last executing test programs: 4.57543689s ago: executing program 0 (id=6439): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000080)=0x80000049, 0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @mss, @sack_perm, @window={0x3, 0x74a}, @timestamp, @mss, @timestamp, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) 4.463083227s ago: executing program 0 (id=6441): r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r1, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000440)={r2, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r3}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000200)={r2, 0x0, 0xffffffff, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={r4}) 4.460264328s ago: executing program 0 (id=6442): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) rt_sigprocmask(0x0, 0x0, 0x0, 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x9, 0x143ffd, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r1, 0x0, 0x20000000}, 0x1c) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[{0xc, 0x110, 0xc}], 0xc}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = inotify_init() mremap(&(0x7f0000a7d000/0x2000)=nil, 0x2000, 0x1000, 0x2, &(0x7f00008e3000/0x1000)=nil) inotify_add_watch(r5, 0x0, 0xa50003d1) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYRES16=r6, @ANYBLOB="0100000000000000000066000000080003", @ANYRES32=r8, @ANYBLOB="080026008f09"], 0x2c}}, 0x0) r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000010c0)={0x94, r9, 0x1, 0x0, 0x0, {0xa}, [@TIPC_NLA_LINK={0x80, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_LINK_NAME={0x6a, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x94}}, 0x0) 3.451974645s ago: executing program 0 (id=6457): openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(0xffffffffffffffff, 0x6a, 0x4, 0x20000002, 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c", 0x8) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) socket$inet6_udplite(0xa, 0x2, 0x88) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10) setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4) 2.557753427s ago: executing program 0 (id=6470): socket$can_j1939(0x1d, 0x2, 0x7) socket$inet_dccp(0x2, 0x6, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74) r2 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) r6 = socket$kcm(0x2, 0x1, 0x0) shutdown(r6, 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x1, 0x7, 0x3, 0x4020, 0xffffffffffffffff, 0xc0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x4, @void, @value, @void, @value}, 0x50) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r8}, 0xc) r9 = socket$inet6(0xa, 0x1, 0x8010000000000084) bpf$PROG_LOAD(0x5, 0x0, 0x0) connect$inet6(r9, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, 0x0, 0x0) 2.475589751s ago: executing program 3 (id=6471): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 2.374497744s ago: executing program 3 (id=6474): r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$key(0xf, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) close(r1) 2.24459484s ago: executing program 3 (id=6475): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)) chdir(&(0x7f0000000140)='./bus\x00') pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) splice(r1, 0x0, r2, 0x0, 0x10000000000016, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x7b5d, &(0x7f0000000240)={0x0, 0x56d0, 0x1000, 0xfffefffd, 0x97, 0x0, r2}, &(0x7f0000000180), 0x0) socket$packet(0x11, 0x3, 0x300) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32, @ANYBLOB="fe000400000000001c0012000c000100626f6e64000000000c00020008"], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000085c) r7 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r7, &(0x7f0000000000)={0x27}, 0x62) recvmmsg(r7, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ptrace(0x10, r6) ptrace$pokeuser(0x6, r6, 0x118, 0x89) 1.834429643s ago: executing program 3 (id=6481): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) rt_sigprocmask(0x0, 0x0, 0x0, 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x9, 0x143ffd, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r1, 0x0, 0x20000000}, 0x1c) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[{0xc, 0x110, 0xc}], 0xc}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = inotify_init() mremap(&(0x7f0000a7d000/0x2000)=nil, 0x2000, 0x1000, 0x2, &(0x7f00008e3000/0x1000)=nil) inotify_add_watch(r3, &(0x7f0000000340)='.\x00', 0xa50003d1) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYRES16=r4, @ANYBLOB="0100000000000000000066000000080003", @ANYRES32=r6, @ANYBLOB="080026008f09"], 0x2c}}, 0x0) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000010c0)={0x94, r7, 0x1, 0x0, 0x0, {0xa}, [@TIPC_NLA_LINK={0x80, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_LINK_NAME={0x6a, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x94}}, 0x0) 1.626709128s ago: executing program 0 (id=6484): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) getrandom(&(0x7f0000000040)=""/20, 0x14, 0x2) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) pwritev(r3, &(0x7f00000001c0)=[{&(0x7f0000000280)="be", 0x7ffff000}, {0x0, 0x11c}], 0x2, 0x0, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x38, 0x3b, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x72}]}, @typed={0xc, 0x9, 0x0, 0x0, @u64=0x6}]}, 0x38}}, 0xc000) symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00') r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0) move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r6, &(0x7f0000000140)='./file0\x00', 0x272) 1.626026125s ago: executing program 3 (id=6486): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) rt_sigprocmask(0x0, 0x0, 0x0, 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x9, 0x143ffd, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r1, 0x0, 0x20000000}, 0x1c) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[{0xc, 0x110, 0xc}], 0xc}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = inotify_init() mremap(&(0x7f0000a7d000/0x2000)=nil, 0x2000, 0x1000, 0x2, &(0x7f00008e3000/0x1000)=nil) inotify_add_watch(r5, &(0x7f0000000340)='.\x00', 0xa50003d1) syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000010c0)={0x94, r7, 0x1, 0x0, 0x0, {0xa}, [@TIPC_NLA_LINK={0x80, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_LINK_NAME={0x6a, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x94}}, 0x0) 652.44097ms ago: executing program 1 (id=6505): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)) chdir(&(0x7f0000000140)='./bus\x00') pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) splice(r1, 0x0, r2, 0x0, 0x10000000000016, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x7b5d, &(0x7f0000000240)={0x0, 0x56d0, 0x1000, 0xfffefffd, 0x97, 0x0, r2}, &(0x7f0000000180), 0x0) socket$packet(0x11, 0x3, 0x300) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b0000", @ANYRES32, @ANYBLOB="fe000400000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000085c) r7 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r7, &(0x7f0000000000)={0x27}, 0x62) recvmmsg(r7, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ptrace(0x10, r6) ptrace$pokeuser(0x6, r6, 0x118, 0x89) 651.98818ms ago: executing program 3 (id=6506): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'macvtap0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1, 0x7, 0x2261, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000140)={'wlan1\x00', @local}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r2 = epoll_create1(0x0) r3 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0xa000000d}) sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)={0x48, 0x5, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x44088}, 0x0) socket(0x1f, 0x800, 0x3) socket$packet(0x11, 0x3, 0x300) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xf7, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f00001e7000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x2) r5 = syz_open_procfs(0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) read$FUSE(r5, &(0x7f00000007c0)={0x2020}, 0x2020) r6 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r6, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) socket$inet6_tcp(0xa, 0x1, 0x0) capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x200000, 0x200000}) 483.177472ms ago: executing program 2 (id=6508): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"}) r1 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x0) 482.946192ms ago: executing program 1 (id=6509): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0xffffc000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000500)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff77, 0x0, 0x0}, &(0x7f0000000000)=0x40) 403.796064ms ago: executing program 2 (id=6510): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 403.434435ms ago: executing program 1 (id=6511): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 403.292303ms ago: executing program 2 (id=6512): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)) chdir(&(0x7f0000000140)='./bus\x00') pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) splice(r1, 0x0, r2, 0x0, 0x10000000000016, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x7b5d, &(0x7f0000000240)={0x0, 0x56d0, 0x1000, 0xfffefffd, 0x97, 0x0, r2}, &(0x7f0000000180), 0x0) socket$packet(0x11, 0x3, 0x300) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32, @ANYBLOB="fe000400000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000085c) r7 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r7, &(0x7f0000000000)={0x27}, 0x62) recvmmsg(r7, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r6) ptrace$pokeuser(0x6, r6, 0x118, 0x89) 304.527911ms ago: executing program 2 (id=6513): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28) recvmmsg(r0, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000b00)=""/81, 0x51}], 0x1}}], 0x1, 0x0, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x60, 0x0, 0x0) 303.098062ms ago: executing program 1 (id=6521): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x54) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)) chdir(&(0x7f0000000140)='./bus\x00') pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) splice(r1, 0x0, r2, 0x0, 0x10000000000016, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x7b5d, &(0x7f0000000240)={0x0, 0x56d0, 0x1000, 0xfffefffd, 0x97, 0x0, r2}, &(0x7f0000000180), 0x0) socket$packet(0x11, 0x3, 0x300) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32, @ANYBLOB="fe000400000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000085c) r7 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r7, &(0x7f0000000000)={0x27}, 0x62) recvmmsg(r7, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r6) ptrace$pokeuser(0x6, r6, 0x118, 0x89) 214.398292ms ago: executing program 2 (id=6514): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) rt_sigprocmask(0x0, 0x0, 0x0, 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x9, 0x143ffd, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r1, 0x0, 0x20000000}, 0x1c) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[{0xc, 0x110, 0xc}], 0xc}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = inotify_init() mremap(&(0x7f0000a7d000/0x2000)=nil, 0x2000, 0x1000, 0x2, &(0x7f00008e3000/0x1000)=nil) inotify_add_watch(r5, &(0x7f0000000340)='.