+0xae/0x150 [ 232.802857][ T8032] should_failslab+0xc2/0x120 [ 232.807553][ T8032] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 232.813371][ T8032] ? __alloc_skb+0x2b1/0x380 [ 232.817960][ T8032] __alloc_skb+0x2b1/0x380 [ 232.822371][ T8032] ? __pfx___alloc_skb+0x10/0x10 [ 232.827304][ T8032] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 232.833285][ T8032] netlink_alloc_large_skb+0x69/0x130 [ 232.838654][ T8032] netlink_sendmsg+0x689/0xd70 [ 232.843415][ T8032] ? __pfx_netlink_sendmsg+0x10/0x10 [ 232.848701][ T8032] ____sys_sendmsg+0xaaf/0xc90 [ 232.853455][ T8032] ? copy_msghdr_from_user+0x10b/0x160 [ 232.858909][ T8032] ? __pfx_____sys_sendmsg+0x10/0x10 [ 232.864215][ T8032] ___sys_sendmsg+0x135/0x1e0 [ 232.868878][ T8032] ? __pfx____sys_sendmsg+0x10/0x10 [ 232.874097][ T8032] ? __pfx_lock_release+0x10/0x10 [ 232.879109][ T8032] ? trace_lock_acquire+0x14e/0x1f0 [ 232.884306][ T8032] ? __fget_files+0x206/0x3a0 [ 232.888982][ T8032] __sys_sendmsg+0x16e/0x220 [ 232.893558][ T8032] ? __pfx___sys_sendmsg+0x10/0x10 [ 232.898666][ T8032] do_syscall_64+0xcd/0x250 [ 232.903162][ T8032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.909052][ T8032] RIP: 0033:0x7ff1f2785d29 [ 232.913456][ T8032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.933053][ T8032] RSP: 002b:00007ff1f35d8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 232.941463][ T8032] RAX: ffffffffffffffda RBX: 00007ff1f2976080 RCX: 00007ff1f2785d29 [ 232.949418][ T8032] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000008 [ 232.957374][ T8032] RBP: 00007ff1f35d8090 R08: 0000000000000000 R09: 0000000000000000 [ 232.965677][ T8032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.973630][ T8032] R13: 0000000000000000 R14: 00007ff1f2976080 R15: 00007ffe8baa8478 [ 232.981599][ T8032] [ 233.529082][ T29] audit: type=1400 audit(1735816857.213:431): avc: denied { sys_chroot } for pid=8064 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 233.599303][ T29] audit: type=1400 audit(1735816857.243:432): avc: denied { setgid } for pid=8064 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 255.712726][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.719096][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.154060][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.160481][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.593066][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.599518][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.163691][ T30] INFO: task kworker/1:3:5864 blocked for more than 143 seconds. [ 381.171496][ T30] Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 381.179146][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 381.187937][ T30] task:kworker/1:3 state:D stack:21584 pid:5864 tgid:5864 ppid:2 flags:0x00004000 [ 381.200859][ T30] Workqueue: events rfkill_op_handler [ 381.210263][ T30] Call Trace: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 381.214594][ T30] [ 381.217553][ T30] __schedule+0xe58/0x5ad0 [ 381.226566][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 381.234404][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 381.240255][ T30] ? __pfx___schedule+0x10/0x10 [ 381.272819][ T30] ? schedule+0x298/0x350 [ 381.277210][ T30] ? __pfx_lock_release+0x10/0x10 [ 381.299041][ T30] ? __mutex_trylock_common+0x78/0x250 [ 381.304822][ T30] ? lock_acquire+0x2f/0xb0 [ 381.309332][ T30] ? schedule+0x1fd/0x350 [ 381.313944][ T30] schedule+0xe7/0x350 [ 381.318052][ T30] schedule_preempt_disabled+0x13/0x30 [ 381.323911][ T30] __mutex_lock+0x62b/0xa60 [ 381.328442][ T30] ? mark_held_locks+0x9f/0xe0 [ 381.333481][ T30] ? nfc_dev_down+0x2d/0x2e0 [ 381.338094][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 381.343493][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 381.348787][ T30] ? rfkill_set_block+0x198/0x560 [ 381.354406][ T30] ? __pfx_lock_release+0x10/0x10 [ 381.359440][ T30] ? nfc_dev_down+0x2d/0x2e0 [ 381.364053][ T30] nfc_dev_down+0x2d/0x2e0 [ 381.368482][ T30] nfc_rfkill_set_block+0x39/0xe0 [ 381.373585][ T30] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 381.379328][ T30] rfkill_set_block+0x203/0x560 [ 381.384239][ T30] rfkill_epo+0x8e/0x1d0 [ 381.388511][ T30] rfkill_op_handler+0x262/0x280 [ 381.394165][ T30] process_one_work+0x9c5/0x1ba0 [ 381.399121][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 381.404779][ T30] ? __pfx_process_one_work+0x10/0x10 [ 381.410160][ T30] ? rcu_is_watching+0x12/0xc0 [ 381.415017][ T30] ? assign_work+0x1a0/0x250 [ 381.419612][ T30] worker_thread+0x6c8/0xf00 [ 381.424225][ T30] ? __kthread_parkme+0x148/0x220 [ 381.429256][ T30] ? __pfx_worker_thread+0x10/0x10 [ 381.434454][ T30] kthread+0x2c1/0x3a0 [ 381.438530][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 381.443777][ T30] ? __pfx_kthread+0x10/0x10 [ 381.448371][ T30] ret_from_fork+0x45/0x80 [ 381.452882][ T30] ? __pfx_kthread+0x10/0x10 [ 381.457491][ T30] ret_from_fork_asm+0x1a/0x30 [ 381.462323][ T30] [ 381.465350][ T30] INFO: task kworker/1:5:5904 blocked for more than 143 seconds. [ 381.473138][ T30] Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 381.480760][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 381.489453][ T30] task:kworker/1:5 state:D stack:20048 pid:5904 tgid:5904 ppid:2 flags:0x00004000 [ 381.499665][ T30] Workqueue: events rfkill_global_led_trigger_worker [ 381.506383][ T30] Call Trace: [ 381.509687][ T30] [ 381.512648][ T30] __schedule+0xe58/0x5ad0 [ 381.517079][ T30] ? __pfx_mark_lock+0x10/0x10 [ 381.521903][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 381.527195][ T30] ? find_held_lock+0x2d/0x110 [ 381.531998][ T30] ? __pfx___schedule+0x10/0x10 [ 381.536852][ T30] ? schedule+0x298/0x350 [ 381.541217][ T30] ? __pfx_lock_release+0x10/0x10 [ 381.546248][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 381.551549][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 381.556763][ T30] schedule+0xe7/0x350 [ 381.560816][ T30] schedule_preempt_disabled+0x13/0x30 [ 381.566319][ T30] __mutex_lock+0x62b/0xa60 [ 381.570827][ T30] ? lock_acquire+0x2f/0xb0 [ 381.575370][ T30] ? rfkill_global_led_trigger_worker+0x1b/0x160 [ 381.581751][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 381.586792][ T30] ? rcu_is_watching+0x12/0xc0 [ 381.591602][ T30] ? trace_lock_acquire+0x14e/0x1f0 [ 381.596820][ T30] ? process_one_work+0x921/0x1ba0 [ 381.602005][ T30] ? rfkill_global_led_trigger_worker+0x1b/0x160 [ 381.608337][ T30] rfkill_global_led_trigger_worker+0x1b/0x160 [ 381.614536][ T30] process_one_work+0x9c5/0x1ba0 [ 381.619480][ T30] ? __pfx_nsim_dev_hwstats_traffic_work+0x10/0x10 [ 381.626013][ T30] ? __pfx_process_one_work+0x10/0x10 [ 381.631487][ T30] ? rcu_is_watching+0x12/0xc0 [ 381.636265][ T30] ? assign_work+0x1a0/0x250 [ 381.640840][ T30] worker_thread+0x6c8/0xf00 [ 381.645482][ T30] ? __pfx_worker_thread+0x10/0x10 [ 381.650594][ T30] kthread+0x2c1/0x3a0 [ 381.654696][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 381.659900][ T30] ? __pfx_kthread+0x10/0x10 [ 381.664514][ T30] ret_from_fork+0x45/0x80 [ 381.668934][ T30] ? __pfx_kthread+0x10/0x10 [ 381.673560][ T30] ret_from_fork_asm+0x1a/0x30 [ 381.678358][ T30] [ 381.681447][ T30] INFO: task syz-executor:7612 blocked for more than 143 seconds. [ 381.689244][ T30] Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 381.696907][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 381.705640][ T30] task:syz-executor state:D stack:23168 pid:7612 tgid:7612 ppid:1 flags:0x00000004 [ 381.715910][ T30] Call Trace: [ 381.719205][ T30] [ 381.722194][ T30] __schedule+0xe58/0x5ad0 [ 381.726647][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 381.731886][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 381.737089][ T30] ? __pfx___schedule+0x10/0x10 [ 381.741976][ T30] ? schedule+0x298/0x350 [ 381.746309][ T30] ? __pfx_lock_release+0x10/0x10 [ 381.751373][ T30] ? __mutex_trylock_common+0x78/0x250 [ 381.756833][ T30] ? lock_acquire+0x2f/0xb0 [ 381.761374][ T30] ? schedule+0x1fd/0x350 [ 381.765707][ T30] schedule+0xe7/0x350 [ 381.769757][ T30] schedule_preempt_disabled+0x13/0x30 [ 381.775244][ T30] __mutex_lock+0x62b/0xa60 [ 381.779761][ T30] ? rfkill_fop_open+0x13b/0x750 [ 381.784778][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 381.789813][ T30] ? lockdep_init_map_type+0x16d/0x7d0 [ 381.795380][ T30] ? __pfx_rfkill_fop_open+0x10/0x10 [ 381.800680][ T30] ? rfkill_fop_open+0x13b/0x750 [ 381.805660][ T30] rfkill_fop_open+0x13b/0x750 [ 381.810456][ T30] ? kobject_get_unless_zero+0x157/0x1e0 [ 381.816125][ T30] ? __pfx_rfkill_fop_open+0x10/0x10 [ 381.821466][ T30] misc_open+0x35a/0x420 [ 381.825736][ T30] ? __pfx_misc_open+0x10/0x10 [ 381.830508][ T30] chrdev_open+0x237/0x6a0 [ 381.834992][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 381.839960][ T30] do_dentry_open+0xf59/0x1ea0 [ 381.844792][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 381.849732][ T30] ? inode_permission+0xdd/0x5f0 [ 381.854715][ T30] vfs_open+0x82/0x3f0 [ 381.858785][ T30] ? may_open+0x1f2/0x400 [ 381.863146][ T30] path_openat+0x1e6a/0x2d60 [ 381.867740][ T30] ? __pfx_path_openat+0x10/0x10 [ 381.872873][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 381.878074][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 381.883400][ T30] ? find_held_lock+0x2d/0x110 [ 381.888181][ T30] do_filp_open+0x20c/0x470 [ 381.892730][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 381.897754][ T30] ? find_held_lock+0x2d/0x110 [ 381.902594][ T30] ? alloc_fd+0x41f/0x760 [ 381.906928][ T30] do_sys_openat2+0x17a/0x1e0 [ 381.911647][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 381.916852][ T30] ? kmem_cache_free+0x31d/0x4c0 [ 381.921823][ T30] ? security_file_free+0xb9/0x180 [ 381.926934][ T30] ? __fput+0x686/0xb60 [ 381.931122][ T30] __x64_sys_openat+0x175/0x210 [ 381.935978][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 381.941414][ T30] do_syscall_64+0xcd/0x250 [ 381.945936][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.952134][ T30] RIP: 0033:0x7f62f6b84690 [ 381.956555][ T30] RSP: 002b:00007ffdb47a0170 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 381.965030][ T30] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f62f6b84690 [ 381.973032][ T30] RDX: 0000000000000002 RSI: 00007f62f6c0254e RDI: 00000000ffffff9c [ 381.981055][ T30] RBP: 00007f62f6c0254e R08: 0000000000000000 R09: 0000000000000000 [ 381.989035][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008 [ 381.997081][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 382.005135][ T30] [ 382.008159][ T30] INFO: task syz.3.507:7867 blocked for more than 144 seconds. [ 382.016765][ T30] Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 382.024560][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.035134][ T30] task:syz.3.507 state:D stack:25408 pid:7867 tgid:7865 ppid:5813 flags:0x00004006 [ 382.045514][ T30] Call Trace: [ 382.048810][ T30] [ 382.051949][ T30] __schedule+0xe58/0x5ad0 [ 382.056376][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 382.061801][ T30] ? __pfx___schedule+0x10/0x10 [ 382.066667][ T30] ? schedule+0x298/0x350 [ 382.070988][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.076074][ T30] ? __mutex_trylock_common+0x78/0x250 [ 382.081573][ T30] ? lock_acquire+0x2f/0xb0 [ 382.086081][ T30] ? schedule+0x1fd/0x350 [ 382.090399][ T30] schedule+0xe7/0x350 [ 382.094511][ T30] schedule_preempt_disabled+0x13/0x30 [ 382.100066][ T30] __mutex_lock+0x62b/0xa60 [ 382.104686][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 382.109904][ T30] ? rfkill_unregister+0xde/0x2c0 [ 382.115063][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 382.120115][ T30] ? device_del+0x6b6/0x9f0 [ 382.124812][ T30] ? __pfx_device_del+0x10/0x10 [ 382.129681][ T30] ? rfkill_unregister+0xde/0x2c0 [ 382.134737][ T30] rfkill_unregister+0xde/0x2c0 [ 382.139603][ T30] nfc_unregister_device+0x94/0x330 [ 382.144856][ T30] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 382.150588][ T30] virtual_ncidev_close+0x4b/0xa0 [ 382.155648][ T30] __fput+0x3f8/0xb60 [ 382.159638][ T30] task_work_run+0x14e/0x250 [ 382.164329][ T30] ? __pfx_task_work_run+0x10/0x10 [ 382.169450][ T30] do_exit+0xad8/0x2d70 [ 382.173651][ T30] ? get_signal+0x8f7/0x26c0 [ 382.178244][ T30] ? __pfx_do_exit+0x10/0x10 [ 382.182889][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 382.187926][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 382.195342][ T30] do_group_exit+0xd3/0x2a0 [ 382.199867][ T30] get_signal+0x24ed/0x26c0 [ 382.204420][ T30] ? __pfx_get_signal+0x10/0x10 [ 382.209284][ T30] ? __pfx_do_futex+0x10/0x10 [ 382.213991][ T30] ? kasan_quarantine_put+0x10a/0x240 [ 382.219366][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 382.224970][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 382.231182][ T30] ? rcu_is_watching+0x12/0xc0 [ 382.236090][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 382.241798][ T30] do_syscall_64+0xda/0x250 [ 382.246328][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.252269][ T30] RIP: 0033:0x7fa82a785d29 [ 382.256683][ T30] RSP: 002b:00007fa82b5490e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 382.265156][ T30] RAX: fffffffffffffe00 RBX: 00007fa82a976088 RCX: 00007fa82a785d29 [ 382.273182][ T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa82a976088 [ 382.281208][ T30] RBP: 00007fa82a976080 R08: 0000000000000000 R09: 0000000000000000 [ 382.289180][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa82a97608c [ 382.297246][ T30] R13: 0000000000000000 R14: 00007ffc2bf70970 R15: 00007ffc2bf70a58 [ 382.305580][ T30] [ 382.308630][ T30] INFO: task syz.2.526:7995 blocked for more than 144 seconds. [ 382.316230][ T30] Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 382.324612][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.333336][ T30] task:syz.2.526 state:D stack:27712 pid:7995 tgid:7990 ppid:5816 flags:0x00000004 [ 382.343624][ T30] Call Trace: [ 382.346881][ T30] [ 382.349794][ T30] __schedule+0xe58/0x5ad0 [ 382.354538][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 382.359757][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 382.365137][ T30] ? __pfx___schedule+0x10/0x10 [ 382.370002][ T30] ? schedule+0x298/0x350 [ 382.374555][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.379586][ T30] ? __mutex_trylock_common+0x78/0x250 [ 382.385207][ T30] ? lock_acquire+0x2f/0xb0 [ 382.389733][ T30] ? schedule+0x1fd/0x350 [ 382.394127][ T30] schedule+0xe7/0x350 [ 382.398207][ T30] schedule_preempt_disabled+0x13/0x30 [ 382.403822][ T30] __mutex_lock+0x62b/0xa60 [ 382.408336][ T30] ? misc_open+0x63/0x420 [ 382.412748][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 382.417811][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 382.423226][ T30] ? chrdev_open+0x10e/0x6a0 [ 382.427824][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.432942][ T30] ? kobject_get_unless_zero+0x157/0x1e0 [ 382.438588][ T30] ? __pfx_misc_open+0x10/0x10 [ 382.443596][ T30] ? misc_open+0x63/0x420 [ 382.447991][ T30] misc_open+0x63/0x420 [ 382.452205][ T30] ? __pfx_misc_open+0x10/0x10 [ 382.456975][ T30] chrdev_open+0x237/0x6a0 [ 382.461519][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 382.466466][ T30] do_dentry_open+0xf59/0x1ea0 [ 382.471300][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 382.476240][ T30] ? inode_permission+0xdd/0x5f0 [ 382.481428][ T30] vfs_open+0x82/0x3f0 [ 382.485508][ T30] ? may_open+0x1f2/0x400 [ 382.489823][ T30] path_openat+0x1e6a/0x2d60 [ 382.494501][ T30] ? __pfx_path_openat+0x10/0x10 [ 382.499445][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 382.504825][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 382.510222][ T30] ? find_held_lock+0x2d/0x110 [ 382.515084][ T30] do_filp_open+0x20c/0x470 [ 382.519575][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 382.524821][ T30] ? find_held_lock+0x2d/0x110 [ 382.529608][ T30] ? alloc_fd+0x41f/0x760 [ 382.534012][ T30] do_sys_openat2+0x17a/0x1e0 [ 382.538697][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 382.544047][ T30] ? do_user_addr_fault+0xe50/0x13f0 [ 382.549360][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.554429][ T30] __x64_sys_openat+0x175/0x210 [ 382.559287][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 382.564784][ T30] ? do_user_addr_fault+0x83d/0x13f0 [ 382.570078][ T30] do_syscall_64+0xcd/0x250 [ 382.574660][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.580560][ T30] RIP: 0033:0x7f9844185d29 [ 382.585030][ T30] RSP: 002b:00007f984500c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 382.593704][ T30] RAX: ffffffffffffffda RBX: 00007f9844375fa0 RCX: 00007f9844185d29 [ 382.601777][ T30] RDX: 0000000000000000 RSI: 0000000020000140 RDI: ffffffffffffff9c [ 382.609757][ T30] RBP: 00007f9844201b08 R08: 0000000000000000 R09: 0000000000000000 [ 382.617905][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 