last executing test programs:

1m36.60206401s ago: executing program 0 (id=1506):
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=<r0=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0xc, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r1}, 0x18)
sched_setscheduler(r0, 0x0, &(0x7f0000000040)=0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000000000000000000000000100085000000180000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000080)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1m36.438726923s ago: executing program 0 (id=1508):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.current\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d8000000580081044e81f782db44b904021d0800090002", 0x17}], 0x1}, 0x14000004)
ioctl$SIOCSIFHWADDR(r0, 0x8b32, &(0x7f0000000000)={'virt_wifi0\x00', @random='\x00W\x00\x00\x00\b'})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000380)=@req3={0xfffd, 0x100000001, 0x10000, 0x1}, 0x1c)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x8000, 0x3000, 0x34343452, 0x4, 0x7, [{0x592e3538, 0x2}, {0xfffffff7, 0x9}, {0x1, 0x9}, {0xe53, 0x7}, {0x7000, 0x8}, {0x7, 0xc}, {0x8, 0x32}, {0x1, 0xfffffff0}], 0xd7, 0x4, 0x3, 0x2, 0x4}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
setrlimit(0xd, &(0x7f0000000040)={0x3, 0x800006})
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0)
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x2, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f00000007c0)={0x0, 0x2, 0x0, 0x2}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xffffffff, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80, 0x23456})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, &(0x7f00000005c0)={0x77359400})
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0)
r9 = dup3(r8, r1, 0x80000)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
syz_clone3(&(0x7f0000000740)={0x2000, &(0x7f00000003c0), 0x0, &(0x7f0000000440), {0x21}, &(0x7f0000000500)=""/240, 0xf0, &(0x7f0000000600)=""/201, &(0x7f0000000700)}, 0x58)
socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000980)=ANY=[@ANYRES32, @ANYBLOB="060000000100dafd997f1743d357a5e93e1665adc5bd7bb45ba9100ee1e22888eb14c5177556108858d35d55574c0b2a515a564c2bdeca48661afb9bcd6b796952ead7922615aada4627f43f1aa6e584964ecb885ec9aed87b8d4afac94c511e10910056bdcd6c15436c530a9edbf2ae415413548c5ff71c8ea635c414cf1b4cb8009d3de40a5e6f79e78b2e7182ef1f752766807f3e45fe5fac49588a1e0c970814562e7c92fb20acd01aab4c69958ee39ca12b4db6962423a06f47881a503450d4e335ff38ded4168731c1b3facd9c8a2354b00290a0c135363be731d3efaaf62810be2152f8e08cde6f23fddb5e6142b67891b1c6"])
creat(&(0x7f00000003c0)='./file0\x00', 0x194)

1m34.732113537s ago: executing program 0 (id=1512):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r1, 0x4188aec6, &(0x7f0000000a40)={0x1, [{0x2, 0x8, 0x106, &(0x7f0000000540)="d7"}, {0x8f3e10ee5c23ba98, 0x8, 0x2, &(0x7f0000000080)=':'}, {0x2, 0x0, 0x7ff, 0x0}, {0x1, 0x0, 0x912b, 0x0}, {0x2, 0x0, 0x3cb3, 0x0}, {0x3, 0x0, 0x3fe, 0x0}, {0x0, 0x0, 0x2, 0x0}, {0x3, 0x0, 0xfffffffe, 0x0}, {0x1, 0x0, 0xb, 0x0}, {0x1, 0x0, 0x3, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x3, 0x0, 0x7, 0x0}, {0x60cf6ba5a5e3603a, 0x0, 0x0, 0x0}, {0x1, 0x0, 0x7ffffffb, 0x0}, {0x1, 0x0, 0x5, 0x0}, {0x1, 0x0, 0x8001, 0x0}]})

1m34.494066427s ago: executing program 0 (id=1517):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, 0x0, 0x0, 0x931766f6319eed14)
getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
socket(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x70, 0x0, 0x9, 0x305, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x4}}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @remote}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}]}, 0x70}}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000340)={0x1, [<r7=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000000)={r7, @in={{0x2, 0x4e24, @empty}}, 0x0, 0x600}, 0x90)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={r7, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e20, @multicast1}]}, &(0x7f0000000180)=0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
keyctl$set_reqkey_keyring(0x6, 0xfffffffffffffff4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280), 0x810000, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x220)

1m33.342641172s ago: executing program 0 (id=1519):
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fae000/0x1000)=nil)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
r4 = accept4$llc(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80800)
accept4$llc(r4, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, &(0x7f00000000c0)=0x10, 0x80000)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010100, @in6=@mcast1, 0x0, 0xbf, 0x0, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee01}, {0x2e6, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x2b}, 0xa, @in6=@private2, 0x0, 0x3, 0x1, 0x0, 0xf800000}}, 0xe8)
listen(r0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
prlimit64(0x0, 0x6, &(0x7f0000000300)={0xdf, 0xc8}, 0x0)
r7 = syz_io_uring_setup(0x70ca, &(0x7f0000001380)={0x0, 0x0, 0x10100, 0x3, 0x17a}, &(0x7f0000000100)=<r8=>0x0, &(0x7f00000007c0)=<r9=>0x0)
r10 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x2000, @fd=r10, 0x0, 0x0})
io_uring_enter(r7, 0x4d10, 0x2, 0x2, 0x0, 0x0)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000040)={0x53, 0xffffffffffffffff, 0x6, 0x0, @buffer={0x2, 0x60, &(0x7f0000000240)=""/96}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x11, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080026bd7000fbdbdf251600000008000300", @ANYRES32=r11, @ANYBLOB="0a001a0008021100000000000a001a0008021100ff070000797e0f4c3592cd8f2022d262e2b61de4a59a7cd79f49f06e856d9af8484764c71791bf8eaa707a6a9dd5e0c0fef35fec11c7863336bfc01bf811cda4495ae21d02fb2d11e1a8149f9ab706262171bda0363135769fac83269197cf4f4cb0afb4c43cd47f35b03ebb14c95ff5ade02c6fcdf7c17b6d3e107b0c07622b6ab4aba389388f4f4e3dccc14aa853077a537c6fbcdc48"], 0x34}, 0x1, 0x0, 0x0, 0x4000095}, 0x400c000)
syz_emit_ethernet(0x36, &(0x7f0000000500)=ANY=[], 0x0)

1m31.957819349s ago: executing program 0 (id=1527):
ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b)
ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00) (async)
r0 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00)
fchdir(r0) (async)
fchdir(r0)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fchmodat(r1, &(0x7f0000000040)='./file0\x00', 0xa2)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_S_PARM(r2, 0xc0cc5616, &(0x7f00000000c0)={0x1, @output={0x1000, 0x1, {0x7, 0x7fff}, 0x4, 0x3}})
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8) (async)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000240), 0x400000, 0x0) (async)
r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000240), 0x400000, 0x0)
renameat2(r3, &(0x7f0000000200)='./file0/file0\x00', r4, &(0x7f0000000280)='./file0\x00', 0x7) (async)
renameat2(r3, &(0x7f0000000200)='./file0/file0\x00', r4, &(0x7f0000000280)='./file0\x00', 0x7)
recvfrom$inet_nvme(r4, &(0x7f00000002c0)=""/93, 0x5d, 0x0, &(0x7f0000000340)=@l2tp={0x2, 0x0, @loopback, 0x1}, 0x80) (async)
recvfrom$inet_nvme(r4, &(0x7f00000002c0)=""/93, 0x5d, 0x0, &(0x7f0000000340)=@l2tp={0x2, 0x0, @loopback, 0x1}, 0x80)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f00000003c0))
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r5=>r4, {0x1}}, './file0\x00'})
r6 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r6, 0x3b71, &(0x7f0000000540)={0x20, 0x0, &(0x7f0000000480)="81140ceb57101a933b198c1e0387abb4384962766135c249cbef4c92937b0a22f700c0bd20c4b0b2da201bb7271fc8af27b36364fc461eed102ca04467c686f999fefb543169c8184c1407f74b5178f29e28b13cc8635037c7e78519f55146d3fef0d7cf6244d0fe265df6651939e31f0aed7edc141b874c402f36125c538f5a44703f633572d2de0d17ff50bbe55bbd6a580746ea", 0x401, 0x1})
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) (async)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000580)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000005c0)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1})
accept4$alg(r4, 0x0, 0x0, 0x80000)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000640)=0x7)
setsockopt$inet_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000680), 0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000006c0)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000006c0))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
fsopen(&(0x7f0000000700)='vfat\x00', 0x1)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r4, 0x10f, 0x84, &(0x7f0000000740), &(0x7f0000000780)=0x4)
r8 = epoll_create1(0x0)
clock_gettime(0x0, &(0x7f0000000800)={<r9=>0x0, <r10=>0x0})
epoll_pwait2(r8, &(0x7f00000007c0)=[{}, {}, {}], 0x3, &(0x7f0000000840)={r9, r10+10000000}, &(0x7f0000000880)={[0x100]}, 0x8)
io_setup(0x8, &(0x7f00000008c0)) (async)
io_setup(0x8, &(0x7f00000008c0))

1m31.386945339s ago: executing program 32 (id=1527):
ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b)
ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00) (async)
r0 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00)
fchdir(r0) (async)
fchdir(r0)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fchmodat(r1, &(0x7f0000000040)='./file0\x00', 0xa2)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_S_PARM(r2, 0xc0cc5616, &(0x7f00000000c0)={0x1, @output={0x1000, 0x1, {0x7, 0x7fff}, 0x4, 0x3}})
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8) (async)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000240), 0x400000, 0x0) (async)
r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000240), 0x400000, 0x0)
renameat2(r3, &(0x7f0000000200)='./file0/file0\x00', r4, &(0x7f0000000280)='./file0\x00', 0x7) (async)
renameat2(r3, &(0x7f0000000200)='./file0/file0\x00', r4, &(0x7f0000000280)='./file0\x00', 0x7)
recvfrom$inet_nvme(r4, &(0x7f00000002c0)=""/93, 0x5d, 0x0, &(0x7f0000000340)=@l2tp={0x2, 0x0, @loopback, 0x1}, 0x80) (async)
recvfrom$inet_nvme(r4, &(0x7f00000002c0)=""/93, 0x5d, 0x0, &(0x7f0000000340)=@l2tp={0x2, 0x0, @loopback, 0x1}, 0x80)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f00000003c0))
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r5=>r4, {0x1}}, './file0\x00'})
r6 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r6, 0x3b71, &(0x7f0000000540)={0x20, 0x0, &(0x7f0000000480)="81140ceb57101a933b198c1e0387abb4384962766135c249cbef4c92937b0a22f700c0bd20c4b0b2da201bb7271fc8af27b36364fc461eed102ca04467c686f999fefb543169c8184c1407f74b5178f29e28b13cc8635037c7e78519f55146d3fef0d7cf6244d0fe265df6651939e31f0aed7edc141b874c402f36125c538f5a44703f633572d2de0d17ff50bbe55bbd6a580746ea", 0x401, 0x1})
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) (async)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000580)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000005c0)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1})
accept4$alg(r4, 0x0, 0x0, 0x80000)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000640)=0x7)
setsockopt$inet_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000680), 0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000006c0)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000006c0))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
fsopen(&(0x7f0000000700)='vfat\x00', 0x1)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r4, 0x10f, 0x84, &(0x7f0000000740), &(0x7f0000000780)=0x4)
r8 = epoll_create1(0x0)
clock_gettime(0x0, &(0x7f0000000800)={<r9=>0x0, <r10=>0x0})
epoll_pwait2(r8, &(0x7f00000007c0)=[{}, {}, {}], 0x3, &(0x7f0000000840)={r9, r10+10000000}, &(0x7f0000000880)={[0x100]}, 0x8)
io_setup(0x8, &(0x7f00000008c0)) (async)
io_setup(0x8, &(0x7f00000008c0))

4.734186376s ago: executing program 5 (id=1879):
r0 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x3fec00}], 0x2, 0x1400, 0x0, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x400, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000b00)={0x4, "abacd211119ca94c633774262eb5ab2c7b9c5cff6ce78185d8c4dc064744e042", <r4=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000780)={"d1ed39d88b014076ab94c1fb10628c46d2e681cdb9e581a38ebb0ddd5f307e56", r5, <r6=>0xffffffffffffffff})
close_range(r0, r3, 0x0)
ioctl$SYNC_IOC_FILE_INFO(r6, 0x40103e05, &(0x7f0000000180)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})

3.546772508s ago: executing program 5 (id=1881):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
prlimit64(r0, 0x5, &(0x7f0000000140)={0x9, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_usb_connect$uac1(0x7, 0x71, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x3, 0x80, 0xf4, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xf, 0x1}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0xf7, 0x9, 0x6, {0x7, 0x25, 0x1, 0x83, 0x2, 0xc}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x26, 0x6, 0x1, {0x7, 0x25, 0x1, 0x3, 0x8, 0xdd60}}}}}}}]}}, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x101000)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 'queue0\x00', 0x1})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x6f5e, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x2000)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
msgget(0x0, 0x40)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x1, 0x1, 0x0, 0x0, 0xa}})
socket$nl_netfilter(0x10, 0x3, 0xc)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1692525e8a9fdc098b67727071756f74615f696e6f6465df6861720300000069743d67372c00"])
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000100)='.\x00', &(0x7f0000000000)='iso9660\x00', 0x1000080, 0x0)

2.335726126s ago: executing program 3 (id=1889):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
rename(&(0x7f0000000400)='./file2\x00', 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f00000005c0), 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = open(0x0, 0xc0140, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000040)=0x9)
syz_usb_connect$printer(0x0, 0x36, 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f00000019c0)=""/4097, 0x1001)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x0, 0x400, 0xb7, 0xc20022})

1.355026636s ago: executing program 2 (id=1907):
r0 = semget$private(0x0, 0x4, 0x1)
semctl$SETVAL(r0, 0x2, 0x10, 0x0)

1.354735955s ago: executing program 2 (id=1908):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x81, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000140)={0x28729f328c68897})
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000100)={0x10002, 0xc0, 0x40, &(0x7f00000001c0)=[0x0, 0x9, 0x8c29, 0x3, 0x7, 0x36, 0x1, 0xffffffffffffffff, 0x80, 0xffffffffffffec48, 0xf45, 0x8000000000010000, 0x10, 0x6, 0x8000, 0x7, 0xffffffffffffffd2, 0x6, 0xa, 0xf, 0xffe, 0x7fffffffffffffff, 0x52, 0xfffffffffffffff6, 0x5a, 0x5, 0xfffffffffffffffe, 0x612, 0x7, 0x2, 0xd16, 0xe, 0x7, 0x401, 0xc000000000, 0x8, 0x3, 0x6, 0xffffffff, 0x62, 0x2, 0x824c, 0x7, 0xbe485ef, 0x800000, 0xe504, 0x10, 0xffffffffffffffb8, 0x7f, 0x101, 0x7, 0x10002, 0x5, 0x1001, 0x800000006007, 0xffffffffffffffff, 0x8, 0xfffffffffffffbff, 0xfff, 0x8004, 0x4000000000000, 0x80000000, 0x1, 0x4, 0xd3, 0x7fff, 0x800, 0x7, 0x803, 0x298b, 0x35, 0x1, 0x3, 0xd8e, 0x9, 0x9, 0x1, 0x9, 0xf3a, 0x8, 0x3, 0x100000000000007, 0x3d6b, 0x55, 0x3ff, 0x3, 0xfffffffffffff2fa, 0x9, 0x8000a, 0x1, 0x7, 0x18000000000400, 0x4, 0xff, 0x10, 0x6, 0xffffffffffff7fff, 0x1000, 0x3c, 0x4, 0x12000000, 0x1, 0x10000, 0x6, 0x25, 0x7, 0x8, 0x4, 0x200000000000004, 0x4, 0x1, 0x8020000000000008, 0x9, 0xfffffffffffffffa, 0x5, 0x9, 0x2, 0x2, 0x5, 0x4, 0x3, 0xffff, 0x1ffffffff, 0x1ff, 0x0, 0xfffffffffffffffe, 0x2, 0x5ae]})
sendmmsg(0xffffffffffffffff, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f00000006c0)=[{0x0}], 0x1}}], 0x1, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x5b, 0x0, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r1, 0x4068aea3, &(0x7f0000000200)={0xd5, 0x0, 0x10})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, 0x0}], 0x1, 0x1f, &(0x7f0000000100)=[@cr4={0x1, 0x40240}], 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000280)=ANY=[])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.340154546s ago: executing program 2 (id=1909):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000100), 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
read$FUSE(r1, &(0x7f0000002880)={0x2020}, 0x2020)
write$FUSE_INIT(r1, 0x0, 0x0)
write$cgroup_pid(r1, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000840)={0x2020}, 0x2020)