\x00', 0xa50003d1) syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000010c0)={0x94, r7, 0x1, 0x0, 0x0, {0xa}, [@TIPC_NLA_LINK={0x80, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_LINK_NAME={0x6a, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x94}}, 0x0) 114.079ms ago: executing program 1 (id=6515): bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = io_uring_setup(0x458a, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x3}) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 4.329636ms ago: executing program 2 (id=6516): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='tracefs\x00', 0x3, 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 0s ago: executing program 1 (id=6517): r0 = syz_io_uring_setup(0x460, &(0x7f0000000480)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) socket$inet6(0xa, 0x2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0x0, 0x4}]}, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): been left with an inconsistent configuration, please check. [ 1023.117689][T22999] »»»»»»7 speed is unknown, defaulting to 1000 [ 1024.603062][T23023] No control pipe specified [ 1024.605270][T23023] No control pipe specified [ 1024.667804][T23030] nfs: Unknown parameter '}//~\[' [ 1026.199004][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 1026.199015][ T40] audit: type=1326 audit(2000000087.140:9905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.206929][ T40] audit: type=1326 audit(2000000087.150:9906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.488978][ T40] audit: type=1326 audit(2000000087.150:9907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.495376][ T40] audit: type=1326 audit(2000000087.150:9908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.501658][ T40] audit: type=1326 audit(2000000087.150:9909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.507821][ T40] audit: type=1326 audit(2000000087.150:9910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.513860][ T40] audit: type=1326 audit(2000000087.150:9911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.520164][ T40] audit: type=1326 audit(2000000087.150:9912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.526182][ T40] audit: type=1326 audit(2000000087.150:9913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1026.532321][ T40] audit: type=1326 audit(2000000087.150:9914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23056 comm="syz.0.4459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1027.096711][T23070] No control pipe specified [ 1027.099291][T23070] No control pipe specified [ 1027.200452][T23074] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.4463' sets config #1 [ 1028.539373][T23095] wireguard0: entered promiscuous mode [ 1028.541792][T23095] wireguard0: entered allmulticast mode [ 1031.568862][ T5987] usb 8-1: new high-speed USB device number 36 using dummy_hcd [ 1031.665345][T23147] netlink: 'syz.0.4485': attribute type 9 has an invalid length. [ 1031.720573][ T5987] usb 8-1: device descriptor read/64, error -71 [ 1031.979052][ T5987] usb 8-1: new high-speed USB device number 37 using dummy_hcd [ 1032.109138][ T5987] usb 8-1: device descriptor read/64, error -71 [ 1032.220027][ T5987] usb usb8-port1: attempt power cycle [ 1032.405147][T23156] overlayfs: missing 'lowerdir' [ 1032.469213][T23157] netlink: 'syz.1.4488': attribute type 1 has an invalid length. [ 1032.569125][ T5987] usb 8-1: new high-speed USB device number 38 using dummy_hcd [ 1032.590515][ T5987] usb 8-1: device descriptor read/8, error -71 [ 1032.849080][ T5987] usb 8-1: new high-speed USB device number 39 using dummy_hcd [ 1032.921773][ T5987] usb 8-1: device descriptor read/8, error -71 [ 1033.029098][ T5987] usb usb8-port1: unable to enumerate USB device [ 1033.619109][T23170] netlink: 'syz.2.4480': attribute type 9 has an invalid length. [ 1033.631984][T23171] overlayfs: failed to clone upperpath [ 1033.839657][T23175] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4482'. [ 1035.127977][T23189] No control pipe specified [ 1035.133932][T23189] No control pipe specified [ 1035.403092][T23190] netlink: 'syz.3.4490': attribute type 9 has an invalid length. [ 1035.439489][T23204] netlink: 'syz.0.4493': attribute type 8 has an invalid length. [ 1035.878371][T23210] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4494'. [ 1036.246069][ T6052] libceph: connect (1)[c::]:6789 error -101 [ 1036.247867][ T6052] libceph: mon0 (1)[c::]:6789 connect error [ 1036.346121][T23217] ceph: No mds server is up or the cluster is laggy [ 1036.452735][ T40] kauditd_printk_skb: 67 callbacks suppressed [ 1036.452747][ T40] audit: type=1326 audit(2000000097.390:9982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.453780][T23224] overlayfs: failed to clone upperpath [ 1036.454846][ T40] audit: type=1326 audit(2000000097.390:9983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.469666][ T40] audit: type=1326 audit(2000000097.390:9984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.475593][ T40] audit: type=1326 audit(2000000097.390:9985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.483392][ T40] audit: type=1326 audit(2000000097.390:9986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.491890][ T40] audit: type=1326 audit(2000000097.390:9987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.501257][ T40] audit: type=1326 audit(2000000097.390:9988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.509414][ T40] audit: type=1326 audit(2000000097.390:9989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.516909][ T40] audit: type=1326 audit(2000000097.400:9990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1036.524578][ T40] audit: type=1326 audit(2000000097.400:9991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23213 comm="syz.1.4495" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1037.049119][T23231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4499'. [ 1037.087404][T23231] netlink: 177 bytes leftover after parsing attributes in process `syz.0.4499'. [ 1037.119097][T23236] overlayfs: failed to clone upperpath [ 1037.322218][T23238] rdma_rxe: rxe_newlink: failed to add vcan0 [ 1037.407255][T23242] »»»»»»7 speed is unknown, defaulting to 1000 [ 1037.788187][T23252] tmpfs: Unknown parameter 'subj_user' [ 1037.849557][T23254] overlayfs: missing 'lowerdir' [ 1037.988274][T23258] netlink: 'syz.0.4507': attribute type 1 has an invalid length. [ 1038.042967][T23258] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1038.212008][T23262] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4509'. [ 1038.217344][T23262] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4509'. [ 1038.291214][T23272] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4508'. [ 1038.704732][T23279] overlayfs: missing 'lowerdir' [ 1038.833679][T23281] netlink: 'syz.0.4513': attribute type 1 has an invalid length. [ 1039.147869][ T6052] libceph: connect (1)[c::]:6789 error -101 [ 1039.150529][ T6052] libceph: mon0 (1)[c::]:6789 connect error [ 1039.418948][ T6052] libceph: connect (1)[c::]:6789 error -101 [ 1039.420774][ T6052] libceph: mon0 (1)[c::]:6789 connect error [ 1039.572088][T23298] netlink: 'syz.1.4515': attribute type 9 has an invalid length. [ 1039.931888][T23303] syz.0.4516: attempt to access beyond end of device [ 1039.931888][T23303] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 1039.935999][T23303] XFS (nbd0): SB validate failed with error -5. [ 1039.938920][ T6052] libceph: connect (1)[c::]:6789 error -101 [ 1039.940663][ T6052] libceph: mon0 (1)[c::]:6789 connect error [ 1039.966965][T23284] ceph: No mds server is up or the cluster is laggy [ 1040.405640][T23319] overlayfs: failed to clone upperpath [ 1040.512207][T23321] netlink: 'syz.1.4519': attribute type 9 has an invalid length. [ 1040.987841][T23325] overlayfs: missing 'lowerdir' [ 1041.133230][T23331] netlink: 'syz.3.4521': attribute type 1 has an invalid length. [ 1041.192678][T23331] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1041.534787][T23337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4523'. [ 1043.639874][T23370] netlink: 'syz.3.4528': attribute type 9 has an invalid length. [ 1043.878986][T23360] 9pnet_fd: Insufficient options for proto=fd [ 1044.363093][T23381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4531'. [ 1044.386744][T23381] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4531'. [ 1045.302882][T23397] overlayfs: missing 'lowerdir' [ 1045.411553][T23398] netlink: 'syz.2.4535': attribute type 1 has an invalid length. [ 1045.583935][T23401] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4536'. [ 1046.521562][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 1046.521579][ T40] audit: type=1800 audit(2000000107.470:10020): pid=23415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4539" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 1046.576870][ T40] audit: type=1800 audit(2000000107.520:10021): pid=23418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4540" name="SYSV00000000" dev="tmpfs" ino=3 res=0 errno=0 [ 1046.736801][T23422] wireguard0: entered promiscuous mode [ 1046.738552][T23422] wireguard0: entered allmulticast mode [ 1047.170320][T23431] No buffer was provided with the request [ 1047.349616][T23421] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4540'. [ 1047.631026][T23440] »»»»»»7 speed is unknown, defaulting to 1000 [ 1047.955835][T23447] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4546'. [ 1048.027408][T23451] netlink: 'syz.3.4544': attribute type 1 has an invalid length. [ 1048.103383][T23451] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4544'. [ 1048.616968][T23451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1048.621111][T23451] bond3: (slave batadv0): Enslaving as a backup interface with an up link [ 1048.646947][T23457] bond3 (unregistering): (slave batadv0): Releasing backup interface [ 1048.699676][T23457] bond3 (unregistering): Released all slaves [ 1048.902179][T23463] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4548'. [ 1049.407709][ T40] audit: type=1326 audit(2000000110.290:10022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1049.415423][ T40] audit: type=1326 audit(2000000110.360:10023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1049.435750][ T40] audit: type=1326 audit(2000000110.360:10024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf747e5a7 code=0x7ffc0000 [ 1049.444915][ T40] audit: type=1326 audit(2000000110.370:10025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1049.450912][ T40] audit: type=1326 audit(2000000110.370:10026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf747e5a7 code=0x7ffc0000 [ 1049.456900][ T40] audit: type=1326 audit(2000000110.370:10027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1049.463645][ T40] audit: type=1326 audit(2000000110.370:10028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf747e5a7 code=0x7ffc0000 [ 1049.471758][ T40] audit: type=1326 audit(2000000110.380:10029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23467 comm="syz.0.4550" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1049.679400][T23476] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1050.389139][T23491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4557'. [ 1050.451840][T23486] »»»»»»7 