382.625965][ T30] R13: 0000000000000001 R14: 00007f9844375fa0 R15: 00007ffcbf7655b8 [ 382.634117][ T30] [ 382.637164][ T30] INFO: task syz.4.529:8018 blocked for more than 144 seconds. [ 382.644762][ T30] Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 382.652569][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.661314][ T30] task:syz.4.529 state:D stack:28416 pid:8018 tgid:8017 ppid:5817 flags:0x00000004 [ 382.671718][ T30] Call Trace: [ 382.674994][ T30] [ 382.677906][ T30] __schedule+0xe58/0x5ad0 [ 382.682372][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 382.687572][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 382.692925][ T30] ? __pfx___schedule+0x10/0x10 [ 382.697779][ T30] ? schedule+0x298/0x350 [ 382.702344][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.707376][ T30] ? __mutex_trylock_common+0x78/0x250 [ 382.712952][ T30] ? lock_acquire+0x2f/0xb0 [ 382.717464][ T30] ? schedule+0x1fd/0x350 [ 382.721864][ T30] schedule+0xe7/0x350 [ 382.725939][ T30] schedule_preempt_disabled+0x13/0x30 [ 382.732060][ T30] __mutex_lock+0x62b/0xa60 [ 382.736610][ T30] ? misc_open+0x63/0x420 [ 382.740930][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 382.746045][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 382.751529][ T30] ? chrdev_open+0x10e/0x6a0 [ 382.756145][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.761257][ T30] ? kobject_get_unless_zero+0x157/0x1e0 [ 382.766915][ T30] ? __pfx_misc_open+0x10/0x10 [ 382.771838][ T30] ? misc_open+0x63/0x420 [ 382.776175][ T30] misc_open+0x63/0x420 [ 382.780319][ T30] ? __pfx_misc_open+0x10/0x10 [ 382.785173][ T30] chrdev_open+0x237/0x6a0 [ 382.789597][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 382.794669][ T30] do_dentry_open+0xf59/0x1ea0 [ 382.799441][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 382.804528][ T30] ? inode_permission+0xdd/0x5f0 [ 382.809483][ T30] vfs_open+0x82/0x3f0 [ 382.813835][ T30] ? may_open+0x1f2/0x400 [ 382.818193][ T30] path_openat+0x1e6a/0x2d60 [ 382.822870][ T30] ? __pfx_path_openat+0x10/0x10 [ 382.827813][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 382.833176][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 382.838473][ T30] ? find_held_lock+0x2d/0x110 [ 382.843324][ T30] do_filp_open+0x20c/0x470 [ 382.847833][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 382.852995][ T30] ? find_held_lock+0x2d/0x110 [ 382.857787][ T30] ? alloc_fd+0x41f/0x760 [ 382.862191][ T30] do_sys_openat2+0x17a/0x1e0 [ 382.866875][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 382.872233][ T30] __x64_sys_openat+0x175/0x210 [ 382.877099][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 382.883750][ T30] do_syscall_64+0xcd/0x250 [ 382.888247][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.894275][ T30] RIP: 0033:0x7fbf4b585d29 [ 382.898709][ T30] RSP: 002b:00007fbf4c3f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 382.907237][ T30] RAX: ffffffffffffffda RBX: 00007fbf4b775fa0 RCX: 00007fbf4b585d29 [ 382.915388][ T30] RDX: 0000000000000002 RSI: 0000000020001f80 RDI: ffffffffffffff9c [ 382.923560][ T30] RBP: 00007fbf4b601b08 R08: 0000000000000000 R09: 0000000000000000 [ 382.931677][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 382.939652][ T30] R13: 0000000000000000 R14: 00007fbf4b775fa0 R15: 00007fffa335c618 [ 382.947701][ T30] [ 382.950749][ T30] INFO: task syz.0.531:8067 blocked for more than 145 seconds. [ 382.958424][ T30] Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 382.966143][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.974948][ T30] task:syz.0.531 state:D stack:28176 pid:8067 tgid:8062 ppid:5812 flags:0x00000004 [ 382.985197][ T30] Call Trace: [ 382.988461][ T30] [ 382.991530][ T30] __schedule+0xe58/0x5ad0 [ 382.995956][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 383.001233][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 383.006454][ T30] ? __pfx___schedule+0x10/0x10 [ 383.011479][ T30] ? schedule+0x298/0x350 [ 383.015822][ T30] ? __pfx_lock_release+0x10/0x10 [ 383.020862][ T30] ? __mutex_trylock_common+0x78/0x250 [ 383.026407][ T30] ? lock_acquire+0x2f/0xb0 [ 383.030916][ T30] ? schedule+0x1fd/0x350 [ 383.035548][ T30] schedule+0xe7/0x350 [ 383.039628][ T30] schedule_preempt_disabled+0x13/0x30 [ 383.045221][ T30] __mutex_lock+0x62b/0xa60 [ 383.049893][ T30] ? misc_open+0x63/0x420 [ 383.054377][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 383.059413][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 383.064784][ T30] ? chrdev_open+0x10e/0x6a0 [ 383.069384][ T30] ? __pfx_lock_release+0x10/0x10 [ 383.077176][ T30] ? kobject_get_unless_zero+0x157/0x1e0 [ 383.082976][ T30] ? __pfx_misc_open+0x10/0x10 [ 383.087746][ T30] ? misc_open+0x63/0x420 [ 383.092103][ T30] misc_open+0x63/0x420 [ 383.096268][ T30] ? __pfx_misc_open+0x10/0x10 [ 383.101173][ T30] chrdev_open+0x237/0x6a0 [ 383.105603][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 383.110548][ T30] do_dentry_open+0xf59/0x1ea0 [ 383.115343][ T30] ? __pfx_chrdev_open+0x10/0x10 [ 383.120304][ T30] ? inode_permission+0xdd/0x5f0 [ 383.125374][ T30] vfs_open+0x82/0x3f0 [ 383.129458][ T30] ? may_open+0x1f2/0x400 [ 383.133866][ T30] path_openat+0x1e6a/0x2d60 [ 383.138474][ T30] ? __pfx_path_openat+0x10/0x10 [ 383.143649][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 383.148852][ T30] ? lock_acquire.part.0+0x11b/0x380 [ 383.154211][ T30] ? find_held_lock+0x2d/0x110 [ 383.159000][ T30] do_filp_open+0x20c/0x470 [ 383.163652][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 383.168686][ T30] ? find_held_lock+0x2d/0x110 [ 383.173545][ T30] ? alloc_fd+0x41f/0x760 [ 383.177881][ T30] do_sys_openat2+0x17a/0x1e0 [ 383.182715][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 383.187927][ T30] ? __pfx_lock_release+0x10/0x10 [ 383.193026][ T30] __x64_sys_openat+0x175/0x210 [ 383.197888][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 383.203429][ T30] ? selinux_file_ioctl+0xb4/0x270 [ 383.208554][ T30] do_syscall_64+0xcd/0x250 [ 383.213114][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.219022][ T30] RIP: 0033:0x7ff1f2785d29 [ 383.223563][ T30] RSP: 002b:00007ff1f35d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 383.232507][ T30] RAX: ffffffffffffffda RBX: 00007ff1f2976080 RCX: 00007ff1f2785d29 [ 383.240497][ T30] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 383.248694][ T30] RBP: 00007ff1f2801b08 R08: 0000000000000000 R09: 0000000000000000 [ 383.256833][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 383.264972][ T30] R13: 0000000000000000 R14: 00007ff1f2976080 R15: 00007ffe8baa8478 [ 383.273012][ T30] [ 383.276062][ T30] [ 383.276062][ T30] Showing all locks held in the system: [ 383.283937][ T30] 4 locks held by kworker/u8:0/11: [ 383.289063][ T30] #0: ffff8880b863ebd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 383.299058][ T30] #1: ffff8880b8728a88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0 [ 383.310604][ T30] #2: ffff8880b872a898 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 [ 383.319998][ T30] #3: ffffffff9aae57b0 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x149/0x4a0 [ 383.330491][ T30] 1 lock held by khungtaskd/30: [ 383.335392][ T30] #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 [ 383.345367][ T30] 2 locks held by getty/5585: [ 383.350021][ T30] #0: ffff88803135e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 383.359819][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 [ 383.370135][ T30] 1 lock held by syz-executor/5813: [ 383.375363][ T30] #0: ffffffff9036bd48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xde/0x2c0 [ 383.385602][ T30] 4 locks held by kworker/1:3/5864: [ 383.390783][ T30] #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 [ 383.401429][ T30] #1: ffffc90003277d80 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 [ 383.403791][ T29] audit: type=1400 audit(1735817007.093:433): avc: denied { write } for pid=5172 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 383.411834][ T30] #2: ffffffff9036bd48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_epo+0x55/0x1d0 [ 383.411904][ T30] #3: ffff888032983100 (&dev->mutex){....