1.214647484s ago: executing program 1 (id=1912):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
rt_sigaction(0x4, &(0x7f00000001c0)={&(0x7f0000000140)="44dfa3998999998f083087649e0d0036660f38df2b660fbab97500000000c3c4a37905d708f246ad66450f28e20f9218c401f5e84c5700", 0x50000003, 0x0, {[0x1]}}, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CAP_EXIT_HYPERCALL(r0, 0x4068aea3, &(0x7f0000000280)={0xc9, 0x0, 0xc})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x24, 0x3, 0x6, 0x3, 0x0, 0x9e, 0x2, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x8000000000000035, 0x400fff, 0x14000000215b9037, 0x40180, 0x1, 0x11, 0x8000000000f2, 0x0, 0x3, 0x20000005, 0x5, 0xc6bd, 0x566, 0x45, 0x5, 0x7], 0x6006, 0x1c0293})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.212230924s ago: executing program 3 (id=1913):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x100, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000580)={0x2, 0x0, 0x6, 0xffffffff}, 0x10)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x0, 0x47a}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000005c0)={0x0, 0x2, 0x7a}, 0x39)

1.166043343s ago: executing program 1 (id=1914):
unshare(0x40200)
semop(0x0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}], 0x1)
semop(0x0, &(0x7f0000000000)=[{0x3, 0xbbdd, 0x1000}], 0x1)
semctl$SETVAL(0x0, 0x2, 0x10, 0x0)

1.153158133s ago: executing program 3 (id=1915):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a80e8a968e0ace13290fe", 0x1bf}], 0x1}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)="e2", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001040)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c3fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d04", 0xc2}], 0x1}}], 0x3, 0x480e0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

605.912715ms ago: executing program 4 (id=1918):
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, r1, 0x0)

544.575948ms ago: executing program 4 (id=1919):
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001f00)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}], 0x1, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={r1, 0x9, 0x10}, &(0x7f0000000200)=0xc)

539.770823ms ago: executing program 5 (id=1920):
pwritev(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x7c2f, 0xb)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x8, 0x0)
ptrace$setsig(0x4203, r0, 0x7d, &(0x7f00000000c0)={0x15, 0x7, 0xfffffff0})

470.041599ms ago: executing program 4 (id=1921):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000000000000d000000000000961bb932ef56a5b000c305000000800000b6b10000000000000000000000000000080000800180000004000000003001"])

460.929985ms ago: executing program 5 (id=1922):
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/arp\x00')
pread64(r0, &(0x7f0000000000)=""/193, 0xc1, 0x5)

438.997994ms ago: executing program 2 (id=1923):
r0 = socket(0x10, 0x803, 0x0)
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000380)=0xc, 0x4)
write(r0, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1ffec0e90101c7bb0000b00000000000", 0x26)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x1000, 0x4)
sendto(r0, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x20000090, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}, 0x10001}], 0x1, 0x0, 0x0)

374.785869ms ago: executing program 5 (id=1924):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x29c}]})

374.496574ms ago: executing program 2 (id=1925):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r4, 0x4188aec6, &(0x7f0000003900)={0x1, [{0x1, 0x8, 0x0, &(0x7f0000000040)='J'}, {0x3, 0x0, 0x8, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x7fffffff, 0x0}, {0x0, 0x0, 0x5b2, 0x0}, {0x3, 0x0, 0x4, 0x0}, {0x0, 0x0, 0x7, 0x0}, {0x1, 0x0, 0x5, 0x0}, {0x0, 0x0, 0x4, 0x0}, {0x0, 0x0, 0x1, 0x0}, {0x2, 0x0, 0x7, 0x0}, {0x5, 0x0, 0x4, 0x0}, {0x1, 0x0, 0x4, 0x0}, {0x3, 0x0, 0x100, 0x0}, {0x2, 0x0, 0x80000000, 0x0}, {0x1, 0x0, 0xa9c, 0x0}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000134000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="0f20c035000000200f22c0b900090000b82f470000ba000000000f30c46389224ed502652e46f7beed00000064f3400f09f028860080000066430f3804bc3ded00000047d03d00200000643e420f01c364673e0fc7ae00000000"}], 0x1, 0x7c, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

370.010731ms ago: executing program 4 (id=1926):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x40000100, 0x0, 0x9}]})

303.948366ms ago: executing program 2 (id=1927):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
write$binfmt_elf32(r1, &(0x7f0000001540)={{0x7f, 0x45, 0x4c, 0x46, 0x40, 0x0, 0x6, 0x3, 0x1, 0x2, 0x3, 0x0, 0xb9, 0x38, 0x1cd, 0xb, 0x0, 0x20, 0x0, 0x9, 0x77f, 0x2}, [], "", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x538)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1)
sendmsg$TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000640)={0x70, r2, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK={0x4}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xec7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xa57}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xdbc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x559}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

226.88155ms ago: executing program 1 (id=1928):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r0, 0x103934)
keyctl$get_security(0x11, r0, 0x0, 0x0)

226.557554ms ago: executing program 3 (id=1929):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r0 = open$dir(&(0x7f00000000c0)='./file1\x00', 0x0, 0x1a2)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000440)=@v2={0x2, @aes256, 0x1, '\x00', @a})

226.224132ms ago: executing program 5 (id=1930):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b8706b4242ef66ba420066b8e20066ef0f29902cbb000066bad004ec666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000500)=@arm64={0x7, 0x3, 0xff, '\x00', 0x56})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

207.858604ms ago: executing program 4 (id=1931):
open(&(0x7f00000000c0)='./file0\x00', 0x138142, 0x198)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x1, 0x81, 0x7})
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0x98)
fcntl$setlease(r1, 0x400, 0x0)
r2 = inotify_init()
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x303001, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

202.783799ms ago: executing program 3 (id=1932):
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)-generic\x00'}, 0x58)
r0 = socket(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0xbfffffff, 0xa2, 0x0, 0x5}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0xa}}, 0x26}}, 0x0)

114.921562ms ago: executing program 1 (id=1933):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="66bad104ed3e3ef3abf083847a00000100080f01cf410f38cadb48b886000000000000000f23d00f21f8352000000f0f23f80f013b360ffc81570000008fc9d0973f0f0132", 0x45}], 0x1, 0x7c, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000080)={0x40003, 0x0, {[0xff, 0x3, 0x5, 0x0, 0x7, 0x0, 0xe0b, 0xff]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

114.715079ms ago: executing program 4 (id=1934):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x601c2, 0xb0)
ftruncate(r0, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r1, r1, 0x0)
sendfile(r2, r0, 0x0, 0x100000005)

113.519397ms ago: executing program 3 (id=1935):
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f00000000c0)=0x8)

70.146202ms ago: executing program 1 (id=1936):
r0 = syz_create_resource$binfmt(&(0x7f0000000140)='./bus\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
link(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='./file0\x00')
r1 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000000)=0x2000000)
close(0x3)
close(r2)
unlink(&(0x7f0000000080)='./file0\x00')

0s ago: executing program 1 (id=1937):
r0 = semget$private(0x0, 0x7, 0x180)
semctl$IPC_INFO(r0, 0x3, 0x3, &(0x7f00000000c0)=""/4096)

kernel console output (not intermixed with test programs):

