ess permissive=1
[ 14.583239][ T36] audit: type=1400 audit(1781101244.010:63): avc: denied { siginh } for pid=233 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.0.155' (ED25519) to the list of known hosts.
2026/06/10 14:20:54 parsed 1 programs
[ 24.940148][ T36] audit: type=1400 audit(1781101254.380:64): avc: denied { node_bind } for pid=303 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 26.419889][ T36] audit: type=1400 audit(1781101255.860:65): avc: denied { mounton } for pid=309 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 26.423412][ T309] cgroup: Unknown subsys name 'net'
[ 26.442556][ T36] audit: type=1400 audit(1781101255.860:66): avc: denied { mount } for pid=309 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 26.470268][ T36] audit: type=1400 audit(1781101255.890:67): avc: denied { unmount } for pid=309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 26.470783][ T309] cgroup: Unknown subsys name 'devices'
[ 26.589637][ T309] cgroup: Unknown subsys name 'hugetlb'
[ 26.595439][ T309] cgroup: Unknown subsys name 'rlimit'
[ 26.718994][ T36] audit: type=1400 audit(1781101256.160:68): avc: denied { setattr } for pid=309 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 26.742188][ T36] audit: type=1400 audit(1781101256.160:69): avc: denied { create } for pid=309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 26.762635][ T36] audit: type=1400 audit(1781101256.160:70): avc: denied { write } for pid=309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 26.783086][ T36] audit: type=1400 audit(1781101256.160:71): avc: denied { read } for pid=309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[ 26.803340][ T36] audit: type=1400 audit(1781101256.160:72): avc: denied { sys_module } for pid=309 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 26.813479][ T313] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 26.824444][ T36] audit: type=1400 audit(1781101256.160:73): avc: denied { mounton } for pid=309 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 26.869298][ T309] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 27.728356][ T316] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 28.170371][ T343] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.177475][ T343] bridge0: port 1(bridge_slave_0) entered disabled state
[ 28.184523][ T343] bridge_slave_0: entered allmulticast mode
[ 28.190938][ T343] bridge_slave_0: entered promiscuous mode
[ 28.197343][ T343] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.205215][ T343] bridge0: port 2(bridge_slave_1) entered disabled state
[ 28.212348][ T343] bridge_slave_1: entered allmulticast mode
[ 28.218894][ T343] bridge_slave_1: entered promiscuous mode
[ 28.276737][ T343] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.283818][ T343] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.291161][ T343] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.298213][ T343] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.323323][ T329] bridge0: port 1(bridge_slave_0) entered disabled state
[ 28.330927][ T329] bridge0: port 2(bridge_slave_1) entered disabled state
[ 28.342432][ T53] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.349497][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.358178][ T329] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.365224][ T329] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.389963][ T343] veth0_vlan: entered promiscuous mode
[ 28.401391][ T343] veth1_macvtap: entered promiscuous mode
[ 28.479177][ T53] bridge_slave_1: left allmulticast mode
[ 28.484950][ T53] bridge_slave_1: left promiscuous mode
[ 28.490950][ T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 28.499157][ T53] bridge_slave_0: left allmulticast mode
[ 28.504813][ T53] bridge_slave_0: left promiscuous mode
[ 28.510721][ T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 28.622040][ T53] veth1_macvtap: left promiscuous mode
[ 28.627625][ T53] veth0_vlan: left promiscuous mode
2026/06/10 14:20:58 executed programs: 0
[ 29.221398][ T377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.228745][ T377] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.235864][ T377] bridge_slave_0: entered allmulticast mode
[ 29.242351][ T377] bridge_slave_0: entered promiscuous mode
[ 29.248889][ T377] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.255962][ T377] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.263133][ T377] bridge_slave_1: entered allmulticast mode
[ 29.269437][ T377] bridge_slave_1: entered promiscuous mode
[ 29.312686][ T377] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.319737][ T377] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 29.327004][ T377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.334066][ T377] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 29.358928][ T46] bridge0: port 1(bridge_slave_0) entered disabled state
[ 29.366078][ T46] bridge0: port 2(bridge_slave_1) entered disabled state
[ 29.375497][ T329] bridge0: port 1(bridge_slave_0) entered blocking state
[ 29.382561][ T329] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 29.391341][ T46] bridge0: port 2(bridge_slave_1) entered blocking state
[ 29.398392][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 29.424087][ T377] veth0_vlan: entered promiscuous mode
[ 29.434884][ T377] veth1_macvtap: entered promiscuous mode
[ 29.697530][ T31] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 29.848609][ T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 29.859565][ T31] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 29.868659][ T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 29.877868][ T31] usb 3-1: config 0 descriptor??
