last executing test programs:

2.631079464s ago: executing program 2 (id=1634):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x1409, 0x1, 0x70bd26, 0x25dfdbfb}, 0x10}, 0x1, 0x0, 0x0, 0x4094}, 0x20000810)

2.557526638s ago: executing program 2 (id=1636):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x8, 0x6c033, 0xffffffffffffffff, 0x0)
write$binfmt_register(r0, &(0x7f00000000c0)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x5, 0x3a, '$+,', 0x3a, ',', 0x3a, './file0'}, 0x2b)

2.488514818s ago: executing program 2 (id=1639):
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x41032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x64)
mlockall(0x3)

1.559568769s ago: executing program 2 (id=1662):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x42, 0x58)
ioctl$FICLONE(r0, 0x40049409, r1)

1.528475663s ago: executing program 2 (id=1665):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fstat(r0, &(0x7f0000000140))

1.385999883s ago: executing program 0 (id=1670):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x600, 0x0, 0x5, 0x6, r2}, &(0x7f0000000040)=0x10)

1.303773445s ago: executing program 0 (id=1671):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
ioctl$EVIOCGRAB(r0, 0x40044590, 0x0)

1.303158355s ago: executing program 0 (id=1673):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40080d0}}, {{&(0x7f00000000c0)=@file={0x1, './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4}}], 0x2, 0x44800)

1.276591906s ago: executing program 0 (id=1674):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

663.143902ms ago: executing program 2 (id=1677):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = socket(0xa, 0x2, 0x0)
readv(r0, &(0x7f0000000480)=[{&(0x7f0000000140)=""/217, 0xd9}], 0x1)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x7, 0x4)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4004004)

363.48664ms ago: executing program 0 (id=1684):
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0xfffffffffffffff7, 0x1)

363.161616ms ago: executing program 0 (id=1685):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000681600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x0, 0x2, {0x0, 0x1f}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000240)={0x800, 0x8001, 0xbb9, 0x7, 0xb7})

349.503151ms ago: executing program 3 (id=1686):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000280)={0x160002016})
epoll_pwait2(r1, &(0x7f0000000040)=[{}], 0x1, &(0x7f0000000100), 0x0, 0x0)

239.794872ms ago: executing program 3 (id=1688):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="1c00000007ff", @ANYRES16], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',version=9p2000.u'])

239.290897ms ago: executing program 3 (id=1690):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='pagemap\x00')
pread64(r0, &(0x7f000001a240)=""/102400, 0x19000, 0x80000100008)

205.958916ms ago: executing program 3 (id=1692):
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
lseek(r0, 0xffffffffffffffc0, 0x4)

139.47631ms ago: executing program 3 (id=1694):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
socket$inet6_sctp(0xa, 0x801, 0x84)
close(0x3)
socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x7ffe}, 0x90)

139.382341ms ago: executing program 1 (id=1695):
semop(0x0, &(0x7f0000000280)=[{0x0, 0xffff, 0x1800}], 0x1)

130.355893ms ago: executing program 3 (id=1696):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x6}]}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
sendmsg$inet_sctp(r2, &(0x7f0000000240)={&(0x7f0000000000)=@in={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)='d', 0xffe0}], 0x1, 0x0, 0x0, 0x40000}, 0x24008804)

109.01731ms ago: executing program 1 (id=1697):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000001680)={0x1, &(0x7f0000000040)=[{0x7fff, 0x1}]})

39.809612ms ago: executing program 1 (id=1698):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000001480)="c3f3679757e6deeee2e041ccde67bb79b9016219f3a319a84a192b9e480388e301a641183c56e13a4d649662ffc62c86298f83e9a42ca71f55a06b01cde0990fc23bc044b7d7a6ba5b956b828471fabc21a0600ee15225caffe6a95c05e63c94881ed23827e57e4a6c8d8cec503463c0469b7b1ebaa1475fead6395abe65c20ec49cbd1822e90beaec3876c52cb1722b4adc50c164cb388976b06d7fa9410fcac847f97e06ee5b9613c438ea7bb1e8a37a3be50b6d2623d921c123814a175c8f80fb7a8c67b00736db31ada15391ff30d12036fde91fb505d821a19d65ae4b26aeaf37e66515db21faddd1eb318d5bc1be8b0bc7a4efddd7e63c3541a271c33b0dc4475b208ea8cf9f67c7f5e66ea5fef9c9d927d4ca2845502cae6f55cb52f0d6e3bd12407c6e00ed63bc70203066edb41e0c732da8ecc7ef6f244664cc46f6b059b3ac6caed9540adeb98bd5ebe8589a0dce3df0e48bde653add4e01b2db3038a74a9fb33ba314651ee81405350e585bedac79cc9dec1d7cdfcfdb8e10c1d6e392b54166336b2c35bd708f1c7ec2b606c4ef520ae823507308db7570673a88d9597cd4a3698c2896412a1960de0b6719cf53438c974f6cc6115fa583aef2f8b9eb854e2adb288b53a03f59a5e984cf92ef2778d11eda3d7fdf36c368f86628317128613c4a8287a3935ced71461e8694ed749c6459490e4410a2144005740e407aacddac45d8f21842a32159bafdff751892c874d8526ae1bed64d2a71c2c7a5af8b17561c7c52b4d8d14a0ad29a2ff3408a60b8bb03eac4c42cb48cdee0dac2434171bdd20b16af48fb13d71b8b22aef05df64f90ef7d288c57ea175a2dac4b02a42523ced26dbea606bbb5bd2c94329bc03e42cde4ed2e91bd31178d190fff9c06e9cfaed839821341cea1bb96ea66667c5a6d0e52c1cda0be3e70b58d84f2c709a62ab1a27ee5df8a60e76b245b2839685d26c9348b0f409d30009d739486ec087b280be2bbf952feb0dae66f3994340a3ff0713a13618dfafebe67f8486b4f084961dc08c676f5a56275db23b00482338d2c75d4f8381013062f8110e7ce8e6c7a8abfef5cd27cfb1ec529a9ef4a25861904d01ffab33bc4ed39b54a7efbefa5fa787b0e2d9c8e602adf2aa294e7dcad74370c225574567637f956f849de2a26ef7694dcfdc895b05d41e79f9e65cd0be5619ba9f153e58a9e859a5699e6f64c7d84f85f8fe5ef823d59bd592675242979ef4c13239a6c165c8608ad0278f0ad00bab1cdd151ea01dd617d7bcd2e0b103391bb75c7a8a659a59be8b146441a13e80946625d9f862c9429580d2891c004f98bb58f08b9c22d8c12c39b5c0373d91b99c9dd9aaaf855a3660ef6ce823366d41815285f9ac92e8dc09bbd52cc4a7670735b9e70d0d21d167c801eff0d5aa21231842d7cce526b16c9b063fc098156d6f6b99e6b3a632a73e43ae92ab621d1f912da2cb56e32227ecdb82162dbcf74b1f52d5b739af39569d7bd85dc6e2268761852b98d0dd252c8224552d305103de9beb994c5e8d044e77d18dc8c3752c68b48c0a3210e6baaf063b6f5e01911abb72b3a8dc234f607e358839accb278bec055d662414ebb3dadaf1b84fed5003c7f966c9ec7fc6cb7202e2137a043025066bcbe9b92967d9e8dbc42583e11707dcd059cd22510a3ba31c1270a6037a1106378f9c38aeaf67143ee5604582a36e527c75e234eafc07ee3493e58cef7c3b11be97eb70b2b67296c317f1ef56a881c3582f14eaa72db97d048578623b948a4e37ec61d6b118f108dcc0a0511c71601ccc3d403125c59b25281ee0c8c3672de7d9f2b45adacd8932a1057cf6f17be9cfa04f59526086ce2fd643cf1b697e50e64222f40bd0195f154d1d006f12c766bca5321192f83b334c8a346f55756389d6a5e93b1ccd5fcd673688effaa1aa4cd514b381c759e09896f190ca64005a02bb0884b3440fef9e34099a30295bc5772373c6404ffd0aee61cd751af6cdb8274738bb8c1121e72a3b077276a15cb6af2c7fa98bc642846dae074", 0x5ad}], 0x1}}], 0x1, 0x4000000)

39.592875ms ago: executing program 1 (id=1699):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x0)

27.084869ms ago: executing program 1 (id=1700):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r3, 0x10, 0x0, @in={0x2, 0x4e23, @empty}}}, 0x90)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000001c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000180)=0x1, r1, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0xfffffffd, @empty, 0x5}, r1}}, 0x30)

0s ago: executing program 1 (id=1701):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
pipe2$9p(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000140)={0x30, 0x5, 0x0, {0x0, 0x5, 0x7fff, 0x67}}, 0x30)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000002640)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
umount2(&(0x7f0000000080)='./file0\x00', 0x0)

kernel console output (not intermixed with test programs):

