last executing test programs: 14.701840163s ago: executing program 2 (id=851): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBDIACR(r0, 0x4bfa, 0x0) 14.229073241s ago: executing program 2 (id=855): sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="7c0000000b0601020000000000000000030000000900020073797a300000000005000100070000004c0008800c00078007001a00242e0000100007800c0018400000000000000009100007800c001b4000000000000000100c00078008000a400000ffff100007800c00028008000140ac141455710009"], 0x7c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x6, &(0x7f0000000280)=@raw=[@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xecb}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xfffffffffffffff8}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1f, @void, @value}, 0x90) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000000206010100000000000000000000000005000100070000000900020073797a30000000000c000780080012400000100014000300686173683a69702c706f72742c697000050005000a000000050004"], 0x58}}, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0) r5 = socket$inet_sctp(0x2, 0x5, 0x84) socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r5, 0x84, 0x11, &(0x7f0000000080), 0x8) write$binfmt_elf64(r4, &(0x7f0000000040)=ANY=[@ANYBLOB], 0xffda) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x8, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 12.12362569s ago: executing program 2 (id=862): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x53, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b03, 0x0) syz_usb_disconnect(r0) 9.837467366s ago: executing program 2 (id=880): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[], 0x58}}, 0x0) syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, &(0x7f00000000c0), &(0x7f00000004c0)) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x4) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000380)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000002c0)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/42, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0) 9.706087911s ago: executing program 1 (id=881): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="5800000000090101000000000000000000000000100004800800014000000004240002000c0002800500010a0000000014000280080001000000000008000200ac1414000800054000000000090001"], 0x58}}, 0x0) 7.791348504s ago: executing program 1 (id=886): syz_open_dev$tty20(0xc, 0x4, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x0, 0x298, 0x200, 0x200, 0x298, 0x330, 0x330, 0x330, 0x330, 0x330, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x98}}, {{@ip={@remote, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x4]}}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000680)=ANY=[@ANYBLOB="b9000000000000", @ANYRES64], 0xb8) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}}) 7.730853636s ago: executing program 4 (id=888): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001440), 0x2202, 0x0) io_setup(0x104, &(0x7f0000000180)=0x0) rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0) io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f00000000c0)={0x0, 0x0, 0x3, 0x1, 0x0, r0, 0x0}]) 7.504449042s ago: executing program 3 (id=889): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003040)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xbc}}, 0x0) 7.472984865s ago: executing program 1 (id=890): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001440)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000004180), 0xff77) recvmmsg(r1, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000001100)=""/215, 0xd7}, {&(0x7f0000001200)=""/63, 0x3f}], 0x2}, 0xc000000}], 0x1, 0x1143, 0x0) 6.793980926s ago: executing program 4 (id=891): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x0) socket$inet6(0xa, 0x5, 0x7d) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x12, &(0x7f0000000040)=0xffff2eee, 0x4) r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2) madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00') ioctl$SIOCGETVIFCNT(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={0x1}) dup(0xffffffffffffffff) syz_open_dev$radio(0x0, 0x1, 0x2) syz_emit_ethernet(0x46, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000100)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) iopl(0x3) readahead(0xffffffffffffffff, 0x0, 0x0) read$FUSE(r3, &(0x7f0000002140)={0x2020}, 0x2020) ioctl$vim2m_VIDIOC_CREATE_BUFS(r2, 0xc100565c, 0x0) recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, 0x2, {}, [@NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x9}, @NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20008800) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r5, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r6}, @void}}}, 0x28}}, 0x0) 6.647626635s ago: executing program 3 (id=893): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) io_setup(0xa, 0x0) io_submit(0x0, 0x0, &(0x7f00000003c0)) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"}) 5.180105312s ago: executing program 3 (id=895): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioprio_set$pid(0x3, 0x0, 0x4004) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) socket$inet6(0xa, 0x1, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x545d, &(0x7f0000000200)=0x3) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r4}, 0x4) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000280)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r6 = eventfd(0x3) write$eventfd(r6, &(0x7f0000000bc0)=0xffffffffffffffff, 0x8) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x200000}, 0x18) syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) 5.069959165s ago: executing program 1 (id=896): bpf$MAP_CREATE(0x0, 0x0, 0x48) socket(0x10, 0x3, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) socket$alg(0x26, 0x5, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) exit(0x0) sendto$inet(r0, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) listen(r0, 0xda90) accept4(r0, 0x0, 0x0, 0x0) 4.901115999s ago: executing program 4 (id=897): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x70bd30, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x33584}]}, 0x40}}, 0x800) 4.616682571s ago: executing program 0 (id=898): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000880)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001900)=@bridge_delneigh={0x28, 0x1e, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x4}, [@NDA_LLADDR={0xa}]}, 0x28}}, 0x0) 3.966889157s ago: executing program 1 (id=899): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_usb_connect(0x3, 0x24, &(0x7f0000001300)={{0x12, 0x1, 0x201, 0x49, 0x93, 0xd5, 0x20, 0x13d3, 0x3262, 0xf193, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xff, 0x7, 0x40, 0x9, [{{0x9, 0x4, 0xf1, 0x1, 0x0, 0x1a, 0x52, 0x39, 0x9}}]}}]}}, 0x0) read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) ioctl$SNDCTL_DSP_GETIPTR(r1, 0x800c5011, &(0x7f00000001c0)) 3.850060536s ago: executing program 0 (id=900): r0 = open(&(0x7f0000000280)='.\x00', 0x2080, 0x0) fcntl$notify(r0, 0x402, 0x80000034) fchmod(r0, 0x6) 3.796851079s ago: executing program 4 (id=901): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1) 3.662283351s ago: executing program 0 (id=902): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, 0x0) 3.15403506s ago: executing program 3 (id=903): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xb}, 0x1c) syz_emit_ethernet(0x1be, &(0x7f0000000640)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000021001883a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0) 3.098991853s ago: executing program 2 (id=904): syz_usb_connect(0x5, 0x24, &(0x7f0000002100)={{0x12, 0x1, 0x10, 0xf5, 0x3, 0xdc, 0x20, 0x5986, 0x1172, 0xaae3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x81, 0xff, 0x50, 0x8, [{{0x9, 0x4, 0xbc, 0xe4, 0x0, 0xe, 0x1, 0x0, 0x3}}]}}]}}, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x4, &(0x7f0000002440)=@lang_id={0x4, 0x3, 0x180c}}, {0x0, 0x0}, {0x0, 0x0}, {0x20, &(0x7f0000002600)=@string={0x20, 0x3, "4b23913c652b6cd92e7557f137f89d0819649fa45a8e19788426cbf2272f"}}]}) 3.095364396s ago: executing program 3 (id=905): socket$netlink(0x10, 0x3, 0x5) unshare(0x22020600) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0xfffffffe) pipe2$9p(&(0x7f00000001c0), 0x0) r0 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000300)=@userptr={0x7, 0x9, 0x4, 0x400, 0xa, {}, {0x2, 0xc, 0xf3, 0x4, 0x2f, 0x4, "6dcdc988"}, 0x6, 0x2, {0x0}, 0xe}) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x80047441, 0x20000000) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000100)) memfd_create(0x0, 0x2) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='smaps\x00') pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e04de220c"], 0x7) syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x4a141) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') unshare(0x20000000) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000780)=ANY=[], 0x119) writev(r3, &(0x7f0000000300)=[{&(0x7f0000000140)='\n\x00\x00\x00', 0x4}, {&(0x7f00000003c0)='\v\x00', 0x2}], 0x2) io_setup(0x6, 0x0) 2.537998431s ago: executing program 4 (id=906): r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x4) r2 = openat$cgroup_pressure(r1, &(0x7f0000000540)='cpu.pressure\x00', 0x2, 0x0) read(r2, &(0x7f0000000040)=""/252, 0xfc) 2.5285119s ago: executing program 0 (id=907): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) socket$nl_netfilter(0x10, 0x3, 0xc) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)) openat$full(0xffffffffffffff9c, 0x0, 0x80000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, 0x0, 0x4c000) bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x48) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1a37c1, 0x42) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r6, 0x8008f512, 0x0) ioctl$SNDRV_PCM_IOCTL_RESUME(r6, 0x4147, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRES8=r6], 0x48}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0x44, 0x30, 0xb, 0xfffffffc, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4, 0x21}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x10000000) 2.496613943s ago: executing program 3 (id=908): ioperm(0x0, 0x7, 0xffffffff) r0 = fanotify_init(0x4, 0x0) r1 = add_key(&(0x7f0000000000)='cifs.idmap\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$get_keyring_id(0x0, r1, 0xffffffffffff4e35) r2 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) fanotify_mark(r0, 0xd, 0x8000029, r2, 0x0) read$FUSE(r2, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) socket$nl_netfilter(0x10, 0x3, 0xc) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x3c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_audit(0x10, 0x3, 0x9) r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b000000", @ANYRES32, @ANYRES8=r3], 0x3c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x4008840) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB="c4ecf0"], 0x0) 2.40925952s ago: executing program 4 (id=909): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) listen(0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_netprio_ifpriomap(r1, &(0x7f00000002c0), 0x2, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) bind$alg(r2, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r3 = accept$alg(r2, 0x0, 0x0) r4 = dup(r3) write$FUSE_INIT(r4, &(0x7f0000000080)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x29, 0x3, 0x40000001, 0x0, 0x0, 0x7}}, 0xfffffde5) setsockopt(r4, 0x1, 0x20, &(0x7f0000000040)="c04bfa0a", 0x4) 287.518639ms ago: executing program 0 (id=910): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4}, @IPSET_ATTR_PORT_TO={0x6}]}]}, 0x5c}}, 0x0) 93.995468ms ago: executing program 1 (id=911): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x70bd30, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x33584}]}, 0x40}}, 0x800) 22.872321ms ago: executing program 0 (id=912): syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="040f040401130439"], 0x7) 0s ago: executing program 2 (id=913): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x50) kernel console output (not intermixed with test programs): 51.872737][ T29] audit: type=1400 audit(1737866153.727:475): avc: denied { write } for pid=6869 comm="syz.4.247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 151.949048][ T29] audit: type=1400 audit(1737866153.747:476): avc: denied { map } for pid=6869 comm="syz.4.247" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 152.102935][ T29] audit: type=1400 audit(1737866153.747:477): avc: denied { execute } for pid=6869 comm="syz.4.247" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 153.255650][ T29] audit: type=1400 audit(1737866155.147:478): avc: denied { mount } for pid=6889 comm="syz.2.251" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 153.335016][ T6893] netlink: 80 bytes leftover after parsing attributes in process `syz.1.252'. [ 153.973565][ T12] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 154.379883][ T6920] FAULT_INJECTION: forcing a failure. [ 154.379883][ T6920] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 154.396508][ T6920] CPU: 1 UID: 0 PID: 6920 Comm: syz.1.257 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 154.396530][ T6920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 154.396539][ T6920] Call Trace: [ 154.396545][ T6920] [ 154.396552][ T6920] dump_stack_lvl+0x16c/0x1f0 [ 154.396581][ T6920] should_fail_ex+0x497/0x5b0 [ 154.396606][ T6920] _copy_from_user+0x2e/0xd0 [ 154.396629][ T6920] ucma_set_option+0xa6/0x530 [ 154.396655][ T6920] ? __pfx_ucma_set_option+0x10/0x10 [ 154.396678][ T6920] ? __might_fault+0xe3/0x190 [ 154.396698][ T6920] ? __might_fault+0xe3/0x190 [ 154.396722][ T6920] ? __pfx_ucma_set_option+0x10/0x10 [ 154.396746][ T6920] ucma_write+0x1f9/0x330 [ 154.396766][ T6920] ? __pfx_ucma_write+0x10/0x10 [ 154.396786][ T6920] ? bpf_lsm_file_permission+0x9/0x10 [ 154.396805][ T6920] ? security_file_permission+0x71/0x210 [ 154.396828][ T6920] ? rw_verify_area+0xcf/0x680 [ 154.396852][ T6920] ? __pfx_ucma_write+0x10/0x10 [ 154.396874][ T6920] vfs_write+0x24c/0x1150 [ 154.396899][ T6920] ? __fget_files+0x1fc/0x3a0 [ 154.396924][ T6920] ? __pfx_lock_release+0x10/0x10 [ 154.396949][ T6920] ? __pfx_vfs_write+0x10/0x10 [ 154.396974][ T6920] ? lock_acquire+0x2f/0xb0 [ 154.396995][ T6920] ? __fget_files+0x40/0x3a0 [ 154.397023][ T6920] ? __fget_files+0x206/0x3a0 [ 154.397061][ T6920] ksys_write+0x207/0x250 [ 154.397084][ T6920] ? __pfx_ksys_write+0x10/0x10 [ 154.397115][ T6920] do_syscall_64+0xcd/0x250 [ 154.397142][ T6920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.397167][ T6920] RIP: 0033:0x7eff4678cd29 [ 154.397182][ T6920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.397200][ T6920] RSP: 002b:00007eff475f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 154.397217][ T6920] RAX: ffffffffffffffda RBX: 00007eff469a5fa0 RCX: 00007eff4678cd29 [ 154.397229][ T6920] RDX: 0000000000000020 RSI: 0000000020000380 RDI: 0000000000000003 [ 154.397239][ T6920] RBP: 00007eff475f8090 R08: 0000000000000000 R09: 0000000000000000 [ 154.397249][ T6920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.397260][ T6920] R13: 0000000000000000 R14: 00007eff469a5fa0 R15: 00007fff93a94158 [ 154.397283][ T6920] [ 155.327737][ T6929] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 155.413072][ T6932] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 155.725853][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 155.725871][ T29] audit: type=1400 audit(1737866157.617:483): avc: denied { watch watch_reads } for pid=6931 comm="syz.3.263" path="/59" dev="tmpfs" ino=346 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 155.884983][ T6936] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 156.550743][ C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 157.093189][ T6953] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 157.864852][ T29] audit: type=1400 audit(1737866158.997:484): avc: denied { relabelto } for pid=6944 comm="syz.0.265" name="48" dev="tmpfs" ino=286 