[ 30.084794][ T31] usbhid 3-1:0.0: can't add hid device: -71
[ 30.090976][ T31] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 30.099540][ T31] usb 3-1: USB disconnect, device number 2
[ 30.517488][ T31] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 30.668574][ T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 30.679734][ T31] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.40
[ 30.688812][ T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 30.697394][ T31] usb 3-1: config 0 descriptor??
[ 31.507921][ T31] aiptek 3-1:0.0: Aiptek using 400 ms programming speed
[ 31.516116][ T31] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input4
[ 31.529668][ C0] ------------[ cut here ]------------
[ 31.535123][ C0] UBSAN: array-index-out-of-bounds in drivers/input/tablet/aiptek.c:741:31
[ 31.543693][ C0] index 547 is out of range for type 'const int[34]'
[ 31.550365][ C0] CPU: 0 UID: 0 PID: 318 Comm: udevd Not tainted syzkaller #0 c36f08223ec58598e05683a28d55b954d63a7946
[ 31.550384][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 31.550398][ C0] Call Trace:
[ 31.550403][ C0]
[ 31.550408][ C0] __dump_stack+0x21/0x30
[ 31.550439][ C0] dump_stack_lvl+0x140/0x1c0
[ 31.550459][ C0] ? __cfi_dump_stack_lvl+0x10/0x10
[ 31.550479][ C0] ? vfs_fstatat+0xe5/0x1d0
[ 31.550496][ C0] ? do_syscall_64+0x57/0xf0
[ 31.550517][ C0] dump_stack+0x19/0x20
[ 31.550536][ C0] ubsan_epilogue+0xe/0x40
[ 31.550550][ C0] __ubsan_handle_out_of_bounds+0xe8/0xf0
[ 31.550572][ C0] ? __kasan_check_write+0x18/0x20
[ 31.550586][ C0] aiptek_irq+0x20cb/0x2a00
[ 31.550609][ C0] ? kcov_remote_start+0xf1/0x3c0
[ 31.550625][ C0] __usb_hcd_giveback_urb+0x375/0x540
[ 31.550641][ C0] usb_hcd_giveback_urb+0x11b/0x410
[ 31.550656][ C0] dummy_timer+0x816/0x4300
[ 31.550678][ C0] ? __cfi_dummy_timer+0x10/0x10
[ 31.550694][ C0] ? timerqueue_del+0xd7/0x130
[ 31.550710][ C0] ? __hrtimer_run_queues+0x2c4/0x8e0
[ 31.550732][ C0] ? __cfi_dummy_timer+0x10/0x10
[ 31.550747][ C0] __hrtimer_run_queues+0x3ab/0x8e0
[ 31.550770][ C0] ? hrtimer_interrupt+0xf00/0xf00
[ 31.550790][ C0] ? read_tsc+0xd/0x20
[ 31.550810][ C0] ? ktime_get_update_offsets_now+0x3c0/0x3e0
[ 31.550829][ C0] hrtimer_run_softirq+0x159/0x560
[ 31.550842][ C0] ? irqtime_account_irq+0x51/0x1c0
[ 31.550863][ C0] handle_softirqs+0x1aa/0x630
[ 31.550878][ C0] ? irqtime_account_irq+0x51/0x1c0
[ 31.550899][ C0] __irq_exit_rcu+0x47/0xb0
[ 31.550931][ C0] irq_exit_rcu+0xd/0x30
[ 31.550951][ C0] sysvec_apic_timer_interrupt+0x82/0x90
[ 31.550968][ C0]
[ 31.550972][ C0]
[ 31.550978][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30
[ 31.550993][ C0] RIP: 0010:security_inode_getattr+0x69/0x180
[ 31.551016][ C0] Code: 30 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 2a bb 6c ff 4d 8b 36 49 83 c6 0c 4c 89 f0 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 57 45 8b 3e 44 89 fe 81 e6 00 02 00 00 45 31 f6 31 ff e8
[ 31.551028][ C0] RSP: 0018:ffffc90001a8faf0 EFLAGS: 00000a07
[ 31.551047][ C0] RAX: 0000000000000000 RBX: ffffc90001a8fba0 RCX: ffff888104bf2600
[ 31.551058][ C0] RDX: 0000000000000000 RSI: 0000000000000900 RDI: ffffc90001a8fba0