x___alloc_frozen_pages_noprof+0x10/0x10
[  148.141988][ T7951]  ? kasan_save_track+0x4f/0x80
[  148.142017][ T7951]  ? policy_nodemask+0x27c/0x720
[  148.142044][ T7951]  ? __vmalloc_node_noprof+0xc2/0x110
[  148.142062][ T7951]  ? dup_task_struct+0x3e7/0x860
[  148.142084][ T7951]  ? copy_process+0x54b/0x3c00
[  148.142107][ T7951]  alloc_pages_bulk_noprof+0x560/0x710
[  148.142130][ T7951]  ? alloc_pages_noprof+0xbe/0x190
[  148.142150][ T7951]  kasan_populate_vmalloc+0xba/0x1a0
[  148.142179][ T7951]  alloc_vmap_area+0xd51/0x1490
[  148.142215][ T7951]  ? __get_vm_area_node+0x13f/0x300
[  148.142244][ T7951]  ? __pfx_alloc_vmap_area+0x10/0x10
[  148.142273][ T7951]  ? __kasan_kmalloc+0x93/0xb0
[  148.142303][ T7951]  ? __kmalloc_cache_node_noprof+0x220/0x3a0
[  148.142334][ T7951]  ? __get_vm_area_node+0x13f/0x300
[  148.142363][ T7951]  ? copy_process+0x54b/0x3c00
[  148.142387][ T7951]  __get_vm_area_node+0x1f8/0x300
[  148.142420][ T7951]  __vmalloc_node_range_noprof+0x301/0x12f0
[  148.142440][ T7951]  ? copy_process+0x54b/0x3c00
[  148.142462][ T7951]  ? rcu_is_watching+0x15/0xb0
[  148.142486][ T7951]  ? percpu_ref_get_many+0x19/0x140
[  148.142507][ T7951]  ? percpu_ref_get_many+0x19/0x140
[  148.142532][ T7951]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  148.142553][ T7951]  ? memcpy_and_pad+0x48/0x80
[  148.142583][ T7951]  __vmalloc_node_noprof+0xc2/0x110
[  148.142601][ T7951]  ? copy_process+0x54b/0x3c00
[  148.142628][ T7951]  ? copy_process+0x54b/0x3c00
[  148.142652][ T7951]  dup_task_struct+0x3e7/0x860
[  148.142678][ T7951]  copy_process+0x54b/0x3c00
[  148.142712][ T7951]  ? __pfx_copy_process+0x10/0x10
[  148.142744][ T7951]  ? __raw_spin_lock_init+0x45/0x100
[  148.142774][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  148.142805][ T7951]  vhost_task_create+0x1c4/0x290
[  148.142831][ T7951]  ? arch_stack_walk+0xfc/0x150
[  148.142856][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  148.142887][ T7951]  ? __pfx_vhost_task_create+0x10/0x10
[  148.142916][ T7951]  ? __pfx_vhost_task_fn+0x10/0x10
[  148.142947][ T7951]  ? kasan_save_track+0x4f/0x80
[  148.142975][ T7951]  kvm_mmu_post_init_vm+0x14c/0x300
[  148.142997][ T7951]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  148.143022][ T7951]  ? __mutex_trylock_common+0x153/0x260
[  148.143047][ T7951]  ? __pfx___mutex_trylock_common+0x10/0x10
[  148.143071][ T7951]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  148.143093][ T7951]  ? rcu_is_watching+0x15/0xb0
[  148.143114][ T7951]  ? trace_contention_end+0x39/0x120
[  148.143138][ T7951]  ? __mutex_lock+0x335/0x1350
[  148.143170][ T7951]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  148.143193][ T7951]  ? rcu_is_watching+0x15/0xb0
[  148.143215][ T7951]  ? lock_release+0x4b/0x3e0
[  148.143233][ T7951]  ? get_task_pid+0x22/0x310
[  148.143262][ T7951]  kvm_vcpu_ioctl+0x95c/0xe90
[  148.143283][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  148.143303][ T7951]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  148.143344][ T7951]  ? __fget_files+0x3a0/0x420
[  148.143366][ T7951]  ? __fget_files+0x2a/0x420
[  148.143391][ T7951]  ? bpf_lsm_file_ioctl+0x9/0x20
[  148.143419][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  148.143437][ T7951]  __se_sys_ioctl+0xf9/0x170
[  148.143469][ T7951]  do_syscall_64+0xfa/0xfa0
[  148.143497][ T7951]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.143516][ T7951]  ? clear_bhb_loop+0x60/0xb0
[  148.143538][ T7951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.143558][ T7951] RIP: 0033:0x7f7ec2d8ebe9
[  148.143575][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.143594][ T7951] RSP: 002b:00007f7ec3cdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.143615][ T7951] RAX: ffffffffffffffda RBX: 00007f7ec2fc5fa0 RCX: 00007f7ec2d8ebe9
[  148.143630][ T7951] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  148.143641][ T7951] RBP: 00007f7ec3cdf090 R08: 0000000000000000 R09: 0000000000000000
[  148.143653][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.143664][ T7951] R13: 00007f7ec2fc6038 R14: 00007f7ec2fc5fa0 R15: 00007ffd4bcdc6f8
[  148.143687][ T7951]  </TASK>
[  148.143846][ T7951] syz.1.719: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  148.655281][ T7951] CPU: 1 UID: 0 PID: 7951 Comm: syz.1.719 Not tainted syzkaller #0 PREEMPT(full) 
[  148.655307][ T7951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  148.655320][ T7951] Call Trace:
[  148.655327][ T7951]  <TASK>
[  148.655335][ T7951]  dump_stack_lvl+0x189/0x250
[  148.655372][ T7951]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.655403][ T7951]  ? __pfx__printk+0x10/0x10
[  148.655429][ T7951]  ? lock_release+0x4b/0x3e0
[  148.655450][ T7951]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  148.655478][ T7951]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  148.655505][ T7951]  warn_alloc+0x214/0x310
[  148.655525][ T7951]  ? rcu_is_watching+0x15/0xb0
[  148.655549][ T7951]  ? __pfx_warn_alloc+0x10/0x10
[  148.655568][ T7951]  ? kfree+0x18e/0x440
[  148.655594][ T7951]  ? __get_vm_area_node+0x13f/0x300
[  148.655624][ T7951]  ? copy_process+0x54b/0x3c00
[  148.655646][ T7951]  ? __get_vm_area_node+0x211/0x300
[  148.655678][ T7951]  __vmalloc_node_range_noprof+0x326/0x12f0
[  148.655697][ T7951]  ? rcu_is_watching+0x15/0xb0
[  148.655720][ T7951]  ? percpu_ref_get_many+0x19/0x140
[  148.655741][ T7951]  ? percpu_ref_get_many+0x19/0x140
[  148.655766][ T7951]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  148.655786][ T7951]  ? memcpy_and_pad+0x48/0x80
[  148.655815][ T7951]  __vmalloc_node_noprof+0xc2/0x110
[  148.655833][ T7951]  ? copy_process+0x54b/0x3c00
[  148.655854][ T7951]  ? copy_process+0x54b/0x3c00
[  148.655878][ T7951]  dup_task_struct+0x3e7/0x860
[  148.655904][ T7951]  copy_process+0x54b/0x3c00
[  148.655946][ T7951]  ? __pfx_copy_process+0x10/0x10
[  148.655970][ T7951]  ? __raw_spin_lock_init+0x45/0x100
[  148.655999][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  148.656034][ T7951]  vhost_task_create+0x1c4/0x290
[  148.656059][ T7951]  ? arch_stack_walk+0xfc/0x150
[  148.656085][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  148.656116][ T7951]  ? __pfx_vhost_task_create+0x10/0x10
[  148.656146][ T7951]  ? __pfx_vhost_task_fn+0x10/0x10
[  148.656177][ T7951]  ? kasan_save_track+0x4f/0x80
[  148.656206][ T7951]  kvm_mmu_post_init_vm+0x14c/0x300
[  148.656228][ T7951]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  148.656251][ T7951]  ? __mutex_trylock_common+0x153/0x260
[  148.656278][ T7951]  ? __pfx___mutex_trylock_common+0x10/0x10
[  148.656302][ T7951]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  148.656324][ T7951]  ? rcu_is_watching+0x15/0xb0
[  148.656345][ T7951]  ? trace_contention_end+0x39/0x120
[  148.656369][ T7951]  ? __mutex_lock+0x335/0x1350
[  148.656404][ T7951]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  148.656427][ T7951]  ? rcu_is_watching+0x15/0xb0
[  148.656449][ T7951]  ? lock_release+0x4b/0x3e0
[  148.656466][ T7951]  ? get_task_pid+0x22/0x310
[  148.656496][ T7951]  kvm_vcpu_ioctl+0x95c/0xe90
[  148.656517][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  148.656536][ T7951]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  148.656576][ T7951]  ? __fget_files+0x3a0/0x420
[  148.656599][ T7951]  ? __fget_files+0x2a/0x420
[  148.656624][ T7951]  ? bpf_lsm_file_ioctl+0x9/0x20
[  148.656650][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  148.656668][ T7951]  __se_sys_ioctl+0xf9/0x170
[  148.656698][ T7951]  do_syscall_64+0xfa/0xfa0
[  148.656726][ T7951]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.656745][ T7951]  ? clear_bhb_loop+0x60/0xb0
[  148.656768][ T7951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.656787][ T7951] RIP: 0033:0x7f7ec2d8ebe9
[  148.656804][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.656821][ T7951] RSP: 002b:00007f7ec3cdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.656842][ T7951] RAX: ffffffffffffffda RBX: 00007f7ec2fc5fa0 RCX: 00007f7ec2d8ebe9
[  148.656856][ T7951] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  148.656868][ T7951] RBP: 00007f7ec3cdf090 R08: 0000000000000000 R09: 0000000000000000
[  148.656880][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.656892][ T7951] R13: 00007f7ec2fc6038 R14: 00007f7ec2fc5fa0 R15: 00007ffd4bcdc6f8
[  148.656914][ T7951]  </TASK>
[  148.657022][ T7951] Mem-Info:
[  149.007895][    C1] vkms_vblank_simulate: vblank timer overrun
[  149.097900][ T7951] active_anon:5434 inactive_anon:0 isolated_anon:0
[  149.097900][ T7951]  active_file:28395 inactive_file:83896 isolated_file:0
[  149.097900][ T7951]  unevictable:3621 dirty:41 writeback:0
[  149.097900][ T7951]  slab_reclaimable:12378 slab_unreclaimable:92475
[  149.097900][ T7951]  mapped:25211 shmem:1356 pagetables:1170
[  149.097900][ T7951]  sec_pagetables:0 bounce:0
[  149.097900][ T7951]  kernel_misc_reclaimable:0
[  149.097900][ T7951]  free:1265962 free_pcp:19762 free_cma:0
[  149.143285][    C1] vkms_vblank_simulate: vblank timer overrun
[  149.176836][ T7951] Node 0 active_anon:30636kB inactive_anon:0kB active_file:113580kB inactive_file:335380kB unevictable:1648kB isolated(anon):0kB isolated(file):0kB mapped:100844kB dirty:164kB writeback:0kB shmem:3888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11248kB pagetables:4416kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  149.208863][    C1] vkms_vblank_simulate: vblank timer overrun
[  149.240553][ T7951] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:80kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  149.331464][ T7961] netlink: 16 bytes leftover after parsing attributes in process `syz.0.722'.
[  149.348547][ T7951] Node 0 DMA free:15296kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:64kB local_pcp:32kB free_cma:0kB
[  149.377903][    C1] vkms_vblank_simulate: vblank timer overrun
[  149.396550][ T7951] lowmem_reserve[]: 0 2495 2496 2496 2496
[  149.403115][ T7951] Node 0 DMA32 free:1169828kB boost:0kB min:34216kB low:42768kB high:51320kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24004kB inactive_anon:0kB active_file:113580kB inactive_file:334304kB unevictable:1548kB writepending:164kB present:3129332kB managed:2555588kB mlocked:12kB bounce:0kB free_pcp:57900kB local_pcp:26656kB free_cma:0kB
[  149.435661][    C1] vkms_vblank_simulate: vblank timer overrun
[  149.443925][ T7951] lowmem_reserve[]: 0 0 1 1 1
[  149.449949][ T7951] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1076kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  149.487853][ T7951] lowmem_reserve[]: 0 0 0 0 0
[  149.494163][ T7951] Node 1 Normal free:3887820kB boost:0kB min:55668kB low:69584kB high:83500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:21568kB local_pcp:11904kB free_cma:0kB
[  149.546489][ T7951] lowmem_reserve[]: 0 0 0 0 0
[  149.552067][ T7951] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15296kB
[  149.567220][ T7951] Node 0 DMA32: 1227*4kB (UME) 831*8kB (UME) 251*16kB (UME) 191*32kB (UME) 104*64kB (UM) 84*128kB (M) 47*256kB (ME) 5*512kB (M) 8*1024kB (UME) 6*2048kB (UME) 268*4096kB (M) = 1171892kB
[  149.670417][ T7951] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  149.699475][ T7951] Node 1 Normal: 177*4kB (UE) 51*8kB (UME) 39*16kB (UME) 84*32kB (UME) 24*64kB (UME) 9*128kB (UME) 3*256kB (UM) 4*512kB (UME) 3*1024kB (UME) 2*2048kB (UE) 945*4096kB (M) = 3887820kB
[  149.719663][ T7951] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  149.746168][ T7951] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  149.762406][ T7951] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  149.774444][ T7951] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  149.784078][ T7951] 113643 total pagecache pages
[  149.788956][ T7951] 0 pages in swap cache
[  149.797762][ T7951] Free swap  = 124996kB
[  149.849740][ T7951] Total swap = 124996kB
[  149.849758][ T7951] 2097051 pages RAM
[  149.849767][ T7951] 0 pages HighMem/MovableOnly
[  149.849776][ T7951] 426256 pages reserved
[  149.849783][ T7951] 0 pages cma reserved
[  150.077330][ T8003] netlink: 36 bytes leftover after parsing attributes in process `syz.2.740'.
[  150.108496][ T7999] /dev/rnullb0: Can't open blockdev
[  150.170116][    T9] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  150.326401][ T8013] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  150.332954][ T8013] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  150.340739][    T9] usb 4-1: Using ep0 maxpacket: 32
[  150.346160][ T8013] vhci_hcd vhci_hcd.0: Device attached
[  150.353954][    T9] usb 4-1: config 0 has an invalid descriptor of length 129, skipping remainder of the config
[  150.364444][    T9] usb 4-1: config 0 interface 0 altsetting 252 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  150.366162][ T8016] vhci_hcd: connection closed
[  150.379870][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  150.381339][   T37] vhci_hcd: stop threads
[  150.384677][    T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=0324, bcdDevice= 0.00
[  150.393088][   T37] vhci_hcd: release socket
[  150.395643][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.405719][   T37] vhci_hcd: disconnect device
[  150.411032][    T9] usb 4-1: config 0 descriptor??
[  150.440489][    T9] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  151.024431][ T8026] netlink: 'syz.0.749': attribute type 1 has an invalid length.
[  151.032214][ T8026] netlink: 224 bytes leftover after parsing attributes in process `syz.0.749'.
[  151.367464][ T8038] QAT: Stopping all acceleration devices.
[  151.659208][ T5900] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  151.741340][ T8047] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  151.812033][ T5900] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[  151.822729][ T5900] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  151.830287][ T8054] Invalid logical block size (511)
[  151.848345][ T5900] usb 1-1: config 0 has no interface number 0
[  151.854925][ T5900] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  151.866577][ T5900] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  151.878589][ T5900] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  151.889728][ T8056] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe
[  151.892622][ T5900] usb 1-1: config 0 interface 52 has no altsetting 0
[  151.908918][ T5900] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00
[  151.920815][ T5900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=35
[  151.933948][ T5900] usb 1-1: SerialNumber: syz
[  151.948430][ T5900] usb 1-1: config 0 descriptor??
[  152.165195][ T5900] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  152.174226][ T5900] synaptics_usb 1-1:0.52: probe with driver synaptics_usb failed with error -5
[  152.412956][ T5900] usb 1-1: USB disconnect, device number 28
[  152.479554][ T1211] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  152.662154][ T1211] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  152.673025][ T1211] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  152.684827][ T1211] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.695351][ T1211] usb 3-1: config 0 descriptor??
[  152.708497][ T1211] pwc: Askey VC010 type 2 USB webcam detected.
[  152.710412][ T8091] netlink: 72 bytes leftover after parsing attributes in process `syz.1.772'.
[  152.920704][ T8097] netlink: 32 bytes leftover after parsing attributes in process `syz.1.775'.
[  152.954191][ T5900] usb 4-1: USB disconnect, device number 34
[  153.100429][ T8104] /dev/rnullb0: Can't open blockdev
[  153.113310][ T1211] pwc: recv_control_msg error -32 req 02 val 2b00
[  153.128495][ T1211] pwc: recv_control_msg error -32 req 02 val 2700
[  153.145600][ T1211] pwc: recv_control_msg error -32 req 02 val 2c00
[  153.201603][ T1211] pwc: recv_control_msg error -32 req 04 val 1000
[  153.221257][ T1211] pwc: recv_control_msg error -32 req 04 val 1300
[  153.238311][ T1211] pwc: recv_control_msg error -32 req 04 val 1400
[  153.259010][ T1211] pwc: recv_control_msg error -32 req 02 val 2000
[  153.282770][ T1211] pwc: recv_control_msg error -32 req 02 val 2100
[  153.288266][ T8113] syzkaller1: entered promiscuous mode
[  153.296492][ T8113] syzkaller1: entered allmulticast mode
[  153.306458][ T1211] pwc: recv_control_msg error -32 req 04 val 1500
[  153.315220][ T1211] pwc: recv_control_msg error -32 req 02 val 2500
[  153.559208][ T5907] usb 1-1: new low-speed USB device number 29 using dummy_hcd
[  153.703352][ T8125] /dev/rnullb0: Can't open blockdev
[  153.722693][ T5907] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  153.741928][ T5907] usb 1-1: config 179 has no interface number 0
[  153.756759][ T5907] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  153.771671][ T5907] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  153.781944][ T5907] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  153.793410][ T5907] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8
[  153.806406][ T5907] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  153.820301][ T5907] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  153.829715][ T5907] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.848744][ T8113] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  153.861318][ T5907] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  153.873941][ T5907] xpad 1-1:179.65: probe with driver xpad failed with error -90