speed is unknown, defaulting to 1000 [ 1050.486768][T23497] overlayfs: failed to clone upperpath [ 1051.023994][T23509] ref_ctr_offset mismatch. inode: 0x1559 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8 [ 1051.351546][T23514] No buffer was provided with the request [ 1051.848160][T23524] overlayfs: missing 'lowerdir' [ 1052.126625][T23525] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4563'. [ 1052.141342][T23526] netlink: 'syz.1.4564': attribute type 1 has an invalid length. [ 1054.216466][T23541] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4566'. [ 1054.523517][T23556] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4571'. [ 1055.060624][T23569] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 1055.070191][T23569] CIFS mount error: No usable UNC path provided in device string! [ 1055.070191][T23569] [ 1055.073880][T23569] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1055.165414][T23568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4574'. [ 1055.176216][T23568] netlink: 177 bytes leftover after parsing attributes in process `syz.3.4574'. [ 1055.702532][T23572] overlayfs: missing 'lowerdir' [ 1055.787229][T23573] netlink: 'syz.2.4575': attribute type 1 has an invalid length. [ 1056.352466][T23583] overlayfs: failed to clone upperpath [ 1056.563439][T23585] 8021q: adding VLAN 0 to HW filter on device ipvlan0 [ 1056.566544][T23585] team0: Device ipvlan0 is already an upper device of the team interface [ 1056.873566][T23594] wireguard0: entered promiscuous mode [ 1056.875384][T23594] wireguard0: entered allmulticast mode [ 1057.461069][T23604] wireguard1: entered promiscuous mode [ 1057.462679][T23604] wireguard1: entered allmulticast mode [ 1057.775720][T23609] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4584'. [ 1058.130112][T23621] overlayfs: missing 'lowerdir' [ 1058.209107][T23624] netlink: 'syz.1.4588': attribute type 1 has an invalid length. [ 1058.420235][T23631] wireguard1: entered promiscuous mode [ 1058.422422][T23631] wireguard1: entered allmulticast mode [ 1058.736433][ T40] kauditd_printk_skb: 74 callbacks suppressed [ 1058.736443][ T40] audit: type=1804 audit(2000000119.680:10104): pid=23637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4590" name="/newroot/1022/file0" dev="tmpfs" ino=5497 res=1 errno=0 [ 1058.755390][T23637] ref_ctr_offset mismatch. inode: 0x1579 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 1058.808214][T23640] netlink: 'syz.0.4590': attribute type 1 has an invalid length. [ 1058.810820][T23640] netlink: 240 bytes leftover after parsing attributes in process `syz.0.4590'. [ 1059.463871][ T40] audit: type=1800 audit(2000000120.410:10105): pid=23649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4593" name="SYSV00000000" dev="tmpfs" ino=5 res=0 errno=0 [ 1060.370106][T23652] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4593'. [ 1060.370717][T23654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4594'. [ 1060.899247][ T6016] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 1061.467607][ T40] audit: type=1326 audit(2000000122.410:10106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.476698][ T40] audit: type=1326 audit(2000000122.410:10107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.479982][T23673] overlayfs: missing 'lowerdir' [ 1061.484247][ T40] audit: type=1326 audit(2000000122.410:10108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.494273][ T40] audit: type=1326 audit(2000000122.410:10109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.502767][ T40] audit: type=1326 audit(2000000122.410:10110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.511628][ T40] audit: type=1326 audit(2000000122.420:10111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.520935][ T40] audit: type=1326 audit(2000000122.420:10112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.531860][ T40] audit: type=1326 audit(2000000122.420:10113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23668 comm="syz.1.4598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1061.686634][T23681] netlink: 'syz.3.4600': attribute type 1 has an invalid length. [ 1061.713323][T23679] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4599'. [ 1061.730515][T23679] netlink: 177 bytes leftover after parsing attributes in process `syz.2.4599'. [ 1062.882802][T23699] netlink: 'syz.1.4603': attribute type 10 has an invalid length. [ 1062.904058][T23699] 9pnet_fd: Insufficient options for proto=fd [ 1063.615575][T23710] netlink: 'syz.2.4605': attribute type 9 has an invalid length. [ 1065.121169][T23728] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4610'. [ 1065.123193][T23730] overlayfs: missing 'lowerdir' [ 1065.356345][T23741] netlink: 'syz.0.4611': attribute type 1 has an invalid length. [ 1066.534695][ T40] kauditd_printk_skb: 307 callbacks suppressed [ 1066.534705][ T40] audit: type=1326 audit(2000000127.480:10421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23755 comm="syz.2.4617" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 1067.306486][T23774] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4621'. [ 1067.362686][T23778] overlayfs: missing 'lowerdir' [ 1067.489849][T23781] netlink: 'syz.3.4622': attribute type 1 has an invalid length. [ 1067.539253][T23785] overlayfs: missing 'lowerdir' [ 1067.541709][T23781] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1067.600310][T23786] netlink: 'syz.0.4620': attribute type 9 has an invalid length. [ 1067.664266][T23790] netlink: 'syz.2.4623': attribute type 1 has an invalid length. [ 1068.240149][T23794] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 1068.259313][T23794] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4625'. [ 1068.334283][T23797] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4624'. [ 1068.384148][T23797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4624'. [ 1068.493813][T23801] No buffer was provided with the request [ 1070.752356][T23823] netlink: 'syz.1.4630': attribute type 9 has an invalid length. [ 1071.505393][T23827] wireguard1: entered promiscuous mode [ 1071.507051][T23827] wireguard1: entered allmulticast mode [ 1071.612081][T23832] No buffer was provided with the request [ 1071.761619][T23839] overlayfs: missing 'lowerdir' [ 1071.904533][T23846] netlink: 'syz.0.4635': attribute type 1 has an invalid length. [ 1071.911389][T23846] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1072.839809][T23858] netlink: 'syz.3.4638': attribute type 9 has an invalid length. [ 1072.899513][T23859] fuse: Bad value for 'fd' [ 1076.480604][T23885] »»»»»»7 speed is unknown, defaulting to 1000 [ 1076.507535][T23883] No buffer was provided with the request [ 1076.546717][ T40] audit: type=1326 audit(2000000137.490:10422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23880 comm="syz.2.4644" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 1076.684989][T23893] netlink: 'syz.0.4642': attribute type 9 has an invalid length. [ 1077.127184][T23906] netlink: 'syz.1.4648': attribute type 9 has an invalid length. [ 1077.849971][T23917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1078.009284][T23919] »»»»»»7 speed is unknown, defaulting to 1000 [ 1078.770196][T23927] netlink: 'syz.3.4652': attribute type 9 has an invalid length. [ 1079.520899][T23939] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 1079.541344][T23939] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4655'. [ 1079.957467][T23952] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4657'. [ 1079.998953][T23951] netlink: 'syz.2.4659': attribute type 9 has an invalid length. [ 1080.934345][T23965] overlayfs: failed to clone upperpath [ 1081.396296][ T40] audit: type=1800 audit(2000000142.340:10423): pid=23967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4663" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 1081.788167][T23982] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4666'. [ 1081.989786][T23991] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 1082.094935][T23992] overlayfs: failed to clone upperpath [ 1082.904679][T23997] netlink: 'syz.0.4669': attribute type 9 has an invalid length. [ 1086.428885][T24020] netlink: 'syz.1.4671': attribute type 9 has an invalid length. [ 1087.035431][T24032] netlink: 'syz.0.4675': attribute type 9 has an invalid length. [ 1087.098360][T24033] fuse: Bad value for 'fd' [ 1088.010463][T24043] netlink: 'syz.2.4679': attribute type 1 has an invalid length. [ 1088.013148][T24043] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.4679'. [ 1090.099369][T24067] ptrace attach of "/syz-executor exec"[5957] was attempted by ""[24067] [ 1090.732753][ T40] audit: type=1804 audit(2000000151.680:10424): pid=24073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4686" name="/newroot/1035/file0" dev="tmpfs" ino=5540 res=1 errno=0 [ 1090.751244][T24073] ref_ctr_offset mismatch. inode: 0x15a4 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 1090.837433][T24077] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4687'. [ 1091.001951][T24081] netlink: 'syz.0.4688': attribute type 10 has an invalid length. [ 1091.018956][T24081] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4688'. [ 1091.311344][T24087] netlink: 'syz.3.4686': attribute type 1 has an invalid length. [ 1091.313609][T24087] netlink: 240 bytes leftover after parsing attributes in process `syz.3.4686'. [ 1091.591438][T24093] overlayfs: missing 'lowerdir' [ 1091.678521][T24097] overlayfs: missing 'lowerdir' [ 1091.759876][T24098] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1091.796729][T24101] netlink: 'syz.0.4693': attribute type 1 has an invalid length. [ 1091.833834][T24101] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1092.743229][T24117] CIFS mount error: No usable UNC path provided in device string! [ 1092.743229][T24117] [ 1092.748184][T24117] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1093.105530][T24118] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4697'. [ 1093.749179][T24140] netlink: 'syz.0.4702': attribute type 9 has an invalid length. [ 1093.836650][T24139] Cannot find del_set index 320 as target [ 1094.261208][T24134] Set syz1 is full, maxelem 65536 reached [ 1094.574858][T24150] overlayfs: missing 'lowerdir' [ 1094.616015][T24152] netlink: 'syz.3.4706': attribute type 1 has an invalid length. [ 1094.618206][T24152] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.4706'. [ 1094.761810][T24154] netlink: 'syz.2.4705': attribute type 1 has an invalid length. [ 1095.384183][ T40] audit: type=1800 audit(2000000156.330:10425): pid=24163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4708" name="SYSV00000000" dev="hugetlbfs" ino=7 res=0 errno=0 [ 1095.403547][T24165] overlayfs: missing 'lowerdir' [ 1095.545211][T24168] netlink: 'syz.1.4716': attribute type 1 has an invalid length. [ 1096.514159][T24182] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4711'. [ 1096.895208][T24187] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4713'. [ 1097.039845][T24189] overlayfs: missing 'lowerdir' [ 1097.220504][T24191] netlink: 'syz.3.4714': attribute type 1 has an invalid length. [ 1097.237807][T24191] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1097.305501][T24197] overlayfs: missing 'lowerdir' [ 1097.379545][T24198] netlink: 'syz.2.4717': attribute type 1 has an