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 158.572953][ T29] audit: type=1400 audit(1737866158.997:485): avc: denied { associate } for pid=6944 comm="syz.0.265" name="48" dev="tmpfs" ino=286 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0" [ 158.599736][ C0] vkms_vblank_simulate: vblank timer overrun [ 158.618657][ T29] audit: type=1400 audit(1737866160.227:486): avc: denied { sys_module } for pid=6950 comm="syz.4.267" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 158.726313][ T29] audit: type=1400 audit(1737866160.607:487): avc: denied { write } for pid=5814 comm="syz-executor" name="48" dev="tmpfs" ino=286 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 158.768692][ T6963] fuse: Bad value for 'fd' [ 158.810899][ T29] audit: type=1400 audit(1737866160.617:488): avc: denied { remove_name } for pid=5814 comm="syz-executor" name="binderfs" dev="tmpfs" ino=290 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 158.840962][ T29] audit: type=1400 audit(1737866160.617:489): avc: denied { rmdir } for pid=5814 comm="syz-executor" name="48" dev="tmpfs" ino=286 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 159.396473][ T6978] netlink: 8 bytes leftover after parsing attributes in process `syz.1.272'. [ 159.406531][ T6978] netlink: 24 bytes leftover after parsing attributes in process `syz.1.272'. [ 159.432532][ T11] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 159.596678][ T6980] fuse: Unknown parameter 'root-ode' [ 160.500453][ T29] audit: type=1800 audit(1737866162.387:490): pid=6991 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.276" name="file1" dev="overlay" ino=286 res=0 errno=0 [ 160.510831][ T6991] netlink: 'syz.2.276': attribute type 4 has an invalid length. [ 160.540672][ T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 160.846558][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 160.862617][ T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 160.890699][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 160.900629][ T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 160.916702][ T25] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38 [ 160.927904][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.950153][ T25] usb 5-1: Product: syz [ 160.954766][ T25] usb 5-1: Manufacturer: syz [ 160.959501][ T25] usb 5-1: SerialNumber: syz [ 161.088187][ T25] usb 5-1: config 0 descriptor?? [ 161.533463][ T25] usb 5-1: USB disconnect, device number 6 [ 162.577875][ T7012] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 164.121014][ T1142] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 165.081084][ T3551] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 165.540671][ T25] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 165.602904][ T7064] Driver unsupported XDP return value 0 on prog (id 48) dev N/A, expect packet loss! [ 165.715622][ T25] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 165.741383][ T25] usb 3-1: config 1 has an invalid descriptor of length 110, skipping remainder of the config [ 165.770712][ T5825] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 165.784670][ T25] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 165.825529][ T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 101, changing to 10 [ 165.862856][ T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 10100, setting to 1024 [ 165.903641][ T25] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 165.913946][ T29] audit: type=1400 audit(1737866167.809:491): avc: denied { append } for pid=7068 comm="syz.3.295" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 165.945364][ T25] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 165.958020][ T7071] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 165.971760][ T25] usb 3-1: Product: syz [ 165.983674][ T5825] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 165.997066][ T25] usb 3-1: Manufacturer: syz [ 166.016292][ T5825] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.075084][ T7055] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 166.085221][ T25] cdc_wdm 3-1:1.0: skipping garbage [ 166.090980][ T25] cdc_wdm 3-1:1.0: skipping garbage [ 166.102471][ T5825] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 166.163967][ T25] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 166.172911][ T5825] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 166.193017][ T25] cdc_wdm 3-1:1.0: Unknown control protocol [ 166.218143][ T5825] usb 5-1: Product: syz [ 166.237899][ T29] audit: type=1400 audit(1737866168.029:492): avc: denied { write } for pid=7068 comm="syz.3.295" path="socket:[14027]" dev="sockfs" ino=14027 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 166.237967][ T5825] usb 5-1: Manufacturer: syz [ 166.289462][ T7069] netlink: 100 bytes leftover after parsing attributes in process `syz.3.295'. [ 166.298580][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.298683][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.298875][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.318047][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.323710][ T7069] netlink: 100 bytes leftover after parsing attributes in process `syz.3.295'. [ 166.325213][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.339682][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.344649][ T5825] hub 5-1:4.0: USB hub found [ 166.351204][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.352209][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.295'. [ 166.357832][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.358056][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.379350][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.381475][ T29] audit: type=1400 audit(1737866168.189:493): avc: denied { sqpoll } for pid=7068 comm="syz.3.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 166.386210][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.404518][ C1] vkms_vblank_simulate: vblank timer overrun [ 166.411027][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.424168][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.430811][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.437665][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.444312][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.450611][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.457240][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.463564][ C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 166.470195][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 166.500345][ T5871] usb 3-1: USB disconnect, device number 10 [ 166.500419][ C0] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 166.571054][ T5825] hub 5-1:4.0: 2 ports detected [ 166.618180][ T7072] hsr_slave_1 (unregistering): left promiscuous mode [ 166.636111][ T7074] netlink: 96 bytes leftover after parsing attributes in process `syz.1.297'. [ 166.981271][ T5825] hub 5-1:4.0: set hub depth failed [ 166.986726][ T29] audit: type=1400 audit(1737866168.879:494): avc: denied { setopt } for pid=7060 comm="syz.4.292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 167.006005][ C1] vkms_vblank_simulate: vblank timer overrun [ 167.078114][ T7086] SET target dimension over the limit! [ 167.973868][ T25] hub 5-1:4.0: hub_ext_port_status failed (err = -71) [ 167.981439][ T5825] usb 5-1: USB disconnect, device number 7 [ 168.727586][ T29] audit: type=1400 audit(1737866170.629:495): avc: denied { create } for pid=7092 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 168.750245][ T29] audit: type=1400 audit(1737866170.649:496): avc: denied { bind } for pid=7092 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 168.894121][ T29] audit: type=1400 audit(1737866170.759:497): avc: denied { connect } for pid=7092 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 168.988170][ T7105] FAULT_INJECTION: forcing a failure. [ 168.988170][ T7105] name failslab, interval 1, probability 0, space 0, times 0 [ 169.001201][ T7105] CPU: 1 UID: 0 PID: 7105 Comm: syz.2.302 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 169.001224][ T7105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 169.001236][ T7105] Call Trace: [ 169.001241][ T7105] [ 169.001248][ T7105] dump_stack_lvl+0x16c/0x1f0 [ 169.001280][ T7105] should_fail_ex+0x497/0x5b0 [ 169.001304][ T7105] ? fs_reclaim_acquire+0xae/0x150 [ 169.001333][ T7105] should_failslab+0xc2/0x120 [ 169.001354][ T7105] __kmalloc_noprof+0xcb/0x510 [ 169.001382][ T7105] ? snd_ctl_new+0x13c/0x1a0 [ 169.001405][ T7105] snd_ctl_elem_add+0x55a/0x14d0 [ 169.001442][ T7105] ? __pfx_snd_ctl_elem_add+0x10/0x10 [ 169.001464][ T7105] ? rep_movs_alternative+0x4a/0x70 [ 169.001492][ T7105] snd_ctl_elem_add_user+0xc4/0x170 [ 169.001512][ T7105] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 169.001561][ T7105] ? __pfx___schedule+0x10/0x10 [ 169.001590][ T7105] snd_ctl_ioctl+0x9cc/0x1310 [ 169.001610][ T7105] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 169.001636][ T7105] ? irqentry_exit+0x3b/0x90 [ 169.001661][ T7105] ? lockdep_hardirqs_on+0x7c/0x110 [ 169.001689][ T7105] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 169.001711][ T7105] ? __x64_sys_ioctl+0x12c/0x200 [ 169.001736][ T7105] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 169.001758][ T7105] __x64_sys_ioctl+0x190/0x200 [ 169.001783][ T7105] do_syscall_64+0xcd/0x250 [ 169.001811][ T7105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.001837][ T7105] RIP: 0033:0x7f240238cd29 [ 169.001854][ T7105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.001872][ T7105] RSP: 002b:00007f240320d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 169.001890][ T7105] RAX: ffffffffffffffda RBX: 00007f24025a6160 RCX: 00007f240238cd29 [ 169.001903][ T7105] RDX: 0000000020000340 RSI: 00000000c1105517 RDI: 0000000000000006 [ 169.001915][ T7105] RBP: 00007f240320d090 R08: 0000000000000000 R09: 0000000000000000 [ 169.001926][ T7105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 169.001937][ T7105] R13: 0000000000000000 R14: 00007f24025a6160 R15: 00007ffd7cc41268 [ 169.001963][ T7105] [ 169.221549][ C1] vkms_vblank_simulate: vblank timer overrun [ 169.280273][ T29] audit: type=1400 audit(1737866170.789:498): avc: denied { write } for pid=7092 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 169.318102][ T3551] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 169.349207][ T29] audit: type=1400 audit(1737866170.789:499): avc: denied { write } for pid=7092 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 169.370752][ T29] audit: type=1400 audit(1737866170.789:500): avc: denied { read } for pid=7092 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 169.732137][ T7100] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 171.668872][ T7131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.309'. [ 171.792881][ T29] audit: type=1400 audit(1737866173.699:501): avc: denied { map } for pid=7130 comm="syz.1.309" path="socket:[14995]" dev="sockfs" ino=14995 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 172.088102][ T7136] netlink: 60 bytes leftover after parsing attributes in process `syz.2.310'. [ 172.809045][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 173.085264][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 173.092177][ T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 173.170208][ T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 173.182573][ T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 173.193576][ T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 173.208130][ T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 173.218640][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.250735][ T25] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 173.262226][ T7143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.313'. [ 173.435707][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.448669][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.461646][ T25] usb 3-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 173.472424][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.505616][ T25] usb 3-1: config 0 descriptor?? [ 173.587433][ T6607] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 173.626031][ T9] usb 2-1: usb_control_msg returned -32 [ 173.633686][ T9] usbtmc 2-1:16.0: can't read capabilities [ 174.002053][ T25] logitech 0003:046D:C294.0005: unbalanced collection at end of report description [ 174.040253][ T25] logitech 0003:046D:C294.0005: parse failed [ 174.060163][ T25] logitech 0003:046D:C294.0005: probe with driver logitech failed with error -22 [ 174.112732][ T7155] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 174.166723][ T29] audit: type=1400 audit(1737866176.069:502): avc: denied { write } for pid=7158 comm="syz.0.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 174.195581][ T25] usb 3-1: USB disconnect, device number 11 [ 174.226523][ T7159] syz.0.319 (7159): /proc/7158/oom_adj is deprecated, please use /proc/7158/oom_score_adj instead. [ 175.575412][ T8] usb 2-1: USB disconnect, device number 7 [ 177.062934][ T7185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.327'. [ 177.073371][ T7192] netlink: 80 bytes leftover after parsing attributes in process `syz.4.329'. [ 177.139379][ T7193] FAULT_INJECTION: forcing a failure. [ 177.139379][ T7193] name failslab, interval 1, probability 0, space 0, times 0 [ 177.152209][ T7193] CPU: 1 UID: 0 PID: 7193 Comm: syz.2.328 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 177.152235][ T7193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 177.152246][ T7193] Call Trace: [ 177.152252][ T7193] [ 177.152259][ T7193] dump_stack_lvl+0x16c/0x1f0 [ 177.152290][ T7193] should_fail_ex+0x497/0x5b0 [ 177.152313][ T7193] ? fs_reclaim_acquire+0xae/0x150 [ 177.152342][ T7193] should_failslab+0xc2/0x120 [ 177.152362][ T7193] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 177.152392][ T7193] ? alloc_empty_file+0x73/0x1e0 [ 177.152417][ T7193] alloc_empty_file+0x73/0x1e0 [ 177.152439][ T7193] alloc_file_clone+0x5f/0x110 [ 177.152461][ T7193] do_shmat+0x72f/0x1340 [ 177.152490][ T7193] ? __pfx_do_shmat+0x10/0x10 [ 177.152521][ T7193] __x64_sys_shmat+0xd8/0x170 [ 177.152546][ T7193] ? __pfx___x64_sys_shmat+0x10/0x10 [ 177.152572][ T7193] ? do_syscall_64+0x91/0x250 [ 177.152600][ T7193] do_syscall_64+0xcd/0x250 [ 177.152628][ T7193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.152654][ T7193] RIP: 0033:0x7f240238cd29 [ 177.152669][ T7193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.152686][ T7193] RSP: 002b:00007f240320d038 EFLAGS: 00000246 ORIG_RAX: 000000000000001e [ 177.152704][ T7193] RAX: ffffffffffffffda RBX: 00007f24025a6160 RCX: 00007f240238cd29 [ 177.152717][ T7193] RDX: 0000000000004000 RSI: 0000000020ffc000 RDI: 0000000000000001 [ 177.152728][ T7193] RBP: 00007f240320d090 R08: 0000000000000000 R09: 0000000000000000 [ 177.152740][ T7193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 177.152751][ T7193] R13: 0000000000000000 R14: 00007f24025a6160 R15: 00007ffd7cc41268 [ 177.152776][ T7193] [ 177.452210][ T7196] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 177.710883][ T1142] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 178.453853][ T7217] FAULT_INJECTION: forcing a failure. [ 178.453853][ T7217] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 178.495297][ T7217] CPU: 1 UID: 0 PID: 7217 Comm: syz.1.334 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 178.495315][ T7217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 178.495322][ T7217] Call Trace: [ 178.495326][ T7217] [ 178.495331][ T7217] dump_stack_lvl+0x16c/0x1f0 [ 178.495354][ T7217] should_fail_ex+0x497/0x5b0 [ 178.495370][ T7217] _copy_from_user+0x2e/0xd0 [ 178.495387][ T7217] ucma_set_option+0xa6/0x530 [ 178.495405][ T7217] ? __pfx_ucma_set_option+0x10/0x10 [ 178.495420][ T7217] ? __might_fault+0xe3/0x190 [ 178.495434][ T7217] ? __might_fault+0xe3/0x190 [ 178.495447][ T7217] ? __pfx_ucma_set_option+0x10/0x10 [ 178.495463][ T7217] ucma_write+0x1f9/0x330 [ 178.495478][ T7217] ? __pfx_ucma_write+0x10/0x10 [ 178.495491][ T7217] ? bpf_lsm_file_permission+0x9/0x10 [ 178.495503][ T7217] ? security_file_permission+0x71/0x210 [ 178.495517][ T7217] ? rw_verify_area+0xcf/0x680 [ 178.495532][ T7217] ? __pfx_ucma_write+0x10/0x10 [ 178.495545][ T7217] vfs_write+0x24c/0x1150 [ 178.495560][ T7217] ? __fget_files+0x1fc/0x3a0 [ 178.495576][ T7217] ? __pfx_lock_release+0x10/0x10 [ 178.495592][ T7217] ? __pfx_vfs_write+0x10/0x10 [ 178.495607][ T7217] ? lock_acquire+0x2f/0xb0 [ 178.495625][ T7217] ? __fget_files+0x40/0x3a0 [ 178.495642][ T7217] ? __fget_files+0x206/0x3a0 [ 178.495661][ T7217] ksys_write+0x207/0x250 [ 178.495675][ T7217] ? __pfx_ksys_write+0x10/0x10 [ 178.495694][ T7217] do_syscall_64+0xcd/0x250 [ 178.495711][ T7217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.495726][ T7217] RIP: 0033:0x7eff4678cd29 [ 178.495736][ T7217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.495746][ T7217] RSP: 002b:00007eff475f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 178.495756][ T7217] RAX: ffffffffffffffda RBX: 00007eff469a5fa0 RCX: 00007eff4678cd29 [ 178.495764][ T7217] RDX: 0000000000000020 RSI: 0000000020000380 RDI: 0000000000000003 [ 178.495770][ T7217] RBP: 00007eff475f8090 R08: 0000000000000000 R09: 0000000000000000 [ 178.495776][ T7217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.495782][ T7217] R13: 0000000000000000 R14: 00007eff469a5fa0 R15: 00007fff93a94158 [ 178.495795][ T7217] [ 179.111918][ T7225] netlink: 68 bytes leftover after parsing attributes in process `syz.0.336'. [ 181.685818][ T7244] No source specified [ 182.560888][ T7251] netlink: 4 bytes leftover after parsing attributes in process `syz.3.344'. [ 183.481080][ T25] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 183.512750][ T29] audit: type=1400 audit(1737866185.419:503): avc: denied { map } for pid=7269 comm="syz.1.350" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 183.548299][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 183.565909][ T29] audit: type=1400 audit(1737866185.439:504): avc: denied { execute } for pid=7269 comm="syz.1.350" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 183.620749][ T25] usb 3-1: device descriptor read/64, error -71 [ 183.655294][ T29] audit: type=1400 audit(1737866185.559:505): avc: denied { ioctl } for pid=7269 comm="syz.1.350" path="mnt:[4026532814]" dev="nsfs" ino=4026532814 ioctlcmd=0xb705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 183.684672][ T7270] netlink: 24 bytes leftover after parsing attributes in process `syz.1.350'. [ 183.720826][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 183.735092][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 183.765178][ T9] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 183.789001][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.802890][ T9] usb 1-1: Product: syz [ 183.807174][ T9] usb 1-1: Manufacturer: syz [ 183.817321][ T9] usb 1-1: SerialNumber: syz [ 183.836599][ T9] usb 1-1: config 0 descriptor?? [ 183.850144][ T9] hub 1-1:0.0: bad descriptor, ignoring hub [ 183.856319][ T9] hub 1-1:0.0: probe with driver hub failed with error -5 [ 183.870857][ T25] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 183.874281][ T9] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 183.897815][ T7276] netlink: 16 bytes leftover after parsing attributes in process `syz.1.351'. [ 183.897815][ T29] audit: type=1400 audit(1737866185.799:506): avc: denied { read } for pid=5176 comm="acpid" name="mouse1" dev="devtmpfs" ino=2810 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 183.944737][ T29] audit: type=1400 audit(1737866185.849:507): avc: denied { open } for pid=5176 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2810 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 184.020659][ T25] usb 3-1: device descriptor read/64, error -71 [ 184.210133][ T7279] libceph: resolve '0.0' (ret=-3): failed [ 184.290899][ T25] usb usb3-port1: attempt power cycle [ 184.305056][ T8] usb 1-1: USB disconnect, device number 5 [ 184.630857][ T25] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 184.640939][ T46] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 184.728304][ T25] usb 3-1: device descriptor read/8, error -71 [ 184.971027][ T46] usb 4-1: Using ep0 maxpacket: 16 [ 184.980008][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.993823][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 185.006170][ T46] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 185.015638][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.083970][ T25] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 185.110095][ T46] usb 4-1: config 0 descriptor?? [ 185.135559][ T25] usb 3-1: device descriptor read/8, error -71 [ 185.441533][ T7295] Cannot find add_set index 0 as target [ 186.145860][ T25] usb usb3-port1: unable to enumerate USB device [ 188.004793][ T46] usbhid 4-1:0.0: can't add hid device: -71 [ 188.027353][ T46] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 188.047410][ T46] usb 4-1: USB disconnect, device number 2 [ 188.176784][ T7304] FAULT_INJECTION: forcing a failure. [ 188.176784][ T7304] name failslab, interval 1, probability 0, space 0, times 0 [ 188.432367][ T7304] CPU: 1 UID: 0 PID: 7304 Comm: syz.0.360 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 188.432397][ T7304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 188.432409][ T7304] Call Trace: [ 188.432414][ T7304] [ 188.432422][ T7304] dump_stack_lvl+0x16c/0x1f0 [ 188.432453][ T7304] should_fail_ex+0x497/0x5b0 [ 188.432477][ T7304] ? fs_reclaim_acquire+0xae/0x150 [ 188.432508][ T7304] should_failslab+0xc2/0x120 [ 188.432527][ T7304] __kmalloc_noprof+0xcb/0x510 [ 188.432555][ T7304] ? rcu_is_watching+0x12/0xc0 [ 188.432575][ T7304] tomoyo_encode2+0x100/0x3e0 [ 188.432599][ T7304] tomoyo_encode+0x29/0x50 [ 188.432618][ T7304] tomoyo_realpath_from_path+0x19d/0x720 [ 188.432642][ T7304] ? tomoyo_path_number_perm+0x235/0x590 [ 188.432674][ T7304] tomoyo_path_number_perm+0x248/0x590 [ 188.432701][ T7304] ? tomoyo_path_number_perm+0x235/0x590 [ 188.432731][ T7304] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 188.432786][ T7304] ? __pfx_lock_release+0x10/0x10 [ 188.432810][ T7304] ? trace_lock_acquire+0x14e/0x1f0 [ 188.432834][ T7304] ? lock_acquire+0x2f/0xb0 [ 188.432856][ T7304] ? __fget_files+0x40/0x3a0 [ 188.432886][ T7304] ? __fget_files+0x206/0x3a0 [ 188.432916][ T7304] security_file_ioctl+0x9b/0x240 [ 188.432938][ T7304] __x64_sys_ioctl+0xb7/0x200 [ 188.432962][ T7304] do_syscall_64+0xcd/0x250 [ 188.432988][ T7304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.433011][ T7304] RIP: 0033:0x7f10a718cd29 [ 188.433025][ T7304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.433043][ T7304] RSP: 002b:00007f10a7f98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 188.433059][ T7304] RAX: ffffffffffffffda RBX: 00007f10a73a5fa0 RCX: 00007f10a718cd29 [ 188.433069][ T7304] RDX: 0000000020000200 RSI: 00000000c048aeca RDI: 000000000000000e [ 188.433080][ T7304] RBP: 00007f10a7f98090 R08: 0000000000000000 R09: 0000000000000000 [ 188.433091][ T7304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 188.433102][ T7304] R13: 0000000000000000 R14: 00007f10a73a5fa0 R15: 00007ffd80cd1328 [ 188.433128][ T7304] [ 188.433756][ T7304] ERROR: Out of memory at tomoyo_realpath_from_path. [ 190.853135][ T7332] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 190.934976][ T5820] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 192.132638][ T5820] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 192.349551][ T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 192.540831][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 192.653549][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.668980][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 192.700893][ T9] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 192.710136][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.729677][ T9] usb 1-1: config 0 descriptor?? [ 192.749136][ T29] audit: type=1400 audit(1737866194.649:508): avc: denied { write } for pid=7354 comm="syz.1.374" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 192.773143][ T7355] FAULT_INJECTION: forcing a failure. [ 192.773143][ T7355] name failslab, interval 1, probability 0, space 0, times 0 [ 192.787225][ T7355] CPU: 1 UID: 0 PID: 7355 Comm: syz.1.374 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 192.787252][ T7355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 192.787263][ T7355] Call Trace: [ 192.787269][ T7355] [ 192.787277][ T7355] dump_stack_lvl+0x16c/0x1f0 [ 192.787310][ T7355] should_fail_ex+0x497/0x5b0 [ 192.787337][ T7355] ? fs_reclaim_acquire+0xae/0x150 [ 192.787365][ T7355] should_failslab+0xc2/0x120 [ 192.787386][ T7355] __kmalloc_noprof+0xcb/0x510 [ 192.787414][ T7355] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 192.787446][ T7355] tomoyo_realpath_from_path+0xb9/0x720 [ 192.787468][ T7355] ? tomoyo_path_number_perm+0x235/0x590 [ 192.787499][ T7355] ? tomoyo_path_number_perm+0x235/0x590 [ 192.787530][ T7355] tomoyo_path_number_perm+0x248/0x590 [ 192.787558][ T7355] ? tomoyo_path_number_perm+0x235/0x590 [ 192.787588][ T7355] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 192.787644][ T7355] ? __pfx_lock_release+0x10/0x10 [ 192.787668][ T7355] ? trace_lock_acquire+0x14e/0x1f0 [ 192.787693][ T7355] ? lock_acquire+0x2f/0xb0 [ 192.787715][ T7355] ? __fget_files+0x40/0x3a0 [ 192.787744][ T7355] ? __fget_files+0x206/0x3a0 [ 192.787773][ T7355] security_file_ioctl+0x9b/0x240 [ 192.787796][ T7355] __x64_sys_ioctl+0xb7/0x200 [ 192.787822][ T7355] do_syscall_64+0xcd/0x250 [ 192.787850][ T7355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.787876][ T7355] RIP: 0033:0x7eff4678cd29 [ 192.787891][ T7355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.787909][ T7355] RSP: 002b:00007eff475f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 192.787927][ T7355] RAX: ffffffffffffffda RBX: 00007eff469a5fa0 RCX: 00007eff4678cd29 [ 192.787940][ T7355] RDX: 00000000200003c0 RSI: 0000000000004604 RDI: 0000000000000003 [ 192.787951][ T7355] RBP: 00007eff475f8090 R08: 0000000000000000 R09: 0000000000000000 [ 192.787967][ T7355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.787979][ T7355] R13: 0000000000000000 R14: 00007eff469a5fa0 R15: 00007fff93a94158 [ 192.788004][ T7355] [ 192.788012][ T7355] ERROR: Out of memory at tomoyo_realpath_from_path. [ 192.879224][ T29] audit: type=1400 audit(1737866194.649:509): avc: denied { open } for pid=7354 comm="syz.1.374" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 193.092981][ T29] audit: type=1400 audit(1737866194.939:510): avc: denied { ioctl } for pid=7354 comm="syz.1.374" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4604 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 193.268235][ T9] konepure 0003:1E7D:2DB4.0006: unknown main item tag 0x2 [ 193.275551][ T9] konepure 0003:1E7D:2DB4.0006: unknown main item tag 0x2 [ 193.287346][ T9] konepure 0003:1E7D:2DB4.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.0-1/input0 [ 193.682019][ T9] usb 1-1: USB disconnect, device number 6 [ 194.049330][ T7371] Invalid source name [ 194.390315][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.399820][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.930737][ T5871] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 196.015584][ T29] audit: type=1400 audit(1737866197.919:511): avc: denied { write } for pid=7396 comm="syz.1.387" name="usbmon1" dev="devtmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 196.093969][ T5871] usb 3-1: Using ep0 maxpacket: 16 [ 196.132962][ T7402] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 196.133923][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.248833][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.275116][ T5871] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 196.284981][ T5871] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.446155][ T5871] usb 3-1: config 0 descriptor?? [ 198.028478][ T5871] konepure 0003:1E7D:2DB4.0007: unknown main item tag 0x2 [ 198.328229][ T5871] konepure 0003:1E7D:2DB4.0007: unknown main item tag 0x2 [ 198.458001][ T5871] konepure 0003:1E7D:2DB4.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.2-1/input0 [ 198.577288][ T5871] usb 3-1: USB disconnect, device number 16 [ 198.699554][ T7418] Invalid source name [ 200.274277][ T7433] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 201.605951][ T7446] Bluetooth: MGMT ver 1.23 [ 201.700104][ T7450] netlink: 4 bytes leftover after parsing attributes in process `syz.0.401'. [ 201.720792][ T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 202.868096][ T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.887238][ T8] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 202.989783][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.998553][ T8] usb 5-1: Product: syz [ 203.006711][ T8] usb 5-1: Manufacturer: syz [ 203.013681][ T8] usb 5-1: SerialNumber: syz [ 203.026712][ T8] usb 5-1: config 0 descriptor?? [ 203.051956][ T8] ums-isd200 5-1:0.0: USB Mass Storage device detected [ 203.256069][ T8] usb 5-1: USB disconnect, device number 8 [ 204.046097][ T7471] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 204.442234][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.482723][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.500781][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.519567][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.536112][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.613705][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.637388][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.654567][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.670006][ T7473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=7473 comm=syz.0.408 [ 204.917714][ T7477] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 205.209964][ T29] audit: type=1800 audit(1737866207.109:512): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.412" name="bus" dev="overlay" ino=499 res=0 errno=0 [ 205.243361][ T7486] evm: overlay not supported [ 206.481555][ T7495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.416'. [ 207.251236][ T8] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 207.332422][ T7504] FAULT_INJECTION: forcing a failure. [ 207.332422][ T7504] name failslab, interval 1, probability 0, space 0, times 0 [ 207.525825][ T7504] CPU: 1 UID: 0 PID: 7504 Comm: syz.1.418 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 207.525855][ T7504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 207.525865][ T7504] Call Trace: [ 207.525871][ T7504] [ 207.525879][ T7504] dump_stack_lvl+0x16c/0x1f0 [ 207.525910][ T7504] should_fail_ex+0x497/0x5b0 [ 207.525932][ T7504] ? fs_reclaim_acquire+0xae/0x150 [ 207.525959][ T7504] should_failslab+0xc2/0x120 [ 207.525979][ T7504] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 207.526008][ T7504] ? __alloc_skb+0x2b1/0x380 [ 207.526043][ T7504] __alloc_skb+0x2b1/0x380 [ 207.526069][ T7504] ? __pfx___alloc_skb+0x10/0x10 [ 207.526098][ T7504] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 207.526129][ T7504] netlink_alloc_large_skb+0x69/0x130 [ 207.526157][ T7504] netlink_sendmsg+0x689/0xd70 [ 207.526187][ T7504] ? __pfx_netlink_sendmsg+0x10/0x10 [ 207.526222][ T7504] ____sys_sendmsg+0xaaf/0xc90 [ 207.526244][ T7504] ? copy_msghdr_from_user+0x10b/0x160 [ 207.526262][ T7504] ? __pfx_____sys_sendmsg+0x10/0x10 [ 207.526297][ T7504] ___sys_sendmsg+0x135/0x1e0 [ 207.526316][ T7504] ? __pfx____sys_sendmsg+0x10/0x10 [ 207.526345][ T7504] ? __pfx_lock_release+0x10/0x10 [ 207.526368][ T7504] ? trace_lock_acquire+0x14e/0x1f0 [ 207.526397][ T7504] ? __fget_files+0x206/0x3a0 [ 207.526429][ T7504] __sys_sendmsg+0x16e/0x220 [ 207.526448][ T7504] ? __pfx___sys_sendmsg+0x10/0x10 [ 207.526483][ T7504] do_syscall_64+0xcd/0x250 [ 207.526510][ T7504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.526535][ T7504] RIP: 0033:0x7eff4678cd29 [ 207.526550][ T7504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.526566][ T7504] RSP: 