[  153.883785][ T8127] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  153.937533][ T8129] FAULT_INJECTION: forcing a failure.
[  153.937533][ T8129] name failslab, interval 1, probability 0, space 0, times 0
[  153.954826][ T8129] CPU: 0 UID: 0 PID: 8129 Comm: syz.1.788 Not tainted syzkaller #0 PREEMPT(full) 
[  153.954856][ T8129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.954868][ T8129] Call Trace:
[  153.954876][ T8129]  <TASK>
[  153.954884][ T8129]  dump_stack_lvl+0x189/0x250
[  153.954925][ T8129]  ? __pfx____ratelimit+0x10/0x10
[  153.954951][ T8129]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.954982][ T8129]  ? __pfx__printk+0x10/0x10
[  153.955009][ T8129]  ? genl_rcv+0x28/0x40
[  153.955027][ T8129]  ? ____sys_sendmsg+0x505/0x830
[  153.955055][ T8129]  ? __x64_sys_sendmsg+0x19b/0x260
[  153.955084][ T8129]  ? do_syscall_64+0xfa/0xfa0
[  153.955110][ T8129]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.955134][ T8129]  should_fail_ex+0x414/0x560
[  153.955164][ T8129]  should_failslab+0xa8/0x100
[  153.955184][ T8129]  kmem_cache_alloc_noprof+0x73/0x390
[  153.955213][ T8129]  ? skb_clone+0x212/0x3a0
[  153.955232][ T8129]  skb_clone+0x212/0x3a0
[  153.955251][ T8129]  __netlink_deliver_tap+0x404/0x850
[  153.955284][ T8129]  ? netlink_deliver_tap+0x2e/0x1b0
[  153.955310][ T8129]  netlink_deliver_tap+0x19c/0x1b0
[  153.955336][ T8129]  netlink_sendskb+0x68/0x140
[  153.955359][ T8129]  netlink_unicast+0x397/0x9e0
[  153.955381][ T8129]  ? __asan_memcpy+0x40/0x70
[  153.955410][ T8129]  ? __pfx_netlink_unicast+0x10/0x10
[  153.955437][ T8129]  netlink_rcv_skb+0x28c/0x470
[  153.955463][ T8129]  ? __pfx_genl_rcv_msg+0x10/0x10
[  153.955482][ T8129]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  153.955520][ T8129]  ? lock_release+0x4b/0x3e0
[  153.955541][ T8129]  ? down_read+0x1ad/0x2e0
[  153.955559][ T8129]  genl_rcv+0x28/0x40
[  153.955576][ T8129]  netlink_unicast+0x82f/0x9e0
[  153.955602][ T8129]  ? __pfx_netlink_unicast+0x10/0x10
[  153.955625][ T8129]  ? netlink_sendmsg+0x642/0xb30
[  153.955650][ T8129]  ? skb_put+0x11b/0x210
[  153.955679][ T8129]  netlink_sendmsg+0x805/0xb30
[  153.955709][ T8129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.955737][ T8129]  ? aa_sock_msg_perm+0xf1/0x1d0
[  153.955764][ T8129]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  153.955788][ T8129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.955815][ T8129]  __sock_sendmsg+0x21c/0x270
[  153.955838][ T8129]  ____sys_sendmsg+0x505/0x830
[  153.955870][ T8129]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.955904][ T8129]  ? import_iovec+0x74/0xa0
[  153.955928][ T8129]  ___sys_sendmsg+0x21f/0x2a0
[  153.955958][ T8129]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.956004][ T8129]  ? __fget_files+0x2a/0x420
[  153.956028][ T8129]  ? __fget_files+0x3a0/0x420
[  153.956056][ T8129]  __x64_sys_sendmsg+0x19b/0x260
[  153.956087][ T8129]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  153.956121][ T8129]  ? __pfx_ksys_write+0x10/0x10
[  153.956143][ T8129]  ? rcu_is_watching+0x15/0xb0
[  153.956167][ T8129]  do_syscall_64+0xfa/0xfa0
[  153.956193][ T8129]  ? rcu_is_watching+0x15/0xb0
[  153.956215][ T8129]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.956234][ T8129]  ? clear_bhb_loop+0x60/0xb0
[  153.956257][ T8129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.956276][ T8129] RIP: 0033:0x7f7ec2d8ebe9
[  153.956293][ T8129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.956311][ T8129] RSP: 002b:00007f7ec3cdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.956333][ T8129] RAX: ffffffffffffffda RBX: 00007f7ec2fc5fa0 RCX: 00007f7ec2d8ebe9
[  153.956348][ T8129] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  153.956360][ T8129] RBP: 00007f7ec3cdf090 R08: 0000000000000000 R09: 0000000000000000
[  153.956372][ T8129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.956384][ T8129] R13: 00007f7ec2fc6038 R14: 00007f7ec2fc5fa0 R15: 00007ffd4bcdc6f8
[  153.956407][ T8129]  </TASK>
[  154.060542][ T5907] usb 1-1: USB disconnect, device number 29
[  154.066829][   T10] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  154.499316][   T10] usb 4-1: Using ep0 maxpacket: 32
[  154.508155][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.519304][   T10] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  154.535838][   T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  154.546804][   T10] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  154.555453][   T10] usb 4-1: Product: syz
[  154.561482][   T10] usb 4-1: Manufacturer: syz
[  154.566221][   T10] usb 4-1: SerialNumber: syz
[  154.583797][   T10] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input20
[  154.781581][ T5921] usb 4-1: USB disconnect, device number 35
[  154.795645][ T5921] appletouch 4-1:1.0: input: appletouch disconnected
[  154.961618][   T10] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  155.111311][ T8153] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  155.111466][ T8153] /dev/rnullb0: Can't open blockdev
[  155.130950][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.130983][   T10] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  155.131001][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.133100][   T10] usb 2-1: config 0 descriptor??
[  155.136547][   T10] pwc: Askey VC010 type 2 USB webcam detected.
[  155.202682][ T1211] pwc: recv_control_msg error -71 req 02 val 2400
[  155.209265][ T1211] pwc: recv_control_msg error -71 req 02 val 2600
[  155.216154][ T1211] pwc: recv_control_msg error -71 req 02 val 2900
[  155.222848][ T1211] pwc: recv_control_msg error -71 req 02 val 2800
[  155.223356][ T1211] pwc: recv_control_msg error -71 req 04 val 1100
[  155.249227][ T1211] pwc: recv_control_msg error -71 req 04 val 1200
[  155.257431][ T1211] pwc: Registered as video103.
[  155.272244][ T1211] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input21
[  155.289662][ T8155] netlink: 'syz.0.799': attribute type 21 has an invalid length.
[  155.306301][ T8155] netlink: 128 bytes leftover after parsing attributes in process `syz.0.799'.
[  155.315631][ T1211] usb 3-1: USB disconnect, device number 30
[  155.423496][ T8160] /dev/rnullb0: Can't open blockdev
[  155.537822][   T10] pwc: recv_control_msg error -32 req 02 val 2b00
[  155.556938][ T8167] /dev/rnullb0: Can't open blockdev
[  155.559850][   T10] pwc: recv_control_msg error -32 req 02 val 2700
[  155.578775][   T10] pwc: recv_control_msg error -32 req 02 val 2c00
[  155.596800][   T10] pwc: recv_control_msg error -32 req 04 val 1000
[  155.604841][   T10] pwc: recv_control_msg error -32 req 04 val 1300
[  155.612048][   T10] pwc: recv_control_msg error -32 req 04 val 1400
[  155.619569][   T10] pwc: recv_control_msg error -32 req 02 val 2000
[  155.628284][   T10] pwc: recv_control_msg error -32 req 02 val 2100
[  155.636518][   T10] pwc: recv_control_msg error -32 req 04 val 1500
[  155.647510][   T10] pwc: recv_control_msg error -32 req 02 val 2500
[  155.655171][   T10] pwc: recv_control_msg error -32 req 02 val 2400
[  155.655403][ T8171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.805'.
[  155.662404][   T10] pwc: recv_control_msg error -32 req 02 val 2600
[  155.766603][ T8177] netlink: 16 bytes leftover after parsing attributes in process `syz.2.809'.
[  155.884446][   T10] pwc: recv_control_msg error -71 req 02 val 2800
[  155.892647][   T10] pwc: recv_control_msg error -71 req 04 val 1100
[  155.900085][   T10] pwc: recv_control_msg error -71 req 04 val 1200
[  155.907407][   T10] pwc: Registered as video103.
[  155.915158][   T10] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input22
[  155.933931][   T10] usb 2-1: USB disconnect, device number 24
[  156.060203][ T5940] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  156.210618][ T5940] usb 3-1: config 188 has too many interfaces: 149, using maximum allowed: 32
[  156.220215][ T5940] usb 3-1: config 188 has an invalid descriptor of length 1, skipping remainder of the config
[  156.230611][ T5940] usb 3-1: config 188 has 0 interfaces, different from the descriptor's value: 149
[  156.240007][ T5940] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  156.249065][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.258702][ T5940] usb 3-1: rejected 1 configuration due to insufficient available bus power
[  156.267490][ T5940] usb 3-1: no configuration chosen from 1 choice
[  156.634818][ T8192] netlink: 'syz.3.815': attribute type 30 has an invalid length.
[  157.530966][ T8221] netlink: 36 bytes leftover after parsing attributes in process `syz.1.826'.
[  158.135551][ T8255] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  158.194004][ T8257] /dev/rnullb0: Can't open blockdev
[  158.283397][ T8261] Invalid logical block size (511)
[  158.789333][ T8268] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe
[  158.841088][ T5940] usb 3-1: USB disconnect, device number 31
[  159.010931][ T8272] /dev/rnullb0: Can't open blockdev
[  159.381812][ T8288] /dev/rnullb0: Can't open blockdev
[  159.455355][ T8294] netlink: 72 bytes leftover after parsing attributes in process `syz.0.856'.
[  159.479549][   T10] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  159.642426][   T10] usb 4-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 16
[  159.652779][   T10] usb 4-1: config 1 interface 0 altsetting 10 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  159.667002][   T10] usb 4-1: config 1 interface 0 has no altsetting 0
[  159.681430][   T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  159.700352][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.707036][ T8303] netlink: 32 bytes leftover after parsing attributes in process `syz.0.860'.
[  159.708551][   T10] usb 4-1: Product: Ц
[  159.722068][   T10] usb 4-1: Manufacturer: ӿ
[  159.726610][   T10] usb 4-1: SerialNumber: Ѕ
[  159.740208][ T8277] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  159.757983][ T8305] /dev/rnullb0: Can't open blockdev
[  159.760600][ T8277] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  159.906222][ T8310] wlan1 speed is unknown, defaulting to 1000
[  160.180626][ T8277] batadv_slave_1: entered promiscuous mode
[  160.306611][ T8315] syzkaller0: entered promiscuous mode
[  160.306636][ T8315] syzkaller0: entered allmulticast mode
[  160.379717][ T8276] batadv_slave_1: left promiscuous mode
[  160.394156][   T10] usb 4-1: USB disconnect, device number 36
[  160.822164][ T8333] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  160.870849][ T8338] FAULT_INJECTION: forcing a failure.
[  160.870849][ T8338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.886340][ T8338] CPU: 1 UID: 0 PID: 8338 Comm: syz.0.874 Not tainted syzkaller #0 PREEMPT(full) 
[  160.886368][ T8338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  160.886380][ T8338] Call Trace:
[  160.886387][ T8338]  <TASK>
[  160.886396][ T8338]  dump_stack_lvl+0x189/0x250
[  160.886431][ T8338]  ? __pfx____ratelimit+0x10/0x10
[  160.886455][ T8338]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.886481][ T8338]  ? __pfx__printk+0x10/0x10
[  160.886510][ T8338]  ? rcu_is_watching+0x15/0xb0
[  160.886532][ T8338]  should_fail_ex+0x414/0x560
[  160.886560][ T8338]  _copy_to_user+0x31/0xb0
[  160.886583][ T8338]  simple_read_from_buffer+0xe1/0x170
[  160.886605][ T8338]  proc_fail_nth_read+0x1b3/0x220
[  160.886633][ T8338]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  160.886661][ T8338]  ? rw_verify_area+0x2a6/0x4d0
[  160.886678][ T8338]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  160.886703][ T8338]  vfs_read+0x200/0xa30
[  160.886719][ T8338]  ? fdget_pos+0x247/0x320
[  160.886743][ T8338]  ? __pfx___mutex_lock+0x10/0x10
[  160.886770][ T8338]  ? __pfx_vfs_read+0x10/0x10
[  160.886801][ T8338]  ? __fget_files+0x3a0/0x420
[  160.886825][ T8338]  ? __fget_files+0x2a/0x420
[  160.886851][ T8338]  ksys_read+0x145/0x250
[  160.886871][ T8338]  ? __pfx_ksys_read+0x10/0x10
[  160.886892][ T8338]  ? rcu_is_watching+0x15/0xb0
[  160.886915][ T8338]  do_syscall_64+0xfa/0xfa0
[  160.886941][ T8338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.886961][ T8338]  ? clear_bhb_loop+0x60/0xb0
[  160.886982][ T8338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.887001][ T8338] RIP: 0033:0x7f955718d5fc
[  160.887019][ T8338] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  160.887037][ T8338] RSP: 002b:00007f9557f86030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  160.887058][ T8338] RAX: ffffffffffffffda RBX: 00007f95573c5fa0 RCX: 00007f955718d5fc
[  160.887072][ T8338] RDX: 000000000000000f RSI: 00007f9557f860a0 RDI: 0000000000000004
[  160.887085][ T8338] RBP: 00007f9557f86090 R08: 0000000000000000 R09: 0000000000000000
[  160.887097][ T8338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.887109][ T8338] R13: 00007f95573c6038 R14: 00007f95573c5fa0 R15: 00007ffef41226c8
[  160.887132][ T8338]  </TASK>
[  161.112051][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.381897][   T30] audit: type=1326 audit(1756843495.875:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8313 comm="syz.1.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ec2d8ebe9 code=0x7fc00000
[  161.513832][ T8358] /dev/rnullb0: Can't open blockdev
[  161.552027][ T8364] netlink: 'syz.1.883': attribute type 21 has an invalid length.
[  161.592816][ T8364] netlink: 128 bytes leftover after parsing attributes in process `syz.1.883'.
[  161.698976][ T8372] netlink: 12 bytes leftover after parsing attributes in process `syz.2.889'.
[  161.753821][ T8379] netlink: 16 bytes leftover after parsing attributes in process `syz.1.893'.
[  162.019210][ T5940] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  162.049749][   T10] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  162.172497][ T5940] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  162.182823][ T5940] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  162.191999][ T5940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.200139][ T5907] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  162.209632][ T5940] usb 1-1: config 0 descriptor??
[  162.218848][ T5940] pwc: Askey VC010 type 2 USB webcam detected.
[  162.230576][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  162.241131][   T10] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  162.250630][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.260875][   T10] usb 2-1: config 0 descriptor??
[  162.268474][   T10] pwc: Askey VC010 type 2 USB webcam detected.
[  162.359191][ T5907] usb 4-1: Using ep0 maxpacket: 8
[  162.368274][ T5907] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  162.377581][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.385721][ T5907] usb 4-1: Product: syz
[  162.390085][ T5907] usb 4-1: Manufacturer: syz
[  162.394719][ T5907] usb 4-1: SerialNumber: syz
[  162.402395][ T5907] usb 4-1: config 0 descriptor??
[  162.409979][ T5907] gspca_main: se401-2.14.0 probing 047d:5003
[  162.617822][ T5940] pwc: recv_control_msg error -32 req 02 val 2b00
[  162.627573][ T5940] pwc: recv_control_msg error -32 req 02 val 2700
[  162.634867][ T5940] pwc: recv_control_msg error -32 req 02 val 2c00
[  162.642336][ T5940] pwc: recv_control_msg error -32 req 04 val 1000
[  162.649747][ T5940] pwc: recv_control_msg error -32 req 04 val 1300
[  162.668596][   T10] pwc: recv_control_msg error -32 req 02 val 2b00
[  162.675928][   T10] pwc: recv_control_msg error -32 req 02 val 2700
[  162.683163][   T10] pwc: recv_control_msg error -32 req 02 val 2c00
[  162.690481][   T10] pwc: recv_control_msg error -32 req 04 val 1000
[  162.697445][   T10] pwc: recv_control_msg error -32 req 04 val 1300
[  162.704651][   T10] pwc: recv_control_msg error -32 req 04 val 1400
[  162.711748][   T10] pwc: recv_control_msg error -32 req 02 val 2000
[  162.718722][   T10] pwc: recv_control_msg error -32 req 02 val 2100
[  162.725717][   T10] pwc: recv_control_msg error -32 req 04 val 1500
[  162.733529][   T10] pwc: recv_control_msg error -32 req 02 val 2500
[  162.740700][   T10] pwc: recv_control_msg error -32 req 02 val 2400
[  162.747704][   T10] pwc: recv_control_msg error -32 req 02 val 2600
[  162.810650][ T5907] gspca_se401: ExtraFeatures: 148
[  162.815769][ T5907] gspca_se401: Too many frame sizes
[  162.857675][ T5940] pwc: recv_control_msg error -32 req 02 val 2000
[  162.865180][ T5940] pwc: recv_control_msg error -32 req 02 val 2100
[  162.873202][ T5940] pwc: recv_control_msg error -32 req 04 val 1500
[  162.880352][ T5940] pwc: recv_control_msg error -32 req 02 val 2500
[  162.887377][ T5940] pwc: recv_control_msg error -32 req 02 val 2400
[  162.897031][ T5940] pwc: recv_control_msg error -32 req 02 val 2600
[  162.904064][ T5940] pwc: recv_control_msg error -32 req 02 val 2900
[  162.958723][   T10] pwc: recv_control_msg error -71 req 02 val 2800
[  162.968583][   T10] pwc: recv_control_msg error -71 req 04 val 1100
[  162.976828][   T10] pwc: recv_control_msg error -71 req 04 val 1200
[  162.984487][   T10] pwc: Registered as video103.
[  162.990601][   T10] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input23
[  163.012461][   T10] usb 2-1: USB disconnect, device number 25
[  163.060907][ T5921] usb 4-1: USB disconnect, device number 37
[  163.115106][ T5940] pwc: recv_control_msg error -71 req 04 val 1100