invalid length. [ 1098.180389][T24210] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 1098.189750][ T5946] kernel write not supported for file bpf-prog (pid: 5946 comm: kworker/1:2) [ 1098.200032][T24212] overlayfs: missing 'lowerdir' [ 1098.319389][T24213] netlink: 'syz.2.4720': attribute type 1 has an invalid length. [ 1098.533079][T24218] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4721'. [ 1099.087224][T24226] netlink: 'syz.0.4722': attribute type 9 has an invalid length. [ 1099.598171][T24233] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4724'. [ 1100.245984][T24246] fuse: Bad value for 'fd' [ 1100.617081][T24249] overlayfs: missing 'lowerdir' [ 1100.680190][T24250] netlink: 'syz.2.4727': attribute type 1 has an invalid length. [ 1100.828010][T24253] overlayfs: missing 'lowerdir' [ 1100.893251][T24254] netlink: 'syz.1.4728': attribute type 1 has an invalid length. [ 1101.489910][T24257] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1101.777933][T24265] overlayfs: missing 'lowerdir' [ 1102.957988][T24280] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4734'. [ 1103.124817][T24281] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4735'. [ 1103.627611][T24289] overlayfs: missing 'lowerdir' [ 1104.173925][T24295] overlayfs: missing 'lowerdir' [ 1104.351919][T24299] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1104.897095][T24314] netlink: 'syz.1.4741': attribute type 9 has an invalid length. [ 1105.209153][T24306] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4740'. [ 1105.226675][T24306] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4740'. [ 1105.879114][T24325] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1106.890812][T24334] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4746'. [ 1107.531088][T24350] netlink: 'syz.3.4748': attribute type 9 has an invalid length. [ 1107.562023][T24356] overlayfs: missing 'lowerdir' [ 1108.052759][T24359] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1109.728712][T24383] netlink: 'syz.0.4756': attribute type 1 has an invalid length. [ 1110.297567][T24387] overlayfs: missing 'lowerdir' [ 1110.420445][T24393] netlink: 'syz.1.4757': attribute type 1 has an invalid length. [ 1110.428589][T24385] netlink: 'syz.2.4755': attribute type 9 has an invalid length. [ 1110.669329][T24398] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4758'. [ 1113.229017][T24448] netlink: 'syz.1.4767': attribute type 9 has an invalid length. [ 1113.801631][T24449] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4768'. [ 1114.081628][T24453] overlayfs: missing 'lowerdir' [ 1114.204483][T24456] netlink: 'syz.3.4772': attribute type 1 has an invalid length. [ 1114.234360][T24456] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1114.950621][T24463] overlayfs: missing 'lowerdir' [ 1114.975968][T24464] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4773'. [ 1115.072778][T24466] netlink: 'syz.3.4774': attribute type 1 has an invalid length. [ 1115.104157][T24466] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1116.066044][T24480] netlink: 'syz.3.4778': attribute type 9 has an invalid length. [ 1116.242283][T24488] netlink: 'syz.0.4779': attribute type 9 has an invalid length. [ 1116.305589][T24490] fuse: Bad value for 'fd' [ 1116.961920][T24494] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4780'. [ 1117.263928][T24496] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4781'. [ 1117.867735][T24500] overlayfs: missing 'lowerdir' [ 1117.940555][T24501] netlink: 'syz.2.4782': attribute type 1 has an invalid length. [ 1118.934271][T24514] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4785'. [ 1121.032199][T24537] netlink: 'syz.3.4791': attribute type 1 has an invalid length. [ 1121.034570][T24537] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4791'. [ 1121.611205][T24546] overlayfs: missing 'lowerdir' [ 1121.969876][T24548] netlink: 'syz.2.4793': attribute type 1 has an invalid length. [ 1122.214839][T24553] overlayfs: missing 'lowerdir' [ 1122.329550][T24556] netlink: 'syz.0.4795': attribute type 1 has an invalid length. [ 1122.351890][T24556] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1122.449946][T24558] netlink: 'syz.3.4794': attribute type 9 has an invalid length. [ 1122.794102][T24571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4798'. [ 1124.438082][T24590] netlink: 4364 bytes leftover after parsing attributes in process `syz.1.4804'. [ 1124.703590][T24597] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1124.706258][T24597] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 1125.548823][ T6052] usb 8-1: new full-speed USB device number 40 using dummy_hcd [ 1125.691860][T24613] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4808'. [ 1125.711070][ T6052] usb 8-1: config 0 has an invalid interface number: 55 but max is 0 [ 1125.713697][ T6052] usb 8-1: config 0 has no interface number 0 [ 1125.715459][ T6052] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1125.718461][ T6052] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 1125.721690][ T6052] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1125.725932][ T6052] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64 [ 1125.730196][ T6052] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1125.733978][ T6052] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1125.736488][ T6052] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1125.739645][ T6052] usb 8-1: config 0 descriptor?? [ 1125.741599][T24605] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1125.868862][ T6052] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 1125.920582][T24614] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4809'. [ 1126.701311][T24620] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4812'. [ 1127.831587][T24632] netlink: 'syz.2.4814': attribute type 1 has an invalid length. [ 1127.873539][T24635] openvswitch: netlink: VXLAN extension 15883 out of range max 1 [ 1128.265535][T24649] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1128.724366][ T5946] usb 8-1: USB disconnect, device number 40 [ 1128.822524][T24649] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1128.828450][ T5946] ldusb 8-1:0.55: LD USB Device #0 now disconnected [ 1128.985194][T24649] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1129.170436][T24658] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4820'. [ 1129.282836][T24665] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4821'. [ 1129.327407][T24649] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1129.470123][T24649] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20001 - 0 [ 1129.487059][T24649] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20001 - 0 [ 1129.503153][T24649] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20001 - 0 [ 1129.515939][T24649] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20001 - 0 [ 1129.768083][T24667] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4823'. [ 1129.771324][T24667] syz_tun: left promiscuous mode [ 1129.773327][T24667] bridge0: port 1(syz_tun) entered disabled state [ 1130.138909][T24678] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4824'. [ 1130.303605][T24681] fuse: Bad value for 'fd' [ 1130.684819][T24687] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4826'. [ 1132.214113][T24702] netlink: 4364 bytes leftover after parsing attributes in process `syz.3.4830'. [ 1132.448577][T24710] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1132.451462][T24710] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 1132.535202][T24712] netlink: 'syz.1.4840': attribute type 9 has an invalid length. [ 1132.923978][T24714] No buffer was provided with the request [ 1133.518853][T24728] »»»»»»7 speed is unknown, defaulting to 1000 [ 1133.526486][T24720] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4832'. [ 1134.312940][T24750] netlink: 'syz.0.4841': attribute type 9 has an invalid length. [ 1134.441592][T24756] netlink: 'syz.3.4842': attribute type 9 has an invalid length. [ 1134.519064][T24759] fuse: Bad value for 'fd' [ 1135.349344][T24769] : entered promiscuous mode [ 1135.797034][T24772] No buffer was provided with the request [ 1135.829829][T24774] input: syz0 as /devices/virtual/input/input16 [ 1136.399366][T24787] netlink: 'syz.2.4848': attribute type 9 has an invalid length. [ 1136.687102][T24783] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4849'. [ 1137.287836][T24803] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4852'. [ 1137.327338][T24805] ISOFS: Unable to identify CD-ROM format. [ 1137.336464][T24804] No buffer was provided with the request [ 1138.180740][T24822] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4855'. [ 1138.509946][T24828] netlink: 'syz.3.4857': attribute type 9 has an invalid length. [ 1138.699773][T24836] netlink: 'syz.2.4860': attribute type 9 has an invalid length. [ 1138.927302][T24838] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1926430720 (3852861440 ns) > initial count (2369312970 ns). Using initial count to start timer. [ 1139.024916][T24842] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 1139.027245][T24842] PKCS7: Only support pkcs7_signedData type [ 1139.098365][T24844] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4862'. [ 1139.624878][T24852] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4864'. [ 1141.450584][T24872] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4870'. [ 1142.183344][T24882] netlink: 'syz.1.4871': attribute type 9 has an invalid length. [ 1142.811702][T24886] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4873'. [ 1143.180505][T24893] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4874'. [ 1143.310422][ T5946] libceph: connect (1)[c::]:6789 error -101 [ 1143.313038][ T5946] libceph: mon0 (1)[c::]:6789 connect error [ 1143.317358][ T5946] libceph: connect (1)[c::]:6789 error -101 [ 1143.323618][ T5946] libceph: mon0 (1)[c::]:6789 connect error [ 1143.589547][ T5946] libceph: connect (1)[c::]:6789 error -101 [ 1143.589817][ T5946] libceph: mon0 (1)[c::]:6789 connect error [ 1143.715285][T24902] netlink: 'syz.0.4876': attribute type 9 has an invalid length. [ 1143.969568][T24894] ceph: No mds server is up or the cluster is laggy [ 1144.213407][T24913] netlink: 'syz.2.4878': attribute type 9 has an invalid length. [ 1144.455611][ T40] audit: type=1400 audit(2000000205.400:10426): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F [ 1144.506868][T24919] netlink: 'syz.3.4880': attribute type 10 has an invalid length. [ 1144.888795][T24929] netlink: 'syz.1.4882': attribute type 9 has an invalid length. [ 1145.321486][T24933] overlayfs: missing 'lowerdir' [ 1145.404695][T24936] netlink: 'syz.2.4883': attribute type 1 has an invalid length. [ 1146.945350][T24947] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4886'. [ 1147.936406][ T40] audit: type=1804 audit(2000000208.880:10427): pid=24963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4889" name="/newroot/1087/file0" dev="tmpfs" ino=5864 res=1 errno=0 [ 1148.022856][T24963] ref_ctr_offset mismatch. inode: 0x16e8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 1148.048593][T24966] netlink: 'syz.0.4889': attribute type 1 has an invalid length. [ 1148.055577][T24966] netlink: 240 bytes leftover after parsing attributes in