002b:00007eff475f8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 207.526584][ T7504] RAX: ffffffffffffffda RBX: 00007eff469a5fa0 RCX: 00007eff4678cd29 [ 207.526596][ T7504] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 207.526607][ T7504] RBP: 00007eff475f8090 R08: 0000000000000000 R09: 0000000000000000 [ 207.526618][ T7504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.526628][ T7504] R13: 0000000000000000 R14: 00007eff469a5fa0 R15: 00007fff93a94158 [ 207.526652][ T7504] [ 207.753626][ T7508] FAULT_INJECTION: forcing a failure. [ 207.753626][ T7508] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 207.767286][ T7508] CPU: 0 UID: 0 PID: 7508 Comm: syz.3.419 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 207.767308][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 207.767318][ T7508] Call Trace: [ 207.767323][ T7508] [ 207.767330][ T7508] dump_stack_lvl+0x16c/0x1f0 [ 207.767361][ T7508] should_fail_ex+0x497/0x5b0 [ 207.767387][ T7508] _copy_to_user+0x32/0xd0 [ 207.767415][ T7508] simple_read_from_buffer+0xd0/0x160 [ 207.767443][ T7508] proc_fail_nth_read+0x198/0x270 [ 207.767468][ T7508] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.767493][ T7508] ? rw_verify_area+0xcf/0x680 [ 207.767517][ T7508] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.767539][ T7508] vfs_read+0x1df/0xbf0 [ 207.767565][ T7508] ? __fget_files+0x1fc/0x3a0 [ 207.767591][ T7508] ? __pfx___mutex_lock+0x10/0x10 [ 207.767618][ T7508] ? __pfx_vfs_read+0x10/0x10 [ 207.767650][ T7508] ? __fget_files+0x206/0x3a0 [ 207.767684][ T7508] ksys_read+0x12b/0x250 [ 207.767706][ T7508] ? __pfx_ksys_read+0x10/0x10 [ 207.767738][ T7508] do_syscall_64+0xcd/0x250 [ 207.767776][ T7508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.767802][ T7508] RIP: 0033:0x7fee54f8b73c [ 207.767817][ T7508] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 207.767835][ T7508] RSP: 002b:00007fee55de9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 207.767854][ T7508] RAX: ffffffffffffffda RBX: 00007fee551a6080 RCX: 00007fee54f8b73c [ 207.767866][ T7508] RDX: 000000000000000f RSI: 00007fee55de90a0 RDI: 0000000000000009 [ 207.767878][ T7508] RBP: 00007fee55de9090 R08: 0000000000000000 R09: 0000000000000000 [ 207.767890][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.767900][ T7508] R13: 0000000000000000 R14: 00007fee551a6080 R15: 00007ffe731006f8 [ 207.767927][ T7508] [ 207.954341][ C0] vkms_vblank_simulate: vblank timer overrun [ 208.052625][ T8] usb 1-1: config 0 has an invalid interface number: 20 but max is 0 [ 208.061632][ T8] usb 1-1: config 0 has no interface number 0 [ 208.067820][ T8] usb 1-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 208.085437][ T8] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 208.095821][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 208.103890][ T8] usb 1-1: Product: syz [ 208.108137][ T8] usb 1-1: Manufacturer: syz [ 208.112804][ T8] usb 1-1: SerialNumber: syz [ 208.119392][ T8] usb 1-1: config 0 descriptor?? [ 208.181565][ T7496] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 208.190394][ T8] usb-storage 1-1:0.20: USB Mass Storage device detected [ 208.245030][ T7520] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 208.248022][ T8] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 208.459672][ T8] scsi host1: usb-storage 1-1:0.20 [ 209.248933][ T5820] Bluetooth: hci1: unexpected event for opcode 0x5db3 [ 209.282754][ T35] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 209.820841][ T8] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 210.545913][ T46] usb 1-1: USB disconnect, device number 7 [ 210.642517][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 210.659046][ T8] usb 3-1: config 0 has an invalid interface number: 178 but max is 0 [ 210.918600][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.012434][ T8] usb 3-1: config 0 has no interface number 0 [ 211.018616][ T8] usb 3-1: config 0 interface 178 altsetting 0 endpoint 0x4 has invalid maxpacket 1289, setting to 64 [ 211.032055][ T8] usb 3-1: config 0 interface 178 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 211.051065][ T8] usb 3-1: New USB device found, idVendor=f755, idProduct=92f0, bcdDevice=ec.60 [ 211.064575][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.073098][ T8] usb 3-1: Product: syz [ 211.077496][ T8] usb 3-1: Manufacturer: syz [ 211.082587][ T8] usb 3-1: SerialNumber: syz [ 211.092025][ T8] usb 3-1: config 0 descriptor?? [ 211.291280][ T7552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.431'. [ 211.308647][ T7534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 211.467800][ T7534] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.302342][ T7534] input: syz0 as /devices/virtual/input/input6 [ 212.487706][ T8] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 212.676375][ T8] usb 3-1: USB disconnect, device number 17 [ 212.690718][ T29] audit: type=1800 audit(1737866214.579:513): pid=7559 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.432" name="file1" dev="tmpfs" ino=523 res=0 errno=0 [ 214.726564][ T29] audit: type=1400 audit(1737866216.619:514): avc: denied { associate } for pid=7567 comm="syz.0.436" name="84" dev="tmpfs" ino=511 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0" [ 215.200872][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 215.330761][ T29] audit: type=1400 audit(1737866217.199:515): avc: denied { connect } for pid=7586 comm="syz.4.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 215.371626][ T25] usb 2-1: Using ep0 maxpacket: 16 [ 215.380160][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.394581][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.408822][ T25] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 215.501136][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.539512][ T29] audit: type=1400 audit(1737866217.429:516): avc: denied { lock } for pid=7586 comm="syz.4.441" path="socket:[18766]" dev="sockfs" ino=18766 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 215.603457][ T25] usb 2-1: config 0 descriptor?? [ 216.059794][ T25] konepure 0003:1E7D:2DB4.0008: unknown main item tag 0x2 [ 216.088354][ T25] konepure 0003:1E7D:2DB4.0008: unknown main item tag 0x2 [ 216.104503][ T25] konepure 0003:1E7D:2DB4.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.1-1/input0 [ 216.128714][ T29] audit: type=1400 audit(1737866218.029:517): avc: denied { execute } for pid=7601 comm="syz.3.446" path="/dev/audio1" dev="devtmpfs" ino=1290 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1 [ 216.172855][ T29] audit: type=1400 audit(1737866218.059:518): avc: denied { read } for pid=7601 comm="syz.3.446" path="socket:[17828]" dev="sockfs" ino=17828 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 216.264867][ T7606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.448'. [ 216.323658][ T8] usb 2-1: USB disconnect, device number 8 [ 216.516108][ T29] audit: type=1400 audit(1737866218.419:519): avc: denied { read } for pid=7601 comm="syz.3.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 217.259213][ T29] audit: type=1400 audit(1737866219.159:520): avc: denied { create } for pid=7621 comm="syz.2.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 218.531331][ T7637] SET target dimension over the limit! [ 219.269993][ T7645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.459'. [ 221.741227][ T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 222.531125][ T8] usb 2-1: device descriptor read/64, error -71 [ 222.539541][ T7670] SELinux: syz.3.465 (7670) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 222.546702][ T7673] (unnamed net_device) (uninitialized): (slave hsr0): Device is not bonding slave [ 222.569300][ T7673] (unnamed net_device) (uninitialized): option active_slave: invalid value (hsr0) [ 222.581272][ T29] audit: type=1400 audit(1737866224.479:521): avc: denied { listen } for pid=7669 comm="syz.3.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 222.612281][ T29] audit: type=1400 audit(1737866224.479:522): avc: denied { accept } for pid=7669 comm="syz.3.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 222.903405][ T7679] Invalid source name [ 223.113579][ T7680] netlink: 'syz.2.466': attribute type 4 has an invalid length. [ 223.121450][ T8] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 223.165723][ T7674] netlink: 'syz.2.466': attribute type 4 has an invalid length. [ 223.260909][ T8] usb 2-1: device descriptor read/64, error -71 [ 223.372025][ T8] usb usb2-port1: attempt power cycle [ 223.622865][ T29] audit: type=1400 audit(1737866225.509:523): avc: denied { listen } for pid=7686 comm="syz.3.469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 223.910632][ T8] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 223.950951][ T8] usb 2-1: device descriptor read/8, error -71 [ 224.190785][ T970] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 224.960669][ T970] usb 5-1: Using ep0 maxpacket: 16 [ 225.058928][ T970] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 225.731274][ T970] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 225.750852][ T970] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.758921][ T970] usb 5-1: Product: syz [ 225.840688][ T970] usb 5-1: Manufacturer: syz [ 225.845349][ T970] usb 5-1: SerialNumber: syz [ 225.852923][ T970] usb 5-1: config 0 descriptor?? [ 225.859734][ T970] hub 5-1:0.0: bad descriptor, ignoring hub [ 225.866886][ T970] hub 5-1:0.0: probe with driver hub failed with error -5 [ 225.895730][ T970] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input7 [ 226.090153][ T7710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.475'. [ 227.027740][ T29] audit: type=1400 audit(1737866228.859:524): avc: denied { create } for pid=7714 comm="syz.0.476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 227.580115][ T7728] xt_ecn: cannot match TCP bits for non-tcp packets [ 227.617948][ T29] audit: type=1400 audit(1737866229.519:525): avc: denied { append } for pid=7729 comm="syz.0.481" name="nvme-fabrics" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 227.641136][ C0] vkms_vblank_simulate: vblank timer overrun [ 227.687939][ T7731] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 227.986092][ T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 228.191808][ T9] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 228.283498][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 228.388265][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 228.494447][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 228.506675][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 228.517410][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 228.533869][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 228.542212][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 228.620707][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 228.636583][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 228.646447][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 228.655831][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 228.669173][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 228.678104][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 228.687533][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 228.698879][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 228.717892][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 228.730169][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 228.765074][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 228.796568][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 228.851503][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 229.530370][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 229.559501][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 229.637213][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 229.648341][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 229.657313][ T9] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 229.666727][ T9] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 229.675203][ T9] usb 1-1: Product: syz [ 229.679523][ T9] usb 1-1: Manufacturer: syz [ 229.686566][ T9] usb 1-1: SerialNumber: syz [ 229.796595][ T9] usb 1-1: config 0 descriptor?? [ 229.807737][ T9] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0 [ 231.061407][ T46] usb 1-1: USB disconnect, device number 8 [ 231.116206][ T46] yurex 1-1:0.0: USB YUREX #0 now disconnected [ 231.330189][ T7765] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 231.438213][ T7767] netlink: 4 bytes leftover after parsing attributes in process `syz.1.492'. [ 231.455966][ T7769] snd_dummy snd_dummy.0: control 0:0:3:syz0:7 is already present [ 231.760614][ T7775] netlink: 1 bytes leftover after parsing attributes in process `syz.3.494'. [ 231.774517][ T29] audit: type=1400 audit(1737866233.649:526): avc: denied { create } for pid=7772 comm="syz.3.494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 232.521600][ T29] audit: type=1400 audit(1737866233.659:527): avc: denied { connect } for pid=7772 comm="syz.3.494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 232.713276][ T7782] FAULT_INJECTION: forcing a failure. [ 232.713276][ T7782] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 232.726732][ T7782] CPU: 0 UID: 0 PID: 7782 Comm: syz.2.496 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 232.726758][ T7782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 232.726768][ T7782] Call Trace: [ 232.726773][ T7782] [ 232.726778][ T7782] dump_stack_lvl+0x16c/0x1f0 [ 232.726799][ T7782] should_fail_ex+0x497/0x5b0 [ 232.726816][ T7782] _copy_to_user+0x32/0xd0 [ 232.726833][ T7782] simple_read_from_buffer+0xd0/0x160 [ 232.726849][ T7782] proc_fail_nth_read+0x198/0x270 [ 232.726863][ T7782] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 232.726877][ T7782] ? rw_verify_area+0xcf/0x680 [ 232.726891][ T7782] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 232.726904][ T7782] vfs_read+0x1df/0xbf0 [ 232.726920][ T7782] ? __pfx___mutex_lock+0x10/0x10 [ 232.726936][ T7782] ? __pfx_vfs_read+0x10/0x10 [ 232.726950][ T7782] ? rcu_is_watching+0x12/0xc0 [ 232.726964][ T7782] ? __rcu_read_unlock+0x2b4/0x580 [ 232.726980][ T7782] ? __fget_files+0x206/0x3a0 [ 232.727000][ T7782] ksys_read+0x12b/0x250 [ 232.727014][ T7782] ? __pfx_ksys_read+0x10/0x10 [ 232.727032][ T7782] do_syscall_64+0xcd/0x250 [ 232.727050][ T7782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.727065][ T7782] RIP: 0033:0x7f240238b73c [ 232.727075][ T7782] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 232.727086][ T7782] RSP: 002b:00007f240322e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 232.727097][ T7782] RAX: ffffffffffffffda RBX: 00007f24025a6080 RCX: 00007f240238b73c [ 232.727104][ T7782] RDX: 000000000000000f RSI: 00007f240322e0a0 RDI: 000000000000000e [ 232.727110][ T7782] RBP: 00007f240322e090 R08: 0000000000000000 R09: 0000000000000000 [ 232.727116][ T7782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.727123][ T7782] R13: 0000000000000000 R14: 00007f24025a6080 R15: 00007ffd7cc41268 [ 232.727136][ T7782] [ 232.877052][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 233.121161][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 233.198910][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 233.244591][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 233.290835][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 233.310803][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 233.328945][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 233.565698][ T8] usb 5-1: USB disconnect, device number 9 [ 233.580485][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 234.112815][ T7796] Cannot find add_set index 0 as target [ 234.385588][ T7779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=7779 comm=syz.3.497 [ 238.279975][ T7817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.508'. [ 238.799342][ T7826] trusted_key: encrypted_key: key user:syz not found [ 238.816486][ T7826] Invalid source name [ 