500.482169][   T43] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  500.528919][T11032] Failed to get privilege flags for destination (handle=0x2:0x25)
[  500.567131][ T8690] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  500.600998][ T8690] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  500.619686][   T43] [drm] Initialized udl on minor 2
[  500.636640][ T8690] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  500.653330][   T43] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  500.667955][ T8690] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  500.694924][   T43] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  500.720548][ T5885] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  500.738534][   T43] usb 4-1: USB disconnect, device number 31
[  500.750762][ T5885] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  501.048312][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  501.056078][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  501.362635][T11048] SELinux: failed to load policy
[  502.447273][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  502.453681][   T30] audit: type=1400 audit(1759963594.045:1272): avc:  denied  { append } for  pid=11055 comm="syz.2.1363" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  502.730277][   T30] audit: type=1400 audit(1759963594.055:1273): avc:  denied  { read } for  pid=11055 comm="syz.2.1363" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  502.978112][   T30] audit: type=1400 audit(1759963594.055:1274): avc:  denied  { open } for  pid=11055 comm="syz.2.1363" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  503.004108][   T30] audit: type=1400 audit(1759963594.065:1275): avc:  denied  { ioctl } for  pid=11055 comm="syz.2.1363" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  503.040265][   T30] audit: type=1400 audit(1759963594.065:1276): avc:  denied  { set_context_mgr } for  pid=11055 comm="syz.2.1363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  503.497131][ T9595] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  503.747250][ T9595] usb 3-1: Using ep0 maxpacket: 8
[  503.917016][   T30] audit: type=1400 audit(1759963595.425:1277): avc:  denied  { setopt } for  pid=11065 comm="syz.1.1367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  503.948610][ T9595] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  503.991613][ T9595] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  504.012644][   T30] audit: type=1400 audit(1759963595.425:1278): avc:  denied  { connect } for  pid=11065 comm="syz.1.1367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  504.058350][ T9595] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  504.087778][   T30] audit: type=1400 audit(1759963595.425:1279): avc:  denied  { write } for  pid=11065 comm="syz.1.1367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  504.133245][   T30] audit: type=1400 audit(1759963595.555:1280): avc:  denied  { mount } for  pid=11073 comm="syz.4.1368" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  504.159558][ T9595] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  504.204820][ T9595] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  504.219987][   T30] audit: type=1400 audit(1759963595.615:1281): avc:  denied  { bind } for  pid=11073 comm="syz.4.1368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  504.234783][ T9595] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.316824][ T5885] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  504.478109][ T5885] usb 5-1: Using ep0 maxpacket: 32
[  504.516815][ T5885] usb 5-1: unable to get BOS descriptor or descriptor too short
[  504.530172][ T9595] usb 3-1: GET_CAPABILITIES returned 0
[  504.530927][ T5885] usb 5-1: config 244 has an invalid descriptor of length 0, skipping remainder of the config
[  504.546201][   T43] usb 1-1: new low-speed USB device number 33 using dummy_hcd
[  504.560524][ T9595] usbtmc 3-1:16.0: can't read capabilities
[  504.561720][ T5885] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=24.0f
[  504.576945][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.596575][ T5885] usb 5-1: Product: syz
[  504.600819][ T5885] usb 5-1: Manufacturer: syz
[  504.605425][ T5885] usb 5-1: SerialNumber: syz
[  504.773891][ T5858] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  504.792279][   T43] usb 1-1: config index 0 descriptor too short (expected 36753, got 34)
[  504.799708][    C0] usbtmc 3-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  504.801416][   T43] usb 1-1: config 189 has too many interfaces: 113, using maximum allowed: 32
[  504.822072][ T9595] usb 3-1: USB disconnect, device number 53
[  504.824259][   T43] usb 1-1: config 189 has 1 interface, different from the descriptor's value: 113
[  505.313729][ T5885] comedi comedi5: Wrong number of endpoints
[  505.328772][   T43] usb 1-1: config 189 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  505.340386][ T5885] dt9812 5-1:244.0: driver 'dt9812' failed to auto-configure device.
[  505.349434][   T43] usb 1-1: config 189 interface 0 altsetting 0 has an endpoint descriptor with address 0x97, changing to 0x87
[  505.357123][ T5858] usb 4-1: Using ep0 maxpacket: 32
[  505.364887][ T5885] usb 5-1: USB disconnect, device number 43
[  505.372365][   T43] usb 1-1: config 189 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  505.391383][   T43] usb 1-1: config 189 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  505.401829][   T43] usb 1-1: config 189 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  505.404099][ T5858] usb 4-1: config 0 has an invalid interface number: 112 but max is 0
[  505.428699][   T43] usb 1-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7
[  505.437789][ T5858] usb 4-1: config 0 has an invalid descriptor of length 36, skipping remainder of the config
[  505.437813][ T5858] usb 4-1: config 0 has no interface number 0
[  505.439616][ T5858] usb 4-1: New USB device found, idVendor=05ac, idProduct=921c, bcdDevice=46.58
[  505.448649][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.454864][ T5858] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.484038][ T5858] usb 4-1: Product: syz
[  505.535545][ T5858] usb 4-1: Manufacturer: syz
[  505.557191][ T5858] usb 4-1: SerialNumber: syz
[  505.557848][   T43] metro_usb 1-1:189.0: Metrologic USB to Serial converter detected
[  505.568193][ T5858] usb 4-1: config 0 descriptor??
[  505.587358][   T43] usb 1-1: Metrologic USB to Serial converter now attached to ttyUSB0
[  505.608594][ T5858] appledisplay 4-1:0.112: Could not find int-in endpoint
[  505.617270][ T5858] usbhid 4-1:0.112: couldn't find an input interrupt endpoint
[  505.638620][T11087] netlink: 'syz.1.1372': attribute type 1 has an invalid length.
[  506.056924][ T5858] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  506.187180][ T9595] af_packet: tpacket_rcv: packet too big, clamped from 74 to 4294967286. macoff=82
[  506.221095][ T5858] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  506.236448][ T5858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.244466][ T5858] usb 3-1: Product: syz
[  506.266995][ T5858] usb 3-1: Manufacturer: syz
[  506.271657][ T5858] usb 3-1: SerialNumber: syz
[  506.289201][ T5858] usb 3-1: config 0 descriptor??
[  506.708675][ T5858] usb 3-1: Firmware: major: 0, minor: 13, hardware type: ATUSB (0)
[  506.909630][ T5858] usb 3-1: Firmware: build Ԙ��QL�IJ�P�VR�~�;�*N�IMM=g�Zd���X���@�`����:
����M|��`�62��}������T�ԥ�V#'�
[  506.909630][ T5858] �VX;w�{	���L���� ����P*��8�H$����7D��V�
[  506.909630][ T5858] ��*��,�jјP���x���!�I�$R���mQԉ�?D��tA߆T
[  507.114893][T11093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  507.128683][T11093] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  507.296360][    C0] hrtimer: interrupt took 40068 ns
[  507.344471][ T5858] usb 3-1: failed to fetch extended address, random address set
[  507.458448][ T5865] usb 1-1: USB disconnect, device number 33
[  507.738192][ T5865] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0
[  507.887978][ T5865] metro_usb 1-1:189.0: device disconnected
[  507.996400][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  507.996416][   T30] audit: type=1400 audit(1759963599.645:1294): avc:  denied  { unmount } for  pid=5807 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  508.000866][ T5858] usb 3-1: USB disconnect, device number 54
[  508.004178][   T43] usb 4-1: USB disconnect, device number 32
[  508.180320][   T30] audit: type=1400 audit(1759963599.825:1295): avc:  denied  { read } for  pid=5478 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  508.228392][T11111] netlink: 'syz.3.1379': attribute type 1 has an invalid length.
[  508.625869][T11113] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  508.837120][   T30] audit: type=1400 audit(1759963599.875:1296): avc:  denied  { search } for  pid=5478 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  508.859008][   T30] audit: type=1400 audit(1759963599.875:1297): avc:  denied  { search } for  pid=5478 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  508.882906][   T30] audit: type=1400 audit(1759963599.875:1298): avc:  denied  { search } for  pid=5478 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  508.935190][   T30] audit: type=1400 audit(1759963599.875:1299): avc:  denied  { read } for  pid=5478 comm="dhcpcd" name="n115" dev="tmpfs" ino=7784 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  509.054243][   T30] audit: type=1400 audit(1759963599.875:1300): avc:  denied  { open } for  pid=5478 comm="dhcpcd" path="/run/udev/data/n115" dev="tmpfs" ino=7784 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  509.151112][   T30] audit: type=1400 audit(1759963599.875:1301): avc:  denied  { getattr } for  pid=5478 comm="dhcpcd" path="/run/udev/data/n115" dev="tmpfs" ino=7784 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  509.152291][T11123] FAULT_INJECTION: forcing a failure.
[  509.152291][T11123] name failslab, interval 1, probability 0, space 0, times 0
[  509.174930][   T30] audit: type=1400 audit(1759963600.275:1302): avc:  denied  { write } for  pid=11109 comm="syz.3.1379" name="sg0" dev="devtmpfs" ino=761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  509.216561][T11123] CPU: 1 UID: 0 PID: 11123 Comm: syz.2.1381 Not tainted syzkaller #0 PREEMPT(full) 
[  509.216589][T11123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  509.216600][T11123] Call Trace:
[  509.216606][T11123]  <TASK>
[  509.216613][T11123]  dump_stack_lvl+0x16c/0x1f0
[  509.216643][T11123]  should_fail_ex+0x512/0x640
[  509.216669][T11123]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  509.216698][T11123]  should_failslab+0xc2/0x120
[  509.216718][T11123]  kmem_cache_alloc_node_noprof+0x78/0x770
[  509.216743][T11123]  ? __alloc_skb+0x2b2/0x380
[  509.216772][T11123]  ? __alloc_skb+0x2b2/0x380
[  509.216792][T11123]  ? __pfx_netlink_insert+0x10/0x10
[  509.216817][T11123]  __alloc_skb+0x2b2/0x380
[  509.216840][T11123]  ? __pfx___alloc_skb+0x10/0x10
[  509.216863][T11123]  ? netlink_autobind.isra.0+0x158/0x370
[  509.216895][T11123]  netlink_alloc_large_skb+0x69/0x140
[  509.216924][T11123]  netlink_sendmsg+0x698/0xdd0
[  509.216943][T11123]  ? __pfx_netlink_sendmsg+0x10/0x10
[  509.216965][T11123]  ____sys_sendmsg+0xa98/0xc70
[  509.216982][T11123]  ? copy_msghdr_from_user+0x10a/0x160
[  509.217005][T11123]  ? __pfx_____sys_sendmsg+0x10/0x10
[  509.217033][T11123]  ___sys_sendmsg+0x134/0x1d0
[  509.217058][T11123]  ? __pfx____sys_sendmsg+0x10/0x10
[  509.217108][T11123]  __sys_sendmsg+0x16d/0x220
[  509.217133][T11123]  ? __pfx___sys_sendmsg+0x10/0x10
[  509.217174][T11123]  do_syscall_64+0xcd/0xfa0
[  509.217201][T11123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.217218][T11123] RIP: 0033:0x7fbd3118eec9
[  509.217232][T11123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.217249][T11123] RSP: 002b:00007fbd2f3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  509.217266][T11123] RAX: ffffffffffffffda RBX: 00007fbd313e6090 RCX: 00007fbd3118eec9
[  509.217277][T11123] RDX: 0000000000040040 RSI: 0000200000000000 RDI: 0000000000000004
[  509.217288][T11123] RBP: 00007fbd2f3f6090 R08: 0000000000000000 R09: 0000000000000000
[  509.217297][T11123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.217307][T11123] R13: 00007fbd313e6128 R14: 00007fbd313e6090 R15: 00007ffcc3848e28
[  509.217330][T11123]  </TASK>
[  509.218413][ T5885] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  509.446874][T11123] overlayfs: missing 'lowerdir'
[  509.577032][ T5885] usb 1-1: device descriptor read/64, error -71
[  509.826588][ T5885] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  510.242029][ T5885] usb 1-1: device descriptor read/64, error -71
[  510.301479][T11136] overlayfs: missing 'lowerdir'
[  510.360186][ T5885] usb usb1-port1: attempt power cycle
[  510.502673][   T30] audit: type=1400 audit(1759963602.155:1303): avc:  denied  { mount } for  pid=11132 comm="syz.1.1385" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  510.719609][ T5885] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  510.757780][ T5885] usb 1-1: device descriptor read/8, error -71
[  511.027849][ T5858] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  511.056441][ T5885] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  511.207290][ T5885] usb 1-1: device descriptor read/8, error -71
[  511.551904][ T5885] usb usb1-port1: unable to enumerate USB device
[  511.607016][ T5858] usb 3-1: Using ep0 maxpacket: 8
[  511.614150][ T5858] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  511.623554][ T5858] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  511.637442][ T5858] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  511.652114][ T5858] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  511.662876][ T5858] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  511.676892][ T5858] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  511.686243][ T5858] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.915536][ T5858] usb 3-1: usb_control_msg returned -32
[  511.957114][ T5858] usbtmc 3-1:16.0: can't read capabilities
[  512.912491][ T5885] usb 3-1: USB disconnect, device number 55
[  512.963837][T11170] wg0 speed is unknown, defaulting to 1000
[  513.167970][   T30] kauditd_printk_skb: 42 callbacks suppressed
[  513.167987][   T30] audit: type=1400 audit(1759963604.825:1346): avc:  denied  { write } for  pid=11182 comm="syz.0.1397" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  513.204951][   T30] audit: type=1400 audit(1759963604.845:1347): avc:  denied  { nlmsg_write } for  pid=11182 comm="syz.0.1397" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  513.229631][   T24] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  513.386792][   T24] usb 5-1: Using ep0 maxpacket: 16
[  513.395179][   T24] usb 5-1: config 0 has no interfaces?
[  513.402455][   T24] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  513.412623][   T24] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  513.421013][   T24] usb 5-1: Manufacturer: syz
[  513.428881][   T24] usb 5-1: config 0 descriptor??
[  514.210098][   T30] audit: type=1400 audit(1759963605.855:1348): avc:  denied  { bind } for  pid=11199 comm="syz.0.1402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  514.269218][   T30] audit: type=1400 audit(1759963605.865:1349): avc:  denied  { write } for  pid=11199 comm="syz.0.1402" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  514.270358][T11203] netlink: 'syz.3.1404': attribute type 1 has an invalid length.
[  514.307318][T11203] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1404'.
[  514.330298][T11203] NCSI netlink: No device for ifindex 0
[  514.343551][   T30] audit: type=1400 audit(1759963605.865:1350): avc:  denied  { open } for  pid=11199 comm="syz.0.1402" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  514.406552][   T30] audit: type=1400 audit(1759963605.865:1351): avc:  denied  { ioctl } for  pid=11199 comm="syz.0.1402" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  514.489841][   T30] audit: type=1400 audit(1759963605.865:1352): avc:  denied  { listen } for  pid=11199 comm="syz.0.1402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  514.596089][   T30] audit: type=1400 audit(1759963606.115:1353): avc:  denied  { mount } for  pid=11207 comm="syz.0.1406" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  515.214072][T11222] input: syz1 as /devices/virtual/input/input65
[  516.080010][ T5865] usb 5-1: USB disconnect, device number 44
[  516.106869][ T9595] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  516.465007][ T9595] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  516.585896][ T9595] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  516.624250][T11232] block device autoloading is deprecated and will be removed.
[  516.640106][ T9595] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.859111][T11240] netlink: 'syz.1.1414': attribute type 4 has an invalid length.
[  516.867031][T11240] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1414'.
[  517.242572][T11232] input: syz0 as /devices/virtual/input/input66
[  517.257287][   T30] audit: type=1400 audit(1759963608.895:1354): avc:  denied  { setopt } for  pid=11235 comm="syz.3.1413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  517.259058][ T9595] usb 3-1: config 0 descriptor??
[  517.332057][   T30] audit: type=1400 audit(1759963608.985:1355): avc:  denied  { getopt } for  pid=11235 comm="syz.3.1413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  517.337208][ T9595] pwc: Askey VC010 type 2 USB webcam detected.
[  517.765011][T11243] input: syz1 as /devices/virtual/input/input67
[  517.780093][ T9595] pwc: recv_control_msg error -32 req 02 val 2b00
[  517.789884][ T9595] pwc: recv_control_msg error -32 req 02 val 2700
[  517.797994][ T9595] pwc: recv_control_msg error -32 req 02 val 2c00
[  517.813761][ T9595] pwc: recv_control_msg error -32 req 04 val 1000
[  517.827825][ T9595] pwc: recv_control_msg error -32 req 04 val 1300
[  517.845140][ T9595] pwc: recv_control_msg error -32 req 04 val 1400
[  517.852100][ T9595] pwc: recv_control_msg error -32 req 02 val 2000
[  517.865496][ T9595] pwc: recv_control_msg error -32 req 02 val 2100
[  517.936909][ T9595] pwc: recv_control_msg error -32 req 04 val 1500
[  517.969236][ T9595] pwc: recv_control_msg error -32 req 02 val 2500
[  518.031393][ T9595] pwc: recv_control_msg error -32 req 02 val 2400
[  518.488687][ T9595] pwc: recv_control_msg error -32 req 02 val 2900
[  518.746295][ T9595] pwc: recv_control_msg error -32 req 02 val 2800
[  519.033229][T11255] FAULT_INJECTION: forcing a failure.
[  519.033229][T11255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  519.047037][T11255] CPU: 0 UID: 0 PID: 11255 Comm: syz.1.1417 Not tainted syzkaller #0 PREEMPT(full) 
[  519.047061][T11255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  519.047071][T11255] Call Trace:
[  519.047079][T11255]  <TASK>
[  519.047086][T11255]  dump_stack_lvl+0x16c/0x1f0
[  519.047120][T11255]  should_fail_ex+0x512/0x640
[  519.047151][T11255]  _copy_from_user+0x2e/0xd0
[  519.047179][T11255]  do_devconfig_ioctl+0x11c/0x710
[  519.047196][T11255]  ? __mutex_lock+0x1c5/0x1060
[  519.047225][T11255]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  519.047259][T11255]  ? find_held_lock+0x2b/0x80