process `syz.0.4889'. [ 1148.392334][T24980] netlink: 'syz.2.4892': attribute type 9 has an invalid length. [ 1148.963587][T24984] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4894'. [ 1149.042631][T24988] netlink: 'syz.0.4895': attribute type 1 has an invalid length. [ 1149.045813][T24988] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4895'. [ 1150.229970][T24997] loop6: detected capacity change from 0 to 524287999 [ 1150.233005][ C2] blk_print_req_error: 7 callbacks suppressed [ 1150.233026][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.238977][ C2] buffer_io_error: 7 callbacks suppressed [ 1150.238987][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.252396][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.255819][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.261229][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.264658][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.267751][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.270362][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.279038][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.281918][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.285406][ T40] audit: type=1800 audit(2000000211.230:10428): pid=24998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4897" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1150.290519][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.294674][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.329514][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.333106][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.424079][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.426706][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.429314][T24997] ldm_validate_partition_table(): Disk read failed. [ 1150.435141][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.437803][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.444992][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.448320][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 1150.457600][T24997] Dev loop6: unable to read RDB block 0 [ 1150.471678][T24997] loop6: unable to read partition table [ 1150.475858][T24997] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 1150.961475][T25003] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4898'. [ 1151.131933][ T40] audit: type=1804 audit(2000000212.080:10429): pid=25012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4900" name="file0" dev="tmpfs" ino=7402 res=1 errno=0 [ 1151.348920][ T5987] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 1151.385575][T25018] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 20001 - 0 [ 1151.387947][T25018] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 20001 - 0 [ 1151.390454][T25018] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 20001 - 0 [ 1151.392759][T25018] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 20001 - 0 [ 1151.498978][ T5987] usb 5-1: Using ep0 maxpacket: 8 [ 1151.504200][ T5987] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1151.507687][ T5987] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1151.508410][T25023] overlayfs: missing 'lowerdir' [ 1151.510404][ T5987] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1151.518445][ T5987] usb 5-1: config 0 descriptor?? [ 1151.578361][T25024] netlink: 'syz.1.4903': attribute type 1 has an invalid length. [ 1151.726272][ T5987] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1152.153293][ T6016] usb 5-1: USB disconnect, device number 32 [ 1152.175113][T25014] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4901'. [ 1152.179426][T25014] bond_slave_1: entered promiscuous mode [ 1152.181082][T25014] netlink: 'syz.0.4901': attribute type 2 has an invalid length. [ 1152.243941][T25038] "syz.2.4906" (25038) uses obsolete ecb(arc4) skcipher [ 1153.165673][T25054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4917'. [ 1153.865206][T25065] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4911'. [ 1154.333716][T25059] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4910'. [ 1155.896010][T25091] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4918'. [ 1156.603528][T25103] »»»»»»7 speed is unknown, defaulting to 1000 [ 1156.709657][T25104] 8021q: adding VLAN 0 to HW filter on device  [ 1156.721825][T25104] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1156.979392][T25109] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4922'. [ 1157.582521][T25116] netlink: 'syz.1.4923': attribute type 9 has an invalid length. [ 1159.008502][T25129] macsec0: entered promiscuous mode [ 1159.010207][T25129] macsec0: entered allmulticast mode [ 1159.011713][T25129] veth1_macvtap: entered allmulticast mode [ 1159.240044][T25139] »»»»»»7 speed is unknown, defaulting to 1000 [ 1160.203680][T25159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4932'. [ 1160.521706][T25162] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4934'. [ 1160.651960][T25169] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4936'. [ 1160.769592][T25169]  (unregistering): Released all slaves [ 1161.081710][T25177] 8021q: adding VLAN 0 to HW filter on device bond9 [ 1161.465282][T25179] netlink: 'syz.2.4938': attribute type 9 has an invalid length. [ 1162.030944][T25193] netlink: 'syz.1.4940': attribute type 9 has an invalid length. [ 1162.529740][T25188] "syz.3.4941" (25188) uses obsolete ecb(arc4) skcipher [ 1162.571819][T25197] overlayfs: missing 'lowerdir' [ 1162.609679][T25197] netlink: 'syz.2.4943': attribute type 1 has an invalid length. [ 1163.060163][T25209] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4953'. [ 1163.131254][T25210] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4946'. [ 1163.175696][T25213] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4945'. [ 1163.818901][T14455] usb 5-1: new full-speed USB device number 33 using dummy_hcd [ 1164.011154][T14455] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 1164.011685][T25226] IPVS: Error connecting to the multicast addr [ 1164.013472][T14455] usb 5-1: config 0 has no interface number 0 [ 1164.016808][T14455] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1164.019833][T14455] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 1164.023740][T14455] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1164.026726][T14455] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64 [ 1164.030185][T14455] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1164.033807][T14455] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1164.036415][T14455] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1164.040644][T14455] usb 5-1: config 0 descriptor?? [ 1164.045279][T25215] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1164.055306][T14455] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 1164.974902][T25243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4947'. [ 1165.041758][T25243] SET target dimension over the limit! [ 1165.047535][ T5946] usb 5-1: USB disconnect, device number 33 [ 1165.067424][ T5946] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 1165.218076][T25248] »»»»»»7 speed is unknown, defaulting to 1000 [ 1165.984804][T25256] overlayfs: missing 'lowerdir' [ 1166.004595][T25258] IPVS: Error connecting to the multicast addr [ 1166.135661][T25263] netlink: 'syz.0.4957': attribute type 1 has an invalid length. [ 1166.267052][T25263] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1166.521901][T25271] overlayfs: missing 'lowerdir' [ 1166.579394][T25271] netlink: 'syz.2.4960': attribute type 1 has an invalid length. [ 1167.007145][T25278] overlayfs: missing 'lowerdir' [ 1167.032333][T25278] netlink: 'syz.2.4970': attribute type 1 has an invalid length. [ 1167.258281][T25288] netlink: 'syz.3.4965': attribute type 1 has an invalid length. [ 1167.288706][T25291] overlayfs: failed to clone upperpath [ 1167.308610][T25288] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4965'. [ 1167.649968][T25296] No buffer was provided with the request [ 1167.685504][T25298] overlayfs: missing 'lowerdir' [ 1167.753588][T25299] netlink: 'syz.3.4967': attribute type 1 has an invalid length. [ 1167.780681][T25299] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1167.920042][T25302] overlayfs: missing 'lowerdir' [ 1168.002072][T25305] netlink: 'syz.3.4968': attribute type 1 has an invalid length. [ 1168.105990][T25305] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1168.155360][T25307] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4971'. [ 1168.229323][T25311] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4969'. [ 1168.610352][T25318] overlayfs: missing 'lowerdir' [ 1168.649374][T25318] netlink: 'syz.2.4974': attribute type 1 has an invalid length. [ 1168.679384][ T5946] usb 8-1: new high-speed USB device number 41 using dummy_hcd [ 1168.936141][T25326] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4976'. [ 1168.938916][ T5946] usb 8-1: Using ep0 maxpacket: 8 [ 1168.943155][ T5946] usb 8-1: config 0 has no interfaces? [ 1168.944976][ T5946] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1168.947326][ T5946] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1169.064522][ T5946] usb 8-1: config 0 descriptor?? [ 1169.401827][T25313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1169.417655][T25313] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1169.707665][T12348] usb 8-1: USB disconnect, device number 41 [ 1170.602016][T25348] overlayfs: missing 'lowerdir' [ 1170.608714][T25348] netlink: 'syz.2.4980': attribute type 1 has an invalid length. [ 1170.685195][T25353] »»»»»»7 speed is unknown, defaulting to 1000 [ 1170.720828][T25354] No buffer was provided with the request [ 1170.936880][ T40] audit: type=1326 audit(2000000231.880:10430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1170.944702][ T40] audit: type=1326 audit(2000000231.880:10431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1170.994912][ T40] audit: type=1326 audit(2000000231.940:10432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1171.001064][ T40] audit: type=1326 audit(2000000231.940:10433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf746e5a7 code=0x7ffc0000 [ 1171.007529][ T40] audit: type=1326 audit(2000000231.940:10434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1171.013714][ T40] audit: type=1326 audit(2000000231.940:10435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1171.020156][ T40] audit: type=1326 audit(2000000231.940:10436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf746e5a7 code=0x7ffc0000 [ 1171.026339][ T40] audit: type=1326 audit(2000000231.940:10437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1171.032380][ T40] audit: type=1326 audit(2000000231.940:10438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf746e5a7 code=0x7ffc0000 [ 1171.038553][ T40] audit: type=1326 audit(2000000231.940:10439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25337 comm="syz.1.4979" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1171.109452][T25362] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1171.113985][T25362] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4983'. [ 1171.181650][T25364] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4985'. [ 1171.184095][T25364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4985'. [ 