240.049405][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.105199][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.177982][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.310993][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.431728][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.461374][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.496017][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.841971][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 240.875992][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=7838 comm=syz.1.513 [ 242.976995][ T3551] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 242.991434][ T7874] netlink: 4 bytes leftover after parsing attributes in process `syz.3.521'. [ 243.300713][ T29] audit: type=1400 audit(1737866245.199:528): avc: denied { map } for pid=7878 comm="syz.4.523" path="socket:[19552]" dev="sockfs" ino=19552 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 244.044353][ T29] audit: type=1400 audit(1737866245.939:529): avc: denied { connect } for pid=7883 comm="syz.1.524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 244.402741][ T29] audit: type=1400 audit(1737866246.309:530): avc: denied { read write } for pid=7876 comm="syz.0.522" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 244.538008][ T29] audit: type=1400 audit(1737866246.309:531): avc: denied { open } for pid=7876 comm="syz.0.522" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 246.134693][ T5820] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 247.835628][ T5871] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 248.384831][ T5871] usb 2-1: unable to get BOS descriptor or descriptor too short [ 248.404257][ T5871] usb 2-1: config 5 has an invalid interface number: 52 but max is 0 [ 248.426382][ T5871] usb 2-1: config 5 has no interface number 0 [ 248.454161][ T5871] usb 2-1: config 5 interface 52 has no altsetting 0 [ 248.483577][ T5871] usb 2-1: New USB device found, idVendor=1385, idProduct=5f02, bcdDevice=97.1d [ 248.503066][ T5871] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.524827][ T5871] usb 2-1: Product: syz [ 248.561555][ T5871] usb 2-1: Manufacturer: syz [ 248.584745][ T7930] trusted_key: encrypted_key: insufficient parameters specified [ 248.604111][ T7930] Invalid source name [ 248.636144][ T5871] usb 2-1: SerialNumber: syz [ 248.983853][ T5871] usb 2-1: Could not find all expected endpoints [ 249.051019][ T5871] usb 2-1: USB disconnect, device number 13 [ 250.321622][ T7941] netlink: 'syz.0.540': attribute type 1 has an invalid length. [ 250.340477][ T7941] netlink: 224 bytes leftover after parsing attributes in process `syz.0.540'. [ 252.620745][ T8] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 253.348109][ T5820] Bluetooth: hci2: unexpected event for opcode 0x0c46 [ 253.376603][ T8] usb 1-1: unable to get BOS descriptor or descriptor too short [ 254.387125][ T8] usb 1-1: not running at top speed; connect to a high speed hub [ 254.499398][ T8] usb 1-1: config 2 has an invalid interface number: 232 but max is 0 [ 254.787104][ T8] usb 1-1: config 2 has no interface number 0 [ 254.864552][ T8] usb 1-1: config 2 interface 232 has no altsetting 0 [ 254.876474][ T8] usb 1-1: string descriptor 0 read error: -71 [ 254.883246][ T8] usb 1-1: New USB device found, idVendor=056c, idProduct=8007, bcdDevice=5f.aa [ 254.900938][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.949191][ T8] usb 1-1: can't set config #2, error -71 [ 255.003796][ T8] usb 1-1: USB disconnect, device number 9 [ 255.049320][ T7978] FAULT_INJECTION: forcing a failure. [ 255.049320][ T7978] name failslab, interval 1, probability 0, space 0, times 0 [ 255.559901][ T7978] CPU: 1 UID: 0 PID: 7978 Comm: syz.0.550 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 255.559928][ T7978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 255.559935][ T7978] Call Trace: [ 255.559939][ T7978] [ 255.559944][ T7978] dump_stack_lvl+0x16c/0x1f0 [ 255.559965][ T7978] should_fail_ex+0x497/0x5b0 [ 255.559980][ T7978] ? fs_reclaim_acquire+0xae/0x150 [ 255.559996][ T7978] should_failslab+0xc2/0x120 [ 255.560014][ T7978] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 255.560033][ T7978] ? security_file_alloc+0x34/0x2b0 [ 255.560048][ T7978] security_file_alloc+0x34/0x2b0 [ 255.560061][ T7978] init_file+0x93/0x480 [ 255.560073][ T7978] alloc_empty_file+0x91/0x1e0 [ 255.560085][ T7978] alloc_file_pseudo+0x147/0x210 [ 255.560097][ T7978] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 255.560108][ T7978] ? alloc_fd+0x41f/0x760 [ 255.560123][ T7978] ? __pfx_lock_release+0x10/0x10 [ 255.560139][ T7978] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 255.560151][ T7978] __anon_inode_getfile+0x136/0x3d0 [ 255.560167][ T7978] ? _raw_spin_unlock+0x28/0x50 [ 255.560181][ T7978] ? __pfx___anon_inode_getfile+0x10/0x10 [ 255.560199][ T7978] anon_inode_getfd+0x52/0xb0 [ 255.560215][ T7978] __x64_sys_fsopen+0x18b/0x240 [ 255.560227][ T7978] do_syscall_64+0xcd/0x250 [ 255.560244][ T7978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.560259][ T7978] RIP: 0033:0x7f10a718cd29 [ 255.560269][ T7978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.560280][ T7978] RSP: 002b:00007f10a7f98038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 255.560290][ T7978] RAX: ffffffffffffffda RBX: 00007f10a73a5fa0 RCX: 00007f10a718cd29 [ 255.560297][ T7978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 255.560303][ T7978] RBP: 00007f10a7f98090 R08: 0000000000000000 R09: 0000000000000000 [ 255.560309][ T7978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 255.560315][ T7978] R13: 0000000000000001 R14: 00007f10a73a5fa0 R15: 00007ffd80cd1328 [ 255.560329][ T7978] [ 255.840777][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.849031][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.000918][ T29] audit: type=1400 audit(1737866257.829:532): avc: denied { name_bind 0x1000000 } for pid=7982 comm="syz.4.551" path="socket:[19819]" dev="sockfs" ino=19819 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 257.802601][ T7997] random: crng reseeded on system resumption [ 257.815889][ T29] audit: type=1400 audit(1737866259.709:533): avc: denied { append } for pid=7996 comm="syz.0.556" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 262.909817][ T8033] Invalid source name [ 263.470987][ T29] audit: type=1400 audit(1737866265.339:534): avc: denied { mounton } for pid=8034 comm="syz.1.565" path="/proc/412/cgroup" dev="proc" ino=20115 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 264.355263][ T29] audit: type=1400 audit(1737866266.259:535): avc: denied { setopt } for pid=8042 comm="syz.1.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 264.378711][ T8043] syz.1.568: attempt to access beyond end of device [ 264.378711][ T8043] loop1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 264.397472][ T8043] isofs_fill_super: bread failed, dev=loop1, iso_blknum=16, block=32 [ 264.440138][ T8043] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 264.459225][ T1051] Bluetooth: hci5: Frame reassembly failed (-84) [ 264.525559][ T29] audit: type=1400 audit(1737866266.429:536): avc: denied { write } for pid=8042 comm="syz.1.568" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 266.424930][ T29] audit: type=1326 audit(1737866268.329:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8076 comm="syz.3.573" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fee54f8cd29 code=0x0 [ 266.470723][ T5822] Bluetooth: hci5: command 0x1003 tx timeout [ 266.477194][ T5820] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 270.205595][ T29] audit: type=1400 audit(1737866272.109:538): avc: denied { ioctl } for pid=8116 comm="syz.1.580" path="socket:[20394]" dev="sockfs" ino=20394 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 270.376343][ T8120] netlink: 32 bytes leftover after parsing attributes in process `syz.1.580'. [ 272.961171][ T29] audit: type=1400 audit(1737866274.869:539): avc: denied { bind } for pid=8152 comm="syz.1.588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 273.006651][ T8158] vivid-002: disconnect [ 273.027640][ T29] audit: type=1400 audit(1737866274.929:540): avc: denied { ioctl } for pid=8157 comm="syz.3.590" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 273.132369][ T29] audit: type=1400 audit(1737866275.039:541): avc: denied { getopt } for pid=8157 comm="syz.3.590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 273.525574][ T8168] SET target dimension over the limit! [ 275.026366][ T8152] vivid-002: reconnect [ 276.122213][ T5871] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 277.551340][ T5871] usb 4-1: device descriptor read/all, error -71 [ 278.067984][ T8193] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 278.496204][ T8196] Invalid source name [ 281.752605][ T29] audit: type=1400 audit(1737866283.659:542): avc: denied { map } for pid=8226 comm="syz.1.610" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 281.775478][ C0] vkms_vblank_simulate: vblank timer overrun [ 282.175710][ T8234] veth0_to_team: entered promiscuous mode [ 282.181719][ T8234] veth0_to_team: entered allmulticast mode [ 282.516605][ T29] audit: type=1400 audit(1737866283.699:543): avc: denied { nlmsg_read } for pid=8226 comm="syz.1.610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 282.537007][ C0] vkms_vblank_simulate: vblank timer overrun [ 282.784128][ T8243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.613'. [ 284.033820][ T29] audit: type=1400 audit(1737866285.939:544): avc: denied { module_load } for pid=8255 comm="syz.1.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 284.053155][ C0] vkms_vblank_simulate: vblank timer overrun [ 284.145480][ T8260] Invalid source name [ 284.326871][ T8264] FAULT_INJECTION: forcing a failure. [ 284.326871][ T8264] name failslab, interval 1, probability 0, space 0, times 0 [ 284.339639][ T8264] CPU: 0 UID: 0 PID: 8264 Comm: syz.3.620 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 284.339662][ T8264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 284.339673][ T8264] Call Trace: [ 284.339679][ T8264] [ 284.339687][ T8264] dump_stack_lvl+0x16c/0x1f0 [ 284.339709][ T8264] should_fail_ex+0x497/0x5b0 [ 284.339724][ T8264] ? fs_reclaim_acquire+0xae/0x150 [ 284.339740][ T8264] should_failslab+0xc2/0x120 [ 284.339752][ T8264] __kmalloc_node_noprof+0xd1/0x510 [ 284.339763][ T8264] ? __kvmalloc_node_noprof+0x25/0x1a0 [ 284.339778][ T8264] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 284.339796][ T8264] __kvmalloc_node_noprof+0xad/0x1a0 [ 284.339812][ T8264] xt_alloc_table_info+0x3e/0xa0 [ 284.339830][ T8264] do_ipt_set_ctl+0x5b3/0xbe0 [ 284.339841][ T8264] ? __pfx___schedule+0x10/0x10 [ 284.339855][ T8264] ? lockdep_hardirqs_on+0x7c/0x110 [ 284.339871][ T8264] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 284.339885][ T8264] ? irqentry_exit+0x3b/0x90 [ 284.339904][ T8264] ? nf_setsockopt+0x4b/0xf0 [ 284.339923][ T8264] nf_setsockopt+0x8a/0xf0 [ 284.339939][ T8264] ip_setsockopt+0xcb/0xf0 [ 284.339953][ T8264] ipv6_setsockopt+0x155/0x170 [ 284.339970][ T8264] udpv6_setsockopt+0x7d/0xd0 [ 284.339987][ T8264] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 284.340001][ T8264] do_sock_setsockopt+0x222/0x480 [ 284.340014][ T8264] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 284.340027][ T8264] ? lock_acquire+0x2f/0xb0 [ 284.340048][ T8264] __sys_setsockopt+0x1a0/0x230 [ 284.340067][ T8264] __x64_sys_setsockopt+0xbd/0x160 [ 284.340083][ T8264] ? do_syscall_64+0x91/0x250 [ 284.340098][ T8264] ? lockdep_hardirqs_on+0x7c/0x110 [ 284.340112][ T8264] do_syscall_64+0xcd/0x250 [ 284.340128][ T8264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.340144][ T8264] RIP: 0033:0x7fee54f8cd29 [ 284.340153][ T8264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.340173][ T8264] RSP: 002b:00007fee55dc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 284.340183][ T8264] RAX: ffffffffffffffda RBX: 00007fee551a6160 RCX: 00007fee54f8cd29 [ 284.340190][ T8264] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005 [ 284.340196][ T8264] RBP: 00007fee55dc8090 R08: 0000000000000478 R09: 0000000000000000 [ 284.340202][ T8264] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000001 [ 284.340209][ T8264] R13: 0000000000000000 R14: 00007fee551a6160 R15: 00007ffe731006f8 [ 284.340222][ T8264] [ 284.585013][ C0] vkms_vblank_simulate: vblank timer overrun [ 286.596364][ T29] audit: type=1400 audit(1737866288.499:545): avc: denied { setopt } for pid=8279 comm="syz.2.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 286.874430][ T8282] Invalid source name [ 288.467231][ T29] audit: type=1400 audit(1737866290.359:546): avc: denied { bind } for pid=8299 comm="syz.0.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 288.518991][ T8300] netlink: 'syz.0.631': attribute type 1 has an invalid length. [ 288.550162][ T8300] netlink: 'syz.0.631': attribute type 2 has an invalid length. [ 288.559802][ T29] audit: type=1400 audit(1737866290.359:547): avc: denied { setopt } for pid=8299 comm="syz.0.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 289.955114][ T8317] tipc: Started in network mode [ 289.960065][ T8317] tipc: Node identity 7, cluster identity 4711 [ 289.966490][ T8317] tipc: Node number set to 7 [ 289.971620][ T8317] tipc: Cannot configure node identity twice [ 291.311679][ T8325] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 293.409859][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 293.425099][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 293.449799][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 293.481193][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 293.612161][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 294.310785][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 294.341800][ T8353] netlink: 666 bytes leftover after parsing attributes in process `syz.0.645'. [ 294.397489][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 294.414639][ T8353] overlayfs: failed to resolve './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 294.420798][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 294.537906][ T8353] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8353 comm=syz.0.645 [ 294.555126][ T29] audit: type=1400 audit(1737866296.459:548): avc: denied { read } for pid=8348 comm="syz.0.645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 294.566743][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=8347 comm=syz.4.646 [ 294.575250][ C0] vkms_vblank_simulate: vblank timer overrun [ 295.671417][ T5866] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 295.882289][ T5866] usb 1-1: Using ep0 maxpacket: 32 [ 295.912669][ T5866] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.932500][ T5866] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 295.944965][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.985533][ T5866] usb 1-1: Product: syz [ 296.002113][ T5866] usb 1-1: Manufacturer: syz [ 296.027527][ T5866] usb 1-1: SerialNumber: syz [ 296.050756][ T29] audit: type=1400 audit(1737866297.909:549): avc: denied { create } for pid=8378 comm="syz.4.