[  519.047286][T11255]  comedi_unlocked_ioctl+0x165d/0x2f00
[  519.047320][T11255]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  519.047346][T11255]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  519.047370][T11255]  ? do_vfs_ioctl+0x128/0x14f0
[  519.047395][T11255]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  519.047418][T11255]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  519.047446][T11255]  ? hook_file_ioctl_common+0x145/0x410
[  519.047475][T11255]  ? selinux_file_ioctl+0x180/0x270
[  519.047491][T11255]  ? selinux_file_ioctl+0xb4/0x270
[  519.047509][T11255]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  519.047530][T11255]  __x64_sys_ioctl+0x18e/0x210
[  519.047555][T11255]  do_syscall_64+0xcd/0xfa0
[  519.047583][T11255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.047601][T11255] RIP: 0033:0x7f13da98eec9
[  519.047615][T11255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  519.047631][T11255] RSP: 002b:00007f13db7e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  519.047648][T11255] RAX: ffffffffffffffda RBX: 00007f13dabe6180 RCX: 00007f13da98eec9
[  519.047659][T11255] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000007
[  519.047669][T11255] RBP: 00007f13db7e9090 R08: 0000000000000000 R09: 0000000000000000
[  519.047679][T11255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  519.047689][T11255] R13: 00007f13dabe6218 R14: 00007f13dabe6180 R15: 00007ffdb7206408
[  519.047715][T11255]  </TASK>
[  519.048934][T11255] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1417'.
[  519.291793][ T9595] pwc: recv_control_msg error -71 req 04 val 1200
[  519.600945][ T9595] pwc: Registered as video103.
[  519.628321][ T9595] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input68
[  519.670073][ T9595] usb 3-1: USB disconnect, device number 56
[  520.799871][   T30] audit: type=1400 audit(1759963612.045:1356): avc:  denied  { connect } for  pid=11271 comm="syz.2.1422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  520.832050][T11269] syzkaller0: left allmulticast mode
[  521.234875][T11283] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1425'.
[  521.396604][ T5885] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  521.548960][ T5885] usb 4-1: config 1 has an invalid interface number: 7 but max is 0
[  521.558789][ T5885] usb 4-1: config 1 has no interface number 0
[  521.564896][ T5885] usb 4-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  521.600018][ T5885] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  521.626425][ T5885] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  521.626966][ T5858] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  521.642720][ T5885] usb 4-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  521.683203][ T5885] usb 4-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  521.807806][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.816521][ T5885] usb 4-1: Product: syz
[  521.820707][ T5885] usb 4-1: Manufacturer: syz
[  521.827193][ T5858] usb 3-1: Using ep0 maxpacket: 16
[  521.827556][ T5885] usb 4-1: SerialNumber: syz
[  521.841195][T11281] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  521.849604][T11281] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  521.858651][ T5858] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  521.942440][T11291] netlink: 'syz.4.1427': attribute type 4 has an invalid length.
[  521.950323][T11291] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1427'.
[  522.296896][T11281] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  522.331019][ T5858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.339653][ T5858] usb 3-1: Product: syz
[  522.343841][ T5858] usb 3-1: Manufacturer: syz
[  522.349855][ T5858] usb 3-1: SerialNumber: syz
[  522.352113][T11281] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  522.372988][ T5858] r8152-cfgselector 3-1: Unknown version 0x0000
[  522.379976][ T5858] r8152-cfgselector 3-1: config 0 descriptor??
[  522.392565][T11289] input: syz1 as /devices/virtual/input/input69
[  522.866632][T11276] Bluetooth: hci4: command 0x0406 tx timeout
[  523.207761][ T5885] usb 4-1: Incompatible driver and firmware versions
[  523.246161][ T5885] usb 4-1: USB disconnect, device number 33
[  523.317263][   T30] audit: type=1400 audit(1759963614.945:1357): avc:  denied  { sys_module } for  pid=11294 comm="syz.1.1429" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  523.472175][ T5858] r8152-cfgselector 3-1: USB disconnect, device number 57
[  523.538924][   T30] audit: type=1400 audit(1759963615.185:1358): avc:  denied  { create } for  pid=11306 comm="syz.0.1431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  523.861791][T11319] netlink: 'syz.1.1432': attribute type 1 has an invalid length.
[  523.975970][T11321] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1433'.
[  524.492709][T11316] macvlan2: entered promiscuous mode
[  524.498603][T11316] macvlan2: entered allmulticast mode
[  524.508072][T11316] bond3: entered promiscuous mode
[  524.517813][T11316] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  524.690448][T11316] bond3: left promiscuous mode
[  524.870718][   T30] audit: type=1400 audit(1759963616.525:1359): avc:  denied  { unlink } for  pid=11324 comm="syz.2.1435" name="#1f" dev="tmpfs" ino=1626 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  525.093463][ T5858] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  525.150137][T11331] FAULT_INJECTION: forcing a failure.
[  525.150137][T11331] name failslab, interval 1, probability 0, space 0, times 0
[  525.163147][T11331] CPU: 0 UID: 0 PID: 11331 Comm: syz.2.1437 Not tainted syzkaller #0 PREEMPT(full) 
[  525.163167][T11331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  525.163173][T11331] Call Trace:
[  525.163178][T11331]  <TASK>
[  525.163182][T11331]  dump_stack_lvl+0x16c/0x1f0
[  525.163203][T11331]  should_fail_ex+0x512/0x640
[  525.163220][T11331]  ? __kmalloc_cache_noprof+0x5f/0x780
[  525.163237][T11331]  should_failslab+0xc2/0x120
[  525.163249][T11331]  __kmalloc_cache_noprof+0x72/0x780
[  525.163264][T11331]  ? copy_mount_options+0x55/0x190
[  525.163280][T11331]  ? copy_mount_options+0x55/0x190
[  525.163293][T11331]  copy_mount_options+0x55/0x190
[  525.163307][T11331]  __x64_sys_mount+0x1ab/0x310
[  525.163320][T11331]  ? __pfx___x64_sys_mount+0x10/0x10
[  525.163332][T11331]  ? getname_flags.part.0+0x1c5/0x550
[  525.163350][T11331]  do_syscall_64+0xcd/0xfa0
[  525.163366][T11331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.163378][T11331] RIP: 0033:0x7fbd3118eec9
[  525.163387][T11331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  525.163398][T11331] RSP: 002b:00007fbd31f3f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  525.163408][T11331] RAX: ffffffffffffffda RBX: 00007fbd313e5fa0 RCX: 00007fbd3118eec9
[  525.163415][T11331] RDX: 0000200000000080 RSI: 0000200000000240 RDI: 0000000000000000
[  525.163421][T11331] RBP: 00007fbd31f3f090 R08: 0000200000000000 R09: 0000000000000000
[  525.163427][T11331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.163433][T11331] R13: 00007fbd313e6038 R14: 00007fbd313e5fa0 R15: 00007ffcc3848e28
[  525.163447][T11331]  </TASK>
[  525.349830][   T30] audit: type=1400 audit(1759963616.555:1360): avc:  denied  { mount } for  pid=11324 comm="syz.2.1435" name="/" dev="overlay" ino=1620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  525.417074][ T5858] usb 5-1: Using ep0 maxpacket: 16
[  525.423926][ T5858] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  525.436174][ T5858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  525.452224][ T5858] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  525.462819][ T5858] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.473648][ T5858] usb 5-1: Product: syz
[  525.478605][ T5858] usb 5-1: Manufacturer: syz
[  525.483183][ T5858] usb 5-1: SerialNumber: syz
[  525.489496][ T5858] usb 5-1: config 0 descriptor??
[  525.496921][ T5858] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  525.506115][ T5858] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  525.763330][   T30] audit: type=1400 audit(1759963616.685:1361): avc:  denied  { unmount } for  pid=5806 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  526.356665][   T30] audit: type=1400 audit(1759963616.805:1362): avc:  denied  { mount } for  pid=11330 comm="syz.2.1437" name="/" dev="ramfs" ino=34282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  526.440768][T11342] netlink: 'syz.3.1440': attribute type 1 has an invalid length.
[  526.451449][ T5858] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  526.480554][ T5858] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  526.573621][T11342] 8021q: adding VLAN 0 to HW filter on device bond1
[  526.583772][T11345] netlink: 'syz.3.1440': attribute type 11 has an invalid length.
[  526.706053][ T5858] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  526.708749][T11342] gretap1: entered promiscuous mode
[  526.727418][ T5858] em28xx 5-1:0.0: No AC97 audio processor
[  527.862516][ T5885] usb 5-1: USB disconnect, device number 45
[  527.885353][ T5885] em28xx 5-1:0.0: Disconnecting em28xx
[  527.920512][ T5885] em28xx 5-1:0.0: Freeing device
[  528.561453][T11357] capability: warning: `syz.1.1444' uses 32-bit capabilities (legacy support in use)
[  528.957640][T11371] trusted_key: syz.3.1447 sent an empty control message without MSG_MORE.
[  529.397758][T11350] syzkaller0: entered promiscuous mode
[  530.282278][   T30] audit: type=1400 audit(1759963621.875:1363): avc:  denied  { getopt } for  pid=11391 comm="syz.4.1454" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  530.780544][T11404] loop4: detected capacity change from 0 to 63
[  530.789015][T11404] buffer_io_error: 9 callbacks suppressed
[  530.789032][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.802922][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.811064][ T5878] usb 1-1: new full-speed USB device number 38 using dummy_hcd
[  530.819298][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.831947][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.841332][   T30] audit: type=1400 audit(1759963622.495:1364): avc:  denied  { map } for  pid=11402 comm="syz.2.1457" path="/dev/loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  530.867031][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.875792][   T30] audit: type=1400 audit(1759963622.515:1365): avc:  denied  { execute } for  pid=11402 comm="syz.2.1457" path="/dev/loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  530.875946][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.900117][    C0] vkms_vblank_simulate: vblank timer overrun
[  530.915461][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.924429][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  530.932899][T11404] ldm_validate_partition_table(): Disk read failed.
[  530.995105][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  531.003608][T11404] Buffer I/O error on dev loop4, logical block 0, async page read
[  531.007845][ T5878] usb 1-1: config 0 interface 0 has no altsetting 0
[  531.013466][T11404] Dev loop4: unable to read RDB block 0
[  531.019024][ T5878] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  531.024695][T11404]  loop4: unable to read partition table
[  531.033637][ T5878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.035644][ T5878] usb 1-1: config 0 descriptor??
[  531.160434][ T5878] cp210x 1-1:0.0: cp210x converter detected
[  531.162343][T11404] loop_reread_partitions: partition scan of loop4 (3�����) failed (rc=-5)
[  531.291177][T11409] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1459'.
[  531.568402][ T5878] usb 1-1: cp210x converter now attached to ttyUSB0
[  531.818766][T11396] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1456'.
[  531.829014][T11396] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1456'.
[  531.842308][   T30] audit: type=1400 audit(1759963623.495:1366): avc:  denied  { getopt } for  pid=11395 comm="syz.0.1456" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  531.843557][ T5858] usb 1-1: USB disconnect, device number 38
[  531.869173][   T30] audit: type=1400 audit(1759963623.495:1367): avc:  denied  { setopt } for  pid=11395 comm="syz.0.1456" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  531.889564][ T5858] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  531.935482][ T5858] cp210x 1-1:0.0: device disconnected
[  533.051409][   T30] audit: type=1400 audit(1759963624.695:1368): avc:  denied  { mount } for  pid=11431 comm="syz.4.1465" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  533.584691][   T30] audit: type=1400 audit(1759963624.705:1369): avc:  denied  { unmount } for  pid=11431 comm="syz.4.1465" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  533.686947][ T5878] usb 1-1: new full-speed USB device number 39 using dummy_hcd
[  533.899588][ T5878] usb 1-1: unable to get BOS descriptor or descriptor too short
[  533.934247][ T5878] usb 1-1: not running at top speed; connect to a high speed hub
[  533.951538][ T5878] usb 1-1: config 129 has an invalid interface number: 135 but max is 0
[  533.978670][ T5878] usb 1-1: config 129 has an invalid interface number: 5 but max is 0
[  533.992025][ T5878] usb 1-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  534.004986][ T5878] usb 1-1: config 129 has no interface number 0
[  534.024746][ T5878] usb 1-1: config 129 has no interface number 1
[  534.041429][   T30] audit: type=1400 audit(1759963625.695:1370): avc:  denied  { getopt } for  pid=11436 comm="syz.1.1467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  534.338738][ T5878] usb 1-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  534.378778][T11450] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1467'.
[  534.448724][ T5878] usb 1-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  534.467167][ T5878] usb 1-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  534.489308][ T5878] usb 1-1: config 129 interface 135 has no altsetting 0
[  534.500041][ T5878] usb 1-1: config 129 interface 5 has no altsetting 0
[  534.517286][ T5878] usb 1-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  534.548928][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.574883][ T5878] usb 1-1: Product: syz
[  534.589091][ T5878] usb 1-1: Manufacturer: syz
[  534.605897][ T5878] usb 1-1: SerialNumber: syz
[  535.063476][ T5878] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  535.086265][ T5878] usb 1-1: MIDIStreaming interface descriptor not found
[  535.095219][T11454] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1470'.
[  535.195525][ T5878] usb 1-1: USB disconnect, device number 39
[  535.243760][ T5818] udevd[5818]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:129.5/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  535.276842][   T43] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  535.406473][   T43] usb 4-1: device descriptor read/64, error -71
[  535.636444][ T5885] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  535.656525][   T43] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  535.806459][   T43] usb 4-1: device descriptor read/64, error -71
[  535.814941][ T5885] usb 5-1: config 1 has an invalid interface number: 7 but max is 0
[  535.825252][ T5885] usb 5-1: config 1 has no interface number 0
[  535.831727][ T5885] usb 5-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  535.847441][ T5885] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  535.858429][ T5885] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  535.868669][ T5885] usb 5-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.881551][T11469] netlink: 'syz.0.1475': attribute type 11 has an invalid length.
[  535.890796][T11469] netlink: 8420 bytes leftover after parsing attributes in process `syz.0.1475'.
[  535.916860][   T43] usb usb4-port1: attempt power cycle
[  535.930173][ T5885] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  535.982657][   T30] audit: type=1400 audit(1759963627.635:1371): avc:  denied  { open } for  pid=11470 comm="syz.0.1476" path="/dev/ptyq4" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  536.014638][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  536.031881][ T5885] usb 5-1: Product: syz
[  536.054140][ T5885] usb 5-1: Manufacturer: syz
[  536.060878][   T30] audit: type=1400 audit(1759963627.715:1372): avc:  denied  { ioctl } for  pid=11470 comm="syz.0.1476" path="/dev/ptyq4" dev="devtmpfs" ino=123 ioctlcmd=0x5412 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  536.089927][ T5885] usb 5-1: SerialNumber: syz
[  536.221307][T11466] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  536.258702][T11466] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  536.276524][   T43] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  536.320627][   T43] usb 4-1: device descriptor read/8, error -71
[  536.499889][T11466] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  536.507640][T11466] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  536.691557][   T43] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  536.757296][   T43] usb 4-1: device descriptor read/8, error -71
[  536.856233][T11487] binder: 11486:11487 ioctl 4018620d 0 returned -22
[  536.872678][   T30] audit: type=1400 audit(1759963628.525:1373): avc:  denied  { egress } for  pid=23 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  536.900540][   T43] usb usb4-port1: unable to enumerate USB device
[  537.197902][ T5885] usb 5-1: Incompatible driver and firmware versions
[  537.238485][   T30] audit: type=1400 audit(1759963628.525:1374): avc:  denied  { sendto } for  pid=23 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  537.380659][ T5858] usb 5-1: USB disconnect, device number 46
[  537.896429][ T5885] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  537.958866][   T30] audit: type=1326 audit(1759963629.615:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.144259][   T30] audit: type=1326 audit(1759963629.615:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.266004][   T30] audit: type=1326 audit(1759963629.635:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.301625][T11497] binder: 11496:11497 ioctl 4018620d 0 returned -22
[  538.311346][   T30] audit: type=1326 audit(1759963629.635:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.553781][T11276] Bluetooth: hci3: unexpected event for opcode 0x200a
[  538.588980][   T30] audit: type=1326 audit(1759963629.635:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.621138][   T30] audit: type=1326 audit(1759963629.645:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.645125][   T30] audit: type=1326 audit(1759963629.645:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.651088][ T5885] usb 1-1: Using ep0 maxpacket: 8
[  538.669501][   T30] audit: type=1326 audit(1759963629.645:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11492 comm="syz.1.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f13da98eec9 code=0x7ffc0000
[  538.915712][ T5885] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  538.935251][ T5885] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  539.154587][ T5885] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  539.201657][ T5885] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  539.250353][ T5885] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  539.268609][ T5885] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  539.302033][ T5885] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.537934][T11512] binder: 11511:11512 ioctl 4018620d 0 returned -22