}-{4:4}, at: nfc_dev_down+0x2d/0x2e0 [ 383.411961][ T30] 3 locks held by kworker/1:5/5904: [ 383.411973][ T30] #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 [ 383.412025][ T30] #1: ffffc900031d7d80 ((work_completion)(&rfkill_global_led_trigger_work) [ 383.439271][ T29] audit: type=1400 audit(1735817007.093:434): avc: denied { remove_name } for pid=5172 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 383.476430][ T30] ){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 [ 383.506118][ T29] audit: type=1400 audit(1735817007.093:435): avc: denied { add_name } for pid=5172 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 383.507791][ T30] #2: ffffffff9036bd48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x1b/0x160 [ 383.541635][ T30] 2 locks held by syz-executor/7612: [ 383.546901][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.556310][ T30] #1: ffffffff9036bd48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x13b/0x750 [ 383.566482][ T30] 2 locks held by syz.3.507/7867: [ 383.571572][ T30] #0: ffff888032983100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x60/0x330 [ 383.581740][ T30] #1: ffffffff9036bd48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xde/0x2c0 [ 383.591949][ T30] 1 lock held by syz.2.526/7995: [ 383.596897][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.605522][ T30] 1 lock held by syz.4.529/8018: [ 383.610516][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.619658][ T30] 1 lock held by syz.0.531/8067: [ 383.624726][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.633275][ T30] 1 lock held by syz-executor/8225: [ 383.638475][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.647063][ T30] 1 lock held by syz-executor/8291: [ 383.652300][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.660849][ T30] 1 lock held by syz-executor/8293: [ 383.666192][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.674726][ T30] 1 lock held by syz-executor/8353: [ 383.679901][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.688478][ T30] 1 lock held by syz-executor/8357: [ 383.693795][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.702394][ T30] 1 lock held by syz-executor/8363: [ 383.707607][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.716338][ T30] 1 lock held by syz-executor/8365: [ 383.723772][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.733452][ T30] 1 lock held by syz-executor/8367: [ 383.738663][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.747590][ T30] 1 lock held by syz-executor/8369: [ 383.753053][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.761803][ T30] 1 lock held by syz-executor/8371: [ 383.767005][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.776536][ T30] 1 lock held by syz-executor/8377: [ 383.781983][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.790470][ T30] 1 lock held by syz-executor/8379: [ 383.796032][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.804786][ T30] 1 lock held by syz-executor/8381: [ 383.809987][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.818815][ T30] 1 lock held by syz-executor/8383: [ 383.824322][ T30] #0: ffffffff8eeaa428 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 383.833154][ T30] [ 383.835487][ T30] ============================================= [ 383.835487][ T30] [ 383.847748][ T30] NMI backtrace for cpu 1 [ 383.852087][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 383.862572][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 383.872611][ T30] Call Trace: [ 383.875876][ T30] [ 383.878792][ T30] dump_stack_lvl+0x116/0x1f0 [ 383.883467][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 383.888392][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 383.894362][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 383.900338][ T30] watchdog+0xf14/0x1240 [ 383.904595][ T30] ? __pfx_watchdog+0x10/0x10 [ 383.909260][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 383.914448][ T30] ? __kthread_parkme+0x148/0x220 [ 383.919465][ T30] ? __pfx_watchdog+0x10/0x10 [ 383.924132][ T30] kthread+0x2c1/0x3a0 [ 383.928190][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 383.933386][ T30] ? __pfx_kthread+0x10/0x10 [ 383.937967][ T30] ret_from_fork+0x45/0x80 [ 383.942371][ T30] ? __pfx_kthread+0x10/0x10 [ 383.946950][ T30] ret_from_fork_asm+0x1a/0x30 [ 383.951717][ T30] [ 383.954938][ T30] Sending NMI from CPU 1 to CPUs 0: [ 383.960146][ C0] NMI backtrace for cpu 0 [ 383.960156][ C0] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 383.960178][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 383.960191][ C0] Workqueue: events_power_efficient gc_worker [ 383.960218][ C0] RIP: 0010:__sanitizer_cov_trace_cmp4+0x8/0x20 [ 383.960244][ C0] Code: bf 02 00 00 00 e9 18 ff ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 0c 24 <89> f2 89 fe bf 04 00 00 00 e9 ea fe ff ff 66 2e 0f 1f 84 00 00 00 [ 383.960261][ C0] RSP: 0018:ffffc900000e7bc0 EFLAGS: 00000293 [ 383.960276][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8952b3dc [ 383.960288][ C0] RDX: ffff88801c6b4880 RSI: 0000000000000000 RDI: 0000000000000000 [ 383.960300][ C0] RBP: ffff888024400000 R08: 0000000000000005 R09: 0000000000000000 [ 383.960312][ C0] R10: 0000000000000000 R11: 0000000000000003 R12: 00000000000127cf [ 383.960324][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000040000 [ 383.960336][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 383.960355][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 383.960368][ C0] CR2: 00007f805c889d96 CR3: 000000000df7e000 CR4: 00000000003526f0 [ 383.960380][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 383.960391][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 383.960403][ C0] Call Trace: [ 383.960409][ C0] [ 383.960416][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 383.960437][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 383.960456][ C0] ? nmi_handle+0x1ac/0x5d0 [ 383.960477][ C0] ? __sanitizer_cov_trace_cmp4+0x8/0x20 [ 383.960501][ C0] ? default_do_nmi+0x6a/0x160 [ 383.960519][ C0] ? exc_nmi+0x170/0x1e0 [ 383.960536][ C0] ? end_repeat_nmi+0xf/0x53 [ 383.960565][ C0] ? gc_worker+0x32c/0x1760 [ 383.960587][ C0] ? __sanitizer_cov_trace_cmp4+0x8/0x20 [ 383.960611][ C0] ? __sanitizer_cov_trace_cmp4+0x8/0x20 [ 383.960635][ C0] ? __sanitizer_cov_trace_cmp4+0x8/0x20 [ 383.960658][ C0] [ 383.960663][ C0] [ 383.960669][ C0] gc_worker+0x32c/0x1760 [ 383.960694][ C0] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 383.960717][ C0] ? __pfx_gc_worker+0x10/0x10 [ 383.960740][ C0] ? process_one_work+0x921/0x1ba0 [ 383.960761][ C0] ? lock_acquire+0x2f/0xb0 [ 383.960780][ C0] ? process_one_work+0x921/0x1ba0 [ 383.960802][ C0] process_one_work+0x9c5/0x1ba0 [ 383.960826][ C0] ? __pfx_nsim_dev_hwstats_traffic_work+0x10/0x10 [ 383.960855][ C0] ? __pfx_process_one_work+0x10/0x10 [ 383.960874][ C0] ? rcu_is_watching+0x12/0xc0 [ 383.960903][ C0] ? assign_work+0x1a0/0x250 [ 383.960922][ C0] worker_thread+0x6c8/0xf00 [ 383.960947][ C0] ? __pfx_worker_thread+0x10/0x10 [ 383.960967][ C0] kthread+0x2c1/0x3a0 [ 383.960991][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 383.961015][ C0] ? __pfx_kthread+0x10/0x10 [ 383.961040][ C0] ret_from_fork+0x45/0x80 [ 383.961058][ C0] ? __pfx_kthread+0x10/0x10 [ 383.961096][ C0] ret_from_fork_asm+0x1a/0x30 [ 383.961129][ C0] [ 383.974910][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 383.974926][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 [ 383.974948][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 383.974959][ T30] Call Trace: [ 383.974965][ T30] [ 383.974973][ T30] dump_stack_lvl+0x3d/0x1f0 [ 383.975002][ T30] panic+0x71d/0x800 [ 383.975029][ T30] ? __pfx_panic+0x10/0x10 [ 383.975055][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 383.975078][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 383.975098][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 383.975118][ T30] ? watchdog+0xd7e/0x1240 [ 383.975141][ T30] ? watchdog+0xd71/0x1240 [ 383.975166][ T30] watchdog+0xd8f/0x1240 [ 383.975193][ T30] ? __pfx_watchdog+0x10/0x10 [ 383.975215][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 383.975240][ T30] ? __kthread_parkme+0x148/0x220 [ 383.975266][ T30] ? __pfx_watchdog+0x10/0x10 [ 383.975288][ T30] kthread+0x2c1/0x3a0 [ 383.975311][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 383.975337][ T30] ? __pfx_kthread+0x10/0x10 [ 383.975362][ T30] ret_from_fork+0x45/0x80 [ 383.975381][ T30] ? __pfx_kthread+0x10/0x10 [ 383.975405][ T30] ret_from_fork_asm+0x1a/0x30 [ 383.975442][ T30] [ 384.391624][ T30] Kernel Offset: disabled [ 384.395931][ T30] Rebooting in 86400 seconds..