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 296.122761][ T5866] usb 1-1: config 0 descriptor?? [ 296.146925][ T5866] usb 1-1: bad CDC descriptors [ 296.210342][ T5866] usb 1-1: unsupported MDLM descriptors [ 296.241928][ T29] audit: type=1400 audit(1737866297.979:550): avc: denied { ioctl } for pid=8378 comm="syz.4.653" path="socket:[23897]" dev="sockfs" ino=23897 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 296.459882][ T5866] usb 1-1: USB disconnect, device number 10 [ 296.665251][ T5820] Bluetooth: hci2: unexpected event for opcode 0x5db3 [ 296.831511][ T8392] netlink: 4 bytes leftover after parsing attributes in process `syz.3.656'. [ 299.198756][ T8402] selinux_netlink_send: 9 callbacks suppressed [ 299.198774][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 299.220840][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 299.313317][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 299.378524][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 299.580775][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 299.646420][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 299.853802][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 300.487035][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 300.518685][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=8402 comm=syz.1.661 [ 300.708909][ T8424] Invalid source name [ 302.678939][ T8439] Invalid source name [ 302.904912][ T8437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.670'. [ 303.442344][ T8] usb 2-1: new full-speed USB device number 14 using dummy_hcd [ 303.886950][ T8] usb 2-1: config 0 has an invalid interface number: 20 but max is 0 [ 303.896039][ T8] usb 2-1: config 0 has no interface number 0 [ 303.933426][ T8] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 303.996243][ T8457] SET target dimension over the limit! [ 304.040940][ T8457] netlink: 48 bytes leftover after parsing attributes in process `syz.2.675'. [ 304.343965][ T8458] xt_limit: Overflow, try lower: 2147483649/32768 [ 305.529038][ T8] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 305.630946][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.681449][ T8] usb 2-1: Product: syz [ 305.690733][ T8] usb 2-1: Manufacturer: syz [ 305.742308][ T8] usb 2-1: SerialNumber: syz [ 305.937621][ T8] usb 2-1: config 0 descriptor?? [ 305.953529][ T8441] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 305.973003][ T8] usb-storage 2-1:0.20: USB Mass Storage device detected [ 306.018576][ T8467] input: syz1 as /devices/virtual/input/input8 [ 306.025230][ T8] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 306.076677][ T8] scsi host1: usb-storage 2-1:0.20 [ 306.164291][ T8] usb 2-1: USB disconnect, device number 14 [ 306.346894][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 306.543955][ T9] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b6.5a [ 306.573815][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.587868][ T9] usb 5-1: Product: syz [ 306.592761][ T9] usb 5-1: Manufacturer: syz [ 306.610368][ T9] usb 5-1: SerialNumber: syz [ 306.626402][ T9] usb 5-1: config 0 descriptor?? [ 307.312361][ T29] audit: type=1400 audit(1737866309.219:551): avc: denied { getopt } for pid=8466 comm="syz.4.677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 307.333685][ T9] usb 5-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 307.350757][ T9] usb 5-1: Firmware version (0.0) predates our first public release. [ 307.383952][ T9] usb 5-1: Please update to version 0.2 or newer [ 307.725608][ T8488] netlink: 4 bytes leftover after parsing attributes in process `syz.3.683'. [ 307.774558][ T9] usb 5-1: USB disconnect, device number 10 [ 307.960656][ T5871] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 308.121254][ T5871] usb 3-1: Using ep0 maxpacket: 16 [ 308.127768][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 308.139517][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 308.150519][ T5871] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 308.159572][ T5871] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.169475][ T5871] usb 3-1: config 0 descriptor?? [ 308.325480][ T8494] netlink: 20 bytes leftover after parsing attributes in process `syz.4.685'. [ 308.333491][ T29] audit: type=1400 audit(1737866310.239:552): avc: denied { accept } for pid=8491 comm="syz.3.684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 308.390776][ T5820] Bluetooth: hci1: command 0x0c1a tx timeout [ 308.397164][ T8472] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 308.404391][ T8472] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 309.142543][ T8472] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 309.233657][ T8472] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 309.300170][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 309.392094][ T8472] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 309.525577][ T8472] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 309.562273][ T8472] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 309.562972][ T5871] usbhid 3-1:0.0: can't add hid device: -71 [ 309.575372][ T8472] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 309.583438][ T5871] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 309.605122][ T5871] usb 3-1: USB disconnect, device number 18 [ 309.698533][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 309.758876][ T9] usb 4-1: config 64 has an invalid interface number: 110 but max is 0 [ 309.771867][ T9] usb 4-1: config 64 has no interface number 0 [ 309.802922][ T9] usb 4-1: config 64 interface 110 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 309.828964][ T9] usb 4-1: config 64 interface 110 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 309.851554][ T9] usb 4-1: config 64 interface 110 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024 [ 309.870548][ T9] usb 4-1: config 64 interface 110 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 310.090569][ T9] usb 4-1: config 64 interface 110 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 310.121144][ T9] usb 4-1: config 64 interface 110 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 310.158857][ T9] usb 4-1: config 64 interface 110 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 310.181713][ T8509] netlink: 12 bytes leftover after parsing attributes in process `syz.0.688'. [ 310.218065][ T9] usb 4-1: New USB device found, idVendor=04fc, idProduct=0231, bcdDevice=6f.a9 [ 310.422457][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.430725][ T9] usb 4-1: Product: syz [ 310.435005][ T9] usb 4-1: Manufacturer: syz [ 310.439610][ T9] usb 4-1: SerialNumber: syz [ 310.629391][ T8492] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 310.640465][ T9] spcp8x5 4-1:64.110: SPCP8x5 converter detected [ 310.688139][ T9] usb 4-1: SPCP8x5 converter now attached to ttyUSB0 [ 310.934343][ T8] usb 4-1: USB disconnect, device number 5 [ 310.954214][ T8] SPCP8x5 ttyUSB0: SPCP8x5 converter now disconnected from ttyUSB0 [ 310.968838][ T8] spcp8x5 4-1:64.110: device disconnected [ 311.518417][ T8534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.695'. [ 311.961816][ T8] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 312.120576][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 312.140227][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 312.179327][ T8] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 312.194295][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.221457][ T8] usb 3-1: Product: syz [ 312.226799][ T8] usb 3-1: Manufacturer: syz [ 312.243820][ T8] usb 3-1: SerialNumber: syz [ 312.260772][ T8] usb 3-1: config 0 descriptor?? [ 312.278022][ T8] hub 3-1:0.0: bad descriptor, ignoring hub [ 312.327432][ T8] hub 3-1:0.0: probe with driver hub failed with error -5 [ 312.351932][ T8] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input9 [ 313.306918][ T8549] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 313.893891][ T8560] libceph: resolve '0.0' (ret=-3): failed [ 314.675251][ T5865] usb 3-1: USB disconnect, device number 19 [ 315.697542][ T8575] netlink: 12 bytes leftover after parsing attributes in process `syz.0.705'. [ 316.660343][ T8592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.710'. [ 317.309308][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.316202][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.950665][ T29] audit: type=1400 audit(1737866321.849:553): avc: denied { read } for pid=8619 comm="syz.0.716" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 319.996145][ T8622] raw_sendmsg: syz.0.716 forgot to set AF_INET. Fix it! [ 320.127960][ T29] audit: type=1400 audit(1737866322.029:554): avc: denied { read } for pid=8621 comm="syz.2.717" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 323.954419][ T8654] FAULT_INJECTION: forcing a failure. [ 323.954419][ T8654] name failslab, interval 1, probability 0, space 0, times 0 [ 323.996178][ T8654] CPU: 0 UID: 0 PID: 8654 Comm: syz.1.725 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 323.996208][ T8654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 323.996219][ T8654] Call Trace: [ 323.996225][ T8654] [ 323.996233][ T8654] dump_stack_lvl+0x16c/0x1f0 [ 323.996264][ T8654] should_fail_ex+0x497/0x5b0 [ 323.996287][ T8654] ? fs_reclaim_acquire+0xae/0x150 [ 323.996314][ T8654] should_failslab+0xc2/0x120 [ 323.996334][ T8654] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 323.996364][ T8654] ? __alloc_skb+0x2b1/0x380 [ 323.996395][ T8654] __alloc_skb+0x2b1/0x380 [ 323.996427][ T8654] ? __pfx___alloc_skb+0x10/0x10 [ 323.996456][ T8654] ? avc_has_perm_noaudit+0x119/0x3a0 [ 323.996481][ T8654] ? __pfx_lock_release+0x10/0x10 [ 323.996507][ T8654] ? trace_lock_acquire+0x14e/0x1f0 [ 323.996531][ T8654] alloc_skb_with_frags+0xe4/0x850 [ 323.996551][ T8654] ? avc_has_perm_noaudit+0x61/0x3a0 [ 323.996581][ T8654] sock_alloc_send_pskb+0x7f1/0x980 [ 323.996609][ T8654] ? avc_has_perm+0x11b/0x1c0 [ 323.996634][ T8654] ? __pfx_avc_has_perm+0x10/0x10 [ 323.996661][ T8654] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 323.996686][ T8654] ? avc_has_perm_noaudit+0x143/0x3a0 [ 323.996714][ T8654] ? sock_has_perm+0x25a/0x2f0 [ 323.996741][ T8654] ? __pfx_sock_has_perm+0x10/0x10 [ 323.996771][ T8654] hci_sock_sendmsg+0x1c8/0x25e0 [ 323.996796][ T8654] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 323.996822][ T8654] sock_write_iter+0x4fe/0x5b0 [ 323.996847][ T8654] ? __pfx_sock_write_iter+0x10/0x10 [ 323.996883][ T8654] ? rw_verify_area+0xcf/0x680 [ 323.996909][ T8654] vfs_write+0x5ae/0x1150 [ 323.996934][ T8654] ? __pfx_sock_write_iter+0x10/0x10 [ 323.996959][ T8654] ? __pfx_vfs_write+0x10/0x10 [ 323.996986][ T8654] ? __fget_files+0x40/0x3a0 [ 323.997025][ T8654] ksys_write+0x207/0x250 [ 323.997049][ T8654] ? __pfx_ksys_write+0x10/0x10 [ 323.997082][ T8654] do_syscall_64+0xcd/0x250 [ 323.997111][ T8654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.997137][ T8654] RIP: 0033:0x7eff4678cd29 [ 323.997152][ T8654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.997173][ T8654] RSP: 002b:00007eff475f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 323.997191][ T8654] RAX: ffffffffffffffda RBX: 00007eff469a5fa0 RCX: 00007eff4678cd29 [ 323.997204][ T8654] RDX: 000000000000000d RSI: 0000000020000000 RDI: 0000000000000004 [ 323.997215][ T8654] RBP: 00007eff475f8090 R08: 0000000000000000 R09: 0000000000000000 [ 323.997226][ T8654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 323.997237][ T8654] R13: 0000000000000000 R14: 00007eff469a5fa0 R15: 00007fff93a94158 [ 323.997262][ T8654] [ 324.265199][ C0] vkms_vblank_simulate: vblank timer overrun [ 324.561600][ T8668] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 325.720909][ T5871] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 326.083684][ T5871] usb 5-1: unable to get BOS descriptor or descriptor too short [ 326.386011][ T5871] usb 5-1: not running at top speed; connect to a high speed hub [ 326.469521][ T5871] usb 5-1: config 17 has an invalid interface number: 8 but max is 1 [ 326.490929][ T5871] usb 5-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config [ 326.523385][ T5871] usb 5-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 326.560675][ T5871] usb 5-1: config 17 has no interface number 0 [ 326.579767][ T5871] usb 5-1: config 17 interface 8 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 326.644115][ T5871] usb 5-1: config 17 interface 8 has no altsetting 0 [ 326.691099][ T5871] usb 5-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 326.740931][ T5871] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.753972][ T5871] usb 5-1: Product: syz [ 326.758173][ T5871] usb 5-1: Manufacturer: syz [ 326.780620][ T5871] usb 5-1: SerialNumber: syz [ 327.150655][ T8658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 327.159167][ T8658] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 327.186338][ T5871] usb 5-1: selecting invalid altsetting 0 [ 327.976260][ T5871] usb 5-1: USB disconnect, device number 11 [ 329.090822][ T46] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 329.360756][ T46] usb 1-1: Using ep0 maxpacket: 16 [ 329.374662][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 329.389674][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 329.399874][ T46] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 329.414972][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.492472][ T29] audit: type=1326 audit(1737866331.399:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8715 comm="syz.4.742" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbecc98cd29 code=0x0 [ 329.495803][ T46] usb 1-1: config 0 descriptor?? [ 329.763065][ T8721] netlink: 48 bytes leftover after parsing attributes in process `syz.1.743'. [ 330.003113][ T29] audit: type=1400 audit(1737866331.909:556): avc: denied { create } for pid=8726 comm="syz.1.746" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 330.038957][ T29] audit: type=1400 audit(1737866331.929:557): avc: denied { read } for pid=8726 comm="syz.1.746" name="file0" dev="tmpfs" ino=853 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 330.120122][ T46] usbhid 1-1:0.0: can't add hid device: -71 [ 330.123356][ T29] audit: type=1400 audit(1737866331.929:558): avc: denied { open } for pid=8726 comm="syz.1.746" path="/153/file0" dev="tmpfs" ino=853 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 330.134054][ T46] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 330.158646][ T29] audit: type=1400 audit(1737866331.929:559): avc: denied { watch watch_reads } for pid=8726 comm="syz.1.746" path="/153/file0" dev="tmpfs" ino=853 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 330.355150][ T46] usb 1-1: USB disconnect, device number 11 [ 331.510682][ T29] audit: type=1400 audit(1737866333.399:560): avc: denied { unlink } for pid=5815 comm="syz-executor" name="file0" dev="tmpfs" ino=853 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 331.541140][ T8739] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 331.686521][ T8749] netlink: 8 bytes leftover after parsing attributes in process `syz.1.751'. [ 331.775475][ T8749] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 331.784551][ T8749] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 331.790704][ T46] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 331.795738][ T8749] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 331.998647][ T29] audit: type=1326 audit(1737866333.699:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8742 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4678cd29 code=0x7ffc0000 [ 332.129697][ T8751] netlink: 8 bytes leftover after parsing attributes in process `syz.0.749'. [ 332.175215][ T46] usb 4-1: unable to get BOS descriptor or descriptor too short [ 332.378563][ T46] usb 4-1: not running at top speed; connect to a high speed hub [ 332.400614][ T29] audit: type=1326 audit(1737866333.739:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8742 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4678cd29 code=0x7ffc0000 [ 332.465338][ T29] audit: type=1326 audit(1737866333.799:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8742 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff4678cd29 code=0x7ffc0000 [ 332.510204][ T46] usb 4-1: config 17 has an invalid interface number: 8 but max is 1 [ 332.538664][ T29] audit: type=1326 audit(1737866333.799:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8742 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff4678cd29 code=0x7ffc0000 [ 332.591023][ T46] usb 4-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config [ 332.619597][ T46] usb 4-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 332.643529][ T46] usb 4-1: config 17 has no interface number 0 [ 332.650163][ T46] usb 4-1: config 17 interface 8 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 332.692062][ T46] usb 4-1: config 17 interface 8 has no altsetting 0 [ 333.683991][ T46] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 333.717215][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.755579][ T46] usb 4-1: Product: syz [ 334.077802][ T46] usb 4-1: Manufacturer: syz [ 334.088381][ T46] usb 4-1: SerialNumber: syz [ 334.248352][ T8770] netlink: 8 bytes leftover after parsing attributes in process `syz.2.754'. [ 334.963955][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 334.963973][ T29] audit: type=1400 audit(1737866336.809:569): avc: denied { module_request } for pid=8747 comm="syz.4.750" kmod="fs-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 335.402139][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.756'. [ 335.523576][ T29] audit: type=1326 audit(1737866337.419:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.757" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f10a718cd29 code=0x0 [ 336.660678][ T5867] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 336.830836][ T5867] usb 1-1: Using ep0 maxpacket: 16 [ 336.865134][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 336.923373][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 336.947958][ T5867] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 336.983677][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 337.048141][ T5867] usb 1-1: config 0 descriptor?? [ 337.218764][ T46] usb 4-1: selecting invalid altsetting 0 [ 337.247166][ T46] usb 4-1: USB disconnect, device number 6 [ 337.381000][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.394230][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.434444][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.449981][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.478110][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.495200][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.508558][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.524238][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 337.600084][ T8802] netlink: 12 bytes leftover after parsing attributes in process `syz.4.761'. [ 337.764543][ T5867] usbhid 1-1:0.0: can't add hid device: -71 [ 338.083613][ T8803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=8803 comm=syz.3.763 [ 338.091684][ T5867] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 338.116202][ T8810] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 338.143940][ T5867] usb 1-1: USB disconnect, device number 12 [ 338.144836][ T29] audit: type=1400 audit(1737866339.999:571): avc: denied { read write } for pid=8808 comm="syz.2.765" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 338.179603][ T5906] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz1 [ 338.245283][ T29] audit: type=1400 audit(1737866339.999:572): avc: denied { open } for pid=8808 comm="syz.2.765" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 338.440831][ T46] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 338.799708][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 338.844121][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 338.865419][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 338.917357][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 338.950866][ T46] usb 3-1: New USB device found, idVendor=0738, idProduct=a2c5, bcdDevice=1e.ce [ 338.990903][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.010757][ T46] usb 3-1: Product: syz [ 339.014972][ T46] usb 3-1: Manufacturer: syz [ 339.019569][ T46] usb 3-1: SerialNumber: syz [ 339.269594][ T46] usb 3-1: config 0 descriptor?? [ 339.270586][ C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 339.987839][ T46] xpad 3-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 340.154998][ T46] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input10 [ 340.416702][ T46] usb 3-1: USB disconnect, device number 20 [ 340.440294][ T46] xpad 3-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 341.908992][ T8860] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 342.480690][ T5867] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 342.530538][ T8867] netlink: 1 bytes leftover after parsing attributes in process `syz.2.777'. [ 343.486970][ T29] audit: type=1326 audit(1737866345.389:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8868 comm="syz.4.779" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbecc98cd29 code=0x0 [ 343.901530][ T5867] usb 4-1: unable to get BOS descriptor or descriptor too short [ 343.919803][ T5867] usb 4-1: not running at top speed; connect to a high speed hub [ 343.933402][ T5867] usb 4-1: config 17 has an invalid interface number: 8 but max is 1 [ 343.955235][ T5867] usb 4-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config [ 343.965513][ T5867] usb 4-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 343.979855][ T5867] usb 4-1: config 17 has no interface number 0 [ 343.986644][ T5867] usb 4-1: config 17 interface 8 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 344.010535][ T5867] usb 4-1: config 17 interface 8 has no altsetting 0 [ 344.024208][ T5867] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 344.050622][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.058704][ T5867] usb 4-1: Product: syz [ 344.067577][ T5867] usb 4-1: Manufacturer: syz [ 344.085995][ T5867] usb 4-1: SerialNumber: syz [ 344.616051][ T8858] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 344.624615][ T8858] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 344.654130][ T5867] usb 4-1: selecting invalid altsetting 0 [ 344.724502][ T5867] usb 4-1: USB disconnect, device number 7 [ 344.847276][ T29] audit: type=1400 audit(1737866346.749:574): avc: denied { getopt } for pid=8882 comm="syz.4.781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 346.410743][ T970] usb 3-1: new full-speed USB device number 21 using dummy_hcd [ 346.625576][ T970] usb 3-1: config 0 has an invalid interface number: 20 but max is 0 [ 346.665448][ T970] usb 3-1: config 0 has no interface number 0 [ 346.691297][ T970] usb 3-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 346.706071][ T970] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 346.715664][ T970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 346.725017][ T970] usb 3-1: Product: syz [ 346.729395][ T970] usb 3-1: Manufacturer: syz [ 346.734281][ T970] usb 3-1: SerialNumber: syz [ 346.742244][ T970] usb 3-1: config 0 descriptor?? [ 346.755160][ T8899] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 346.764831][ T970] usb-storage 3-1:0.20: USB Mass Storage device detected [ 346.773736][ T970] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 346.971622][ T970] scsi host1: usb-storage 3-1:0.20 [ 347.154113][ T8913] netlink: 1 bytes leftover after parsing attributes in process `syz.0.788'. [ 348.088763][ T8921] netlink: 1 bytes leftover after parsing attributes in process `syz.1.789'. [ 348.881930][ T8906] netlink: 12 bytes leftover after parsing attributes in process `syz.3.787'. [ 349.913100][ T46] usb 3-1: USB disconnect, device number 21 [ 350.908032][ T9] usb 2-1: new full-speed USB device number 15 using dummy_hcd [ 351.236312][ T8961] netlink: 1 bytes leftover after parsing attributes in process `syz.2.797'. [ 351.500840][ T8963] SET target dimension over the limit! [ 352.085269][ T9] usb 2-1: config 0 has an invalid interface number: 20 but max is 0 [ 352.104447][ T9] usb 2-1: config 0 has no interface number 0 [ 352.117554][ T9] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 352.675690][ T9] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 352.692554][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 352.701406][ T9] usb 2-1: Product: syz [ 352.705734][ T9] usb 2-1: Manufacturer: syz [ 352.710377][ T9] usb 2-1: SerialNumber: syz [ 352.717045][ T9] usb 2-1: config 0 descriptor?? [ 352.722677][ T8934] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 352.804533][ T9] usb-storage 2-1:0.20: USB Mass Storage device detected [ 352.834808][ T9] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 353.289013][ T9] scsi host1: usb-storage 2-1:0.20 [ 353.300002][ T9] usb 2-1: USB disconnect, device number 15 [ 353.628243][ T5865] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 353.796367][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.804'. [ 354.165721][ T5865] usb 3-1: Using ep0 maxpacket: 16 [ 354.173035][ T5865] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 354.213078][ T5865] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 354.230647][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.256288][ T5865] usb 3-1: Product: syz [ 354.289685][ T5865] usb 3-1: Manufacturer: syz [ 354.330623][ T5865] usb 3-1: SerialNumber: syz [ 354.366329][ T5865] usb 3-1: config 0 descriptor?? [ 354.392227][ T5865] hub 3-1:0.0: bad descriptor, ignoring hub [ 354.400836][ T5865] hub 3-1:0.0: probe with driver hub failed with error -5 [ 354.492821][ T5865] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input11 [ 356.801785][ T8985] libceph: resolve '0.0' (ret=-3): failed [ 357.482858][ T9025] netlink: 1 bytes leftover after parsing attributes in process `syz.4.810'. [ 357.531520][ T5865] usb 3-1: USB disconnect, device number 22 [ 358.634265][ T29] audit: type=1326 audit(1737866360.539:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9029 comm="syz.4.813" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbecc98cd29 code=0x0 [ 360.030461][ T9047] SET target dimension over the limit! [ 360.971296][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.508979][ T5906] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 361.570959][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.631351][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.669117][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.692827][ T5906] usb 5-1: Using ep0 maxpacket: 16 [ 361.706225][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.708349][ T5906] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 361.750661][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.766623][ T5906] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 361.775987][ T5906] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.790624][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.804116][ T5906] usb 5-1: Product: syz [ 361.808300][ T5906] usb 5-1: Manufacturer: syz [ 361.824648][ T5906] usb 5-1: SerialNumber: syz [ 361.835581][ T5906] usb 5-1: config 0 descriptor?? [ 361.854862][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 361.912590][ T5906] hub 5-1:0.0: bad descriptor, ignoring hub [ 361.935935][ T5906] hub 5-1:0.0: probe with driver hub failed with error -5 [ 362.624304][ T5906] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input12 [ 362.679590][ T9054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=9054 comm=syz.3.819 [ 362.991317][ T9042] libceph: resolve '0.0' (ret=-3): failed [ 363.250975][ T970] usb 5-1: USB disconnect, device number 12 [ 363.321459][ T5906] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 363.912313][ T5906] usb 3-1: Using ep0 maxpacket: 16 [ 363.919525][ T5906] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 363.930728][ T5906] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 363.940565][ T5906] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 363.950268][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.198012][ T5906] usb 3-1: config 0 descriptor?? [ 364.234381][ T29] audit: type=1326 audit(1737866366.039:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9079 comm="syz.0.826" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f10a718cd29 code=0x0 [ 364.653924][ T5906] konepure 0003:1E7D:2DB4.000A: unknown main item tag 0x2 [ 364.661614][ T5906] konepure 0003:1E7D:2DB4.000A: unknown main item tag 0x2 [ 364.673825][ T5906] konepure 0003:1E7D:2DB4.000A: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.2-1/input0 [ 365.910022][ T5866] usb 3-1: USB disconnect, device number 23 [ 366.900652][ T9] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 367.063455][ T9] usb 1-1: config 0 has an invalid interface number: 20 but max is 0 [ 367.090869][ T9] usb 1-1: config 0 has no interface number 0 [ 367.105305][ T9] usb 1-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 367.136128][ T9] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 367.147034][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 367.160104][ T9] usb 1-1: Product: syz [ 367.164757][ T29] audit: type=1400 audit(1737866369.059:577): avc: denied { map } for pid=9119 comm="syz.3.838" path="/dev/tty4" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 367.165602][ T9] usb 1-1: Manufacturer: syz [ 367.191186][ T9122] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.246659][ T9] usb 1-1: SerialNumber: syz [ 367.266573][ T9] usb 1-1: config 0 descriptor?? [ 367.273697][ T9102] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 367.286543][ T9122] bridge_slave_0 (unregistering): left allmulticast mode [ 367.297329][ T9] usb-storage 1-1:0.20: USB Mass Storage device detected [ 367.308299][ T9122] bridge_slave_0 (unregistering): left promiscuous mode [ 367.318124][ T9] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 367.323934][ T9127] 9pnet: p9_errstr2errno: server reported unknown error ~zx [ 367.338434][ T9122] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.372305][ T9130] overlayfs: failed to resolve './file1': -2 [ 367.529761][ T9] scsi host1: usb-storage 1-1:0.20 [ 367.780598][ T29] audit: type=1400 audit(1737866369.679:578): avc: denied { read write } for pid=9139 comm="syz.4.845" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 367.847382][ T29] audit: type=1400 audit(1737866369.679:579): avc: denied { open } for pid=9139 comm="syz.4.845" path="/177/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 367.892134][ T9145] tipc: Started in network mode [ 367.899127][ T9145] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 367.910136][ T9145] tipc: Enabled bearer , priority 0 [ 367.940602][ T29] audit: type=1800 audit(1737866369.709:580): pid=9140 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.845" name="/" dev="9p" ino=2 res=0 errno=0 [ 369.084728][ T5865] tipc: Node number set to 11578026 [ 369.101945][ T29] audit: type=1400 audit(1737866369.789:581): avc: denied { unmount } for pid=5824 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 369.701896][ T9134] usb 1-1: reset full-speed USB device number 13 using dummy_hcd [ 370.178681][ T29] audit: type=1400 audit(1737866372.069:582): avc: denied { bind } for pid=9158 comm="syz.4.854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 370.250683][ T29] audit: type=1400 audit(1737866372.079:583): avc: denied { setopt } for pid=9157 comm="syz.3.