[  163.122904][ T5940] pwc: recv_control_msg error -71 req 04 val 1200
[  163.130804][ T5940] pwc: Registered as video103.
[  163.136803][ T5940] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input24
[  163.168028][ T5940] usb 1-1: USB disconnect, device number 30
[  163.174772][ T5907] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  163.339202][ T5907] usb 3-1: Using ep0 maxpacket: 8
[  163.345747][ T5907] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  163.356428][ T5907] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  163.365677][ T5907] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  163.374201][ T5907] usb 3-1: Product: syz
[  163.378420][ T5907] usb 3-1: Manufacturer: syz
[  163.383091][ T5907] usb 3-1: SerialNumber: syz
[  163.592708][ T8395] /dev/rnullb0: Can't open blockdev
[  163.599264][ T5907] usb 3-1: palm_os_3_probe - error -71 getting connection information
[  163.609014][ T5907] visor 3-1:1.0: probe with driver visor failed with error -71
[  163.618877][ T5907] usb 3-1: USB disconnect, device number 32
[  163.929256][ T1211] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  164.100445][ T1211] usb 4-1: Using ep0 maxpacket: 16
[  164.153499][ T1211] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  164.167099][ T1211] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  164.177791][ T1211] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.196698][ T1211] usb 4-1: Product: syz
[  164.204170][ T1211] usb 4-1: Manufacturer: syz
[  164.218989][ T1211] usb 4-1: SerialNumber: syz
[  164.232817][ T1211] usb 4-1: config 0 descriptor??
[  164.368330][ T8426] netlink: 36 bytes leftover after parsing attributes in process `syz.1.913'.
[  164.457912][ T8405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.466668][ T8405] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.495786][ T1211] usb 4-1: USB disconnect, device number 38
[  164.659853][ T5907] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  164.819310][ T5907] usb 3-1: Using ep0 maxpacket: 32
[  164.825885][ T5907] usb 3-1: config 0 has an invalid interface number: 126 but max is 0
[  164.834578][ T5907] usb 3-1: config 0 has no interface number 0
[  164.842234][ T5907] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  164.853449][ T5907] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  164.879189][ T5907] usb 3-1: config 0 interface 126 has no altsetting 0
[  164.887763][ T5907] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  164.899631][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.907744][ T5907] usb 3-1: Product: syz
[  164.912034][ T5907] usb 3-1: Manufacturer: syz
[  164.916665][ T5907] usb 3-1: SerialNumber: syz
[  164.921642][ T5940] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  164.932915][ T5907] usb 3-1: config 0 descriptor??
[  164.938474][ T8427] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  164.945939][ T8427] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  164.957669][ T8457] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  165.005191][ T8459] Invalid logical block size (511)
[  165.059192][ T5900] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  165.080650][ T5940] usb 1-1: config 3 has an invalid interface number: 179 but max is 0
[  165.088944][ T5940] usb 1-1: config 3 has no interface number 0
[  165.095133][ T5940] usb 1-1: config 3 interface 179 has no altsetting 0
[  165.104232][ T5940] usb 1-1: New USB device found, idVendor=093b, idProduct=a104, bcdDevice= 0.01
[  165.113661][ T5940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.121716][ T5940] usb 1-1: Product: syz
[  165.126319][ T5940] usb 1-1: Manufacturer: syz
[  165.131205][ T5940] usb 1-1: SerialNumber: syz
[  165.209304][ T5900] usb 4-1: Using ep0 maxpacket: 8
[  165.215987][ T5900] usb 4-1: config 0 has an invalid interface number: 186 but max is 0
[  165.224254][ T5900] usb 4-1: config 0 has no interface number 0
[  165.230891][ T5900] usb 4-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  165.242760][ T5900] usb 4-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  165.254600][ T5900] usb 4-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  165.265784][ T5900] usb 4-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  165.275770][ T5900] usb 4-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  165.290511][ T1211] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  165.291227][ T5900] usb 4-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  165.307250][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.315308][ T5900] usb 4-1: Product: syz
[  165.319560][ T5900] usb 4-1: Manufacturer: syz
[  165.324206][ T5900] usb 4-1: SerialNumber: syz
[  165.332796][ T5900] usb 4-1: config 0 descriptor??
[  165.343563][ T8440] input: syz0 as /devices/virtual/input/input25
[  165.355723][ T8440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  165.364606][ T8440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.439256][ T1211] usb 2-1: device descriptor read/64, error -71
[  165.510088][ T8465] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  165.523930][ T8465] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.679269][ T1211] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  165.809256][ T1211] usb 2-1: device descriptor read/64, error -71
[  165.920599][ T1211] usb usb2-port1: attempt power cycle
[  166.269243][ T1211] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  166.289905][ T1211] usb 2-1: device descriptor read/8, error -71
[  166.530635][ T1211] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  166.559702][ T1211] usb 2-1: device descriptor read/8, error -71
[  166.669490][ T1211] usb usb2-port1: unable to enumerate USB device
[  166.913579][ T8476] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe
[  167.170758][ T8479] netlink: zone id is out of range
[  167.177817][ T8479] netlink: set zone limit has 4 unknown bytes
[  167.711960][ T5900] iowarrior 4-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0
[  167.728671][ T5940] go7007 1-1:3.179: probe with driver go7007 failed with error -12
[  167.737281][ T5907] ir_usb 3-1:0.126: IR Dongle converter detected
[  167.747484][ T5900] usb 4-1: USB disconnect, device number 39
[  167.753547][ T5907] usb 3-1: IRDA class descriptor not found, device not bound
[  167.763919][ T5940] usb 1-1: USB disconnect, device number 31
[  167.787705][ T5907] usb 3-1: USB disconnect, device number 33
[  168.072574][ T5900] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  168.153291][   T51] Bluetooth: hci1: Malformed LE Event: 0x0d
[  168.160805][ T8506] netlink: 32 bytes leftover after parsing attributes in process `syz.1.943'.
[  168.201986][ T8510] netlink: 32 bytes leftover after parsing attributes in process `syz.0.944'.
[  168.218453][ T8504] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  168.228345][ T8504] block device autoloading is deprecated and will be removed.
[  168.256109][ T5900] usb 4-1: Using ep0 maxpacket: 8
[  168.262135][ T5900] usb 4-1: too many configurations: 11, using maximum allowed: 8
[  168.273190][ T5900] usb 4-1: unable to read config index 0 descriptor/start: -61
[  168.282264][ T5900] usb 4-1: can't read configurations, error -61
[  168.419212][ T5900] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  168.499204][ T1211] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  168.569221][ T5900] usb 4-1: Using ep0 maxpacket: 8
[  168.574849][ T5900] usb 4-1: too many configurations: 11, using maximum allowed: 8
[  168.591101][ T5900] usb 4-1: unable to read config index 0 descriptor/start: -61
[  168.598711][ T5900] usb 4-1: can't read configurations, error -61
[  168.605362][ T5900] usb usb4-port1: attempt power cycle
[  168.659280][ T1211] usb 1-1: Using ep0 maxpacket: 16
[  168.670102][ T1211] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.694277][ T1211] usb 1-1: config 0 interface 0 has no altsetting 0
[  168.706343][ T1211] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  168.726363][ T1211] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.737516][ T1211] usb 1-1: Product: syz
[  168.750574][ T1211] usb 1-1: Manufacturer: syz
[  168.756187][ T1211] usb 1-1: SerialNumber: syz
[  168.767694][ T1211] usb 1-1: config 0 descriptor??
[  168.949291][ T5900] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  168.990991][ T5900] usb 4-1: Using ep0 maxpacket: 8
[  168.996697][ T5900] usb 4-1: too many configurations: 11, using maximum allowed: 8
[  169.012143][ T5900] usb 4-1: unable to read config index 0 descriptor/start: -61
[  169.020891][ T5900] usb 4-1: can't read configurations, error -61
[  169.149227][ T5900] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  169.170485][ T5900] usb 4-1: Using ep0 maxpacket: 8
[  169.176057][ T5900] usb 4-1: too many configurations: 11, using maximum allowed: 8
[  169.185662][ T5900] usb 4-1: unable to read config index 0 descriptor/start: -61
[  169.193617][ T5900] usb 4-1: can't read configurations, error -61
[  169.209371][ T5900] usb usb4-port1: unable to enumerate USB device
[  169.210047][ T5921] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  169.239354][ T8527] /dev/rnullb0: Can't open blockdev
[  169.314171][ T1211] usb 1-1: USB disconnect, device number 32
[  169.394836][ T5921] usb 2-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=31.00
[  169.405686][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.413788][ T5921] usb 2-1: Product: syz
[  169.418104][ T5921] usb 2-1: Manufacturer: syz
[  169.424673][ T5921] usb 2-1: SerialNumber: syz
[  169.432825][ T5921] usb 2-1: config 0 descriptor??
[  169.442912][ T5921] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  169.454299][ T5921] usb 2-1: Detected FT4232HP
[  169.643213][ T8525] /dev/rnullb0: Can't open blockdev
[  169.654419][ T8525] /dev/rnullb0: Can't open blockdev
[  169.659900][ T8529] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.670847][ T8529] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.682724][ T5921] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  169.695160][ T5921] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  169.704249][ T5921] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  169.722031][ T5921] usb 2-1: USB disconnect, device number 30
[  169.741151][ T5921] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  169.758867][ T5921] ftdi_sio 2-1:0.0: device disconnected
[  170.057471][ T8547] tipc: Started in network mode
[  170.064914][ T8547] tipc: Node identity ac1414aa, cluster identity 4711
[  170.072496][ T8547] tipc: Enabled bearer <udp:s>, priority 10
[  170.147274][ T8556] /dev/rnullb0: Can't open blockdev
[  170.521027][ T8579] netlink: 'syz.1.968': attribute type 21 has an invalid length.
[  170.528960][ T8579] netlink: 128 bytes leftover after parsing attributes in process `syz.1.968'.
[  170.709230][ T5900] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  170.831520][ T8581] I/O error, dev loop1, sector 128 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[  170.841324][ T8581] gfs2: error -5 reading superblock
[  170.859523][ T5900] usb 3-1: Using ep0 maxpacket: 16
[  170.870636][ T5900] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  170.880081][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.888217][ T5900] usb 3-1: Product: syz
[  170.892967][ T5900] usb 3-1: Manufacturer: syz
[  170.898201][ T5900] usb 3-1: SerialNumber: syz
[  170.929545][ T5900] r8152-cfgselector 3-1: Unknown version 0x0000
[  170.951064][ T5900] r8152-cfgselector 3-1: config 0 descriptor??
[  171.058195][ T8587] /dev/rnullb0: Can't open blockdev
[  171.069409][ T5921] tipc: Node number set to 2886997162
[  171.164768][ T5900] r8152-cfgselector 3-1: Unknown version 0x78a0
[  171.187035][ T5900] r8152-cfgselector 3-1: bad CDC descriptors
[  171.255875][ T8593] netlink: 12 bytes leftover after parsing attributes in process `syz.0.974'.
[  171.424017][ T8596] netlink: 16 bytes leftover after parsing attributes in process `syz.0.976'.
[  171.897841][ T8600] netlink: 60 bytes leftover after parsing attributes in process `syz.3.978'.
[  171.930444][ T8600] netlink: 60 bytes leftover after parsing attributes in process `syz.3.978'.
[  171.976495][ T8600] netlink: 60 bytes leftover after parsing attributes in process `syz.3.978'.
[  172.138641][ T8609] /dev/rnullb0: Can't open blockdev
[  172.899305][ T5921] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  173.073795][ T5921] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  173.108041][ T5921] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  173.134322][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.158055][ T5921] usb 2-1: config 0 descriptor??
[  173.182350][ T5921] pwc: Askey VC010 type 2 USB webcam detected.
[  173.510959][ T5940] r8152-cfgselector 3-1: USB disconnect, device number 34
[  173.569463][ T1211] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  173.582902][ T5921] pwc: recv_control_msg error -32 req 02 val 2b00
[  173.595655][ T5921] pwc: recv_control_msg error -32 req 02 val 2700
[  173.603510][ T5921] pwc: recv_control_msg error -32 req 02 val 2c00
[  173.611921][ T5921] pwc: recv_control_msg error -32 req 04 val 1000
[  173.621584][ T5921] pwc: recv_control_msg error -32 req 04 val 1300
[  173.630046][ T5921] pwc: recv_control_msg error -32 req 04 val 1400
[  173.637869][ T5921] pwc: recv_control_msg error -32 req 02 val 2000
[  173.648106][ T5921] pwc: recv_control_msg error -32 req 02 val 2100
[  173.664828][ T5921] pwc: recv_control_msg error -32 req 04 val 1500
[  173.672970][ T5921] pwc: recv_control_msg error -32 req 02 val 2500
[  173.681783][ T5921] pwc: recv_control_msg error -32 req 02 val 2400
[  173.689709][ T5921] pwc: recv_control_msg error -32 req 02 val 2600
[  173.719276][ T1211] usb 4-1: device descriptor read/64, error -71
[  173.795190][ T8635] /dev/rnullb0: Can't open blockdev
[  173.859296][ T5940] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  173.909849][ T5921] pwc: recv_control_msg error -71 req 02 val 2800
[  173.918622][ T5921] pwc: recv_control_msg error -71 req 04 val 1100
[  173.925500][ T5921] pwc: recv_control_msg error -71 req 04 val 1200
[  173.934098][ T5921] pwc: Registered as video103.
[  173.940282][ T5921] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input26
[  173.962326][ T5921] usb 2-1: USB disconnect, device number 31
[  173.969596][ T1211] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  174.012552][ T5940] usb 3-1: config 0 has an invalid interface number: 156 but max is 0
[  174.023547][ T5940] usb 3-1: config 0 has no interface number 0
[  174.029844][ T5940] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  174.039269][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.048813][ T5940] usb 3-1: config 0 descriptor??
[  174.056276][ T5940] gspca_main: spca561-2.14.0 probing abcd:cdee
[  174.109282][ T1211] usb 4-1: device descriptor read/64, error -71
[  174.219537][ T1211] usb usb4-port1: attempt power cycle
[  174.256732][ T5940] spca561 3-1:0.156: probe with driver spca561 failed with error -22
[  174.265616][ T5940] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  174.272704][ T5940] usb 3-1: MIDIStreaming interface descriptor not found
[  174.303564][ T5940] usb 3-1: USB disconnect, device number 35
[  174.560450][ T1211] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  174.597514][ T1211] usb 4-1: device descriptor read/8, error -71
[  174.678223][ T8655] netlink: 36 bytes leftover after parsing attributes in process `syz.1.997'.
[  174.849278][ T1211] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  174.861106][   T10] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  174.899850][ T1211] usb 4-1: device descriptor read/8, error -71
[  175.010267][ T1211] usb usb4-port1: unable to enumerate USB device
[  175.029885][   T10] usb 1-1: Using ep0 maxpacket: 16
[  175.037117][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  175.047009][   T10] usb 1-1: config 2 has an invalid interface number: 151 but max is 0
[  175.059874][   T10] usb 1-1: config 2 has no interface number 0
[  175.074005][   T10] usb 1-1: config 2 interface 151 has no altsetting 0
[  175.082768][   T10] usb 1-1: string descriptor 0 read error: -22
[  175.090804][   T10] usb 1-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=40.1f
[  175.109223][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.151391][ T8676] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.165879][ T8676] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.389199][ T5921] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  175.426138][ T8653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.996'.
[  175.444904][ T8653] tipc: Trying to set illegal importance in message
[  175.485595][   T10] mos7840 1-1:2.151: required endpoints missing
[  175.509717][   T10] usb 1-1: USB disconnect, device number 33
[  175.529206][ T5921] usb 2-1: device descriptor read/64, error -71
[  175.734450][ T8682] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  175.784539][ T8685] /dev/rnullb0: Can't open blockdev
[  175.789994][ T5921] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  175.825200][ T8687] Invalid logical block size (511)
[  175.856713][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  175.866492][   T51] CPU: 1 UID: 0 PID: 51 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  175.866521][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  175.866536][   T51] Workqueue: hci2 hci_rx_work