[ 31.551067][ C0] RBP: ffffc90001a8fb08 R08: ffffc90001a8f9cf R09: 0000000000000000
[ 31.551078][ C0] R10: ffffc90001a8f9c0 R11: fffff52000351f3a R12: ffffc90001a8fba0
[ 31.551089][ C0] R13: 0000000000000900 R14: ffff888111ff834c R15: dffffc0000000000
[ 31.551103][ C0] vfs_statx_path+0x3f/0x300
[ 31.551124][ C0] vfs_statx+0x138/0x210
[ 31.551141][ C0] ? vfs_fstatat+0x1d0/0x1d0
[ 31.551158][ C0] ? __kasan_check_write+0x18/0x20
[ 31.551174][ C0] vfs_fstatat+0xe5/0x1d0
[ 31.551192][ C0] __se_sys_newfstatat+0x127/0x3c0
[ 31.551211][ C0] ? __x64_sys_newfstatat+0xc0/0xc0
[ 31.551232][ C0] ? __kasan_slab_free+0x6a/0x80
[ 31.551253][ C0] ? cp_old_stat+0x4d0/0x4d0
[ 31.551274][ C0] __x64_sys_newfstatat+0x9f/0xc0
[ 31.551293][ C0] x64_sys_call+0x1821/0x2ee0
[ 31.551307][ C0] do_syscall_64+0x57/0xf0
[ 31.551328][ C0] ? clear_bhb_loop+0x50/0xa0
[ 31.551342][ C0] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 31.551365][ C0] RIP: 0033:0x7fd6f3711b0a
[ 31.551379][ C0] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7
[ 31.551391][ C0] RSP: 002b:00007ffcb5661808 EFLAGS: 00000206 ORIG_RAX: 0000000000000106
[ 31.551405][ C0] RAX: ffffffffffffffda RBX: 00007ffcb5662d08 RCX: 00007fd6f3711b0a
[ 31.551416][ C0] RDX: 00007ffcb5661810 RSI: 00007ffcb56618a0 RDI: 00000000ffffff9c
[ 31.551426][ C0] RBP: 000056100d2fd700 R08: 00007ffcb5662d08 R09: 0000000000000000
[ 31.551436][ C0] R10: 0000000000000100 R11: 0000000000000206 R12: 000056100d2fd7f0
[ 31.551446][ C0] R13: 00007ffcb56618a0 R14: 00007ffcb5662d01 R15: 00007ffcb5662d08
[ 31.551458][ C0]
[ 31.551463][ C0] ---[ end trace ]---
[ 31.950584][ C0] ==================================================================
[ 31.959082][ C0] BUG: KASAN: global-out-of-bounds in aiptek_irq+0x20e9/0x2a00
[ 31.966636][ C0] Read of size 4 at addr ffffffff8670f3cc by task udevd/318
[ 31.973918][ C0]
[ 31.976241][ C0] CPU: 0 UID: 0 PID: 318 Comm: udevd Not tainted syzkaller #0 c36f08223ec58598e05683a28d55b954d63a7946
[ 31.976261][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 31.976271][ C0] Call Trace:
[ 31.976277][ C0]
[ 31.976284][ C0] __dump_stack+0x21/0x30
[ 31.976310][ C0] dump_stack_lvl+0x140/0x1c0
[ 31.976332][ C0] ? __cfi_dump_stack_lvl+0x10/0x10
[ 31.976355][ C0] ? __cfi__printk+0x10/0x10
[ 31.976376][ C0] print_address_description+0x71/0x210
[ 31.976398][ C0] print_report+0x4a/0x70
[ 31.976419][ C0] kasan_report+0x162/0x1a0
[ 31.976441][ C0] ? aiptek_irq+0x20e9/0x2a00
[ 31.976464][ C0] ? aiptek_irq+0x20e9/0x2a00
[ 31.976487][ C0] __asan_report_load4_noabort+0x18/0x20
[ 31.976503][ C0] aiptek_irq+0x20e9/0x2a00
[ 31.976527][ C0] ? kcov_remote_start+0xf1/0x3c0
[ 31.976546][ C0] __usb_hcd_giveback_urb+0x375/0x540
[ 31.976564][ C0] usb_hcd_giveback_urb+0x11b/0x410
[ 31.976580][ C0] dummy_timer+0x816/0x4300
[ 31.976605][ C0] ? __cfi_dummy_timer+0x10/0x10
[ 31.976623][ C0] ? timerqueue_del+0xd7/0x130
[ 31.976642][ C0] ? __hrtimer_run_queues+0x2c4/0x8e0
[ 31.976667][ C0] ? __cfi_dummy_timer+0x10/0x10
[ 31.976684][ C0] __hrtimer_run_queues+0x3ab/0x8e0
[ 31.976709][ C0] ? hrtimer_interrupt+0xf00/0xf00
[ 31.976732][ C0] ? read_tsc+0xd/0x20
[ 31.976754][ C0] ? ktime_get_update_offsets_now+0x3c0/0x3e0