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 371.429071][ T29] audit: type=1400 audit(1737866372.669:584): avc: denied { ioctl } for pid=9170 comm="syz.1.859" path="socket:[27548]" dev="sockfs" ino=27548 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 371.495816][ T5866] usb 1-1: USB disconnect, device number 13 [ 372.581471][ T29] audit: type=1400 audit(1737866374.489:585): avc: denied { bind } for pid=9191 comm="syz.4.864" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 372.632025][ T5865] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 372.710982][ T29] audit: type=1400 audit(1737866374.609:586): avc: denied { create } for pid=9165 comm="syz.3.856" name="#38" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 372.773229][ T29] audit: type=1400 audit(1737866374.649:587): avc: denied { link } for pid=9165 comm="syz.3.856" name="#38" dev="tmpfs" ino=988 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 372.795694][ T29] audit: type=1400 audit(1737866374.659:588): avc: denied { rename } for pid=9165 comm="syz.3.856" name="#39" dev="tmpfs" ino=988 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 372.850784][ T5865] usb 3-1: Using ep0 maxpacket: 8 [ 372.870665][ T5866] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 373.085455][ T5865] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 373.096927][ T5865] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 373.120170][ T5865] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 373.135216][ T5865] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 373.145692][ T5865] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 373.145719][ T5866] usb 1-1: Using ep0 maxpacket: 32 [ 373.165122][ T5865] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 373.178540][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.207764][ T5866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 373.230560][ T5866] usb 1-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 373.239650][ T5866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.282302][ T5866] usb 1-1: config 0 descriptor?? [ 373.303851][ T5820] block nbd4: Receive control failed (result -32) [ 373.326091][ T9195] block nbd4: shutting down sockets [ 373.411859][ T5865] usb 3-1: GET_CAPABILITIES returned 0 [ 373.429033][ T5865] usbtmc 3-1:16.0: can't read capabilities [ 373.494694][ T5866] usbhid 1-1:0.0: can't add hid device: -71 [ 373.521312][ T5866] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 373.551055][ T5866] usb 1-1: USB disconnect, device number 14 [ 373.595173][ T29] audit: type=1326 audit(1737866375.499:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9201 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10a718cd29 code=0x7ffc0000 [ 373.644408][ T46] usb 3-1: USB disconnect, device number 24 [ 373.664469][ T29] audit: type=1326 audit(1737866375.499:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9201 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10a718cd29 code=0x7ffc0000 [ 373.702721][ T29] audit: type=1326 audit(1737866375.529:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9201 comm="syz.0.867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10a718cd29 code=0x7ffc0000 [ 373.907255][ T9218] Cache volume key already in use (9p,(null),) [ 374.836424][ T9237] netlink: 'syz.1.881': attribute type 1 has an invalid length. [ 374.854680][ T9237] netlink: 'syz.1.881': attribute type 2 has an invalid length. [ 375.541606][ T9237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.881'. [ 378.453569][ T9284] veth0_vlan: entered allmulticast mode [ 378.563264][ T9284] veth0_vlan: left promiscuous mode [ 378.573757][ T9284] veth0_vlan: entered promiscuous mode [ 379.055902][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.062362][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.202461][ T9282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.891'. [ 379.695017][ T9296] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 379.882525][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 379.882560][ T29] audit: type=1400 audit(1737866381.759:600): avc: denied { name_connect } for pid=9293 comm="syz.1.896" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 380.347370][ T9305] sctp: failed to load transform for md5: -2 [ 380.434651][ T29] audit: type=1400 audit(1737866381.849:601): avc: denied { listen } for pid=9293 comm="syz.1.896" lport=38308 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 380.458804][ T29] audit: type=1400 audit(1737866381.929:602): avc: denied { accept } for pid=9293 comm="syz.1.896" lport=38308 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 380.509051][ T9296] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 380.830622][ T5866] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 381.040632][ T5866] usb 2-1: Using ep0 maxpacket: 32 [ 381.329386][ T29] audit: type=1400 audit(1737866383.229:603): avc: denied { create } for pid=9328 comm="syz.3.905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1 [ 381.570891][ T46] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 382.118371][ T46] usb 3-1: Using ep0 maxpacket: 32 [ 384.122230][ T46] usb 3-1: config 129 has an invalid interface number: 188 but max is 0 [ 384.138951][ T46] usb 3-1: config 129 has no interface number 0 [ 384.155688][ T46] usb 3-1: config 129 interface 188 has no altsetting 0 [ 384.188968][ T5866] usb 2-1: unable to get BOS descriptor or descriptor too short [ 384.203371][ T46] usb 3-1: New USB device found, idVendor=5986, idProduct=1172, bcdDevice=aa.e3 [ 384.217976][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 384.226612][ T5866] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 384.239490][ T5866] usb 2-1: can't read configurations, error -71 [ 384.255182][ T46] usb 3-1: SerialNumber: ⍋㲑⭥甮࢝搙꒟蹚砙⚄⼧ [ 384.410709][ T46] usb 3-1: Found UVC 0.00 device (5986:1172) [ 384.431424][ T5906] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 384.467619][ T46] usb 3-1: No valid video chain found. [ 384.490560][ T46] ------------[ cut here ]------------ [ 384.496031][ T46] DEBUG_LOCKS_WARN_ON(lock->magic != lock) [ 384.496093][ T46] WARNING: CPU: 1 PID: 46 at kernel/locking/mutex.c:564 __mutex_lock+0x3a3/0xb10 [ 384.511074][ T46] Modules linked in: [ 384.514948][ T46] CPU: 1 UID: 0 PID: 46 Comm: kworker/1:1 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 384.525214][ T46] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 384.535581][ T46] Workqueue: usb_hub_wq hub_event [ 384.540892][ T46] RIP: 0010:__mutex_lock+0x3a3/0xb10 [ 384.546188][ T46] Code: d0 7c 08 84 d2 0f 85 59 07 00 00 8b 0d 16 ae 0b 05 85 c9 75 19 90 48 c7 c6 80 c4 6c 8b 48 c7 c7 00 c4 6c 8b e8 de 57 23 f6 90 <0f> 0b 90 90 90 e9 b8 fd ff ff 4c 8d b5 60 ff ff ff 48 89 df 4c 89 [ 384.565955][ T46] RSP: 0018:ffffc90000b66e40 EFLAGS: 00010282 [ 384.572056][ T46] RAX: 0000000000000000 RBX: ffff8880216be518 RCX: ffffc9001a4ca000 [ 384.580023][ T46] RDX: 0000000000100000 RSI: ffffffff817a10b6 RDI: 0000000000000001 [ 384.588165][ T46] RBP: ffffc90000b66f80 R08: 0000000000000001 R09: 0000000000000000 [ 384.596250][ T46] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 384.604253][ T46] R13: 0000000000000002 R14: 0000000000000000 R15: ffffc90000b66ec0 [ 384.612274][ T46] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 384.621247][ T46] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 384.627821][ T46] CR2: 0000001b2f610ff8 CR3: 0000000053d0c000 CR4: 00000000003526f0 [ 384.636045][ T46] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 384.644437][ T46] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 384.652460][ T46] Call Trace: [ 384.655724][ T46] [ 384.658638][ T46] ? __warn+0xea/0x3c0 [ 384.662719][ T46] ? __mutex_lock+0x3a3/0xb10 [ 384.667390][ T46] ? report_bug+0x3c0/0x580 [ 384.671917][ T46] ? handle_bug+0x54/0xa0 [ 384.676240][ T46] ? exc_invalid_op+0x17/0x50 [ 384.680942][ T46] ? asm_exc_invalid_op+0x1a/0x20 [ 384.685967][ T46] ? __warn_printk+0x1a6/0x350 [ 384.690780][ T46] ? __mutex_lock+0x3a3/0xb10 [ 384.695472][ T46] ? __pfx_vsnprintf+0x10/0x10 [ 384.700231][ T46] ? uvc_status_unregister+0x21/0xe0 [ 384.705584][ T46] ? __pfx___mutex_lock+0x10/0x10 [ 384.710640][ T46] ? __dev_printk+0xf5/0x270 [ 384.715231][ T46] ? __pfx__dev_info+0x10/0x10 [ 384.719992][ T46] ? uvc_status_unregister+0x21/0xe0 [ 384.725321][ T46] uvc_status_unregister+0x21/0xe0 [ 384.730433][ T46] uvc_unregister_video+0x126/0x250 [ 384.736053][ T46] uvc_probe+0x2c08/0x4960 [ 384.740873][ T46] ? usb_probe_interface+0x6d3/0x9c0 [ 384.746176][ T46] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 384.752017][ T46] usb_probe_interface+0x300/0x9c0 [ 384.757117][ T46] ? __pfx_usb_probe_interface+0x10/0x10 [ 384.762786][ T46] really_probe+0x23e/0xa90 [ 384.767319][ T46] __driver_probe_device+0x1de/0x440 [ 384.772634][ T46] driver_probe_device+0x4c/0x1b0 [ 384.777647][ T46] __device_attach_driver+0x1df/0x310 [ 384.783026][ T46] ? __pfx___device_attach_driver+0x10/0x10 [ 384.788908][ T46] bus_for_each_drv+0x157/0x1e0 [ 384.793818][ T46] ? __pfx_bus_for_each_drv+0x10/0x10 [ 384.799194][ T46] ? lockdep_hardirqs_on+0x7c/0x110 [ 384.804401][ T46] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 384.810200][ T46] __device_attach+0x1e8/0x4b0 [ 384.815030][ T46] ? __pfx___device_attach+0x10/0x10 [ 384.820306][ T46] ? do_raw_spin_unlock+0x172/0x230 [ 384.825518][ T46] bus_probe_device+0x17f/0x1c0 [ 384.830357][ T46] device_add+0x114b/0x1a70 [ 384.834868][ T46] ? __pfx_device_add+0x10/0x10 [ 384.839946][ T46] ? usb_cache_string+0xf2/0x150 [ 384.845139][ T46] usb_set_configuration+0x10cb/0x1c50 [ 384.850639][ T46] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 384.856715][ T46] usb_generic_driver_probe+0xb1/0x110 [ 384.862213][ T46] usb_probe_device+0xec/0x3e0 [ 384.866974][ T46] ? __pfx_usb_probe_device+0x10/0x10 [ 384.872381][ T46] really_probe+0x23e/0xa90 [ 384.876898][ T46] __driver_probe_device+0x1de/0x440 [ 384.882193][ T46] ? usb_driver_applicable+0x1c7/0x220 [ 384.887649][ T46] driver_probe_device+0x4c/0x1b0 [ 384.892703][ T46] __device_attach_driver+0x1df/0x310 [ 384.898064][ T46] ? __pfx___device_attach_driver+0x10/0x10 [ 384.903980][ T46] bus_for_each_drv+0x157/0x1e0 [ 384.908820][ T46] ? __pfx_bus_for_each_drv+0x10/0x10 [ 384.914208][ T46] ? lockdep_hardirqs_on+0x7c/0x110 [ 384.919395][ T46] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 384.925211][ T46] __device_attach+0x1e8/0x4b0 [ 384.929965][ T46] ? __pfx___device_attach+0x10/0x10 [ 384.935295][ T46] ? do_raw_spin_unlock+0x172/0x230 [ 384.940763][ T46] bus_probe_device+0x17f/0x1c0 [ 384.945606][ T46] device_add+0x114b/0x1a70 [ 384.950092][ T46] ? __pfx_device_add+0x10/0x10 [ 384.955145][ T46] ? add_device_randomness+0xb8/0xf0 [ 384.960416][ T46] usb_new_device+0xd09/0x1a20 [ 384.965238][ T46] ? __pfx_usb_new_device+0x10/0x10 [ 384.970424][ T46] hub_event+0x2d9a/0x4e10 [ 384.974872][ T46] ? __pfx_hub_event+0x10/0x10 [ 384.979639][ T46] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 384.985280][ T46] ? rcu_is_watching+0x12/0xc0 [ 384.990026][ T46] ? trace_lock_acquire+0x14e/0x1f0 [ 384.995231][ T46] ? process_one_work+0x921/0x1ba0 [ 385.000327][ T46] ? lock_acquire+0x2f/0xb0 [ 385.004838][ T46] ? process_one_work+0x921/0x1ba0 [ 385.009935][ T46] process_one_work+0x9c5/0x1ba0 [ 385.014887][ T46] ? __pfx_hcd_resume_work+0x10/0x10 [ 385.020158][ T46] ? __pfx_process_one_work+0x10/0x10 [ 385.025563][ T46] ? rcu_is_watching+0x12/0xc0 [ 385.030317][ T46] ? assign_work+0x1a0/0x250 [ 385.034927][ T46] worker_thread+0x6c8/0xf00 [ 385.039509][ T46] ? __pfx_worker_thread+0x10/0x10 [ 385.044837][ T46] kthread+0x3af/0x750 [ 385.048891][ T46] ? __pfx_kthread+0x10/0x10 [ 385.053705][ T46] ? lock_acquire+0x2f/0xb0 [ 385.058198][ T46] ? __pfx_kthread+0x10/0x10 [ 385.062813][ T46] ret_from_fork+0x45/0x80 [ 385.067213][ T46] ? __pfx_kthread+0x10/0x10 [ 385.071811][ T46] ret_from_fork_asm+0x1a/0x30 [ 385.076559][ T46] [ 385.079565][ T46] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 385.086821][ T46] CPU: 1 UID: 0 PID: 46 Comm: kworker/1:1 Not tainted 6.13.0-syzkaller-07259-g0f8e26b38d7a #0 [ 385.097032][ T46] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 385.107070][ T46] Workqueue: usb_hub_wq hub_event [ 385.112083][ T46] Call Trace: [ 385.115341][ T46] [ 385.118247][ T46] dump_stack_lvl+0x3d/0x1f0 [ 385.122823][ T46] panic+0x71d/0x800 [ 385.126695][ T46] ? __pfx_panic+0x10/0x10 [ 385.131102][ T46] ? show_trace_log_lvl+0x29d/0x3d0 [ 385.136306][ T46] ? __mutex_lock+0x3a3/0xb10 [ 385.140973][ T46] check_panic_on_warn+0xab/0xb0 [ 385.145901][ T46] __warn+0xf6/0x3c0 [ 385.149781][ T46] ? __mutex_lock+0x3a3/0xb10 [ 385.154448][ T46] report_bug+0x3c0/0x580 [ 385.158786][ T46] handle_bug+0x54/0xa0 [ 385.162931][ T46] exc_invalid_op+0x17/0x50 [ 385.167416][ T46] asm_exc_invalid_op+0x1a/0x20 [ 385.172249][ T46] RIP: 0010:__mutex_lock+0x3a3/0xb10 [ 385.177519][ T46] Code: d0 7c 08 84 d2 0f 85 59 07 00 00 8b 0d 16 ae 0b 05 85 c9 75 19 90 48 c7 c6 80 c4 6c 8b 48 c7 c7 00 c4 6c 8b e8 de 57 23 f6 90 <0f> 0b 90 90 90 e9 b8 fd ff ff 4c 8d b5 60 ff ff ff 48 89 df 4c 89 [ 385.197113][ T46] RSP: 0018:ffffc90000b66e40 EFLAGS: 00010282 [ 385.203158][ T46] RAX: 0000000000000000 RBX: ffff8880216be518 RCX: ffffc9001a4ca000 [ 385.211108][ T46] RDX: 0000000000100000 RSI: ffffffff817a10b6 RDI: 0000000000000001 [ 385.219081][ T46] RBP: ffffc90000b66f80 R08: 0000000000000001 R09: 0000000000000000 [ 385.227055][ T46] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 385.235008][ T46] R13: 0000000000000002 R14: 0000000000000000 R15: ffffc90000b66ec0 [ 385.242963][ T46] ? __warn_printk+0x1a6/0x350 [ 385.247717][ T46] ? __pfx_vsnprintf+0x10/0x10 [ 385.252479][ T46] ? uvc_status_unregister+0x21/0xe0 [ 385.257747][ T46] ? __pfx___mutex_lock+0x10/0x10 [ 385.262751][ T46] ? __dev_printk+0xf5/0x270 [ 385.267319][ T46] ? __pfx__dev_info+0x10/0x10 [ 385.272064][ T46] ? uvc_status_unregister+0x21/0xe0 [ 385.277327][ T46] uvc_status_unregister+0x21/0xe0 [ 385.282422][ T46] uvc_unregister_video+0x126/0x250 [ 385.287601][ T46] uvc_probe+0x2c08/0x4960 [ 385.291994][ T46] ? usb_probe_interface+0x6d3/0x9c0 [ 385.297254][ T46] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 385.303038][ T46] usb_probe_interface+0x300/0x9c0 [ 385.308125][ T46] ? __pfx_usb_probe_interface+0x10/0x10 [ 385.313734][ T46] really_probe+0x23e/0xa90 [ 385.318218][ T46] __driver_probe_device+0x1de/0x440 [ 385.323487][ T46] driver_probe_device+0x4c/0x1b0 [ 385.328493][ T46] __device_attach_driver+0x1df/0x310 [ 385.333849][ T46] ? __pfx___device_attach_driver+0x10/0x10 [ 385.339723][ T46] bus_for_each_drv+0x157/0x1e0 [ 385.344571][ T46] ? __pfx_bus_for_each_drv+0x10/0x10 [ 385.349926][ T46] ? lockdep_hardirqs_on+0x7c/0x110 [ 385.355110][ T46] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 385.360895][ T46] __device_attach+0x1e8/0x4b0 [ 385.365642][ T46] ? __pfx___device_attach+0x10/0x10 [ 385.370905][ T46] ? do_raw_spin_unlock+0x172/0x230 [ 385.376078][ T46] bus_probe_device+0x17f/0x1c0 [ 385.380910][ T46] device_add+0x114b/0x1a70 [ 385.385387][ T46] ? __pfx_device_add+0x10/0x10 [ 385.390212][ T46] ? usb_cache_string+0xf2/0x150 [ 385.395128][ T46] usb_set_configuration+0x10cb/0x1c50 [ 385.400573][ T46] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 385.406615][ T46] usb_generic_driver_probe+0xb1/0x110 [ 385.412052][ T46] usb_probe_device+0xec/0x3e0 [ 385.416794][ T46] ? __pfx_usb_probe_device+0x10/0x10 [ 385.422147][ T46] really_probe+0x23e/0xa90 [ 385.426631][ T46] __driver_probe_device+0x1de/0x440 [ 385.431895][ T46] ? usb_driver_applicable+0x1c7/0x220 [ 385.437329][ T46] driver_probe_device+0x4c/0x1b0 [ 385.442332][ T46] __device_attach_driver+0x1df/0x310 [ 385.447686][ T46] ? __pfx___device_attach_driver+0x10/0x10 [ 385.453567][ T46] bus_for_each_drv+0x157/0x1e0 [ 385.458398][ T46] ? __pfx_bus_for_each_drv+0x10/0x10 [ 385.463778][ T46] ? lockdep_hardirqs_on+0x7c/0x110 [ 385.468959][ T46] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 385.474743][ T46] __device_attach+0x1e8/0x4b0 [ 385.479491][ T46] ? __pfx___device_attach+0x10/0x10 [ 385.484758][ T46] ? do_raw_spin_unlock+0x172/0x230 [ 385.489935][ T46] bus_probe_device+0x17f/0x1c0 [ 385.494765][ T46] device_add+0x114b/0x1a70 [ 385.499261][ T46] ? __pfx_device_add+0x10/0x10 [ 385.504106][ T46] ? add_device_randomness+0xb8/0xf0 [ 385.509376][ T46] usb_new_device+0xd09/0x1a20 [ 385.514125][ T46] ? __pfx_usb_new_device+0x10/0x10 [ 385.519304][ T46] hub_event+0x2d9a/0x4e10 [ 385.523705][ T46] ? __pfx_hub_event+0x10/0x10 [ 385.528446][ T46] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 385.534062][ T46] ? rcu_is_watching+0x12/0xc0 [ 385.538806][ T46] ? trace_lock_acquire+0x14e/0x1f0 [ 385.543979][ T46] ? process_one_work+0x921/0x1ba0 [ 385.549067][ T46] ? lock_acquire+0x2f/0xb0 [ 385.553559][ T46] ? process_one_work+0x921/0x1ba0 [ 385.558653][ T46] process_one_work+0x9c5/0x1ba0 [ 385.563589][ T46] ? __pfx_hcd_resume_work+0x10/0x10 [ 385.568855][ T46] ? __pfx_process_one_work+0x10/0x10 [ 385.574204][ T46] ? rcu_is_watching+0x12/0xc0 [ 385.578944][ T46] ? assign_work+0x1a0/0x250 [ 385.583516][ T46] worker_thread+0x6c8/0xf00 [ 385.588091][ T46] ? __pfx_worker_thread+0x10/0x10 [ 385.593180][ T46] kthread+0x3af/0x750 [ 385.597226][ T46] ? __pfx_kthread+0x10/0x10 [ 385.601791][ T46] ? lock_acquire+0x2f/0xb0 [ 385.606301][ T46] ? __pfx_kthread+0x10/0x10 [ 385.610867][ T46] ret_from_fork+0x45/0x80 [ 385.615261][ T46] ? __pfx_kthread+0x10/0x10 [ 385.619826][ T46] ret_from_fork_asm+0x1a/0x30 [ 385.624570][ T46] [ 385.627795][ T46] Kernel Offset: disabled [ 385.632098][ T46] Rebooting in 86400 seconds..