[  175.866562][   T51] Call Trace:
[  175.866570][   T51]  <TASK>
[  175.866579][   T51]  dump_stack_lvl+0x189/0x250
[  175.866615][   T51]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.866646][   T51]  ? __pfx__printk+0x10/0x10
[  175.866674][   T51]  ? kernfs_root+0x1c/0x230
[  175.866705][   T51]  ? kernfs_path_from_node+0x250/0x290
[  175.866734][   T51]  ? kernfs_path_from_node+0x2f/0x290
[  175.866765][   T51]  sysfs_create_dir_ns+0x259/0x280
[  175.866793][   T51]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  175.866822][   T51]  ? do_raw_spin_unlock+0x122/0x240
[  175.866852][   T51]  kobject_add_internal+0x59f/0xb40
[  175.866886][   T51]  kobject_add+0x155/0x220
[  175.866916][   T51]  ? __pfx_kobject_add+0x10/0x10
[  175.866942][   T51]  ? _raw_spin_unlock+0x28/0x50
[  175.866968][   T51]  ? get_device_parent+0x366/0x3a0
[  175.866988][   T51]  device_add+0x408/0xb50
[  175.867006][   T51]  hci_conn_add_sysfs+0xd5/0x1e0
[  175.867031][   T51]  le_conn_complete_evt+0xc3a/0x1220
[  175.867055][   T51]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  175.867080][   T51]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  175.867107][   T51]  ? __asan_memcpy+0x40/0x70
[  175.867135][   T51]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  175.867174][   T51]  ? skb_pull_data+0xfb/0x200
[  175.867190][   T51]  hci_le_conn_complete_evt+0x187/0x450
[  175.867211][   T51]  hci_event_packet+0x78c/0x1200
[  175.867227][   T51]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  175.867246][   T51]  ? __pfx_hci_event_packet+0x10/0x10
[  175.867261][   T51]  ? rcu_is_watching+0x15/0xb0
[  175.867279][   T51]  ? hci_send_to_monitor+0xe2/0x570
[  175.867300][   T51]  hci_rx_work+0x46a/0xe80
[  175.867318][   T51]  ? process_scheduled_works+0x9ef/0x17b0
[  175.867335][   T51]  process_scheduled_works+0xae1/0x17b0
[  175.867360][   T51]  ? __pfx_process_scheduled_works+0x10/0x10
[  175.867383][   T51]  worker_thread+0x8a0/0xda0
[  175.867409][   T51]  kthread+0x711/0x8a0
[  175.867430][   T51]  ? __pfx_worker_thread+0x10/0x10
[  175.867446][   T51]  ? __pfx_kthread+0x10/0x10
[  175.867467][   T51]  ? _raw_spin_unlock_irq+0x23/0x50
[  175.867484][   T51]  ? lockdep_hardirqs_on+0x9c/0x150
[  175.867503][   T51]  ? __pfx_kthread+0x10/0x10
[  175.867523][   T51]  ret_from_fork+0x47c/0x820
[  175.867542][   T51]  ? __pfx_ret_from_fork+0x10/0x10
[  175.867560][   T51]  ? __switch_to_asm+0x39/0x70
[  175.867575][   T51]  ? __switch_to_asm+0x33/0x70
[  175.867589][   T51]  ? __pfx_kthread+0x10/0x10
[  175.867609][   T51]  ret_from_fork_asm+0x1a/0x30
[  175.867630][   T51]  </TASK>
[  175.867647][   T51] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  175.929837][ T5921] usb 2-1: device descriptor read/64, error -71
[  176.049703][ T5921] usb usb2-port1: attempt power cycle
[  176.050188][   T51] Bluetooth: hci2: failed to register connection device
[  176.419207][ T5921] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  176.426905][   T10] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  176.451077][ T5921] usb 2-1: device descriptor read/8, error -71
[  176.515560][ T8703] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1016'.
[  176.579223][   T10] usb 1-1: Using ep0 maxpacket: 16
[  176.586425][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  176.597946][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  176.610548][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  176.620665][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  176.632721][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  176.647420][   T10] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  176.658698][   T10] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  176.668256][   T10] usb 1-1: Manufacturer: syz
[  176.676565][   T10] usb 1-1: config 0 descriptor??
[  176.690869][ T5921] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  176.719879][ T5921] usb 2-1: device descriptor read/8, error -71
[  176.831333][ T5921] usb usb2-port1: unable to enumerate USB device
[  176.952389][   T10] rc_core: IR keymap rc-hauppauge not found
[  176.958369][   T10] Registered IR keymap rc-empty
[  176.964011][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  176.990716][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.012305][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  177.026911][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input27
[  177.043480][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.069398][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.102242][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.129545][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.159273][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.201424][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.229690][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.261921][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.296396][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.340893][   T10] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  177.395404][   T10] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  177.418827][   T10] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  177.647138][ T8719] KVM: debugfs: duplicate directory 8719-6
[  178.189353][ T5907] usb 4-1: new full-speed USB device number 48 using dummy_hcd
[  178.295113][ T8740] capability: warning: `syz.2.1027' uses deprecated v2 capabilities in a way that may be insecure
[  178.303363][ T8741] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1028'.
[  178.352199][ T5907] usb 4-1: unable to get BOS descriptor or descriptor too short
[  178.360791][ T5907] usb 4-1: not running at top speed; connect to a high speed hub
[  178.371348][ T5907] usb 4-1: config 2 has an invalid interface number: 4 but max is 1
[  178.384736][ T5907] usb 4-1: config 2 has no interface number 1
[  178.391130][ T5907] usb 4-1: config 2 interface 4 has no altsetting 0
[  178.401142][ T5907] usb 4-1: New USB device found, idVendor=1bc7, idProduct=1040, bcdDevice=91.0c
[  178.410336][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.418424][ T5907] usb 4-1: Product: syz
[  178.422766][ T5907] usb 4-1: Manufacturer: syz
[  178.427453][ T5907] usb 4-1: SerialNumber: syz
[  178.647063][ T8728] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  178.653652][ T8728] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  178.666655][ T8728] vhci_hcd vhci_hcd.0: Device attached
[  178.729676][ T8757] vhci_hcd: connection closed
[  178.730097][   T13] vhci_hcd: stop threads
[  178.741733][   T13] vhci_hcd: release socket
[  178.748317][   T13] vhci_hcd: disconnect device
[  178.753736][ T5907] option 4-1:2.4: GSM modem (1-port) converter detected
[  178.768258][ T5907] option 4-1:2.0: GSM modem (1-port) converter detected
[  178.785266][ T5907] usb 4-1: USB disconnect, device number 48
[  178.801299][ T5907] option 4-1:2.4: device disconnected
[  178.808032][ T5907] option 4-1:2.0: device disconnected
[  179.182111][ T5907] usb 1-1: USB disconnect, device number 34
[  179.343817][ T8774] /dev/rnullb0: Can't open blockdev
[  179.504805][ T8778] fuse: Bad value for 'rootmode'
[  179.560871][ T8781] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  180.402003][ T8807] netlink: 'syz.0.1053': attribute type 21 has an invalid length.
[  180.419540][ T8807] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1053'.
[  180.749319][ T5921] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  180.900818][ T5921] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.912296][ T5921] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.922191][ T5921] usb 1-1: config 0 interface 0 has no altsetting 0
[  180.928872][ T5921] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  180.938792][ T5921] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.948731][ T5921] usb 1-1: config 0 descriptor??
[  181.362407][ T5921] zeroplus 0003:0C12:0005.0003: unknown main item tag 0x0
[  181.371049][ T5921] zeroplus 0003:0C12:0005.0003: hidraw0: USB HID v1.01 Device [HID 0c12:0005] on usb-dummy_hcd.0-1/input0
[  181.382646][ T5921] zeroplus 0003:0C12:0005.0003: no inputs found
[  181.735436][ T8813] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.744116][ T8813] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.753637][ T5921] usb 1-1: USB disconnect, device number 35
[  182.289438][ T5186] Bluetooth: hci2: command 0x0406 tx timeout
[  182.438593][ T8833] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1061'.
[  182.582920][ T8838] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1063'.
[  183.502748][ T8851] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  183.625485][ T8862] comedi comedi4: comedi_config --init_data is deprecated
[  183.638449][ T8862] /dev/rnullb0: Can't open blockdev
[  183.903720][ T8878] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  184.089331][ T5907] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  184.252556][ T5907] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  184.252605][ T5907] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  184.252637][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.264817][ T5907] usb 3-1: config 0 descriptor??
[  184.312003][ T5907] pwc: Askey VC010 type 2 USB webcam detected.
[  184.599394][ T8891] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1084'.
[  184.712108][ T5907] pwc: recv_control_msg error -32 req 02 val 2b00
[  184.720926][ T5907] pwc: recv_control_msg error -32 req 02 val 2700
[  184.749227][ T5907] pwc: recv_control_msg error -32 req 02 val 2c00
[  184.759187][ T5907] pwc: recv_control_msg error -32 req 04 val 1000
[  184.801832][ T8893] /dev/rnullb0: Can't open blockdev
[  184.807792][ T5907] pwc: recv_control_msg error -32 req 04 val 1300
[  184.824232][ T5907] pwc: recv_control_msg error -32 req 04 val 1400
[  184.831549][ T5907] pwc: recv_control_msg error -32 req 02 val 2000
[  184.838506][ T5907] pwc: recv_control_msg error -32 req 02 val 2100
[  184.847667][ T5907] pwc: recv_control_msg error -32 req 04 val 1500
[  184.858553][ T5907] pwc: recv_control_msg error -32 req 02 val 2500
[  184.866250][ T5907] pwc: recv_control_msg error -32 req 02 val 2400
[  184.874889][ T5907] pwc: recv_control_msg error -32 req 02 val 2600
[  185.007374][ T8905] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  185.097516][ T5907] pwc: recv_control_msg error -71 req 02 val 2800
[  185.108556][ T5907] pwc: recv_control_msg error -71 req 04 val 1100
[  185.118821][ T5907] pwc: recv_control_msg error -71 req 04 val 1200
[  185.140985][ T5907] pwc: Registered as video103.
[  185.163692][ T5907] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input28
[  185.196420][ T5907] usb 3-1: USB disconnect, device number 36
[  185.367020][ T8923] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1094'.
[  185.416086][ T8925] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  185.474228][ T8927] Invalid logical block size (511)
[  185.623909][ T5900] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  185.668765][   T30] audit: type=1326 audit(1756843520.155:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8934 comm="syz.2.1102" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbfed8ebe9 code=0x0
[  185.692275][   T30] audit: type=1326 audit(1756843520.185:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8934 comm="syz.2.1102" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbfed8ebe9 code=0x0
[  185.767128][ T8941] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe
[  185.789219][ T5900] usb 2-1: Using ep0 maxpacket: 8
[  185.796970][ T5900] usb 2-1: unable to get BOS descriptor or descriptor too short
[  185.805705][ T5900] usb 2-1: config 220 has an invalid interface number: 2 but max is 0
[  185.814401][ T5900] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  185.824749][ T5900] usb 2-1: config 220 has no interface number 0
[  185.831176][ T5900] usb 2-1: config 220 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  185.844726][ T5900] usb 2-1: config 220 interface 2 has no altsetting 0
[  185.853509][ T5900] usb 2-1: New USB device found, idVendor=0582, idProduct=002b, bcdDevice=9b.39
[  185.863071][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.871756][ T5900] usb 2-1: Product: syz
[  185.876042][ T5900] usb 2-1: Manufacturer: syz
[  185.881108][ T5900] usb 2-1: SerialNumber: syz
[  185.899190][   T10] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  186.071110][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.081516][   T10] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  186.090658][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.095628][ T8922] /dev/rnullb0: Can't open blockdev
[  186.106335][   T10] usb 1-1: config 0 descriptor??
[  186.126146][   T10] pwc: Askey VC010 type 2 USB webcam detected.
[  186.133892][ T5900] usb 2-1: USB disconnect, device number 36
[  186.152663][ T8398] udevd[8398]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:220.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  186.524063][   T10] pwc: recv_control_msg error -32 req 02 val 2b00
[  186.534936][   T10] pwc: recv_control_msg error -32 req 02 val 2700
[  186.542474][   T10] pwc: recv_control_msg error -32 req 02 val 2c00
[  186.543713][ T8949] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1106'.
[  186.550916][   T10] pwc: recv_control_msg error -32 req 04 val 1000
[  186.565814][   T10] pwc: recv_control_msg error -32 req 04 val 1300
[  186.573187][   T10] pwc: recv_control_msg error -32 req 04 val 1400
[  186.581258][   T10] pwc: recv_control_msg error -32 req 02 val 2000
[  186.590290][   T10] pwc: recv_control_msg error -32 req 02 val 2100
[  186.597554][   T10] pwc: recv_control_msg error -32 req 04 val 1500
[  186.606551][   T10] pwc: recv_control_msg error -32 req 02 val 2500
[  186.614751][   T10] pwc: recv_control_msg error -32 req 02 val 2400
[  186.824944][   T10] pwc: recv_control_msg error -71 req 02 val 2900
[  186.837515][   T10] pwc: recv_control_msg error -71 req 02 val 2800
[  186.844950][   T10] pwc: recv_control_msg error -71 req 04 val 1100
[  186.853204][   T10] pwc: recv_control_msg error -71 req 04 val 1200
[  186.861002][   T10] pwc: Registered as video103.
[  186.866917][   T10] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input29
[  186.891517][   T10] usb 1-1: USB disconnect, device number 36
[  187.604725][ T8982] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1116'.
[  187.669411][   T44] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  187.760529][ T8991] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1122'.
[  187.818342][   T44] usb 1-1: device descriptor read/64, error -71
[  188.070160][   T44] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  188.085270][ T9009] /dev/rnullb0: Can't open blockdev
[  188.157139][ T9011] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  188.221173][   T44] usb 1-1: device descriptor read/64, error -71
[  188.341520][   T44] usb usb1-port1: attempt power cycle
[  188.729247][   T44] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  188.768549][   T44] usb 1-1: device descriptor read/8, error -71
[  189.203602][ T9035] netlink: 'syz.3.1139': attribute type 5 has an invalid length.
[  189.221607][ T9035] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.1139'.
[  189.919427][   T44] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  189.949166][ T5921] usb 3-1: new full-speed USB device number 37 using dummy_hcd
[  189.956132][   T44] usb 1-1: device descriptor read/8, error -71
[  190.069841][   T44] usb usb1-port1: unable to enumerate USB device
[  190.108216][ T5921] usb 3-1: unable to get BOS descriptor or descriptor too short
[  190.116919][ T9050] netlink: 'syz.3.1146': attribute type 21 has an invalid length.
[  190.124936][ T9050] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1146'.
[  190.134165][ T5921] usb 3-1: not running at top speed; connect to a high speed hub
[  190.139022][ T5921] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  190.171197][ T5921] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  190.182136][ T5921] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  190.196918][ T5921] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  190.207305][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.217740][ T5921] usb 3-1: Product: syz
[  190.222254][ T5921] usb 3-1: Manufacturer: syz
[  190.226957][ T5921] usb 3-1: SerialNumber: syz
[  190.547467][ T9067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.558214][ T9067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.592757][ T9038] batadv_slave_1: entered promiscuous mode
[  190.682109][ T9037] batadv_slave_1: left promiscuous mode
[  190.700043][ T5921] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  190.709258][ T5921] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor
[  190.717157][ T5921] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  190.759792][ T5921] usb 3-1: USB disconnect, device number 37
[  190.941509][ T9079] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1157'.
[  191.418550][ T9097] delete_channel: no stack
[  191.425660][ T9097] delete_channel: no stack
[  191.855742][ T9128] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1178'.
[  192.279189][ T5900] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  192.430081][ T5900] usb 2-1: Using ep0 maxpacket: 32