[  539.629436][ T5885] usb 1-1: GET_CAPABILITIES returned 0
[  539.638367][ T5885] usbtmc 1-1:16.0: can't read capabilities
[  539.903894][ T5885] usb 1-1: USB disconnect, device number 40
[  540.474305][T11521] sch_fq: defrate 4294967295 ignored.
[  540.538097][T11521] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  540.897244][T11534] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1491'.
[  541.337813][T11536] misc userio: Invalid payload size
[  541.369463][T11536] misc userio: No port type given on /dev/userio
[  541.471783][T11539] misc userio: The device must be registered before sending interrupts
[  543.598750][   T30] kauditd_printk_skb: 46 callbacks suppressed
[  543.598767][   T30] audit: type=1400 audit(1759963635.245:1429): avc:  denied  { append } for  pid=11555 comm="syz.2.1500" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  543.598866][T11557] random: crng reseeded on system resumption
[  543.737362][   T30] audit: type=1400 audit(1759963635.395:1430): avc:  denied  { mounton } for  pid=11555 comm="syz.2.1500" path="/319/file0" dev="tmpfs" ino=1712 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  543.763437][T11557] fuse: Unknown parameter 'f��ò5�ܥ�w�ňw>v'
[  543.859757][T11557] fuse: Unknown parameter '0x000000000000000a'
[  544.494125][   T30] audit: type=1400 audit(1759963636.135:1431): avc:  denied  { setopt } for  pid=11571 comm="syz.3.1507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  545.425941][   T30] audit: type=1400 audit(1759963636.145:1432): avc:  denied  { read } for  pid=11571 comm="syz.3.1507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  545.573484][   T30] audit: type=1400 audit(1759963637.015:1433): avc:  denied  { ioctl } for  pid=11571 comm="syz.3.1507" path="socket:[35583]" dev="sockfs" ino=35583 ioctlcmd=0x64c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  546.136586][ T5878] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  546.286919][ T5858] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  546.306549][ T5878] usb 5-1: Using ep0 maxpacket: 16
[  546.315101][ T5878] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  546.324429][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.338591][ T5878] usb 5-1: Product: syz
[  546.488879][ T5878] usb 5-1: Manufacturer: syz
[  546.494027][ T5878] usb 5-1: SerialNumber: syz
[  546.500792][ T5878] usb 5-1: config 0 descriptor??
[  546.522099][ T5878] visor 5-1:0.0: Sony Clie 3.5 converter detected
[  546.628388][T11617] netlink: 'syz.0.1517': attribute type 2 has an invalid length.
[  546.636977][T11617] netlink: 'syz.0.1517': attribute type 1 has an invalid length.
[  546.647816][T11617] netlink: 'syz.0.1517': attribute type 1 has an invalid length.
[  546.867134][ T5858] usb 4-1: Using ep0 maxpacket: 8
[  546.888375][ T5858] usb 4-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  546.937612][ T5858] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.040765][ T5858] usb 4-1: Product: syz
[  547.056235][ T5858] usb 4-1: Manufacturer: syz
[  547.067062][ T5858] usb 4-1: SerialNumber: syz
[  547.247592][ T5878] usb 5-1: clie_3_5_startup: get interface number bad return length: 0
[  547.255996][ T5878] visor 5-1:0.0: probe with driver visor failed with error -5
[  547.295068][   T30] audit: type=1400 audit(1759963638.935:1434): avc:  denied  { append } for  pid=11590 comm="syz.3.1511" name="sg0" dev="devtmpfs" ino=761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  547.318832][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.450669][ T9595] usb 5-1: USB disconnect, device number 47
[  547.503641][T11593] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1511'.
[  547.878452][ T5858] mxuport 4-1:254.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71)
[  547.926936][ T5858] mxuport 4-1:254.0: probe with driver mxuport failed with error -5
[  547.979284][ T5858] usb 4-1: USB disconnect, device number 38
[  548.329354][T11634] sd 0:0:1:0: device reset
[  548.598880][T11639] afs: Unknown parameter 'dyn�qL;����e��'
[  550.229281][   T30] audit: type=1400 audit(1759963641.705:1435): avc:  denied  { write } for  pid=11658 comm="syz.4.1530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  550.292576][   T30] audit: type=1400 audit(1759963641.875:1436): avc:  denied  { create } for  pid=11658 comm="syz.4.1530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  550.472044][   T30] audit: type=1400 audit(1759963641.875:1437): avc:  denied  { ioctl } for  pid=11658 comm="syz.4.1530" path="socket:[36210]" dev="sockfs" ino=36210 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  550.757993][T11663] netlink: 165 bytes leftover after parsing attributes in process `syz.2.1532'.
[  550.879718][   T30] audit: type=1400 audit(1759963642.525:1438): avc:  denied  { ioctl } for  pid=11655 comm="syz.2.1532" path="socket:[35784]" dev="sockfs" ino=35784 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  550.968997][   T30] audit: type=1400 audit(1759963642.615:1439): avc:  denied  { bind } for  pid=11667 comm="syz.1.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  551.011914][   T30] audit: type=1400 audit(1759963642.615:1440): avc:  denied  { name_bind } for  pid=11667 comm="syz.1.1534" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  551.107031][   T30] audit: type=1400 audit(1759963642.615:1441): avc:  denied  { node_bind } for  pid=11667 comm="syz.1.1534" saddr=10.1.1.0 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  551.217461][ T5826] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  551.228992][ T5826] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  551.240991][ T5826] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  551.249077][ T5826] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  551.298909][ T5826] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  551.327163][   T30] audit: type=1400 audit(1759963642.965:1442): avc:  denied  { mounton } for  pid=11675 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  551.456822][ T5858] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  551.755761][T11675] wg0 speed is unknown, defaulting to 1000
[  553.352452][T11276] Bluetooth: hci1: command tx timeout
[  553.998472][T11675] chnl_net:caif_netlink_parms(): no params data found
[  554.011639][T11691] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  554.530468][T11675] bridge0: port 1(bridge_slave_0) entered blocking state
[  554.538005][T11675] bridge0: port 1(bridge_slave_0) entered disabled state
[  554.545111][T11675] bridge_slave_0: entered allmulticast mode
[  554.592603][T11675] bridge_slave_0: entered promiscuous mode
[  554.627360][T11675] bridge0: port 2(bridge_slave_1) entered blocking state
[  554.641664][T11675] bridge0: port 2(bridge_slave_1) entered disabled state
[  554.676660][T11675] bridge_slave_1: entered allmulticast mode
[  554.835386][T11675] bridge_slave_1: entered promiscuous mode
[  554.886858][ T5858] usb 5-1: device descriptor read/64, error -71
[  554.956425][T11708] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1540'.
[  555.410696][T11675] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  555.427112][T11276] Bluetooth: hci1: command tx timeout
[  555.439483][T11675] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  555.612276][T11675] team0: Port device team_slave_0 added
[  555.631014][T11675] team0: Port device team_slave_1 added
[  555.657023][ T5858] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  555.678118][T11675] batman_adv: batadv0: Adding interface: batadv_slave_0
[  555.685118][T11675] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  555.727712][T11675] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  555.758887][T11675] batman_adv: batadv0: Adding interface: batadv_slave_1
[  555.779032][T11675] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  555.804930][    C0] vkms_vblank_simulate: vblank timer overrun
[  555.858166][T11675] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  555.873900][ T5885] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  555.880577][ T5858] usb 5-1: config 1 has an invalid interface number: 7 but max is 0
[  555.880604][ T5858] usb 5-1: config 1 has no interface number 0
[  555.880638][ T5858] usb 5-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  555.880662][ T5858] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  555.880684][ T5858] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  555.880706][ T5858] usb 5-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  555.882482][ T5858] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  555.882506][ T5858] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.882523][ T5858] usb 5-1: Product: syz
[  555.882536][ T5858] usb 5-1: Manufacturer: syz
[  555.882549][ T5858] usb 5-1: SerialNumber: syz
[  555.885293][T11698] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  555.885419][T11698] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  555.940411][T11675] hsr_slave_0: entered promiscuous mode
[  555.941289][T11675] hsr_slave_1: entered promiscuous mode
[  555.941754][T11675] debugfs: 'hsr0' already exists in 'hsr'
[  555.941771][T11675] Cannot create hsr debugfs directory
[  556.045457][ T5885] usb 4-1: config 1 has an invalid interface number: 7 but max is 0
[  556.045484][ T5885] usb 4-1: config 1 has no interface number 0
[  556.045515][ T5885] usb 4-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  556.045541][ T5885] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  556.045563][ T5885] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  556.045585][ T5885] usb 4-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.060127][ T5885] usb 4-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  556.060155][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.060172][ T5885] usb 4-1: Product: syz
[  556.060186][ T5885] usb 4-1: Manufacturer: syz
[  556.060201][ T5885] usb 4-1: SerialNumber: syz
[  556.063573][T11710] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  556.063663][T11710] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  556.090866][T11698] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  556.090987][T11698] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  556.267769][T11675] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  556.276426][T11710] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  556.386555][T11710] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  556.831605][ T5858] usb 5-1: Incompatible driver and firmware versions
[  556.850223][T11675] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  556.907299][T11719] wg0 speed is unknown, defaulting to 1000
[  557.078674][ T5885] usb 4-1: Incompatible driver and firmware versions
[  557.198822][   T30] audit: type=1400 audit(1759963648.855:1443): avc:  denied  { watch watch_reads } for  pid=11724 comm="syz.1.1545" path="/328/bus" dev="overlay" ino=1733 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  557.235433][T11675] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  557.258575][T11675] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  557.512947][T11276] Bluetooth: hci1: command tx timeout
[  557.612678][T11675] 8021q: adding VLAN 0 to HW filter on device bond0
[  557.666048][T11675] 8021q: adding VLAN 0 to HW filter on device team0
[  557.699315][ T8690] bridge0: port 1(bridge_slave_0) entered blocking state
[  557.706505][ T8690] bridge0: port 1(bridge_slave_0) entered forwarding state
[  557.755669][ T8690] bridge0: port 2(bridge_slave_1) entered blocking state
[  557.762856][ T8690] bridge0: port 2(bridge_slave_1) entered forwarding state
[  557.791043][ T5858] usb 5-1: USB disconnect, device number 49
[  557.804177][ T5885] usb 4-1: USB disconnect, device number 39
[  558.069892][   T30] audit: type=1400 audit(1759963649.725:1444): avc:  denied  { ioctl } for  pid=11743 comm="syz.1.1548" path="socket:[36524]" dev="sockfs" ino=36524 ioctlcmd=0xf50a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  558.155827][T11675] 8021q: adding VLAN 0 to HW filter on device batadv0
[  558.201457][T11754] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  558.231122][T11754] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.269948][T11754] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  558.279873][T11754] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.373279][T11754] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  558.388139][T11754] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.439976][T11754] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  558.450135][T11754] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.513392][T11675] veth0_vlan: entered promiscuous mode
[  558.558576][T11675] veth1_vlan: entered promiscuous mode
[  558.589638][   T36] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  558.599221][   T36] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  558.613363][   T36] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  558.622863][   T36] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  558.627249][   T30] audit: type=1400 audit(1759963650.275:1445): avc:  denied  { bind } for  pid=11763 comm="syz.2.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  558.655401][   T36] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  558.664903][   T36] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  558.675271][T11675] veth0_macvtap: entered promiscuous mode
[  558.684609][   T36] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  558.694004][   T36] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  558.705913][T11675] veth1_macvtap: entered promiscuous mode
[  558.732604][T11675] batman_adv: batadv0: Interface activated: batadv_slave_0
[  558.751273][T11675] batman_adv: batadv0: Interface activated: batadv_slave_1
[  558.778589][ T8236] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  558.793339][ T8236] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  558.817120][ T8236] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  558.834769][ T8236] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  558.983115][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  559.003152][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  559.044182][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  559.055403][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  559.074427][   T30] audit: type=1400 audit(1759963650.725:1446): avc:  denied  { mounton } for  pid=11675 comm="syz-executor" path="/root/syzkaller.gw9i1w/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  559.107023][   T30] audit: type=1400 audit(1759963650.755:1447): avc:  denied  { mounton } for  pid=11675 comm="syz-executor" path="/root/syzkaller.gw9i1w/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  559.150244][   T30] audit: type=1400 audit(1759963650.755:1448): avc:  denied  { mounton } for  pid=11675 comm="syz-executor" path="/root/syzkaller.gw9i1w/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=36684 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  559.234868][   T30] audit: type=1400 audit(1759963650.795:1449): avc:  denied  { mounton } for  pid=11675 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  559.268053][   T24] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[  559.274404][   T30] audit: type=1400 audit(1759963650.795:1450): avc:  denied  { mount } for  pid=11675 comm="syz-executor" name="/" dev="gadgetfs" ino=7840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  559.304172][   T30] audit: type=1400 audit(1759963650.795:1451): avc:  denied  { mounton } for  pid=11675 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  559.418210][   T24] usb 2-1: config 0 has an invalid interface number: 104 but max is 0
[  559.427789][   T24] usb 2-1: config 0 has no interface number 0
[  559.435544][   T24] usb 2-1: config 0 interface 104 has no altsetting 0
[  559.446766][   T24] usb 2-1: New USB device found, idVendor=04dd, idProduct=8007, bcdDevice=77.43
[  559.456047][   T24] usb 2-1: New USB device strings: Mfr=1, Product=231, SerialNumber=3
[  559.464953][   T24] usb 2-1: Product: syz
[  559.469804][   T24] usb 2-1: Manufacturer: syz
[  559.474453][   T24] usb 2-1: SerialNumber: syz
[  559.483405][   T24] usb 2-1: config 0 descriptor??
[  559.586945][T11276] Bluetooth: hci1: command tx timeout
[  559.587425][ T9595] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  559.767887][ T9595] usb 6-1: Using ep0 maxpacket: 16
[  559.784761][ T9595] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  559.971985][ T9595] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.078053][ T9595] usb 6-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00
[  560.105894][ T9595] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.141390][ T9595] usb 6-1: config 0 descriptor??
[  560.175317][   T24] usb 2-1: USB disconnect, device number 45
[  560.591692][   T30] audit: type=1400 audit(1759963652.195:1452): avc:  denied  { read } for  pid=11797 comm="syz.4.1562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  560.615468][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.622632][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.630291][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.638262][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.646131][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.653816][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.661501][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.669205][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.676250][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.683912][ T9595] macally 0003:060B:0001.0013: unknown main item tag 0x0
[  560.783649][ T9595] macally 0003:060B:0001.0013: hidraw0: USB HID v0.00 Device [HID 060b:0001] on usb-dummy_hcd.5-1/input0
[  561.466750][   T24] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  561.500591][T11815] syzkaller0: entered allmulticast mode
[  561.648037][   T24] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  561.664621][   T24] usb 5-1: config 0 has no interface number 0
[  561.679929][   T24] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  561.695399][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.710166][   T24] usb 5-1: Product: syz
[  561.719431][   T24] usb 5-1: Manufacturer: syz
[  561.727075][   T24] usb 5-1: SerialNumber: syz
[  561.747594][   T24] usb 5-1: config 0 descriptor??
[  561.967029][ T9595] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  561.981368][T11800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  561.995072][T11800] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  562.016519][   T24] dvb_usb_ec168 5-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  562.038924][   T24] usb 5-1: USB disconnect, device number 50
[  562.130255][ T9595] usb 4-1: config 1 has an invalid interface number: 7 but max is 0
[  562.145161][ T9595] usb 4-1: config 1 has no interface number 0
[  562.161488][ T9595] usb 4-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  562.184264][ T9595] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  562.207029][ T9595] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  562.223429][ T9595] usb 4-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.251095][ T9595] usb 4-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  562.279309][ T5858] usb 6-1: USB disconnect, device number 2