[ 31.976775][ C0] hrtimer_run_softirq+0x159/0x560
[ 31.976790][ C0] ? irqtime_account_irq+0x51/0x1c0
[ 31.976814][ C0] handle_softirqs+0x1aa/0x630
[ 31.976831][ C0] ? irqtime_account_irq+0x51/0x1c0
[ 31.976854][ C0] __irq_exit_rcu+0x47/0xb0
[ 31.976869][ C0] irq_exit_rcu+0xd/0x30
[ 31.976884][ C0] sysvec_apic_timer_interrupt+0x82/0x90
[ 31.976902][ C0]
[ 31.976907][ C0]
[ 31.976924][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30
[ 31.976941][ C0] RIP: 0010:security_inode_getattr+0x69/0x180
[ 31.976965][ C0] Code: 30 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 2a bb 6c ff 4d 8b 36 49 83 c6 0c 4c 89 f0 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 57 45 8b 3e 44 89 fe 81 e6 00 02 00 00 45 31 f6 31 ff e8
[ 31.976979][ C0] RSP: 0018:ffffc90001a8faf0 EFLAGS: 00000a07
[ 31.976993][ C0] RAX: 0000000000000000 RBX: ffffc90001a8fba0 RCX: ffff888104bf2600
[ 31.977005][ C0] RDX: 0000000000000000 RSI: 0000000000000900 RDI: ffffc90001a8fba0
[ 31.977015][ C0] RBP: ffffc90001a8fb08 R08: ffffc90001a8f9cf R09: 0000000000000000
[ 31.977026][ C0] R10: ffffc90001a8f9c0 R11: fffff52000351f3a R12: ffffc90001a8fba0
[ 31.977038][ C0] R13: 0000000000000900 R14: ffff888111ff834c R15: dffffc0000000000
[ 31.977052][ C0] vfs_statx_path+0x3f/0x300
[ 31.977075][ C0] vfs_statx+0x138/0x210
[ 31.977093][ C0] ? vfs_fstatat+0x1d0/0x1d0
[ 31.977111][ C0] ? __kasan_check_write+0x18/0x20
[ 31.977128][ C0] vfs_fstatat+0xe5/0x1d0
[ 31.977146][ C0] __se_sys_newfstatat+0x127/0x3c0
[ 31.977166][ C0] ? __x64_sys_newfstatat+0xc0/0xc0
[ 31.977189][ C0] ? __kasan_slab_free+0x6a/0x80
[ 31.977210][ C0] ? cp_old_stat+0x4d0/0x4d0
[ 31.977233][ C0] __x64_sys_newfstatat+0x9f/0xc0
[ 31.977253][ C0] x64_sys_call+0x1821/0x2ee0
[ 31.977268][ C0] do_syscall_64+0x57/0xf0
[ 31.977290][ C0] ? clear_bhb_loop+0x50/0xa0
[ 31.977305][ C0] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 31.977329][ C0] RIP: 0033:0x7fd6f3711b0a
[ 31.977342][ C0] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7
[ 31.977354][ C0] RSP: 002b:00007ffcb5661808 EFLAGS: 00000206 ORIG_RAX: 0000000000000106
[ 31.977369][ C0] RAX: ffffffffffffffda RBX: 00007ffcb5662d08 RCX: 00007fd6f3711b0a
[ 31.977380][ C0] RDX: 00007ffcb5661810 RSI: 00007ffcb56618a0 RDI: 00000000ffffff9c
[ 31.977391][ C0] RBP: 000056100d2fd700 R08: 00007ffcb5662d08 R09: 0000000000000000
[ 31.977402][ C0] R10: 0000000000000100 R11: 0000000000000206 R12: 000056100d2fd7f0
[ 31.977412][ C0] R13: 00007ffcb56618a0 R14: 00007ffcb5662d01 R15: 00007ffcb5662d08
[ 31.977425][ C0]
[ 31.977431][ C0]
[ 32.379588][ C0] The buggy address belongs to the variable:
[ 32.385553][ C0] .str.48+0xc/0x20
[ 32.389360][ C0]
[ 32.391680][ C0] The buggy address belongs to the physical page:
[ 32.398099][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x670f
[ 32.406766][ C0] flags: 0x4000(reserved|zone=0)
[ 32.411695][ C0] raw: 0000000000004000 ffffea000019c3c8 ffffea000019c3c8 0000000000000000
[ 32.420275][ C0] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 32.428848][ C0] page dumped because: kasan: bad access detected
[ 32.435262][ C0] page_owner info is not present (never set?)