1171.193044][T25366] overlayfs: missing 'lowerdir' [ 1171.206923][T25366] netlink: 'syz.2.4984': attribute type 1 has an invalid length. [ 1171.237705][T25364] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4985'. [ 1171.271967][T25371] »»»»»»7 speed is unknown, defaulting to 1000 [ 1171.451554][T25381] overlayfs: missing 'lowerdir' [ 1171.525800][T25385] netlink: 'syz.0.4990': attribute type 1 has an invalid length. [ 1171.549888][T25385] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1171.664888][T25390] IPVS: Error connecting to the multicast addr [ 1172.508860][ T5946] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 1172.658961][ T5946] usb 5-1: Using ep0 maxpacket: 8 [ 1172.661697][ T5946] usb 5-1: config index 0 descriptor too short (expected 5924, got 36) [ 1172.664002][ T5946] usb 5-1: config 250 has an invalid interface number: 228 but max is -1 [ 1172.666331][ T5946] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 1172.668956][ T5946] usb 5-1: config 250 has no interface number 0 [ 1172.670760][ T5946] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 1172.673948][ T5946] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 1172.676824][ T5946] usb 5-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1172.680617][ T5946] usb 5-1: config 250 interface 228 has no altsetting 0 [ 1172.683771][ T5946] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 1172.686257][ T5946] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 1172.688513][ T5946] usb 5-1: Product: syz [ 1172.689749][ T5946] usb 5-1: SerialNumber: syz [ 1172.695801][ T5946] hub 5-1:250.228: bad descriptor, ignoring hub [ 1172.697706][ T5946] hub 5-1:250.228: probe with driver hub failed with error -5 [ 1173.514161][T25420] netlink: 'syz.3.4999': attribute type 1 has an invalid length. [ 1173.516356][T25420] netlink: 240 bytes leftover after parsing attributes in process `syz.3.4999'. [ 1173.625872][T25422] »»»»»»7 speed is unknown, defaulting to 1000 [ 1173.893152][T25426] netlink: 'syz.1.5001': attribute type 1 has an invalid length. [ 1174.269071][T25432] overlayfs: missing 'lowerdir' [ 1174.281076][T25432] netlink: 'syz.2.5003': attribute type 1 has an invalid length. [ 1174.676630][T25437] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5004'. [ 1175.115201][T25446] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1175.251226][ T5946] usb 5-1: USB disconnect, device number 34 [ 1175.824560][T25461] IPVS: Error connecting to the multicast addr [ 1176.540691][T25478] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5013'. [ 1177.048054][T25484] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5015'. [ 1177.842921][T25498] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5018'. [ 1178.511491][T25516] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5023'. [ 1178.913137][T25527] fuse: Bad value for 'fd' [ 1179.094325][T25512] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5021'. [ 1179.135406][T25512] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5021'. [ 1179.450303][T25531] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5025'. [ 1179.808498][T25544] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5028'. [ 1179.858526][T25543] netlink: 'syz.3.5027': attribute type 1 has an invalid length. [ 1179.912029][T25543] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1181.166061][T25556] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5031'. [ 1181.297416][T25552] cgroup: fork rejected by pids controller in /syz2 [ 1181.713016][T25663] random: crng reseeded on system resumption [ 1181.775080][T25665] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5034'. [ 1182.479017][ T40] kauditd_printk_skb: 154 callbacks suppressed [ 1182.479033][ T40] audit: type=1804 audit(2000000243.410:10594): pid=25686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5036" name="file0" dev="tmpfs" ino=7674 res=1 errno=0 [ 1182.480222][T25690] netlink: 'syz.3.5038': attribute type 1 has an invalid length. [ 1182.505598][T25690] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1182.567563][T25694] No buffer was provided with the request [ 1184.876898][T25720] netlink: 'syz.2.5045': attribute type 9 has an invalid length. [ 1185.580403][T25741] netlink: 'syz.2.5050': attribute type 1 has an invalid length. [ 1185.921322][T25746] »»»»»»7 speed is unknown, defaulting to 1000 [ 1186.017460][T25753] misc userio: Invalid payload size [ 1186.019829][T25753] misc userio: The device must be registered before sending interrupts [ 1186.123355][T25755] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5053'. [ 1186.197496][ T40] audit: type=1804 audit(2000000247.140:10595): pid=25752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5051" name="/newroot/1120/file0" dev="tmpfs" ino=6045 res=1 errno=0 [ 1186.267333][T25758] overlayfs: failed to clone upperpath [ 1186.336747][T25752] netlink: 'syz.0.5051': attribute type 1 has an invalid length. [ 1186.339887][T25752] netlink: 240 bytes leftover after parsing attributes in process `syz.0.5051'. [ 1187.116170][T25766] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 1187.118713][T25766] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1187.122569][T25766] vhci_hcd vhci_hcd.0: Device attached [ 1187.355657][T12348] vhci_hcd: vhci_device speed not set [ 1187.408906][T12348] usb 37-1: new full-speed USB device number 5 using vhci_hcd [ 1187.531465][T25780] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5058'. [ 1187.943470][T25767] vhci_hcd: connection reset by peer [ 1187.945330][ T6245] vhci_hcd: stop threads [ 1187.946555][ T6245] vhci_hcd: release socket [ 1187.948118][ T6245] vhci_hcd: disconnect device [ 1188.138494][T25785] IPVS: Error connecting to the multicast addr [ 1189.060825][T25802] »»»»»»7 speed is unknown, defaulting to 1000 [ 1189.630822][ T40] audit: type=1804 audit(2000000250.580:10596): pid=25811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5065" name="file0" dev="tmpfs" ino=7735 res=1 errno=0 [ 1190.039120][T25824] misc userio: Invalid payload size [ 1190.040979][T25824] misc userio: The device must be registered before sending interrupts [ 1190.241482][T25827] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5068'. [ 1192.488907][T12348] vhci_hcd: vhci_device speed not set [ 1193.059967][T25864] random: crng reseeded on system resumption [ 1193.067254][T25864] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5077'. [ 1193.095620][T25864] usb usb8: usbfs: process 25864 (syz.3.5077) did not claim interface 0 before use [ 1193.139468][T25866] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5076'. [ 1194.260999][T25882] »»»»»»7 speed is unknown, defaulting to 1000 [ 1194.261721][T25887] syzkaller1: entered promiscuous mode [ 1194.264421][T25887] syzkaller1: entered allmulticast mode [ 1194.521237][T25897] netfs: Couldn't get user pages (rc=-14) [ 1195.271346][T25910] 8021q: adding VLAN 0 to HW filter on device bond10 [ 1195.719050][ T40] audit: type=1326 audit(2000000256.660:10597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.725316][ T40] audit: type=1326 audit(2000000256.670:10598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.732659][ T40] audit: type=1326 audit(2000000256.670:10599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.740382][ T40] audit: type=1326 audit(2000000256.670:10600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.748291][ T40] audit: type=1326 audit(2000000256.670:10601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.756042][ T40] audit: type=1326 audit(2000000256.670:10602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.764272][ T40] audit: type=1326 audit(2000000256.670:10603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.771218][ T40] audit: type=1326 audit(2000000256.670:10604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.777914][ T40] audit: type=1326 audit(2000000256.670:10605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1195.784956][ T40] audit: type=1326 audit(2000000256.670:10606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25915 comm="syz.0.5087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1196.072974][T25919] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5089'. [ 1196.076246][T25919] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5089'. [ 1196.199625][T25922] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5089'. [ 1197.578347][T25945] IPVS: Unknown mcast interface: macvlan1 [ 1197.819376][T25951] No buffer was provided with the request [ 1197.859493][ T36] usb 8-1: new full-speed USB device number 42 using dummy_hcd [ 1198.010666][ T36] usb 8-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1198.014544][ T36] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 1198.018673][ T36] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1198.022104][ T36] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1198.024746][ T36] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1198.029766][ T36] usb 8-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 1198.032349][ T36] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1198.034529][ T36] usb 8-1: Product: syz [ 1198.035706][ T36] usb 8-1: Manufacturer: syz [ 1198.037208][ T36] usb 8-1: SerialNumber: syz [ 1198.039805][ T36] usb 8-1: config 0 descriptor?? [ 1198.044616][ T36] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input17 [ 1198.326259][ T36] usb 8-1: USB disconnect, device number 42 [ 1199.733222][T25983] »»»»»»7 speed is unknown, defaulting to 1000 [ 1199.903281][T25988] fuse: Bad value for 'fd' [ 1200.589762][T26000] No buffer was provided with the request [ 1201.936314][T26011] fuse: Bad value for 'rootmode' [ 1202.217152][ T40] kauditd_printk_skb: 290 callbacks suppressed [ 1202.217163][ T40] audit: type=1800 audit(2000000263.160:10897): pid=26014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5110" name="nullb0" dev="tmpfs" ino=5392 res=0 errno=0 [ 1202.266740][T26016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5111'. [ 1202.458648][T26021] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 1202.460511][T26021] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1202.463372][T26021] vhci_hcd vhci_hcd.0: Device attached [ 1202.467743][T26021] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5112'. [ 1202.616850][T26026] /dev/nullb0: Can't lookup blockdev [ 1202.648839][T14455] vhci_hcd: vhci_device speed not set [ 1202.708859][T14455] usb 43-1: new full-speed USB device number 7 using vhci_hcd [ 1202.795137][T26019] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5111'. [ 1203.262892][T26036] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5114'. [ 1203.307052][T26022] vhci_hcd: connection reset by peer [ 1203.310118][ T6251] vhci_hcd: stop threads [ 1203.311791][ T6251] vhci_hcd: release socket [ 1203.313564][ T6251] vhci_hcd: disconnect device [ 1206.444576][T26073] IPVS: Error connecting to the multicast addr [ 1206.805735][T26085] overlayfs: failed to clone upperpath [ 1207.848872][T14455] vhci_hcd: vhci_device speed not set [ 1208.756734][T26110] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5134'. [ 1210.096186][T26127] overlayfs: missing 'lowerdir' [ 1210.270316][T26129] netlink: 'syz.3.5140': attribute type 1 has an invalid length. [ 1210.329441][T26129] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1210.938171][ T40] audit: type=1326 audit(2000000271.880:10898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26145 comm="syz.3.5145" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x0 [ 1210.995503][T26147] No source specified [ 1211.074247][T26150] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5142'. [ 1212.348863][ T6016] usb 8-1: new high-speed USB device number 43 using dummy_hcd [ 1212.500594][ T6016] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1212.503679][ T6016] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1212.506327][ T6016] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1212.509938][ T6016] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1212.512855][ T6016] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1212.550621][ T6016] usb 8-1: config 0 descriptor?? [ 1212.695882][T26174] wireguard0: entered promiscuous mode [ 1212.697513][T26174] wireguard0: entered allmulticast mode [ 1213.233797][ T6016] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x2 [ 1213.236248][ T6016] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 1213.242694][ T6016] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 1213.840686][T26187] overlayfs: missing 'lowerdir' [ 1213.958785][T26190] netlink: 'syz.0.5153': attribute type 1 has an invalid length. [ 1213.997095][T26190] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1214.029293][T26194] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5152'. [ 1214.049232][T26194] SET target dimension over the limit! [ 1214.254622][T26196] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5154'. [ 1214.937232][ T5946] usb 8-1: USB disconnect, device number 43 [ 1215.232920][T26206] overlayfs: missing 'lowerdir' [ 1215.344860][T26210] netlink: 'syz.3.5157': attribute type 1 has an invalid length. [ 1215.362352][T26210] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1216.854160][T26230] overlayfs: missing 'lowerdir' [ 1216.874762][T26221] Invalid ELF header type: 3 != 1 [ 1217.023348][T26232] netlink: 'syz.0.5163': attribute type 1 has an invalid length. [ 1217.041168][T26232] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1217.265853][T26237] fuse: Bad value for 'rootmode' [ 1217.611343][ T40] audit: type=1800 audit(2000000278.560:10899): pid=26243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.5164" name="nullb0" dev="tmpfs" ino=421 res=0 errno=0 [ 1218.117832][T26253] netlink: 'syz.0.5167': attribute type 11 has an invalid length. [ 1219.148990][T26268] netlink: 'syz.1.5170': attribute type 2 has an invalid length. [ 1220.092919][ T40] audit: type=1326 audit(2000000281.040:10900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.099774][ T40] audit: type=1326 audit(2000000281.040:10901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.106121][ T40] audit: type=1326 audit(2000000281.040:10902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.112384][ T40] audit: type=1326 audit(2000000281.040:10903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf746e5a7 code=0x7ffc0000 [ 1220.118432][ T40] audit: type=1326 audit(2000000281.040:10904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.124761][ T40] audit: type=1326 audit(2000000281.040:10905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.131021][ T40] audit: type=1326 audit(2000000281.040:10906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.137129][ T40] audit: type=1326 audit(2000000281.040:10907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.144894][ T40] audit: type=1326 audit(2000000281.040:10908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26278 comm="syz.1.5174" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1220.153348][T26283] overlayfs: missing 'lowerdir' [ 1220.298591][T26283] netlink: 'syz.2.5176': attribute type 1 has an invalid length. [ 1220.434769][T26291] netlink: 'syz.0.5175': attribute type 9 has an invalid length. [ 1220.442183][T26291] fuse: Bad value for 'fd' [ 1220.686838][T26293] overlayfs: missing 'lowerdir' [ 1220.836619][T26295] netlink: 'syz.3.5177': attribute type 1 has an invalid length. [ 1220.859238][T26295] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1221.026559][T26300] IPVS: Error connecting to the multicast addr [ 1221.247591][T26306] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5178'. [ 1222.725728][T26325] netlink: 'syz.3.5181': attribute type 9 has an invalid length. [ 1222.981363][T26327] /dev/nbd1: Can't lookup blockdev [ 1223.381964][T26334] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1223.647507][T26440] 9pnet_fd: Insufficient options for proto=fd [ 1223.684754][T26443] overlayfs: missing 'lowerdir' [ 1223.773367][T26445] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5185'. [ 1223.784866][T26444] netlink: 'syz.1.5187': attribute type 1 has an invalid length. [ 1225.828909][T26521] netlink: 'syz.1.5193': attribute type 1 has an invalid length. [ 1226.659836][T26685] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5197'. [ 1226.834887][T26693] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5198'. [ 1228.032254][T26714] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5204'. [ 1228.335222][T26724] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5207'. [ 1228.370513][T26723] netlink: 'syz.0.5206': attribute type 9 has an invalid length. [ 1229.542701][T26740] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5210'. [ 1230.115682][T26852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5213'. [ 1230.772062][T24683] page_pool_release_retry() stalled pool shutdown: id 40, 1 inflight 60 sec [ 1231.298882][T26970] 9pnet_fd: Insufficient options for proto=fd [ 1231.304256][T26970] overlayfs: conflicting options: verity=on,redirect_dir=follow [ 1231.613848][T26979] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5219'. [ 1232.440575][T26998] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5222'. [ 1232.790990][T27000] netlink: 'syz.1.5225': attribute type 2 has an invalid length. [ 1234.036061][T27019] veth1_macvtap: left allmulticast mode [ 1234.652010][T27031] netlink: 'syz.3.5230': attribute type 9 has an invalid length. [ 1234.849378][T27034] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5227'. [ 1235.174040][T27039] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5232'. [ 1235.616383][T27043] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5241'. [ 1236.379307][ T40] kauditd_printk_skb: 266 callbacks suppressed [ 1236.379319][ T40] audit: type=1326 audit(2000000297.320:11175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.387115][ T40] audit: type=1326 audit(2000000297.320:11176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.393309][ T40] audit: type=1326 audit(2000000297.330:11177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.399577][ T40] audit: type=1326 audit(2000000297.330:11178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.405650][ T40] audit: type=1326 audit(2000000297.330:11179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.412022][ T40] audit: type=1326 audit(2000000297.330:11180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.421015][ T40] audit: type=1326 audit(2000000297.330:11181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.429275][ T40] audit: type=1326 audit(2000000297.330:11182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.436459][ T40] audit: type=1326 audit(2000000297.330:11183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1236.442537][ T40] audit: type=1326 audit(2000000297.330:11184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27051 comm="syz.0.5235" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 1237.236951][T27061] /dev/nbd1: Can't lookup blockdev [ 1237.313787][T27068] overlayfs: missing 'lowerdir' [ 1237.467063][T27072] netlink: 'syz.0.5239': attribute type 1 has an invalid length. [ 1237.483066][T27072] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1239.229889][T27097] syz.3.5247: attempt to access beyond end of device [ 1239.229889][T27097] nbd3: rw=4096, sector=0, nr_sectors = 2 limit=0 [ 1239.236660][T27097] XFS (nbd3): SB validate failed with error -5. [ 1239.264901][T27108] 9pnet_fd: Insufficient options for proto=fd [ 1239.476077][T27111] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5248'. [ 1239.808325][T27122] overlayfs: missing 'lowerdir' [ 1239.884753][T27125] netlink: 'syz.1.5253': attribute type 1 has an invalid length. [ 1239.957269][T27124] netlink: 'syz.3.5251': attribute type 9 has an invalid length. [ 1241.584978][T27252] overlayfs: missing 'lowerdir' [ 1241.694382][T27254] netlink: 'syz.0.5260': attribute type 1 has an invalid length. [ 1241.721998][T27254] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1242.177092][T27259] IPv6: NLM_F_CREATE should be specified when creating new route [ 1242.280577][T27257] veth1_macvtap: left allmulticast mode [ 1242.614411][T27271] netlink: 'syz.1.5263': attribute type 2 has an invalid length. [ 1242.894622][T27266] orangefs_mount: mount request failed with -4 [ 1243.848553][T27387] netlink: 'syz.1.5267': attribute type 9 has an invalid length. [ 1243.876317][T27387] fuse: Unknown parameter 'g4¤Åæroup_id' [ 1244.645546][T27401] overlayfs: missing 'lowerdir' [ 1245.166537][T27408] netlink: 'syz.0.5273': attribute type 1 has an invalid length. [ 1245.233267][T27408] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1245.871298][T27531] netlink: 'syz.0.5275': attribute type 2 has an invalid length. [ 1246.318934][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 1246.318954][ T40] audit: type=1326 audit(2000000307.180:11210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.335587][ T40] audit: type=1326 audit(2000000307.180:11211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.343957][ T40] audit: type=1326 audit(2000000307.190:11212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.352686][ T40] audit: type=1326 audit(2000000307.190:11213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.362795][ T40] audit: type=1326 audit(2000000307.190:11214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.374550][ T40] audit: type=1326 audit(2000000307.190:11215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.382479][ T40] audit: type=1326 audit(2000000307.190:11216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.390727][ T40] audit: type=1326 audit(2000000307.190:11217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.398359][ T40] audit: type=1326 audit(2000000307.190:11218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1246.405944][ T40] audit: type=1326 audit(2000000307.190:11219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27532 comm="syz.2.5280" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1247.099061][T27539] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 1247.117489][T27547] overlayfs: missing 'lowerdir' [ 1247.180035][T27539] /dev/sr0: Can't open blockdev [ 1247.195938][T27549] netlink: 'syz.1.5284': attribute type 1 has an invalid length. [ 1247.746274][T27654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5285'. [ 1248.000124][T27656] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5287'. [ 1249.178963][T27678] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5290'. [ 1249.439548][T27694] netlink: 'syz.3.5295': attribute type 1 has an invalid length. [ 