[  562.287407][ T9595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  562.300421][ T9595] usb 4-1: Product: syz
[  562.304604][ T9595] usb 4-1: Manufacturer: syz
[  562.327806][ T9595] usb 4-1: SerialNumber: syz
[  562.347487][T11819] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  562.366645][T11819] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  562.481074][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  562.490429][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  562.762874][T11819] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  562.791557][T11819] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  562.799272][ T5858] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  562.937045][ T5858] usb 6-1: device descriptor read/64, error -71
[  563.177203][ T5858] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  563.260698][ T9595] usb 4-1: Incompatible driver and firmware versions
[  563.378962][ T5858] usb 6-1: device descriptor read/64, error -71
[  563.503323][T11848] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1578'.
[  563.945427][ T5858] usb usb6-port1: attempt power cycle
[  563.958920][ T5885] usb 4-1: USB disconnect, device number 40
[  564.273581][T11851] random: crng reseeded on system resumption
[  564.286879][ T5858] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  564.311622][ T5858] usb 6-1: device descriptor read/8, error -71
[  564.349019][T11851] fuse: Unknown parameter 'gro�_id'
[  564.398535][T11851] fuse: Unknown parameter '0x000000000000000a'
[  564.526144][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  564.526155][   T30] audit: type=1400 audit(1759963656.175:1456): avc:  denied  { setopt } for  pid=11858 comm="syz.4.1583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  564.560555][ T5858] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  564.597420][ T5858] usb 6-1: device descriptor read/8, error -71
[  564.675346][   T30] audit: type=1400 audit(1759963656.325:1457): avc:  denied  { getopt } for  pid=11867 comm="syz.1.1587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  564.707016][ T5858] usb usb6-port1: unable to enumerate USB device
[  564.773800][   T30] audit: type=1400 audit(1759963656.375:1458): avc:  denied  { override_creds } for  pid=11858 comm="syz.4.1583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  565.008181][T11874] netlink: 'syz.3.1586': attribute type 4 has an invalid length.
[  565.016012][T11874] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1586'.
[  565.800729][T11886] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1590'.
[  566.314346][T11888] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1592'.
[  566.327872][T11891] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1591'.
[  566.387056][T11891] netlink: 'syz.5.1591': attribute type 5 has an invalid length.
[  566.411419][T11891] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1591'.
[  566.461753][   T30] audit: type=1400 audit(1759963657.995:1459): avc:  denied  { connect } for  pid=11889 comm="syz.2.1593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  566.502006][   T30] audit: type=1400 audit(1759963657.995:1460): avc:  denied  { write } for  pid=11889 comm="syz.2.1593" laddr=172.20.20.10 lport=44801 faddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  566.532685][T11891] geneve2: entered promiscuous mode
[  566.546959][T11891] geneve2: entered allmulticast mode
[  566.570978][   T12] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  566.606513][   T12] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  566.659281][   T12] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  566.693289][   T12] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  566.838669][T11904] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1599'.
[  566.930087][   T30] audit: type=1400 audit(1759963658.565:1461): avc:  denied  { name_bind } for  pid=11905 comm="syz.1.1600" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  567.795126][T11919] netlink: 'syz.2.1603': attribute type 74 has an invalid length.
[  567.810741][   T30] audit: type=1400 audit(1759963659.445:1462): avc:  denied  { write } for  pid=11918 comm="syz.2.1603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  567.923870][   T30] audit: type=1400 audit(1759963659.575:1463): avc:  denied  { read } for  pid=11920 comm="syz.1.1604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  568.597974][   T30] audit: type=1400 audit(1759963660.245:1464): avc:  denied  { ioctl } for  pid=11933 comm="syz.5.1609" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  569.242997][T11949] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1615'.
[  569.544569][T11955] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  569.551330][T11955] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  570.447149][T11276] Bluetooth: hci3: Invalid handle: 0xbb00 > 0x0eff
[  571.671003][   T30] audit: type=1400 audit(1759963663.325:1465): avc:  denied  { ioctl } for  pid=11959 comm="syz.2.1617" path="socket:[37872]" dev="sockfs" ino=37872 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  571.907025][   T30] audit: type=1400 audit(1759963663.325:1466): avc:  denied  { bind } for  pid=11959 comm="syz.2.1617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  572.455543][T11971] FAT-fs (nullb0): bogus number of reserved sectors
[  572.463826][T11971] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  572.615514][   T30] audit: type=1400 audit(1759963664.265:1467): avc:  denied  { setopt } for  pid=11981 comm="syz.1.1623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  572.639169][T11982] fuse: Bad value for 'fd'
[  572.661935][   T30] audit: type=1400 audit(1759963664.315:1468): avc:  denied  { bind } for  pid=11981 comm="syz.1.1623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  572.767247][ T9595] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  572.852273][T11988] bridge1: entered promiscuous mode
[  572.857854][T11988] bridge1: entered allmulticast mode
[  573.029800][ T9595] usb 6-1: unable to get BOS descriptor or descriptor too short
[  573.038414][ T9595] usb 6-1: not running at top speed; connect to a high speed hub
[  573.050535][ T9595] usb 6-1: config 3 has an invalid interface number: 229 but max is 0
[  573.060505][ T9595] usb 6-1: config 3 has no interface number 0
[  573.067625][ T9595] usb 6-1: config 3 interface 229 has no altsetting 0
[  573.077702][ T9595] usb 6-1: New USB device found, idVendor=0bc3, idProduct=0001, bcdDevice=58.b1
[  573.088475][ T9595] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.097289][ T9595] usb 6-1: Product: syz
[  573.109165][ T9595] usb 6-1: Manufacturer: syz
[  573.206164][ T9595] usb 6-1: SerialNumber: syz
[  573.430421][ T9595] ipw 6-1:3.229: IPWireless converter converter detected
[  573.442118][ T9595] usb 6-1: USB disconnect, device number 7
[  573.498306][ T9595] ipw 6-1:3.229: device disconnected
[  574.403847][T12020] siw: device registration error -23
[  575.507552][ T9595] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  575.726977][ T9595] usb 5-1: Using ep0 maxpacket: 16
[  575.734674][ T9595] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11
[  575.761899][ T9595] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.854750][ T9595] usb 5-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  575.929621][ T9595] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.028312][ T9595] usb 5-1: config 0 descriptor??
[  576.181468][T12047] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1642'.
[  577.051494][T12021] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1637'.
[  577.674017][ T9595] magicmouse 0003:05AC:0265.0014: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.4-1/input0
[  578.025326][   T43] usb 5-1: USB disconnect, device number 51
[  578.356176][   T30] audit: type=1400 audit(1759963670.005:1469): avc:  denied  { write } for  pid=12069 comm="syz.1.1649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  578.696716][   T43] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  578.937064][   T43] usb 4-1: Using ep0 maxpacket: 8
[  578.944064][   T43] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  578.958027][   T43] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  579.021033][   T43] usb 4-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  579.055750][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  579.070678][   T43] usb 4-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  579.092375][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.113457][   T43] usb 4-1: config 0 descriptor??
[  579.414084][   T30] audit: type=1400 audit(1759963671.065:1470): avc:  denied  { create } for  pid=12072 comm="syz.3.1650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  580.048070][   T30] audit: type=1400 audit(1759963671.145:1471): avc:  denied  { name_bind } for  pid=12081 comm="syz.1.1654" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  580.688952][T12097] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1655'.
[  581.586983][   T30] audit: type=1400 audit(1759963672.995:1472): avc:  denied  { getopt } for  pid=12085 comm="syz.4.1653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  581.696902][   T43] usbhid 4-1:0.0: can't add hid device: -71
[  581.742828][   T43] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  581.744433][   T30] audit: type=1400 audit(1759963673.395:1473): avc:  denied  { append } for  pid=12101 comm="syz.5.1657" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  581.780475][T12102] usb usb1: check_ctrlrecip: process 12102 (syz.5.1657) requesting ep 01 but needs 81
[  581.794741][T12102] usb usb1: usbfs: process 12102 (syz.5.1657) did not claim interface 0 before use
[  581.988086][   T43] usb 4-1: USB disconnect, device number 41
[  582.080383][T12112] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1658'.
[  582.313004][ T5858] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  582.487779][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[  582.717305][ T5858] usb 6-1: device descriptor read/64, error -32
[  582.766126][   T30] audit: type=1400 audit(1759963674.405:1474): avc:  denied  { create } for  pid=12119 comm="syz.4.1662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  582.959495][   T30] audit: type=1400 audit(1759963674.415:1475): avc:  denied  { bind } for  pid=12119 comm="syz.4.1662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  582.989601][   T30] audit: type=1400 audit(1759963674.415:1476): avc:  denied  { write } for  pid=12119 comm="syz.4.1662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  583.104028][ T5858] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  583.189991][   T30] audit: type=1400 audit(1759963674.825:1477): avc:  denied  { setopt } for  pid=12122 comm="syz.4.1663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  583.224475][   T30] audit: type=1400 audit(1759963674.845:1478): avc:  denied  { read } for  pid=12122 comm="syz.4.1663" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  583.247312][    C0] vkms_vblank_simulate: vblank timer overrun
[  583.331038][ T5858] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  583.369406][ T5858] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  583.403928][ T5858] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  583.489850][ T5858] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  583.595444][ T5858] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  583.740560][T12133] FAULT_INJECTION: forcing a failure.
[  583.740560][T12133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  583.753915][T12133] CPU: 1 UID: 0 PID: 12133 Comm: syz.3.1665 Not tainted syzkaller #0 PREEMPT(full) 
[  583.753941][T12133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  583.753951][T12133] Call Trace:
[  583.753958][T12133]  <TASK>
[  583.753966][T12133]  dump_stack_lvl+0x16c/0x1f0
[  583.753997][T12133]  should_fail_ex+0x512/0x640
[  583.754027][T12133]  _copy_from_user+0x2e/0xd0
[  583.754055][T12133]  kstrtouint_from_user+0xd6/0x1d0
[  583.754077][T12133]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  583.754097][T12133]  ? __lock_acquire+0xb97/0x1ce0
[  583.754138][T12133]  proc_fail_nth_write+0x83/0x220
[  583.754158][T12133]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  583.754184][T12133]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  583.754202][T12133]  vfs_write+0x2a0/0x11d0
[  583.754223][T12133]  ? __pfx___mutex_lock+0x10/0x10
[  583.754250][T12133]  ? __pfx_vfs_write+0x10/0x10
[  583.754284][T12133]  ? __fget_files+0x20e/0x3c0
[  583.754309][T12133]  ksys_write+0x12a/0x250
[  583.754324][T12133]  ? __pfx_ksys_write+0x10/0x10
[  583.754349][T12133]  do_syscall_64+0xcd/0xfa0
[  583.754375][T12133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.754393][T12133] RIP: 0033:0x7f713878d97f
[  583.754408][T12133] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  583.754425][T12133] RSP: 002b:00007f7139576030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  583.754442][T12133] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f713878d97f
[  583.754453][T12133] RDX: 0000000000000001 RSI: 00007f71395760a0 RDI: 0000000000000006
[  583.754463][T12133] RBP: 00007f7139576090 R08: 0000000000000000 R09: 0000000000000000
[  583.754473][T12133] R10: fffffffffffffff8 R11: 0000000000000293 R12: 0000000000000001
[  583.754483][T12133] R13: 00007f71389e6218 R14: 00007f71389e6180 R15: 00007ffebab220b8
[  583.754510][T12133]  </TASK>
[  583.951502][ T5858] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.960196][ T5858] usb 6-1: Product: syz
[  583.964392][ T5858] usb 6-1: Manufacturer: syz
[  583.972133][ T5858] usb 6-1: SerialNumber: syz
[  583.992040][ T5858] usb 6-1: config 0 descriptor??
[  584.009999][T12110] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  584.033635][ T5858] usb 6-1: ucan: probing device on interface #0
[  584.049044][ T5858] usb 6-1: ucan: invalid in_ep MaxPacketSize
[  584.060702][ T5858] usb 6-1: ucan: probe failed; try to update the device firmware
[  584.227090][   T24] usb 4-1: new full-speed USB device number 42 using dummy_hcd
[  584.336455][T12142] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1667'.
[  584.847476][T12144] overlayfs: failed to clone upperpath
[  584.862453][T12145] netlink: 9896 bytes leftover after parsing attributes in process `syz.1.1669'.
[  584.867633][   T24] usb 4-1: config 0 has an invalid interface number: 104 but max is 0
[  584.875528][ T5858] usb 6-1: USB disconnect, device number 9
[  584.883092][T12145] netlink: 9896 bytes leftover after parsing attributes in process `syz.1.1669'.
[  584.900689][   T24] usb 4-1: config 0 has no interface number 0
[  584.908522][   T24] usb 4-1: config 0 interface 104 has no altsetting 0
[  584.998146][   T24] usb 4-1: New USB device found, idVendor=04dd, idProduct=8007, bcdDevice=77.43
[  585.012275][   T24] usb 4-1: New USB device strings: Mfr=1, Product=231, SerialNumber=3
[  585.178751][   T24] usb 4-1: Product: syz
[  585.189299][   T24] usb 4-1: Manufacturer: syz
[  585.197352][   T24] usb 4-1: SerialNumber: syz
[  585.210317][   T24] usb 4-1: config 0 descriptor??
[  586.829453][   T24] usb 4-1: USB disconnect, device number 42
[  588.140459][T12179] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1676'.
[  588.160290][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  588.160302][   T30] audit: type=1400 audit(1759963679.785:1481): avc:  denied  { mount } for  pid=12170 comm="syz.1.1676" name="/" dev="autofs" ino=38614 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  588.198278][T12185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1676'.
[  588.253135][T12176] syzkaller0: entered promiscuous mode
[  588.506641][ T5885] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  588.647043][ T5885] usb 5-1: device descriptor read/64, error -71
[  588.747179][   T30] audit: type=1400 audit(1759963680.395:1482): avc:  denied  { bind } for  pid=12195 comm="syz.2.1682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  588.750109][T12196] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1682'.
[  588.949846][ T5885] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  588.963938][T12200] input: syz1 as /devices/virtual/input/input71
[  589.107398][ T5885] usb 5-1: device descriptor read/64, error -71
[  589.182456][ T5826] Bluetooth: hci4: Unable to find connection with handle 0x0000
[  589.257139][ T5885] usb usb5-port1: attempt power cycle
[  589.626888][ T5885] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  589.657229][ T5885] usb 5-1: device descriptor read/8, error -71
[  589.946759][ T5885] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  589.983507][ T5885] usb 5-1: device descriptor read/8, error -71
[  590.111189][ T5885] usb usb5-port1: unable to enumerate USB device
[  591.141234][T12213] netlink: 'syz.1.1686': attribute type 4 has an invalid length.
[  591.149799][T12213] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1686'.
[  591.970978][T12222] 9pnet_fd: Insufficient options for proto=fd
[  591.986943][ T5878] usb 4-1: new full-speed USB device number 43 using dummy_hcd
[  592.288113][ T5878] usb 4-1: config 0 has an invalid interface number: 104 but max is 0
[  592.396390][ T5878] usb 4-1: config 0 has no interface number 0
[  592.411307][ T5878] usb 4-1: config 0 interface 104 has no altsetting 0
[  592.434720][ T5878] usb 4-1: New USB device found, idVendor=04dd, idProduct=8007, bcdDevice=77.43
[  592.460335][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=231, SerialNumber=3
[  592.556412][ T5878] usb 4-1: Product: syz
[  592.560892][ T5878] usb 4-1: Manufacturer: syz
[  592.565667][ T5878] usb 4-1: SerialNumber: syz
[  592.585298][ T5878] usb 4-1: config 0 descriptor??
[  592.896508][   T43] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  593.091331][   T43] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  593.109852][   T43] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  593.121476][   T43] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  593.131307][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.153847][T12238] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  593.180287][   T43] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  593.530526][ T5858] usb 6-1: USB disconnect, device number 10
[  593.637831][ T5878] usb 4-1: USB disconnect, device number 43
[  593.936849][T12255] netlink: 'syz.2.1699': attribute type 4 has an invalid length.
[  593.944645][T12255] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1699'.
[  594.351644][T12254] netlink: 'syz.1.1700': attribute type 6 has an invalid length.
[  594.423935][T12260] loop6: detected capacity change from 0 to 524288000
[  594.462740][   T30] audit: type=1400 audit(1759963686.115:1483): avc:  denied  { bind } for  pid=12258 comm="syz.5.1702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  594.539117][   T30] audit: type=1400 audit(1759963686.115:1484): avc:  denied  { write } for  pid=12258 comm="syz.5.1702" path="socket:[39840]" dev="sockfs" ino=39840 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  594.562961][    C0] vkms_vblank_simulate: vblank timer overrun