[ 32.441338][ C0]
[ 32.443674][ C0] Memory state around the buggy address:
[ 32.449293][ C0] ffffffff8670f280: 07 f9 f9 f9 04 f9 f9 f9 06 f9 f9 f9 00 01 f9 f9
[ 32.457609][ C0] ffffffff8670f300: 05 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
[ 32.465669][ C0] >ffffffff8670f380: 00 00 00 00 f9 f9 f9 f9 06 f9 f9 f9 00 01 f9 f9
[ 32.473726][ C0] ^
[ 32.480133][ C0] ffffffff8670f400: 04 f9 f9 f9 00 f9 f9 f9 06 f9 f9 f9 07 f9 f9 f9
[ 32.488183][ C0] ffffffff8670f480: 06 f9 f9 f9 00 04 f9 f9 05 f9 f9 f9 00 03 f9 f9
[ 32.496249][ C0] ==================================================================
[ 32.504301][ C0] Disabling lock debugging due to kernel taint
[ 32.510448][ C0] ------------[ cut here ]------------
[ 32.515894][ C0] UBSAN: array-index-out-of-bounds in drivers/input/tablet/aiptek.c:763:30
[ 32.524483][ C0] index 548 is out of range for type 'const int[34]'
[ 32.531151][ C0] CPU: 0 UID: 0 PID: 318 Comm: udevd Tainted: G B syzkaller #0 c36f08223ec58598e05683a28d55b954d63a7946
[ 32.531173][ C0] Tainted: [B]=BAD_PAGE
[ 32.531178][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 32.531188][ C0] Call Trace:
[ 32.531194][ C0]
[ 32.531201][ C0] __dump_stack+0x21/0x30
[ 32.531228][ C0] dump_stack_lvl+0x140/0x1c0
[ 32.531250][ C0] ? __cfi_dump_stack_lvl+0x10/0x10
[ 32.531273][ C0] ? input_event_dispose+0x2f5/0x6d0
[ 32.531290][ C0] dump_stack+0x19/0x20
[ 32.531312][ C0] ubsan_epilogue+0xe/0x40
[ 32.531327][ C0] __ubsan_handle_out_of_bounds+0xe8/0xf0
[ 32.531353][ C0] aiptek_irq+0x1f85/0x2a00
[ 32.531378][ C0] __usb_hcd_giveback_urb+0x375/0x540
[ 32.531396][ C0] usb_hcd_giveback_urb+0x11b/0x410
[ 32.531412][ C0] dummy_timer+0x816/0x4300
[ 32.531437][ C0] ? __cfi_dummy_timer+0x10/0x10
[ 32.531455][ C0] ? timerqueue_del+0xd7/0x130
[ 32.531474][ C0] ? __hrtimer_run_queues+0x2c4/0x8e0
[ 32.531498][ C0] ? __cfi_dummy_timer+0x10/0x10
[ 32.531515][ C0] __hrtimer_run_queues+0x3ab/0x8e0
[ 32.531541][ C0] ? hrtimer_interrupt+0xf00/0xf00
[ 32.531563][ C0] ? read_tsc+0xd/0x20
[ 32.531585][ C0] ? ktime_get_update_offsets_now+0x3c0/0x3e0
[ 32.531606][ C0] hrtimer_run_softirq+0x159/0x560
[ 32.531621][ C0] ? irqtime_account_irq+0x51/0x1c0
[ 32.531644][ C0] handle_softirqs+0x1aa/0x630
[ 32.531661][ C0] ? irqtime_account_irq+0x51/0x1c0
[ 32.531683][ C0] __irq_exit_rcu+0x47/0xb0
[ 32.531699][ C0] irq_exit_rcu+0xd/0x30
[ 32.531713][ C0] sysvec_apic_timer_interrupt+0x82/0x90
[ 32.531731][ C0]
[ 32.531736][ C0]
[ 32.531741][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30
[ 32.531757][ C0] RIP: 0010:security_inode_getattr+0x69/0x180
[ 32.531782][ C0] Code: 30 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 2a bb 6c ff 4d 8b 36 49 83 c6 0c 4c 89 f0 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 57 45 8b 3e 44 89 fe 81 e6 00 02 00 00 45 31 f6 31 ff e8
[ 32.531795][ C0] RSP: 0018:ffffc90001a8faf0 EFLAGS: 00000a07
[ 32.531809][ C0] RAX: 0000000000000000 RBX: ffffc90001a8fba0 RCX: ffff888104bf2600