[  192.437231][ T5900] usb 2-1: config 0 has an invalid interface number: 89 but max is 0
[  192.449243][ T5900] usb 2-1: config 0 has no interface number 0
[  192.461484][ T5900] usb 2-1: config 0 interface 89 has no altsetting 0
[  192.468847][ T9150] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  192.502755][ T5900] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  192.512005][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.527883][ T5900] usb 2-1: Product: syz
[  192.534558][ T5900] usb 2-1: Manufacturer: syz
[  192.543567][ T5900] usb 2-1: SerialNumber: syz
[  192.555589][ T5900] usb 2-1: config 0 descriptor??
[  192.573337][ T5900] em28xx 2-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  192.589226][ T5900] em28xx 2-1:0.89: Video interface 89 found: bulk
[  192.822453][ T9160] Invalid logical block size (511)
[  192.893560][ T9165] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1192'.
[  192.917266][ T9165] netlink: 'syz.2.1192': attribute type 5 has an invalid length.
[  193.199592][ T5900] em28xx 2-1:0.89: unknown em28xx chip ID (0)
[  193.331776][   T44] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  193.510328][   T44] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.522915][   T44] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  193.532206][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.543180][   T44] usb 1-1: config 0 descriptor??
[  193.552169][   T44] pwc: Askey VC010 type 2 USB webcam detected.
[  193.953602][   T44] pwc: recv_control_msg error -32 req 02 val 2b00
[  193.964422][   T44] pwc: recv_control_msg error -32 req 02 val 2700
[  193.980722][   T44] pwc: recv_control_msg error -32 req 02 val 2c00
[  193.988337][   T44] pwc: recv_control_msg error -32 req 04 val 1000
[  193.999315][   T44] pwc: recv_control_msg error -32 req 04 val 1300
[  194.007947][   T44] pwc: recv_control_msg error -32 req 04 val 1400
[  194.015577][   T44] pwc: recv_control_msg error -32 req 02 val 2000
[  194.026073][ T9135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.035669][   T44] pwc: recv_control_msg error -32 req 02 val 2100
[  194.039930][ T9135] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.043492][   T44] pwc: recv_control_msg error -32 req 04 val 1500
[  194.059747][   T44] pwc: recv_control_msg error -32 req 02 val 2500
[  194.067209][   T44] pwc: recv_control_msg error -32 req 02 val 2400
[  194.076252][   T44] pwc: recv_control_msg error -32 req 02 val 2600
[  194.294485][   T44] pwc: recv_control_msg error -71 req 02 val 2800
[  194.303491][   T44] pwc: recv_control_msg error -71 req 04 val 1100
[  194.312954][   T44] pwc: recv_control_msg error -71 req 04 val 1200
[  194.323359][   T44] pwc: Registered as video103.
[  194.329940][   T44] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input30
[  194.362363][   T44] usb 1-1: USB disconnect, device number 41
[  194.456126][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  194.464659][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  194.490389][ T5900] em28xx 2-1:0.89: read from i2c device at 0xa0 failed with unknown error (status=120)
[  194.508000][ T5900] em28xx 2-1:0.89: board has no eeprom
[  194.546686][ T9198] vxcan0: entered promiscuous mode
[  194.749177][ T5900] em28xx 2-1:0.89: Identified as Terratec Grabby (card=67)
[  194.757004][ T5900] em28xx 2-1:0.89: analog set to bulk mode.
[  194.764055][   T44] em28xx 2-1:0.89: Registering V4L2 extension
[  194.772606][ T5900] usb 2-1: USB disconnect, device number 37
[  194.785823][ T5900] em28xx 2-1:0.89: Disconnecting em28xx
[  194.840502][   T44] em28xx 2-1:0.89: Config register raw data: 0xffffffed
[  194.853446][   T44] em28xx 2-1:0.89: AC97 chip type couldn't be determined
[  194.860845][   T44] em28xx 2-1:0.89: No AC97 audio processor
[  194.867811][   T44] usb 2-1: Decoder not found
[  194.872696][   T44] em28xx 2-1:0.89: failed to create media graph
[  194.882739][   T44] em28xx 2-1:0.89: V4L2 device video103 deregistered
[  194.900206][   T44] em28xx 2-1:0.89: Registering snapshot button...
[  194.930200][   T44] input: em28xx snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.89/input/input31
[  194.951795][   T44] em28xx 2-1:0.89: Remote control support is not available for this card.
[  194.962692][ T5900] em28xx 2-1:0.89: Closing input extension
[  194.968642][ T5900] em28xx 2-1:0.89: Deregistering snapshot button
[  194.985561][ T5900] em28xx 2-1:0.89: Freeing device
[  194.990664][ T9209] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1210'.
[  195.602655][ T9243] ieee802154 phy0 wpan0: encryption failed: -22
[  196.219303][ T9194] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  196.227729][ T9194] Bluetooth: hci2: Injecting HCI hardware error event
[  196.353881][ T9270] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  196.530307][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  196.533971][ T9194] Bluetooth: hci1: command 0x0406 tx timeout
[  196.537183][ T5186] Bluetooth: hci2: command 0x0406 tx timeout
[  196.542460][ T9193] Bluetooth: hci3: command 0x0406 tx timeout
[  196.542507][ T9193] Bluetooth: hci2: hardware error 0x00
[  196.629222][  T981] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  196.779420][  T981] usb 1-1: Using ep0 maxpacket: 32
[  196.793044][  T981] usb 1-1: config 0 has an invalid interface number: 89 but max is 0
[  196.809333][  T981] usb 1-1: config 0 has no interface number 0
[  196.827262][  T981] usb 1-1: config 0 interface 89 has no altsetting 0
[  196.836741][  T981] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  196.849236][  T981] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.867463][  T981] usb 1-1: Product: syz
[  196.872250][  T981] usb 1-1: Manufacturer: syz
[  196.876997][  T981] usb 1-1: SerialNumber: syz
[  196.884367][  T981] usb 1-1: config 0 descriptor??
[  196.892460][  T981] em28xx 1-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  196.902123][  T981] em28xx 1-1:0.89: Video interface 89 found: bulk
[  196.932036][ T9298] /dev/sg0: Can't lookup blockdev
[  197.411916][ T9322] netlink: 'syz.1.1254': attribute type 21 has an invalid length.
[  197.420989][ T9322] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1254'.
[  197.493196][ T9327] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1256'.
[  197.504113][  T981] em28xx 1-1:0.89: unknown em28xx chip ID (0)
[  198.319978][ T9272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.328681][ T9272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.610112][ T9193] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  198.743051][  T981] em28xx 1-1:0.89: read from i2c device at 0xa0 failed with unknown error (status=120)
[  198.752940][  T981] em28xx 1-1:0.89: board has no eeprom
[  198.999254][  T981] em28xx 1-1:0.89: Identified as Terratec Grabby (card=67)
[  199.006663][  T981] em28xx 1-1:0.89: analog set to bulk mode.
[  199.012779][ T5900] em28xx 1-1:0.89: Registering V4L2 extension
[  199.022172][  T981] usb 1-1: USB disconnect, device number 42
[  199.029421][  T981] em28xx 1-1:0.89: Disconnecting em28xx
[  199.063158][ T5900] em28xx 1-1:0.89: Config register raw data: 0xffffffed
[  199.070774][ T5900] em28xx 1-1:0.89: AC97 chip type couldn't be determined
[  199.077833][ T5900] em28xx 1-1:0.89: No AC97 audio processor
[  199.084976][ T5900] usb 1-1: Decoder not found
[  199.089658][ T5900] em28xx 1-1:0.89: failed to create media graph
[  199.095951][ T5900] em28xx 1-1:0.89: V4L2 device video103 deregistered
[  199.103452][ T5900] em28xx 1-1:0.89: Registering snapshot button...
[  199.110557][ T5900] input: em28xx snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.89/input/input32
[  199.124086][ T5900] em28xx 1-1:0.89: Remote control support is not available for this card.
[  199.132751][  T981] em28xx 1-1:0.89: Closing input extension
[  199.138582][  T981] em28xx 1-1:0.89: Deregistering snapshot button
[  199.154173][  T981] em28xx 1-1:0.89: Freeing device
[  199.644375][ T9352] nft_compat: unsupported protocol 1
[  199.709034][ T9354] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1267'.
[  200.609252][ T5900] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  200.759163][ T5900] usb 3-1: Using ep0 maxpacket: 32
[  200.766135][ T5900] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[  200.774490][ T5900] usb 3-1: config 0 has no interface number 0
[  200.781512][ T5900] usb 3-1: config 0 interface 89 has no altsetting 0
[  200.790856][ T5900] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  200.799979][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.807971][ T5900] usb 3-1: Product: syz
[  200.812331][ T5900] usb 3-1: Manufacturer: syz
[  200.816949][ T5900] usb 3-1: SerialNumber: syz
[  200.822888][ T5900] usb 3-1: config 0 descriptor??
[  200.830474][ T5900] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  200.840061][ T5900] em28xx 3-1:0.89: Video interface 89 found: bulk
[  201.293733][ T9391] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1283'.
[  201.438768][ T5900] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[  201.639436][ T5921] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  201.809260][ T5921] usb 1-1: Using ep0 maxpacket: 16
[  201.817936][ T5921] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  201.832057][ T5921] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  201.844004][ T5921] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  201.856645][ T5921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.865171][ T5921] usb 1-1: Product: syz
[  201.871324][ T5921] usb 1-1: Manufacturer: syz
[  201.876127][ T5921] usb 1-1: SerialNumber: syz
[  202.267878][ T9373] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.278171][ T9373] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.412414][ T5921] usb 1-1: cannot find UAC_HEADER
[  202.427115][ T5921] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  202.438008][ T5921] usb 1-1: USB disconnect, device number 43
[  202.450311][ T6048] udevd[6048]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  202.726829][ T5900] em28xx 3-1:0.89: read from i2c device at 0xa0 failed with unknown error (status=120)
[  202.736605][ T5900] em28xx 3-1:0.89: board has no eeprom
[  202.979270][ T5900] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[  202.986551][ T5900] em28xx 3-1:0.89: analog set to bulk mode.
[  202.992771][  T981] em28xx 3-1:0.89: Registering V4L2 extension
[  203.006800][ T5900] usb 3-1: USB disconnect, device number 38
[  203.025469][ T5900] em28xx 3-1:0.89: Disconnecting em28xx
[  203.031919][  T981] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[  203.039364][  T981] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[  203.046824][  T981] em28xx 3-1:0.89: No AC97 audio processor
[  203.054179][  T981] usb 3-1: Decoder not found
[  203.058812][  T981] em28xx 3-1:0.89: failed to create media graph
[  203.066464][  T981] em28xx 3-1:0.89: V4L2 device video103 deregistered
[  203.074119][  T981] em28xx 3-1:0.89: Registering snapshot button...
[  203.081452][  T981] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input33
[  203.093105][  T981] em28xx 3-1:0.89: Remote control support is not available for this card.
[  203.101773][ T5900] em28xx 3-1:0.89: Closing input extension
[  203.107644][ T5900] em28xx 3-1:0.89: Deregistering snapshot button
[  203.118465][ T5900] em28xx 3-1:0.89: Freeing device
[  203.515200][ T9425] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1295'.
[  203.720523][ T9439] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1302'.
[  204.705118][ T9467] tmpfs: Unknown parameter 'h��9QY�n��|�uge'
[  204.719775][ T9467] syzkaller1: entered promiscuous mode
[  204.725433][ T9467] syzkaller1: entered allmulticast mode
[  205.039194][ T5921] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  205.049233][ T5940] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  205.099511][   T10] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  205.199349][ T5940] usb 3-1: Using ep0 maxpacket: 32
[  205.199349][ T5921] usb 2-1: Using ep0 maxpacket: 8
[  205.212014][ T5940] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[  205.219837][ T5921] usb 2-1: too many configurations: 87, using maximum allowed: 8
[  205.228161][ T5940] usb 3-1: config 0 has no interface number 0
[  205.229407][ T5921] usb 2-1: unable to read config index 0 descriptor/start: -61
[  205.236416][ T5940] usb 3-1: config 0 interface 89 has no altsetting 0
[  205.249240][ T5921] usb 2-1: can't read configurations, error -61
[  205.252712][ T5940] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  205.255563][   T10] usb 1-1: device descriptor read/64, error -71
[  205.279229][ T5940] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.287349][ T5940] usb 3-1: Product: syz
[  205.291708][ T5940] usb 3-1: Manufacturer: syz
[  205.296384][ T5940] usb 3-1: SerialNumber: syz
[  205.302920][ T5940] usb 3-1: config 0 descriptor??
[  205.315532][ T5940] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  205.325250][ T5940] em28xx 3-1:0.89: Video interface 89 found: bulk
[  205.399234][ T5921] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  205.519201][   T10] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  205.549144][ T5921] usb 2-1: Using ep0 maxpacket: 8
[  205.559761][ T5921] usb 2-1: too many configurations: 87, using maximum allowed: 8
[  205.570531][ T5921] usb 2-1: unable to read config index 0 descriptor/start: -61
[  205.581947][ T5921] usb 2-1: can't read configurations, error -61
[  205.588579][ T5921] usb usb2-port1: attempt power cycle
[  205.659240][   T10] usb 1-1: device descriptor read/64, error -71
[  205.779207][   T10] usb usb1-port1: attempt power cycle
[  205.916142][ T5940] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[  205.929215][ T5921] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  205.949828][ T5921] usb 2-1: Using ep0 maxpacket: 8
[  205.955437][ T5921] usb 2-1: too many configurations: 87, using maximum allowed: 8
[  205.964931][ T5921] usb 2-1: unable to read config index 0 descriptor/start: -61
[  205.973096][ T5921] usb 2-1: can't read configurations, error -61
[  206.109255][ T5921] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  206.119206][   T10] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  206.130861][ T5921] usb 2-1: Using ep0 maxpacket: 8
[  206.139476][ T5921] usb 2-1: too many configurations: 87, using maximum allowed: 8
[  206.147805][   T10] usb 1-1: device descriptor read/8, error -71
[  206.155269][ T5921] usb 2-1: unable to read config index 0 descriptor/start: -61
[  206.163145][ T5921] usb 2-1: can't read configurations, error -61
[  206.169939][ T5921] usb usb2-port1: unable to enumerate USB device
[  206.399180][   T10] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  206.429176][   T10] usb 1-1: device descriptor read/8, error -71
[  206.539329][   T10] usb usb1-port1: unable to enumerate USB device
[  206.729605][ T9477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.744264][ T9477] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.161298][ T5940] em28xx 3-1:0.89: read from i2c device at 0xa0 failed with unknown error (status=120)
[  207.171372][ T5940] em28xx 3-1:0.89: board has no eeprom
[  207.419237][ T5940] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[  207.426519][ T5940] em28xx 3-1:0.89: analog set to bulk mode.
[  207.435148][   T44] em28xx 3-1:0.89: Registering V4L2 extension
[  207.448542][ T5940] usb 3-1: USB disconnect, device number 39
[  207.467203][ T5940] em28xx 3-1:0.89: Disconnecting em28xx
[  207.496030][   T44] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[  207.503227][   T44] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[  207.512208][   T44] em28xx 3-1:0.89: No AC97 audio processor
[  207.528970][   T44] usb 3-1: Decoder not found
[  207.535534][   T44] em28xx 3-1:0.89: failed to create media graph
[  207.542109][   T44] em28xx 3-1:0.89: V4L2 device video103 deregistered
[  207.551346][   T44] em28xx 3-1:0.89: Registering snapshot button...
[  207.559023][   T44] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input34
[  207.572246][   T44] em28xx 3-1:0.89: Remote control support is not available for this card.
[  207.580978][ T5940] em28xx 3-1:0.89: Closing input extension
[  207.586834][ T5940] em28xx 3-1:0.89: Deregistering snapshot button
[  207.603899][ T5940] em28xx 3-1:0.89: Freeing device
[  208.158522][ T9506] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  208.312588][ T9508] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1329'.
[  208.435641][ T9510] tmpfs: Unknown parameter 'h��9QY�n��|�uge'
[  208.878970][ T9521] Invalid logical block size (511)
[  209.045163][ T9534] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1338'.
[  209.269384][ T5940] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  209.311623][ T5921] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  209.439351][ T5940] usb 3-1: Using ep0 maxpacket: 32
[  209.446449][ T5940] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[  209.449447][ T5921] usb 1-1: device descriptor read/64, error -71
[  209.459146][ T5940] usb 3-1: config 0 has no interface number 0
[  209.517739][ T5940] usb 3-1: config 0 interface 89 has no altsetting 0
[  209.531427][ T5940] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  209.542380][ T5940] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.552103][ T5940] usb 3-1: Product: syz