[  594.903044][   T30] audit: type=1400 audit(1759963686.545:1485): avc:  denied  { bind } for  pid=12268 comm="syz.2.1704" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  595.049417][   T30] audit: type=1400 audit(1759963686.545:1486): avc:  denied  { node_bind } for  pid=12268 comm="syz.2.1704" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  595.102135][   T30] audit: type=1400 audit(1759963686.555:1487): avc:  denied  { name_bind } for  pid=12268 comm="syz.2.1704" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  595.481850][T12285] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1708'.
[  597.324653][   T30] audit: type=1326 audit(1759963688.925:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.2.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd3118eec9 code=0x7ffc0000
[  597.348153][    C0] vkms_vblank_simulate: vblank timer overrun
[  597.377554][   T43] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  597.472018][   T30] audit: type=1326 audit(1759963688.935:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.2.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fbd3118eec9 code=0x7ffc0000
[  597.495568][    C0] vkms_vblank_simulate: vblank timer overrun
[  597.512309][   T30] audit: type=1326 audit(1759963688.935:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.2.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd3118eec9 code=0x7ffc0000
[  597.661608][   T30] audit: type=1326 audit(1759963688.935:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.2.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd3118eec9 code=0x7ffc0000
[  597.665136][   T43] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  597.685920][   T30] audit: type=1326 audit(1759963688.935:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.2.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd3118eec9 code=0x7ffc0000
[  597.889106][   T43] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  597.901375][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.714981][   T43] usb 4-1: can't set config #4, error -71
[  599.723221][   T43] usb 4-1: USB disconnect, device number 44
[  600.240934][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  600.240945][   T30] audit: type=1400 audit(1759963691.895:1504): avc:  denied  { listen } for  pid=12322 comm="syz.4.1721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  600.267872][   T30] audit: type=1400 audit(1759963691.895:1505): avc:  denied  { shutdown } for  pid=12322 comm="syz.4.1721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  600.314332][   T30] audit: type=1400 audit(1759963691.895:1506): avc:  denied  { execute } for  pid=12322 comm="syz.4.1721" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=40977 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  600.366962][ T9595] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  600.451647][T12334] FAULT_INJECTION: forcing a failure.
[  600.451647][T12334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  600.496998][T12334] CPU: 0 UID: 0 PID: 12334 Comm: syz.5.1722 Not tainted syzkaller #0 PREEMPT(full) 
[  600.497024][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  600.497042][T12334] Call Trace:
[  600.497048][T12334]  <TASK>
[  600.497055][T12334]  dump_stack_lvl+0x16c/0x1f0
[  600.497086][T12334]  should_fail_ex+0x512/0x640
[  600.497114][T12334]  _copy_from_iter+0x29f/0x1720
[  600.497137][T12334]  ? __alloc_skb+0x200/0x380
[  600.497153][T12334]  ? __pfx__copy_from_iter+0x10/0x10
[  600.497168][T12334]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  600.497186][T12334]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  600.497209][T12334]  netlink_sendmsg+0x820/0xdd0
[  600.497222][T12334]  ? __pfx_netlink_sendmsg+0x10/0x10
[  600.497237][T12334]  ____sys_sendmsg+0xa98/0xc70
[  600.497250][T12334]  ? copy_msghdr_from_user+0x10a/0x160
[  600.497266][T12334]  ? __pfx_____sys_sendmsg+0x10/0x10
[  600.497284][T12334]  ___sys_sendmsg+0x134/0x1d0
[  600.497300][T12334]  ? __pfx____sys_sendmsg+0x10/0x10
[  600.497333][T12334]  __sys_sendmsg+0x16d/0x220
[  600.497349][T12334]  ? __pfx___sys_sendmsg+0x10/0x10
[  600.497374][T12334]  do_syscall_64+0xcd/0xfa0
[  600.497392][T12334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.497404][T12334] RIP: 0033:0x7f9b0d58eec9
[  600.497413][T12334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  600.497424][T12334] RSP: 002b:00007f9b0e48b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  600.497435][T12334] RAX: ffffffffffffffda RBX: 00007f9b0d7e5fa0 RCX: 00007f9b0d58eec9
[  600.497442][T12334] RDX: 0000000000040004 RSI: 0000200000001280 RDI: 0000000000000004
[  600.497450][T12334] RBP: 00007f9b0e48b090 R08: 0000000000000000 R09: 0000000000000000
[  600.497459][T12334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.497467][T12334] R13: 00007f9b0d7e6038 R14: 00007f9b0d7e5fa0 R15: 00007ffefb125998
[  600.497484][T12334]  </TASK>
[  601.396453][ T9595] usb 4-1: Using ep0 maxpacket: 32
[  601.403052][ T9595] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  601.411407][ T9595] usb 4-1: config 0 has no interface number 0
[  601.418228][ T9595] usb 4-1: config 0 interface 184 has no altsetting 0
[  601.428310][ T9595] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  601.438203][ T9595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.446207][ T9595] usb 4-1: Product: syz
[  601.450764][ T9595] usb 4-1: Manufacturer: syz
[  601.459183][ T9595] usb 4-1: SerialNumber: syz
[  601.477461][T12344] Bluetooth: MGMT ver 1.23
[  601.494503][   T30] audit: type=1400 audit(1759963693.145:1507): avc:  denied  { create } for  pid=12340 comm="syz.5.1726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  601.519622][ T9595] usb 4-1: config 0 descriptor??
[  601.523059][   T30] audit: type=1400 audit(1759963693.145:1508): avc:  denied  { ioctl } for  pid=12340 comm="syz.5.1726" path="socket:[40044]" dev="sockfs" ino=40044 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  601.527219][ T9595] smsc75xx v1.0.0
[  601.742349][ T9595] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  601.788331][ T9595] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  601.859706][ T9595] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  601.901789][ T9595] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  601.915553][ T9595] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  601.931403][ T9595] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  601.941987][ T9595] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  601.954531][ T9595] usb 4-1: USB disconnect, device number 45
[  602.775782][T12376] overlay: Unknown parameter 'euid>00000000000000000000'
[  602.846482][   T30] audit: type=1400 audit(1759963694.475:1509): avc:  denied  { mount } for  pid=12381 comm="syz.5.1737" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  603.001577][T12385] overlayfs: failed to clone upperpath
[  603.197041][ T9595] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  603.348198][ T9595] usb 6-1: config 0 has an invalid interface number: 46 but max is 0
[  603.364399][ T9595] usb 6-1: config 0 has no interface number 0
[  603.375392][ T9595] usb 6-1: New USB device found, idVendor=046d, idProduct=089b, bcdDevice=5b.c3
[  603.385143][ T9595] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.393878][ T9595] usb 6-1: Product: syz
[  603.398731][ T9595] usb 6-1: Manufacturer: syz
[  603.403368][ T9595] usb 6-1: SerialNumber: syz
[  603.410640][ T9595] usb 6-1: config 0 descriptor??
[  603.456834][   T30] audit: type=1400 audit(1759963695.115:1510): avc:  denied  { read } for  pid=12387 comm="syz.3.1738" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  603.500131][T10088] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.625358][T10088] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.659489][ T9595] uvcvideo 6-1:0.46: Found UVC 0.00 device syz (046d:089b)
[  603.680951][ T9595] uvcvideo 6-1:0.46: No valid video chain found.
[  603.699005][ T9595] usb 6-1: USB disconnect, device number 11
[  603.741542][T10088] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.861652][T10088] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  604.075359][T10088] bridge_slave_1: left allmulticast mode
[  604.096042][T10088] bridge_slave_1: left promiscuous mode
[  604.157980][T10088] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.214644][T10088] bridge_slave_0: left allmulticast mode
[  604.254200][T10088] bridge_slave_0: left promiscuous mode
[  604.276214][T10088] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.413047][   T30] audit: type=1400 audit(1759963697.055:1511): avc:  denied  { getopt } for  pid=12423 comm="syz.2.1747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  605.516991][   T30] audit: type=1400 audit(1759963697.165:1512): avc:  denied  { read } for  pid=12428 comm="syz.4.1749" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  605.799023][ T9595] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  605.958857][ T9595] usb 6-1: unable to get BOS descriptor or descriptor too short
[  605.968029][ T9595] usb 6-1: not running at top speed; connect to a high speed hub
[  605.980154][ T9595] usb 6-1: config 6 has an invalid interface number: 228 but max is 0
[  605.991841][ T9595] usb 6-1: config 6 has no interface number 0
[  606.003474][   T30] audit: type=1804 audit(1759963697.655:1513): pid=12433 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1748" name="file0" dev="tmpfs" ino=2042 res=1 errno=0
[  606.024896][    C0] vkms_vblank_simulate: vblank timer overrun
[  606.141582][ T9595] usb 6-1: config 6 interface 228 has no altsetting 0
[  606.153159][ T9595] usb 6-1: string descriptor 0 read error: -22
[  606.163255][ T9595] usb 6-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice= 3.27
[  606.182128][ T9595] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.214584][ T9595] hub 6-1:6.228: bad descriptor, ignoring hub
[  606.219716][T12435] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1750'.
[  606.224431][ T9595] hub 6-1:6.228: probe with driver hub failed with error -5
[  606.254938][ T9595] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state.
[  606.270871][ T9595] dvb-usb: bulk message failed: -22 (3/0)
[  606.299445][ T9595] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  606.310208][ T9595] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author)
[  606.323016][ T9595] usb 6-1: media controller created
[  606.330006][ T9595] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  606.358145][ T9595] dvb-usb: bulk message failed: -22 (6/0)
[  606.363940][ T9595] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author'
[  606.388312][ T9595] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input73
[  606.402679][ T9595] dvb-usb: schedule remote query interval to 150 msecs.
[  606.453359][T12421] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  606.476177][T12421] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  606.494888][ T9595] dvb-usb: bulk message failed: -22 (3/0)
[  606.519900][ T9595] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected.
[  606.534362][T10088] bond0 (unregistering): left promiscuous mode
[  606.542762][T10088] bond_slave_0: left promiscuous mode
[  606.549223][T10088] bond_slave_1: left promiscuous mode
[  606.556711][T10088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  606.568296][T10088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  606.590408][T10088] bond0 (unregistering): Released all slaves
[  606.662945][ T9595] dvb-usb: bulk message failed: -22 (1/0)
[  606.674611][ T9595] dvb-usb: error while querying for an remote control event.
[  606.703146][T12444] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1752'.
[  606.747853][T12444] 0�X��D: renamed from macvtap0 (while UP)
[  606.793007][   T24] usb 6-1: USB disconnect, device number 12
[  606.913703][T12444] 0�X��D: entered allmulticast mode
[  606.950727][T12444] veth0_macvtap: entered allmulticast mode
[  606.988545][T10088] IPVS: stopping backup sync thread 5968 ...
[  607.002356][   T24] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected.
[  607.030169][T12444] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[  607.311738][T10088] veth1_to_bridge: left promiscuous mode
[  607.354831][T10088] hsr_slave_0: left promiscuous mode
[  607.370718][T10088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  607.390578][T10088] batman_adv: batadv0: Removing interface: batadv_slave_0
[  607.413226][T10088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  607.430413][T10088] batman_adv: batadv0: Removing interface: batadv_slave_1
[  607.430437][   T30] audit: type=1400 audit(1759963699.075:1514): avc:  denied  { ioctl } for  pid=12457 comm="syz.3.1756" path="socket:[40353]" dev="sockfs" ino=40353 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  607.476231][T10088] veth1_macvtap: left promiscuous mode
[  607.483249][T10088] veth0_macvtap: left promiscuous mode
[  607.491057][   T30] audit: type=1400 audit(1759963699.085:1515): avc:  denied  { write } for  pid=12457 comm="syz.3.1756" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  607.491286][T10088] veth1_vlan: left promiscuous mode
[  607.511924][   T30] audit: type=1400 audit(1759963699.085:1516): avc:  denied  { read } for  pid=12457 comm="syz.3.1756" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  607.625372][T10088] veth0_vlan: left promiscuous mode
[  607.724002][T12468] misc userio: Invalid payload size
[  607.833685][T12468] misc userio: No port type given on /dev/userio
[  607.969412][T12471] misc userio: The device must be registered before sending interrupts
[  610.835626][   T30] audit: type=1400 audit(1759963702.485:1517): avc:  denied  { connect } for  pid=12489 comm="syz.2.1767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  613.042333][T12508] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1769'.
[  613.266390][   T24] usb 5-1: new full-speed USB device number 56 using dummy_hcd
[  613.522173][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[  613.556212][   T24] usb 5-1: not running at top speed; connect to a high speed hub
[  613.587985][   T30] audit: type=1400 audit(1759963705.245:1518): avc:  denied  { read write } for  pid=12554 comm="syz.5.1781" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  613.848794][   T24] usb 5-1: config 129 has an invalid interface number: 135 but max is 0
[  613.965501][   T24] usb 5-1: config 129 has an invalid interface number: 5 but max is 0
[  613.974154][   T30] audit: type=1400 audit(1759963705.345:1519): avc:  denied  { open } for  pid=12554 comm="syz.5.1781" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  614.002351][   T24] usb 5-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  614.011656][   T24] usb 5-1: config 129 has no interface number 0
[  614.021766][   T24] usb 5-1: config 129 has no interface number 1
[  614.028805][   T24] usb 5-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  614.042230][   T30] audit: type=1400 audit(1759963705.345:1520): avc:  denied  { ioctl } for  pid=12554 comm="syz.5.1781" path="socket:[41466]" dev="sockfs" ino=41466 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  614.067887][   T24] usb 5-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  614.079144][   T24] usb 5-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  614.216813][   T24] usb 5-1: config 129 interface 135 has no altsetting 0
[  614.342628][   T24] usb 5-1: config 129 interface 5 has no altsetting 0
[  614.410913][   T24] usb 5-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  614.420176][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  614.437658][   T24] usb 5-1: Product: syz
[  614.449078][   T24] usb 5-1: Manufacturer: syz
[  614.459751][   T24] usb 5-1: SerialNumber: syz
[  614.911560][   T24] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  615.035726][   T24] usb 5-1: MIDIStreaming interface descriptor not found
[  615.057128][T12568] fuse: Bad value for 'fd'
[  615.170582][T12570] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.1785'.
[  615.231615][   T24] usb 5-1: USB disconnect, device number 56
[  615.472199][T12579] overlayfs: failed to resolve './file0': -2
[  615.502025][T12579] wg0 speed is unknown, defaulting to 1000
[  615.796410][   T24] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  616.417848][   T24] usb 5-1: Using ep0 maxpacket: 32
[  616.555509][   T24] usb 5-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  616.597154][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  616.667647][   T24] usb 5-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  616.677332][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.697712][   T24] usb 5-1: config 0 descriptor??
[  616.715343][T12591] bridge2: entered promiscuous mode
[  616.747616][T12591] bridge2: entered allmulticast mode
[  616.852871][T12597] netlink: 'syz.1.1793': attribute type 1 has an invalid length.
[  617.024917][T12597] bond4: (slave veth3): Enslaving as an active interface with a down link
[  617.062874][T12604] bond4: entered promiscuous mode
[  617.090581][T12604] bond4: entered allmulticast mode
[  617.118538][T12604] 8021q: adding VLAN 0 to HW filter on device bond4
[  617.456971][   T30] audit: type=1400 audit(1759963709.105:1521): avc:  denied  { watch watch_reads } for  pid=12606 comm="syz.1.1795" path="/397/file1" dev="tmpfs" ino=2121 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  619.332561][   T24] usbhid 5-1:0.0: can't add hid device: -71
[  619.343003][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  619.474187][   T24] usb 5-1: USB disconnect, device number 57
[  619.953664][T12623] netlink: 'syz.4.1799': attribute type 4 has an invalid length.
[  619.961747][T12623] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1799'.
[  620.467414][ T5892] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  620.705428][ T5892] usb 6-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0
[  620.718589][ T5892] usb 6-1: config 0 interface 0 has no altsetting 0
[  620.725193][ T5892] usb 6-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  620.751651][ T5892] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.038362][ T5892] usb 6-1: config 0 descriptor??
[  621.225350][T12644] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1805'.
[  621.536255][ T5892] itetech 0003:048D:8595.0015: item fetching failed at offset 5/7
[  621.545616][ T5892] itetech 0003:048D:8595.0015: probe with driver itetech failed with error -22
[  621.578402][   T30] audit: type=1400 audit(1759963713.225:1522): avc:  denied  { ioctl } for  pid=12647 comm="syz.3.1807" path="socket:[41681]" dev="sockfs" ino=41681 ioctlcmd=0x8904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  621.950358][ T5892] usb 6-1: USB disconnect, device number 13
[  621.958779][T12659] ALSA: mixer_oss: invalid OSS volume 'PD'
[  621.972384][T12659] ALSA: mixer_oss: invalid OSS volume '�����h�Dܤ�I�['|�>���m'
[  622.018075][T12659] ALSA: mixer_oss: invalid OSS volume '�$3��0�4
蠳Nt+k���������0��'
[  623.316428][   T24] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  623.486927][   T24] usb 6-1: Using ep0 maxpacket: 16
[  623.493757][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  623.510384][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  623.536362][   T24] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  623.545713][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.561177][   T24] usb 6-1: config 0 descriptor??