[ 32.531820][ C0] RDX: 0000000000000000 RSI: 0000000000000900 RDI: ffffc90001a8fba0
[ 32.531830][ C0] RBP: ffffc90001a8fb08 R08: ffffc90001a8f9cf R09: 0000000000000000
[ 32.531841][ C0] R10: ffffc90001a8f9c0 R11: fffff52000351f3a R12: ffffc90001a8fba0
[ 32.531853][ C0] R13: 0000000000000900 R14: ffff888111ff834c R15: dffffc0000000000
[ 32.531871][ C0] vfs_statx_path+0x3f/0x300
[ 32.531894][ C0] vfs_statx+0x138/0x210
[ 32.531912][ C0] ? vfs_fstatat+0x1d0/0x1d0
[ 32.531930][ C0] ? __kasan_check_write+0x18/0x20
[ 32.531947][ C0] vfs_fstatat+0xe5/0x1d0
[ 32.531965][ C0] __se_sys_newfstatat+0x127/0x3c0
[ 32.531985][ C0] ? __x64_sys_newfstatat+0xc0/0xc0
[ 32.532007][ C0] ? __kasan_slab_free+0x6a/0x80
[ 32.532029][ C0] ? cp_old_stat+0x4d0/0x4d0
[ 32.532052][ C0] __x64_sys_newfstatat+0x9f/0xc0
[ 32.532071][ C0] x64_sys_call+0x1821/0x2ee0
[ 32.532087][ C0] do_syscall_64+0x57/0xf0
[ 32.532108][ C0] ? clear_bhb_loop+0x50/0xa0
[ 32.532123][ C0] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 32.532147][ C0] RIP: 0033:0x7fd6f3711b0a
[ 32.532160][ C0] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7
[ 32.532172][ C0] RSP: 002b:00007ffcb5661808 EFLAGS: 00000206 ORIG_RAX: 0000000000000106
[ 32.532187][ C0] RAX: ffffffffffffffda RBX: 00007ffcb5662d08 RCX: 00007fd6f3711b0a
[ 32.532198][ C0] RDX: 00007ffcb5661810 RSI: 00007ffcb56618a0 RDI: 00000000ffffff9c
[ 32.532209][ C0] RBP: 000056100d2fd700 R08: 00007ffcb5662d08 R09: 0000000000000000
[ 32.532219][ C0] R10: 0000000000000100 R11: 0000000000000206 R12: 000056100d2fd7f0
[ 32.532229][ C0] R13: 00007ffcb56618a0 R14: 00007ffcb5662d01 R15: 00007ffcb5662d08
[ 32.532243][ C0]
[ 32.532248][ C0] ---[ end trace ]---
[ 32.927857][ T9] usb 3-1: USB disconnect, device number 3
[ 32.933722][ C0] aiptek 3-1:0.0: aiptek_irq - usb_submit_urb failed with result -19
[ 32.952152][ T36] kauditd_printk_skb: 34 callbacks suppressed
[ 32.952168][ T36] audit: type=1400 audit(1781101262.380:108): avc: denied { read } for pid=93 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 32.987900][ T36] audit: type=1400 audit(1781101262.390:109): avc: denied { search } for pid=93 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 33.009399][ T36] audit: type=1400 audit(1781101262.390:110): avc: denied { write } for pid=93 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 33.030785][ T36] audit: type=1400 audit(1781101262.390:111): avc: denied { add_name } for pid=93 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 33.051379][ T36] audit: type=1400 audit(1781101262.390:112): avc: denied { create } for pid=93 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 33.071970][ T36] audit: type=1400 audit(1781101262.390:113): avc: denied { append open } for pid=93 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 33.094900][ T36] audit: type=1400 audit(1781101262.390:114): avc: denied { getattr } for pid=93 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1