[  209.556424][ T5940] usb 3-1: Manufacturer: syz
[  209.562634][ T5940] usb 3-1: SerialNumber: syz
[  209.572732][ T5940] usb 3-1: config 0 descriptor??
[  209.584012][ T5940] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  209.595954][ T5940] em28xx 3-1:0.89: Video interface 89 found: bulk
[  209.700562][ T5921] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  209.849711][ T5921] usb 1-1: device descriptor read/64, error -71
[  209.959868][ T5921] usb usb1-port1: attempt power cycle
[  210.187213][ T5940] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[  210.309241][ T5921] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  210.329919][ T5921] usb 1-1: device descriptor read/8, error -71
[  210.569199][ T5921] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  210.599759][ T5921] usb 1-1: device descriptor read/8, error -71
[  210.719229][ T5921] usb usb1-port1: unable to enumerate USB device
[  210.891608][   T30] audit: type=1326 audit(1756843545.385:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9561 comm="syz.3.1348" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9c17b8ebe9 code=0x0
[  211.003695][ T9532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.020712][ T9532] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.743896][ T9568] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1350'.
[  211.794783][ T9570] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1351'.
[  211.889349][ T9193] Bluetooth: hci3: unexpected event for opcode 0x0c47
[  212.045089][ T9575] netlink: 'syz.1.1353': attribute type 1 has an invalid length.
[  212.055515][ T9575] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1353'.
[  212.213694][ T5940] em28xx 3-1:0.89: failed to get i2c transfer status from bridge register (error=-5)
[  212.253520][ T5940] em28xx 3-1:0.89: board has no eeprom
[  212.339183][ T5940] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[  212.346465][ T5940] em28xx 3-1:0.89: analog set to bulk mode.
[  212.361579][  T981] em28xx 3-1:0.89: Registering V4L2 extension
[  212.383384][ T5940] usb 3-1: USB disconnect, device number 40
[  212.419883][ T5940] em28xx 3-1:0.89: Disconnecting em28xx
[  212.449597][  T981] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[  212.456627][  T981] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[  212.493845][  T981] em28xx 3-1:0.89: No AC97 audio processor
[  212.505932][  T981] usb 3-1: Decoder not found
[  212.518336][  T981] em28xx 3-1:0.89: failed to create media graph
[  212.531099][  T981] em28xx 3-1:0.89: V4L2 device video103 deregistered
[  212.540094][  T981] em28xx 3-1:0.89: Registering snapshot button...
[  212.549656][  T981] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input35
[  212.581812][  T981] em28xx 3-1:0.89: Remote control support is not available for this card.
[  212.603035][ T5940] em28xx 3-1:0.89: Closing input extension
[  212.610054][ T5940] em28xx 3-1:0.89: Deregistering snapshot button
[  212.621744][ T9601] comedi comedi0: comedi_config --init_data is deprecated
[  212.631240][ T5940] em28xx 3-1:0.89: Freeing device
[  212.661819][ T9602] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1363'.
[  213.299235][ T5921] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  213.451568][ T5921] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  213.462245][ T5921] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  213.473862][ T5921] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  213.485547][ T5921] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  213.497083][ T5921] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  213.511339][ T5921] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  213.521226][ T5921] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  213.530537][ T5921] usb 1-1: Product: syz
[  213.534744][ T5921] usb 1-1: Manufacturer: syz
[  213.544192][ T5921] cdc_wdm 1-1:1.0: skipping garbage
[  213.550872][ T5921] cdc_wdm 1-1:1.0: skipping garbage
[  213.557133][ T5921] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  213.565324][ T5921] cdc_wdm 1-1:1.0: Unknown control protocol
[  213.931306][ T9650] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  213.953968][ T9652] netlink: 'syz.2.1383': attribute type 2 has an invalid length.
[  213.963816][ T9652] /dev/rnullb0: Can't open blockdev
[  213.978369][ T9654] netlink: 'syz.1.1384': attribute type 10 has an invalid length.
[  213.988989][ T9654] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1384'.
[  214.000883][ T9654] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  214.307869][   T10] usb 1-1: USB disconnect, device number 52
[  214.469478][ T5921] usb 3-1: new full-speed USB device number 41 using dummy_hcd
[  214.539214][ T5940] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  214.630379][ T5921] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[  214.638509][ T5921] usb 3-1: config 0 has no interface number 0
[  214.644818][ T5921] usb 3-1: config 0 interface 41 has no altsetting 0
[  214.653443][ T5921] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  214.662569][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.670648][ T5921] usb 3-1: Product: syz
[  214.674810][ T5921] usb 3-1: Manufacturer: syz
[  214.679447][ T5921] usb 3-1: SerialNumber: syz
[  214.685294][ T5921] usb 3-1: config 0 descriptor??
[  214.690114][ T5940] usb 2-1: Using ep0 maxpacket: 32
[  214.698125][ T5940] usb 2-1: config 0 has an invalid interface number: 89 but max is 0
[  214.707466][ T5940] usb 2-1: config 0 has no interface number 0
[  214.714066][ T5940] usb 2-1: config 0 interface 89 has no altsetting 0
[  214.723615][ T5940] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  214.733116][ T5940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.742074][ T5940] usb 2-1: Product: syz
[  214.746283][ T5940] usb 2-1: Manufacturer: syz
[  214.751303][ T5940] usb 2-1: SerialNumber: syz
[  214.760587][ T5940] usb 2-1: config 0 descriptor??
[  214.770278][ T5940] em28xx 2-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  214.780880][ T5940] em28xx 2-1:0.89: Video interface 89 found: bulk
[  215.101655][ T5921] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71
[  215.123043][ T5921] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71
[  215.143981][ T5921] usb 3-1: USB disconnect, device number 41
[  215.373125][ T5940] em28xx 2-1:0.89: unknown em28xx chip ID (0)
[  215.979166][ T5921] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  216.131121][ T5921] usb 3-1: Using ep0 maxpacket: 8
[  216.138136][ T5921] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  216.159195][ T5921] usb 3-1: config 0 has no interface number 0
[  216.165351][ T5921] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  216.177586][ T5921] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  216.193148][ T9673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  216.201881][ T9673] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  216.215081][ T5921] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  216.227114][ T5921] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  216.240282][ T5921] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  216.249475][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.259765][ T5921] usb 3-1: config 0 descriptor??
[  216.277640][ T5921] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  216.485597][ T5921] usb 3-1: USB disconnect, device number 42
[  216.499479][ T5921] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  216.527454][ T9737] mkiss: ax0: crc mode is auto.
[  216.617140][ T5940] em28xx 2-1:0.89: failed to get i2c transfer status from bridge register (error=-5)
[  216.626949][ T5940] em28xx 2-1:0.89: board has no eeprom
[  216.663182][ T9739] mkiss: ax0: crc mode is auto.
[  216.689626][ T5940] em28xx 2-1:0.89: Identified as Terratec Grabby (card=67)
[  216.697079][ T5940] em28xx 2-1:0.89: analog set to bulk mode.
[  216.704483][  T981] em28xx 2-1:0.89: Registering V4L2 extension
[  216.714459][ T5940] usb 2-1: USB disconnect, device number 42
[  216.729770][ T5940] em28xx 2-1:0.89: Disconnecting em28xx
[  216.777117][  T981] em28xx 2-1:0.89: Config register raw data: 0xffffffed
[  216.788843][  T981] em28xx 2-1:0.89: AC97 chip type couldn't be determined
[  216.810863][  T981] em28xx 2-1:0.89: No AC97 audio processor
[  216.829595][  T981] usb 2-1: Decoder not found
[  216.834699][  T981] em28xx 2-1:0.89: failed to create media graph
[  216.858611][  T981] em28xx 2-1:0.89: V4L2 device video103 deregistered
[  216.874664][  T981] em28xx 2-1:0.89: Registering snapshot button...
[  216.890043][  T981] input: em28xx snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.89/input/input36
[  216.922200][  T981] em28xx 2-1:0.89: Remote control support is not available for this card.
[  216.935205][ T5940] em28xx 2-1:0.89: Closing input extension
[  216.943364][ T5940] em28xx 2-1:0.89: Deregistering snapshot button
[  216.961686][ T5940] em28xx 2-1:0.89: Freeing device
[  217.295531][ T9769] raw_sendmsg: syz.2.1429 forgot to set AF_INET. Fix it!
[  217.305550][ T9771] /dev/rnullb0: Can't open blockdev
[  217.729320][ T5940] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  217.749302][ T5921] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  217.890760][ T5940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.902943][ T5940] usb 3-1: New USB device found, idVendor=046d, idProduct=c50c, bcdDevice= 0.00
[  217.909411][ T5921] usb 2-1: Using ep0 maxpacket: 8
[  217.913846][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.928544][ T5921] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  217.929332][ T5940] usb 3-1: config 0 descriptor??
[  217.955099][ T5921] usb 2-1: config 0 has no interface number 0
[  217.966594][ T5921] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  217.978767][ T5921] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  217.990749][ T5921] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  218.002301][ T5921] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  218.015632][ T5921] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  218.026080][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.043665][ T5921] usb 2-1: config 0 descriptor??
[  218.059010][ T5921] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  218.146689][ T5940] usbhid 3-1:0.0: can't add hid device: -71
[  218.161449][ T9797] netlink: 'syz.3.1440': attribute type 1 has an invalid length.
[  218.170068][ T5940] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  218.181712][ T9797] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1440'.
[  218.193609][ T5940] usb 3-1: USB disconnect, device number 43
[  218.295190][   T10] usb 2-1: USB disconnect, device number 43
[  218.304225][ T9804] wlan1 speed is unknown, defaulting to 1000
[  218.314499][   T10] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[  218.332774][ T9803] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  218.872348][ T9815] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1448'.
[  219.119216][ T5940] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  219.169380][   T10] usb 2-1: new low-speed USB device number 44 using dummy_hcd
[  219.269170][ T5940] usb 1-1: Using ep0 maxpacket: 32
[  219.277574][ T5940] usb 1-1: config 0 has an invalid interface number: 89 but max is 0
[  219.286772][ T5940] usb 1-1: config 0 has no interface number 0
[  219.304347][ T5940] usb 1-1: config 0 interface 89 has no altsetting 0
[  219.317659][ T5940] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  219.327150][ T5940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.335538][ T5940] usb 1-1: Product: syz
[  219.340145][ T5940] usb 1-1: Manufacturer: syz
[  219.344786][ T5940] usb 1-1: SerialNumber: syz
[  219.351099][   T10] usb 2-1: config index 0 descriptor too short (expected 6427, got 27)
[  219.360728][   T10] usb 2-1: config 0 has an invalid interface number: 21 but max is 0
[  219.367183][ T5940] usb 1-1: config 0 descriptor??
[  219.368832][   T10] usb 2-1: config 0 has no interface number 0
[  219.381412][ T5940] em28xx 1-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  219.390967][   T10] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  219.390997][   T10] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  219.391033][   T10] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  219.391055][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.401943][   T10] usb 2-1: config 0 descriptor??
[  219.421704][ T5940] em28xx 1-1:0.89: Video interface 89 found: bulk
[  219.474278][ T9823] netlink: 'syz.2.1451': attribute type 5 has an invalid length.
[  219.482333][ T9823] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1451'.
[  219.861613][ T9844] wlan1 speed is unknown, defaulting to 1000
[  219.871761][   T10] usb 2-1: USB disconnect, device number 44
[  219.981693][ T5940] em28xx 1-1:0.89: unknown em28xx chip ID (0)
[  220.594482][ T9880] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  220.806675][ T9817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.817073][ T9817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.919663][ T9893] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1480'.
[  220.928868][ T9893] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1480'.
[  221.019197][ T5900] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  221.179327][ T5900] usb 3-1: Using ep0 maxpacket: 8
[  221.189793][ T5900] usb 3-1: config 4 has an invalid interface number: 115 but max is 0
[  221.198428][ T5900] usb 3-1: config 4 has no interface number 0
[  221.207036][ T5900] usb 3-1: config 4 interface 115 altsetting 1 endpoint 0xC has invalid wMaxPacketSize 0
[  221.217573][ T5900] usb 3-1: config 4 interface 115 altsetting 1 bulk endpoint 0xC has invalid maxpacket 0
[  221.229951][ T5900] usb 3-1: config 4 interface 115 has no altsetting 0
[  221.238937][ T5940] em28xx 1-1:0.89: failed to get i2c transfer status from bridge register (error=-5)
[  221.252815][ T5940] em28xx 1-1:0.89: board has no eeprom
[  221.261763][ T5900] usb 3-1: New USB device found, idVendor=07c0, idProduct=1500, bcdDevice=a5.e3
[  221.272964][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.284268][ T5900] usb 3-1: Product: syz
[  221.288592][ T5900] usb 3-1: Manufacturer: syz
[  221.295490][ T5900] usb 3-1: SerialNumber: syz
[  221.320990][ T5940] em28xx 1-1:0.89: Identified as Terratec Grabby (card=67)
[  221.334072][ T5940] em28xx 1-1:0.89: analog set to bulk mode.
[  221.349231][   T44] em28xx 1-1:0.89: Registering V4L2 extension
[  221.365009][ T5940] usb 1-1: USB disconnect, device number 53
[  221.392796][ T5940] em28xx 1-1:0.89: Disconnecting em28xx
[  221.421219][   T44] em28xx 1-1:0.89: Config register raw data: 0xffffffed
[  221.438665][   T44] em28xx 1-1:0.89: AC97 chip type couldn't be determined
[  221.454829][   T44] em28xx 1-1:0.89: No AC97 audio processor
[  221.475897][   T44] usb 1-1: Decoder not found
[  221.485851][   T44] em28xx 1-1:0.89: failed to create media graph
[  221.493372][   T44] em28xx 1-1:0.89: V4L2 device video103 deregistered
[  221.505344][   T44] em28xx 1-1:0.89: Registering snapshot button...
[  221.563598][ T5900] iowarrior 3-1:4.115: no interrupt-in endpoint found
[  221.579987][   T44] input: em28xx snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.89/input/input38
[  221.593836][ T5900] usb 3-1: USB disconnect, device number 44
[  221.612138][   T44] em28xx 1-1:0.89: Remote control support is not available for this card.
[  221.622828][ T5940] em28xx 1-1:0.89: Closing input extension
[  221.628702][ T5940] em28xx 1-1:0.89: Deregistering snapshot button
[  221.654409][ T5940] em28xx 1-1:0.89: Freeing device
[  221.910347][ T9915] wlan1 speed is unknown, defaulting to 1000
[  221.967818][   T30] audit: type=1326 audit(1756843556.455:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.3.1492" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9c17b8ebe9 code=0x0
[  222.146153][ T9928] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1494'.
[  222.158536][ T9928] random: crng reseeded on system resumption
[  222.166297][ T5940] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  222.321394][ T5940] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  222.332713][ T5940] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  222.344561][ T5940] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  222.354981][ T5940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  222.364878][ T5940] usb 1-1: SerialNumber: syz
[  222.469331][   T10] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  222.593669][ T5940] usb 1-1: 0:2 : does not exist
[  222.613608][ T5940] usb 1-1: USB disconnect, device number 54
[  222.629158][   T10] usb 3-1: Using ep0 maxpacket: 32
[  222.640943][   T10] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[  222.659302][   T10] usb 3-1: config 0 has no interface number 0
[  222.664262][ T8398] udevd[8398]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  222.665457][   T10] usb 3-1: config 0 interface 89 has no altsetting 0
[  222.698865][   T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  222.708293][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.716627][   T10] usb 3-1: Product: syz
[  222.721107][   T10] usb 3-1: Manufacturer: syz
[  222.725733][   T10] usb 3-1: SerialNumber: syz
[  222.731809][   T10] usb 3-1: config 0 descriptor??