[  623.569277][   T24] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  623.923812][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  623.930885][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  623.994929][   T30] audit: type=1400 audit(1759963715.645:1523): avc:  denied  { create } for  pid=12700 comm="syz.2.1824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  624.099828][   T30] audit: type=1400 audit(1759963715.645:1524): avc:  denied  { bind } for  pid=12700 comm="syz.2.1824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  624.714535][T12714] sp0: Synchronizing with TNC
[  624.723948][T12714] sp0: Found TNC
[  624.986990][ T9595] usb 4-1: new full-speed USB device number 46 using dummy_hcd
[  625.127028][ T9595] usb 4-1: device descriptor read/64, error -71
[  625.367070][ T9595] usb 4-1: new full-speed USB device number 47 using dummy_hcd
[  625.402933][   T30] audit: type=1400 audit(1759963717.055:1525): avc:  denied  { read write } for  pid=12721 comm="syz.4.1831" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  625.448383][   T30] audit: type=1400 audit(1759963717.055:1526): avc:  denied  { ioctl open } for  pid=12721 comm="syz.4.1831" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  625.497067][ T9595] usb 4-1: device descriptor read/64, error -71
[  625.535655][   T30] audit: type=1400 audit(1759963717.185:1527): avc:  denied  { setopt } for  pid=12723 comm="syz.4.1832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  625.607375][ T9595] usb usb4-port1: attempt power cycle
[  625.829246][   T30] audit: type=1400 audit(1759963717.485:1528): avc:  denied  { block_suspend } for  pid=12725 comm="syz.1.1833" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  625.947014][ T9595] usb 4-1: new full-speed USB device number 48 using dummy_hcd
[  626.227148][ T9595] usb 4-1: device descriptor read/8, error -71
[  626.253242][ T5885] usb 6-1: USB disconnect, device number 14
[  626.507053][ T9595] usb 4-1: new full-speed USB device number 49 using dummy_hcd
[  626.527716][ T9595] usb 4-1: device descriptor read/8, error -71
[  626.637264][ T9595] usb usb4-port1: unable to enumerate USB device
[  626.646416][   T24] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  626.798866][   T24] usb 5-1: config 95 has too many interfaces: 104, using maximum allowed: 32
[  626.808042][   T24] usb 5-1: config 95 has an invalid descriptor of length 0, skipping remainder of the config
[  626.818409][   T24] usb 5-1: config 95 has 0 interfaces, different from the descriptor's value: 104
[  626.827711][   T24] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  626.837131][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.052066][   T24] usb 5-1: string descriptor 0 read error: -71
[  627.069368][   T24] usb 5-1: USB disconnect, device number 58
[  627.122211][   T30] audit: type=1400 audit(1759963718.775:1529): avc:  denied  { ioctl } for  pid=12746 comm="syz.2.1841" path="socket:[41844]" dev="sockfs" ino=41844 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  627.128471][T12747] netlink: 'syz.2.1841': attribute type 2 has an invalid length.
[  627.210016][T12747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12747 comm=syz.2.1841
[  627.402438][   T30] audit: type=1400 audit(1759963719.055:1530): avc:  denied  { write } for  pid=12746 comm="syz.2.1841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  627.717394][T12753] netlink: 'syz.1.1843': attribute type 4 has an invalid length.
[  627.723108][   T30] audit: type=1400 audit(1759963719.085:1531): avc:  denied  { cmd } for  pid=12748 comm="syz.5.1842" path="socket:[40944]" dev="sockfs" ino=40944 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  627.725235][T12753] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1843'.
[  628.594751][T12763] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  628.601082][T12766] FAULT_INJECTION: forcing a failure.
[  628.601082][T12766] name failslab, interval 1, probability 0, space 0, times 0
[  628.667011][T12766] CPU: 1 UID: 0 PID: 12766 Comm: syz.5.1845 Not tainted syzkaller #0 PREEMPT(full) 
[  628.667038][T12766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  628.667050][T12766] Call Trace:
[  628.667056][T12766]  <TASK>
[  628.667064][T12766]  dump_stack_lvl+0x16c/0x1f0
[  628.667095][T12766]  should_fail_ex+0x512/0x640
[  628.667122][T12766]  ? fs_reclaim_acquire+0xae/0x150
[  628.667145][T12766]  should_failslab+0xc2/0x120
[  628.667166][T12766]  __kmalloc_noprof+0xdd/0x880
[  628.667191][T12766]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  628.667215][T12766]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  628.667238][T12766]  tomoyo_realpath_from_path+0xc2/0x6e0
[  628.667258][T12766]  ? tomoyo_profile+0x47/0x60
[  628.667281][T12766]  tomoyo_path_number_perm+0x245/0x580
[  628.667307][T12766]  ? tomoyo_path_number_perm+0x237/0x580
[  628.667335][T12766]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  628.667362][T12766]  ? find_held_lock+0x2b/0x80
[  628.667409][T12766]  ? find_held_lock+0x2b/0x80
[  628.667430][T12766]  ? hook_file_ioctl_common+0x145/0x410
[  628.667457][T12766]  ? __fget_files+0x20e/0x3c0
[  628.667478][T12766]  security_file_ioctl+0x9b/0x240
[  628.667498][T12766]  __x64_sys_ioctl+0xb7/0x210
[  628.667524][T12766]  do_syscall_64+0xcd/0xfa0
[  628.667551][T12766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.667568][T12766] RIP: 0033:0x7f9b0d58eec9
[  628.667584][T12766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.667600][T12766] RSP: 002b:00007f9b0e48b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  628.667618][T12766] RAX: ffffffffffffffda RBX: 00007f9b0d7e5fa0 RCX: 00007f9b0d58eec9
[  628.667631][T12766] RDX: 00002000000003c0 RSI: 00000000c040565e RDI: 0000000000000003
[  628.667641][T12766] RBP: 00007f9b0e48b090 R08: 0000000000000000 R09: 0000000000000000
[  628.667651][T12766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  628.667661][T12766] R13: 00007f9b0d7e6038 R14: 00007f9b0d7e5fa0 R15: 00007ffefb125998
[  628.667687][T12766]  </TASK>
[  628.667695][T12766] ERROR: Out of memory at tomoyo_realpath_from_path.
[  628.715586][   T30] audit: type=1400 audit(1759963720.355:1532): avc:  denied  { ioctl } for  pid=12764 comm="syz.4.1847" path="socket:[41882]" dev="sockfs" ino=41882 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  629.070204][   T30] audit: type=1400 audit(1759963720.675:1533): avc:  denied  { ioctl } for  pid=12767 comm="syz.1.1848" path="socket:[42006]" dev="sockfs" ino=42006 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  629.160686][   T30] audit: type=1400 audit(1759963720.815:1534): avc:  denied  { accept } for  pid=12775 comm="syz.1.1850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  629.865028][   T30] audit: type=1400 audit(1759963721.435:1535): avc:  denied  { map } for  pid=12788 comm="syz.1.1852" path="socket:[42035]" dev="sockfs" ino=42035 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  631.497292][T12802] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1857'.
[  631.594546][   T30] audit: type=1400 audit(1759963723.205:1536): avc:  denied  { connect } for  pid=12801 comm="syz.1.1857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  632.394317][   T30] audit: type=1400 audit(1759963724.045:1537): avc:  denied  { read } for  pid=12810 comm="syz.1.1859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  632.768973][   T24] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  633.144889][   T30] audit: type=1400 audit(1759963724.795:1538): avc:  denied  { bind } for  pid=12818 comm="syz.2.1863" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  633.166069][T12819] tipc: Started in network mode
[  633.174151][T12819] tipc: Node identity 6, cluster identity 4711
[  633.189386][T12819] tipc: Node number set to 6
[  633.268564][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.281382][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  633.291724][   T24] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  633.310243][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.320907][   T24] usb 6-1: config 0 descriptor??
[  633.791956][T12838] overlayfs: failed to clone upperpath
[  634.629880][T12847] batman_adv: batadv0: Adding interface: ipvlan2
[  634.636245][T12847] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  634.662711][T12847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  634.673321][T12847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  634.684325][T12847] batman_adv: batadv0: Interface activated: ipvlan2
[  634.703520][T12848] vlan2: entered allmulticast mode
[  634.710061][T12848] hsr_slave_1: entered allmulticast mode
[  634.871884][T12853] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  634.903377][T12853] delete_channel: no stack
[  634.926846][   T30] audit: type=1400 audit(1759963726.575:1539): avc:  denied  { write } for  pid=12852 comm="syz.2.1874" path="socket:[43304]" dev="sockfs" ino=43304 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  634.968726][   T30] audit: type=1400 audit(1759963726.605:1540): avc:  denied  { ioctl } for  pid=12852 comm="syz.2.1874" path="socket:[43304]" dev="sockfs" ino=43304 ioctlcmd=0x4525 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  635.064815][   T30] audit: type=1400 audit(1759963726.605:1541): avc:  denied  { setopt } for  pid=12852 comm="syz.2.1874" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  635.730992][T12852] delete_channel: no stack
[  635.976910][   T43] usb 6-1: USB disconnect, device number 15
[  636.063383][T12872] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.185354][T12872] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.972501][T12872] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.170043][T12872] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.410130][ T8690] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  637.651093][T12892] tmpfs: Unknown parameter '�R^���	�grpquota_inode�har'
[  637.733049][T12892] ISOFS: Unable to identify CD-ROM format.
[  637.822189][   T13] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  637.866084][T12891] ALSA: seq fatal error: cannot create timer (-19)
[  637.877184][   T13] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  637.897176][   T13] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  637.915020][   T30] audit: type=1400 audit(1759963729.565:1542): avc:  denied  { create } for  pid=12894 comm="syz.4.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  637.938187][   T30] audit: type=1400 audit(1759963729.595:1543): avc:  denied  { setopt } for  pid=12894 comm="syz.4.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  637.960080][   T30] audit: type=1400 audit(1759963729.595:1544): avc:  denied  { read } for  pid=12894 comm="syz.4.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  637.991490][   T30] audit: type=1400 audit(1759963729.645:1545): avc:  denied  { write } for  pid=12894 comm="syz.4.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  638.014878][T12898] 9pnet_fd: Insufficient options for proto=fd
[  638.024589][T12898] 9pnet_fd: Insufficient options for proto=fd
[  638.818995][   T30] audit: type=1326 audit(1759963730.475:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.1.1893" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f13da98eec9 code=0x0
[  638.921382][   T30] audit: type=1400 audit(1759963730.575:1547): avc:  denied  { append } for  pid=12924 comm="syz.4.1896" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  639.070972][   T30] audit: type=1326 audit(1759963730.725:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12933 comm="syz.2.1899" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbd3118eec9 code=0x0
[  639.225191][T12943] ptrace attach of "./syz-executor exec"[12946] was attempted by "./syz-executor exec"[12943]
[  639.242898][T12943] ptrace attach of "./syz-executor exec"[12946] was attempted by "./syz-executor exec"[12943]
[  640.673958][T13019] ------------[ cut here ]------------
[  640.680136][T13019] WARNING: CPU: 0 PID: 13019 at arch/x86/kvm/x86.c:11572 vcpu_run+0x1c02/0x54d0
[  640.689860][T13019] Modules linked in:
[  640.694139][T13019] CPU: 0 UID: 0 PID: 13019 Comm: syz.5.1930 Not tainted syzkaller #0 PREEMPT(full) 
[  640.704572][T13019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  640.715573][T13019] RIP: 0010:vcpu_run+0x1c02/0x54d0
[  640.722015][T13019] Code: c7 e8 c2 f5 7a 00 be 08 00 00 00 4c 89 f7 e8 d5 71 e3 00 f0 41 80 67 38 fd 41 bd fb ff ff ff e9 a3 fa ff ff e8 9f f5 7a 00 90 <0f> 0b 90 e9 5d ff ff ff e8 91 f5 7a 00 e9 92 f6 ff ff e8 87 f5 7a
[  640.743097][T13019] RSP: 0018:ffffc90003557a90 EFLAGS: 00010283
[  640.749919][T13019] RAX: 0000000000000776 RBX: ffff888032919950 RCX: ffffc90013f20000
[  640.758601][T13019] RDX: 0000000000080000 RSI: ffffffff81417f11 RDI: 0000000000000005
[  640.767182][T13019] RBP: ffffc90003557c00 R08: 0000000000000005 R09: 00000000fffffff0
[  640.775195][T13019] R10: 00000000fffffff0 R11: 0000000000000000 R12: dffffc0000000000
[  640.783582][T13019] R13: 00000000fffffff0 R14: ffff888032918000 R15: ffff888032918000
[  640.791997][T13019] FS:  00007f9b0e4696c0(0000) GS:ffff8881249df000(0000) knlGS:0000000000000000
[  640.801378][T13019] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  640.808350][T13019] CR2: 0000000000000000 CR3: 0000000043800000 CR4: 00000000003526f0
[  640.816951][T13019] Call Trace:
[  640.820550][T13019]  <TASK>
[  640.823497][T13019]  ? vmx_segment_cache_test_set+0x14b/0x400
[  640.829750][T13019]  ? vmx_set_interrupt_shadow+0x63/0xe0
[  640.835333][T13019]  ? __pfx_vcpu_run+0x10/0x10
[  640.840718][T13019]  ? skip_emulated_instruction+0x20f/0x4d0
[  640.847160][T13019]  ? __pfx_skip_emulated_instruction+0x10/0x10
[  640.853352][T13019]  ? kvm_pmu_trigger_event.isra.0+0x23/0x7d0
[  640.859757][T13019]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  640.865562][T13019]  kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  640.871623][T13019]  kvm_vcpu_ioctl+0x5eb/0x1690
[  640.876769][T13019]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  640.881981][T13019]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  640.888316][T13019]  ? do_vfs_ioctl+0x128/0x14f0
[  640.893098][T13019]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  640.898663][T13019]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  640.905527][T13019]  ? hook_file_ioctl_common+0x145/0x410
[  640.911486][T13019]  ? selinux_file_ioctl+0x180/0x270
[  640.917231][T13019]  ? selinux_file_ioctl+0xb4/0x270
[  640.922535][T13019]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  640.928375][T13019]  __x64_sys_ioctl+0x18e/0x210
[  640.933168][T13019]  do_syscall_64+0xcd/0xfa0
[  640.937997][T13019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.943875][T13019] RIP: 0033:0x7f9b0d58eec9
[  640.948382][T13019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.968424][T13019] RSP: 002b:00007f9b0e469038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  640.977444][T13019] RAX: ffffffffffffffda RBX: 00007f9b0d7e6090 RCX: 00007f9b0d58eec9
[  640.985431][T13019] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  640.993792][T13019] RBP: 00007f9b0d611f91 R08: 0000000000000000 R09: 0000000000000000
[  641.002146][T13019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  641.010537][T13019] R13: 00007f9b0d7e6128 R14: 00007f9b0d7e6090 R15: 00007ffefb125998
[  641.018938][T13019]  </TASK>
[  641.021968][T13019] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  641.029228][T13019] CPU: 0 UID: 0 PID: 13019 Comm: syz.5.1930 Not tainted syzkaller #0 PREEMPT(full) 
[  641.038573][T13019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  641.048606][T13019] Call Trace:
[  641.051878][T13019]  <TASK>
[  641.054788][T13019]  dump_stack_lvl+0x3d/0x1f0
[  641.059365][T13019]  vpanic+0x640/0x6f0
[  641.063334][T13019]  ? vcpu_run+0x1c02/0x54d0
[  641.067829][T13019]  panic+0xca/0xd0
[  641.071534][T13019]  ? __pfx_panic+0x10/0x10
[  641.075954][T13019]  check_panic_on_warn+0xab/0xb0
[  641.080874][T13019]  __warn+0xf6/0x3c0
[  641.084749][T13019]  ? vcpu_run+0x1c02/0x54d0
[  641.089233][T13019]  report_bug+0x3c3/0x580
[  641.093546][T13019]  ? vcpu_run+0x1c02/0x54d0
[  641.098045][T13019]  handle_bug+0x184/0x210
[  641.102354][T13019]  exc_invalid_op+0x17/0x50
[  641.106864][T13019]  asm_exc_invalid_op+0x1a/0x20
[  641.111708][T13019] RIP: 0010:vcpu_run+0x1c02/0x54d0
[  641.116808][T13019] Code: c7 e8 c2 f5 7a 00 be 08 00 00 00 4c 89 f7 e8 d5 71 e3 00 f0 41 80 67 38 fd 41 bd fb ff ff ff e9 a3 fa ff ff e8 9f f5 7a 00 90 <0f> 0b 90 e9 5d ff ff ff e8 91 f5 7a 00 e9 92 f6 ff ff e8 87 f5 7a
[  641.136431][T13019] RSP: 0018:ffffc90003557a90 EFLAGS: 00010283
[  641.142491][T13019] RAX: 0000000000000776 RBX: ffff888032919950 RCX: ffffc90013f20000
[  641.150460][T13019] RDX: 0000000000080000 RSI: ffffffff81417f11 RDI: 0000000000000005
[  641.158432][T13019] RBP: ffffc90003557c00 R08: 0000000000000005 R09: 00000000fffffff0
[  641.166389][T13019] R10: 00000000fffffff0 R11: 0000000000000000 R12: dffffc0000000000
[  641.174347][T13019] R13: 00000000fffffff0 R14: ffff888032918000 R15: ffff888032918000
[  641.182404][T13019]  ? vcpu_run+0x1c01/0x54d0
[  641.186909][T13019]  ? vmx_segment_cache_test_set+0x14b/0x400
[  641.192790][T13019]  ? vmx_set_interrupt_shadow+0x63/0xe0
[  641.198323][T13019]  ? __pfx_vcpu_run+0x10/0x10
[  641.202985][T13019]  ? skip_emulated_instruction+0x20f/0x4d0
[  641.208778][T13019]  ? __pfx_skip_emulated_instruction+0x10/0x10
[  641.214930][T13019]  ? kvm_pmu_trigger_event.isra.0+0x23/0x7d0
[  641.220906][T13019]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  641.226703][T13019]  kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  641.232331][T13019]  kvm_vcpu_ioctl+0x5eb/0x1690
[  641.237093][T13019]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  641.242275][T13019]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  641.248159][T13019]  ? do_vfs_ioctl+0x128/0x14f0
[  641.252921][T13019]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  641.257936][T13019]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  641.264779][T13019]  ? hook_file_ioctl_common+0x145/0x410
[  641.270320][T13019]  ? selinux_file_ioctl+0x180/0x270
[  641.275501][T13019]  ? selinux_file_ioctl+0xb4/0x270
[  641.280597][T13019]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  641.285780][T13019]  __x64_sys_ioctl+0x18e/0x210
[  641.290537][T13019]  do_syscall_64+0xcd/0xfa0
[  641.295050][T13019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.300931][T13019] RIP: 0033:0x7f9b0d58eec9
[  641.305336][T13019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  641.324929][T13019] RSP: 002b:00007f9b0e469038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  641.333328][T13019] RAX: ffffffffffffffda RBX: 00007f9b0d7e6090 RCX: 00007f9b0d58eec9
[  641.341305][T13019] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  641.349261][T13019] RBP: 00007f9b0d611f91 R08: 0000000000000000 R09: 0000000000000000
[  641.357212][T13019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  641.365178][T13019] R13: 00007f9b0d7e6128 R14: 00007f9b0d7e6090 R15: 00007ffefb125998
[  641.373145][T13019]  </TASK>
[  641.376375][T13019] Kernel Offset: disabled
[  641.380686][T13019] Rebooting in 86400 seconds..