[  222.738868][   T10] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  222.759264][   T10] em28xx 3-1:0.89: Video interface 89 found: bulk
[  223.116010][ T9965] netlink: 'syz.1.1508': attribute type 21 has an invalid length.
[  223.126428][ T9965] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1508'.
[  223.147119][ T9967] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1509'.
[  223.209210][ T9973] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1512'.
[  223.275031][ T9979] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1515'.
[  223.360254][   T10] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[  223.495039][ T9989] batadv_slave_1: entered promiscuous mode
[  223.518284][ T9988] batadv_slave_1: left promiscuous mode
[  223.786247][T10000] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1525'.
[  223.798981][T10000] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1525'.
[  223.820216][T10003] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  224.018653][T10018] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1531'.
[  224.049284][   T44] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  224.138099][T10025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1532'.
[  224.196593][ T9933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.205823][ T9933] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.214331][   T44] usb 1-1: Using ep0 maxpacket: 8
[  224.221225][   T44] usb 1-1: unable to read config index 0 descriptor/start: -61
[  224.228851][   T44] usb 1-1: can't read configurations, error -61
[  224.359242][   T44] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  224.509153][   T44] usb 1-1: Using ep0 maxpacket: 8
[  224.516145][   T44] usb 1-1: unable to read config index 0 descriptor/start: -61
[  224.524278][   T44] usb 1-1: can't read configurations, error -61
[  224.530944][   T44] usb usb1-port1: attempt power cycle
[  224.622585][   T10] em28xx 3-1:0.89: failed to get i2c transfer status from bridge register (error=-5)
[  224.632130][   T10] em28xx 3-1:0.89: board has no eeprom
[  224.689216][   T10] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[  224.696577][   T10] em28xx 3-1:0.89: analog set to bulk mode.
[  224.702577][ T1211] em28xx 3-1:0.89: Registering V4L2 extension
[  224.713303][   T10] usb 3-1: USB disconnect, device number 45
[  224.723316][   T10] em28xx 3-1:0.89: Disconnecting em28xx
[  224.748539][ T1211] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[  224.755670][ T1211] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[  224.764306][ T1211] em28xx 3-1:0.89: No AC97 audio processor
[  224.771064][ T1211] usb 3-1: Decoder not found
[  224.775687][ T1211] em28xx 3-1:0.89: failed to create media graph
[  224.784714][ T1211] em28xx 3-1:0.89: V4L2 device video103 deregistered
[  224.792141][ T1211] em28xx 3-1:0.89: Registering snapshot button...
[  224.799279][ T1211] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input39
[  224.810408][ T1211] em28xx 3-1:0.89: Remote control support is not available for this card.
[  224.818993][   T10] em28xx 3-1:0.89: Closing input extension
[  224.825696][   T10] em28xx 3-1:0.89: Deregistering snapshot button
[  224.835707][   T10] em28xx 3-1:0.89: Freeing device
[  224.869295][   T44] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  224.892495][   T44] usb 1-1: Using ep0 maxpacket: 8
[  224.899735][   T44] usb 1-1: unable to read config index 0 descriptor/start: -61
[  224.907346][   T44] usb 1-1: can't read configurations, error -61
[  225.039366][   T44] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  225.059826][   T44] usb 1-1: Using ep0 maxpacket: 8
[  225.066661][   T44] usb 1-1: unable to read config index 0 descriptor/start: -61
[  225.074381][   T44] usb 1-1: can't read configurations, error -61
[  225.081365][   T44] usb usb1-port1: unable to enumerate USB device
[  225.209401][ T5940] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  225.360976][ T5940] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  225.371539][ T5940] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  225.380725][ T5940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.392548][ T5940] usb 2-1: config 0 descriptor??
[  225.399639][T10039] trusted_key: encrypted_key: insufficient parameters specified
[  225.404199][ T5940] pwc: Askey VC010 type 2 USB webcam detected.
[  225.649886][ T1211] usb 3-1: new full-speed USB device number 46 using dummy_hcd
[  225.800883][ T1211] usb 3-1: config 1 interface 0 altsetting 250 endpoint 0x82 has invalid maxpacket 1943, setting to 64
[  225.804669][ T5940] pwc: recv_control_msg error -32 req 02 val 2b00
[  225.812204][ T1211] usb 3-1: config 1 interface 0 altsetting 250 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  225.820062][ T5940] pwc: recv_control_msg error -32 req 02 val 2700
[  225.831411][ T1211] usb 3-1: config 1 interface 0 has no altsetting 0
[  225.837508][ T5940] pwc: recv_control_msg error -32 req 02 val 2c00
[  225.844865][ T1211] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  225.852733][ T5940] pwc: recv_control_msg error -32 req 04 val 1000
[  225.859850][ T1211] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.867090][ T5940] pwc: recv_control_msg error -32 req 04 val 1300
[  225.874133][ T1211] usb 3-1: Product: ࠓ
[  225.880833][ T5940] pwc: recv_control_msg error -32 req 04 val 1400
[  225.891666][ T5940] pwc: recv_control_msg error -32 req 02 val 2000
[  225.892083][ T1211] usb 3-1: Manufacturer: 㩷벑✸巢踍ਐĬꊣﱱ᧪ᜟ櫄藝셧懡쩮酄켞헹㘬䠆꧚搳㼐鞤㉿Pꖏਲ衵쉼㨾緰䳊漩ꖯ꿷鑝헯↞㔳ᇵ쭧棒䍠緅靭訔ও⤸₟駙旮筎ኳ鷤ꍒ躶뤧㉾
[  225.919227][ T5940] pwc: recv_control_msg error -32 req 02 val 2100
[  225.920469][ T1211] usb 3-1: SerialNumber: syz
[  225.927561][ T5940] pwc: recv_control_msg error -32 req 04 val 1500
[  225.934322][T10039] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  225.944705][ T5940] pwc: recv_control_msg error -32 req 02 val 2500
[  225.947946][T10039] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  225.954246][ T5940] pwc: recv_control_msg error -32 req 02 val 2400
[  225.965623][ T5940] pwc: recv_control_msg error -32 req 02 val 2600
[  226.166249][ T1211] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  226.178366][ T5940] pwc: recv_control_msg error -71 req 02 val 2800
[  226.187753][ T5940] pwc: recv_control_msg error -71 req 04 val 1100
[  226.193806][ T1211] usb 3-1: USB disconnect, device number 46
[  226.197113][ T5940] pwc: recv_control_msg error -71 req 04 val 1200
[  226.212849][ T5940] pwc: Registered as video103.
[  226.228008][ T5940] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input40
[  226.258669][ T5940] usb 2-1: USB disconnect, device number 45
[  227.209462][   T10] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  227.217366][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  227.269454][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  227.401041][   T10] usb 3-1: Using ep0 maxpacket: 32
[  227.407440][   T10] usb 3-1: too many configurations: 17, using maximum allowed: 8
[  227.416962][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.425370][   T10] usb 3-1: config 0 has no interface number 0
[  227.436121][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.445124][   T10] usb 3-1: config 0 has no interface number 0
[  227.452789][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.461559][   T10] usb 3-1: config 0 has no interface number 0
[  227.468861][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.477519][   T10] usb 3-1: config 0 has no interface number 0
[  227.485422][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.494896][   T10] usb 3-1: config 0 has no interface number 0
[  227.502351][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.510833][   T10] usb 3-1: config 0 has no interface number 0
[  227.521477][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.532603][   T10] usb 3-1: config 0 has no interface number 0
[  227.540310][   T10] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  227.548683][   T10] usb 3-1: config 0 has no interface number 0
[  227.557370][   T10] usb 3-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2
[  227.566948][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.576090][   T10] usb 3-1: Product: syz
[  227.580672][   T10] usb 3-1: Manufacturer: syz
[  227.585352][   T10] usb 3-1: SerialNumber: syz
[  227.593021][   T10] usb 3-1: config 0 descriptor??
[  227.601155][   T10] etas_es58x 3-1:0.2: Starting syz syz (Serial Number syz)
[  227.928966][   T10] etas_es58x 3-1:0.2: could not parse product info: '424242424242'
[  228.641070][T10091] /dev/rnullb0: Can't open blockdev
[  228.681914][T10091] /dev/rnullb0: Can't open blockdev
[  229.190019][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  229.198684][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  229.207543][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  229.216185][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  229.224858][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  229.233869][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  229.242946][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  229.251775][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  229.306627][ T5860] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  229.811882][    C1] etas_es58x 3-1:0.2: es58x_check_rx_urb: Expected sequence 0xFECA for start of frame but got 0x0048.
[  229.822902][    C1] etas_es58x 3-1:0.2: es58x_split_urb_try_recovery: Recovery failed
[  229.830941][    C1] etas_es58x 3-1:0.2: es58x_split_urb() returned error -EBADMSG
[  229.839361][ T5530] etas_es58x 3-1:0.2 can0: bit-timing not yet defined
[  229.982146][    C1] etas_es58x 3-1:0.2: es58x_read_bulk_callback: error -EPROTO. Device unplugged?
[  229.982424][   T10] usb 3-1: USB disconnect, device number 47
[  229.991403][    C1] etas_es58x 3-1:0.2: es58x_read_bulk_callback: error -EPROTO. Device unplugged?
[  229.991483][    C1] etas_es58x 3-1:0.2: es58x_read_bulk_callback: error -EPROTO. Device unplugged?
[  229.991542][    C1] etas_es58x 3-1:0.2: es58x_read_bulk_callback: error -EPROTO. Device unplugged?
[  230.024976][    C1] etas_es58x 3-1:0.2: es58x_read_bulk_callback: error -EPROTO. Device unplugged?
[  230.034196][    C1] etas_es58x 3-1:0.2 can0: es58x_write_bulk_callback: error -ESHUTDOWN
[  230.049315][    C1] dummy_hcd dummy_hcd.2: timer fired with no URBs pending?
[  230.057097][   T10] etas_es58x 3-1:0.2: Disconnecting syz syz
[  230.545308][ T5530] etas_es58x 3-1:0.2 can0: es58x_open: Could not open the network device: -EINVAL
[  231.013396][T10161] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.020952][T10161] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.051588][T10161] bridge0: entered allmulticast mode
[  231.079255][T10161] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.086500][T10161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.094021][T10161] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.101181][T10161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.142316][T10161] bridge0: entered promiscuous mode
[  231.169390][ T5860] Bluetooth: hci3: command 0x0405 tx timeout
[  231.809557][T10212] netlink: 'syz.1.1596': attribute type 1 has an invalid length.
[  234.008305][T10319] pim6reg1: entered promiscuous mode
[  234.014067][T10319] pim6reg1: entered allmulticast mode
[  234.269284][T10340] overlayfs: failed to clone lowerpath
[  234.924204][T10374] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  235.117414][   T30] audit: type=1326 audit(1756843569.605:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.2.1665" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcbfed8ebe9 code=0x0
[  235.364856][   T30] audit: type=1326 audit(1756843569.855:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10407 comm="syz.0.1674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955718ebe9 code=0x7ffc0000
[  235.388380][   T30] audit: type=1326 audit(1756843569.855:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10407 comm="syz.0.1674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955718ebe9 code=0x7ffc0000
[  235.414981][   T30] audit: type=1326 audit(1756843569.885:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10407 comm="syz.0.1674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955718ebe9 code=0x7ffc0000
[  236.066614][T10421] overlayfs: failed to clone lowerpath
[  236.102436][T10423] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1679'.
[  236.189017][T10429] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1682'.
[  236.638960][T10469] ------------[ cut here ]------------
[  236.644743][T10469] UBSAN: shift-out-of-bounds in fs/9p/vfs_super.c:57:22
[  236.653563][T10469] shift exponent 32 is too large for 32-bit type 'int'
[  236.661382][T10469] CPU: 1 UID: 0 PID: 10469 Comm: syz.1.1701 Not tainted syzkaller #0 PREEMPT(full) 
[  236.661409][T10469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  236.661423][T10469] Call Trace:
[  236.661431][T10469]  <TASK>
[  236.661440][T10469]  dump_stack_lvl+0x189/0x250
[  236.661491][T10469]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.661522][T10469]  ? __pfx__printk+0x10/0x10
[  236.661558][T10469]  ubsan_epilogue+0xa/0x40
[  236.661580][T10469]  __ubsan_handle_shift_out_of_bounds+0x386/0x410
[  236.661617][T10469]  ? __pfx_v9fs_set_super+0x10/0x10
[  236.661643][T10469]  v9fs_get_tree+0x957/0xa90
[  236.661668][T10469]  ? __pfx_v9fs_get_tree+0x10/0x10
[  236.661695][T10469]  vfs_get_tree+0x8f/0x2b0
[  236.661717][T10469]  do_new_mount+0x2a2/0xa30
[  236.661741][T10469]  ? ns_capable+0x8a/0xf0
[  236.661763][T10469]  ? __pfx_do_new_mount+0x10/0x10
[  236.661785][T10469]  ? path_mount+0x61c/0xfe0
[  236.661805][T10469]  ? user_path_at+0x44/0x60
[  236.661838][T10469]  __se_sys_mount+0x317/0x410
[  236.661865][T10469]  ? __pfx___se_sys_mount+0x10/0x10
[  236.661890][T10469]  ? rcu_is_watching+0x15/0xb0
[  236.661915][T10469]  ? __x64_sys_mount+0x20/0xc0
[  236.661940][T10469]  do_syscall_64+0xfa/0xfa0
[  236.661967][T10469]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.661982][T10469]  ? clear_bhb_loop+0x60/0xb0
[  236.661998][T10469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.662013][T10469] RIP: 0033:0x7f7ec2d8ebe9
[  236.662031][T10469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.662045][T10469] RSP: 002b:00007f7ec3cdf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  236.662066][T10469] RAX: ffffffffffffffda RBX: 00007f7ec2fc5fa0 RCX: 00007f7ec2d8ebe9
[  236.662077][T10469] RDX: 0000200000000200 RSI: 00002000000001c0 RDI: 0000000000000000
[  236.662087][T10469] RBP: 00007f7ec2e11e19 R08: 0000200000002640 R09: 0000000000000000
[  236.662097][T10469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  236.662106][T10469] R13: 00007f7ec2fc6038 R14: 00007f7ec2fc5fa0 R15: 00007ffd4bcdc6f8
[  236.662123][T10469]  </TASK>
[  236.662167][T10469] ---[ end trace ]---
[  236.878141][T10469] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  236.885353][T10469] CPU: 1 UID: 0 PID: 10469 Comm: syz.1.1701 Not tainted syzkaller #0 PREEMPT(full) 
[  236.894730][T10469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  236.904790][T10469] Call Trace:
[  236.908078][T10469]  <TASK>
[  236.911031][T10469]  dump_stack_lvl+0x99/0x250
[  236.915636][T10469]  ? __asan_memcpy+0x40/0x70
[  236.920233][T10469]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.925477][T10469]  ? __pfx__printk+0x10/0x10
[  236.930091][T10469]  vpanic+0x281/0x750
[  236.934105][T10469]  ? __pfx_vpanic+0x10/0x10
[  236.938632][T10469]  panic+0xb9/0xc0
[  236.942361][T10469]  ? __pfx_panic+0x10/0x10
[  236.946807][T10469]  ? __pfx__printk+0x10/0x10
[  236.951418][T10469]  check_panic_on_warn+0x89/0xb0
[  236.956372][T10469]  __ubsan_handle_shift_out_of_bounds+0x386/0x410
[  236.962798][T10469]  ? __pfx_v9fs_set_super+0x10/0x10
[  236.968009][T10469]  v9fs_get_tree+0x957/0xa90
[  236.972614][T10469]  ? __pfx_v9fs_get_tree+0x10/0x10
[  236.977735][T10469]  vfs_get_tree+0x8f/0x2b0
[  236.982160][T10469]  do_new_mount+0x2a2/0xa30
[  236.986673][T10469]  ? ns_capable+0x8a/0xf0
[  236.991043][T10469]  ? __pfx_do_new_mount+0x10/0x10
[  236.996073][T10469]  ? path_mount+0x61c/0xfe0
[  237.000585][T10469]  ? user_path_at+0x44/0x60
[  237.005104][T10469]  __se_sys_mount+0x317/0x410
[  237.009799][T10469]  ? __pfx___se_sys_mount+0x10/0x10
[  237.015020][T10469]  ? rcu_is_watching+0x15/0xb0
[  237.019794][T10469]  ? __x64_sys_mount+0x20/0xc0
[  237.024570][T10469]  do_syscall_64+0xfa/0xfa0
[  237.029094][T10469]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.035178][T10469]  ? clear_bhb_loop+0x60/0xb0
[  237.039862][T10469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.045759][T10469] RIP: 0033:0x7f7ec2d8ebe9
[  237.050185][T10469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.069795][T10469] RSP: 002b:00007f7ec3cdf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  237.078229][T10469] RAX: ffffffffffffffda RBX: 00007f7ec2fc5fa0 RCX: 00007f7ec2d8ebe9
[  237.086204][T10469] RDX: 0000200000000200 RSI: 00002000000001c0 RDI: 0000000000000000
[  237.094181][T10469] RBP: 00007f7ec2e11e19 R08: 0000200000002640 R09: 0000000000000000
[  237.102163][T10469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  237.110142][T10469] R13: 00007f7ec2fc6038 R14: 00007f7ec2fc5fa0 R15: 00007ffd4bcdc6f8
[  237.118151][T10469]  </TASK>
[  237.121596][T10469] Kernel Offset: disabled
[  237.125977][T10469] Rebooting in 86400 seconds..