1249.489937][T27694] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1249.867996][T27699] No buffer was provided with the request [ 1250.478795][ T36] usb 8-1: new high-speed USB device number 44 using dummy_hcd [ 1250.658882][ T36] usb 8-1: Using ep0 maxpacket: 8 [ 1250.662740][ T36] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1250.666370][ T36] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1250.669954][ T36] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1250.673519][ T36] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1250.678166][ T36] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1250.681726][ T36] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1250.716536][T27817] netlink: 'syz.2.5300': attribute type 1 has an invalid length. [ 1250.850792][T27821] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5302'. [ 1250.922762][ T36] usb 8-1: GET_CAPABILITIES returned 0 [ 1250.928889][ T36] usbtmc 8-1:16.0: can't read capabilities [ 1251.129890][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.135474][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.138914][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.143016][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.146355][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.149617][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.152982][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.156397][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.159686][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.163019][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.166693][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.170010][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.173314][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.176581][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.179871][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.183152][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1251.194270][T27703] usb 8-1: USB disconnect, device number 44 [ 1252.865960][T28060] netlink: 'syz.0.5308': attribute type 9 has an invalid length. [ 1253.010689][T28067] netlink: 'syz.3.5311': attribute type 4 has an invalid length. [ 1253.520220][T28273] IPVS: length: 146 != 8 [ 1253.616659][T28276] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5316'. [ 1253.939202][T28300] netlink: 'syz.3.5317': attribute type 1 has an invalid length. [ 1253.981256][T28300] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1254.892567][T28495] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5321'. [ 1256.857713][T28528] overlayfs: missing 'lowerdir' [ 1256.975864][T28529] netlink: 'syz.2.5328': attribute type 1 has an invalid length. [ 1257.671736][T28530] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5329'. [ 1257.832310][T28536] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 1258.348492][T28653] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5336'. [ 1258.351861][T28653] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5336'. [ 1258.416329][T28657] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5336'. [ 1259.603399][T28673] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5340'. [ 1260.135332][T28678] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5341'. [ 1260.153238][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 1260.153253][ T40] audit: type=1326 audit(2000000321.100:11245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.167555][ T40] audit: type=1326 audit(2000000321.100:11246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.176292][ T40] audit: type=1326 audit(2000000321.100:11247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.184919][ T40] audit: type=1326 audit(2000000321.100:11248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.191980][ T40] audit: type=1326 audit(2000000321.100:11249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.200242][ T40] audit: type=1326 audit(2000000321.100:11250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.208399][ T40] audit: type=1326 audit(2000000321.100:11251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.215371][ T40] audit: type=1326 audit(2000000321.100:11252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.223870][ T40] audit: type=1326 audit(2000000321.110:11253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.233446][ T40] audit: type=1326 audit(2000000321.110:11254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28688 comm="syz.2.5344" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1260.500967][T28704] netlink: 'syz.0.5348': attribute type 1 has an invalid length. [ 1260.963728][T28704] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1261.098166][T28809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5349'. [ 1262.298457][T28820] netlink: 'syz.2.5352': attribute type 11 has an invalid length. [ 1262.310720][T28819] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5351'. [ 1264.180993][T29041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5356'. [ 1266.647522][T29888] netlink: 'syz.3.5373': attribute type 8 has an invalid length. [ 1266.795213][T29464] syz.2.5366 (29464) used greatest stack depth: 18928 bytes left [ 1266.807662][T29998] netlink: 'syz.3.5378': attribute type 1 has an invalid length. [ 1266.810604][T29998] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5378'. [ 1266.873289][T30000] bad cache= option: none [ 1266.873289][T30000] [ 1266.876785][T30000] CIFS: VFS: bad cache= option: none [ 1267.860264][T30112] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5381'. [ 1269.200939][T30138] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5387'. [ 1269.208849][T30140] overlayfs: failed to clone upperpath [ 1269.741544][T30146] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 1269.797863][ T40] kauditd_printk_skb: 52 callbacks suppressed [ 1269.797874][ T40] audit: type=1800 audit(2000000330.740:11307): pid=30255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5392" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0 [ 1271.873211][T30265] »»»»»»7 speed is unknown, defaulting to 1000 [ 1272.055190][T30382] overlayfs: missing 'lowerdir' [ 1272.075636][T30377] random: crng reseeded on system resumption [ 1272.116650][T30384] netlink: 'syz.0.5400': attribute type 1 has an invalid length. [ 1272.139874][T30384] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1272.226547][T30387] XFS (nullb0): Invalid superblock magic number [ 1272.273694][T30393] »»»»»»7 speed is unknown, defaulting to 1000 [ 1274.655519][T30535] netlink: 'syz.2.5412': attribute type 1 has an invalid length. [ 1275.435233][T30644] »»»»»»7 speed is unknown, defaulting to 1000 [ 1275.441009][T30641] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5414'. [ 1275.470907][T30650] team0: Mode changed to "loadbalance" [ 1275.529664][T30650] vlan0: entered promiscuous mode [ 1275.532161][T30650] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5416'. [ 1275.640755][T30650] tipc: Disabling bearer [ 1275.954807][T30659] ufs: You didn't specify the type of your ufs filesystem [ 1275.954807][T30659] [ 1275.954807][T30659] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 1275.954807][T30659] [ 1275.954807][T30659] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 1275.964700][T30659] ufs: ufstype=old is supported read-only [ 1275.978691][T30659] ufs: ufs_fill_super(): bad magic number [ 1276.268186][T14455] Process accounting resumed [ 1276.269886][T30767] overlayfs: missing 'lowerdir' [ 1276.275262][ T40] audit: type=1326 audit(2000000337.220:11308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.282806][ T40] audit: type=1326 audit(2000000337.220:11309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.290708][ T40] audit: type=1326 audit(2000000337.230:11310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=287 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.305334][ T40] audit: type=1326 audit(2000000337.230:11311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.315212][ T40] audit: type=1326 audit(2000000337.230:11312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.323800][ T40] audit: type=1326 audit(2000000337.230:11313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.333158][ T40] audit: type=1326 audit(2000000337.230:11314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.344766][ T40] audit: type=1326 audit(2000000337.230:11315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.353360][ T40] audit: type=1326 audit(2000000337.230:11316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.370266][T30771] netlink: 'syz.1.5422': attribute type 1 has an invalid length. [ 1276.373647][ T40] audit: type=1326 audit(2000000337.230:11317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30764 comm="syz.2.5421" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1276.863223][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.863223][T30778] nbd0: rw=0, sector=64, nr_sectors = 1 limit=0 [ 1276.872544][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.872544][T30778] nbd0: rw=0, sector=256, nr_sectors = 1 limit=0 [ 1276.876265][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 1276.883522][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.883522][T30778] nbd0: rw=0, sector=512, nr_sectors = 1 limit=0 [ 1276.888290][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 1276.895573][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.895573][T30778] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 1276.902907][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.902907][T30778] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0 [ 1276.907699][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 1276.950822][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.950822][T30778] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 1276.955797][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 1276.962900][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.962900][T30778] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0 [ 1276.966840][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.966840][T30778] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 1276.971034][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 1276.973819][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.973819][T30778] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 1276.977588][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 1276.983746][T30778] syz.0.5424: attempt to access beyond end of device [ 1276.983746][T30778] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 1276.988162][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 1276.991121][T30778] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 1276.993741][T30778] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 1277.187932][T30783] nvme_fabrics: missing parameter 'transport=%s' [ 1277.190152][T30783] nvme_fabrics: missing parameter 'nqn=%s' [ 1277.408086][T30793] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5427'. [ 1277.844403][T30895] netlink: 'syz.0.5429': attribute type 27 has an invalid length. [ 1278.127435][T30901] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5431'. [ 1278.146204][T30901] kAFS: No cell specified [ 1278.331219][T30914] overlayfs: missing 'lowerdir' [ 1278.408312][T30915] netlink: 'syz.1.5433': attribute type 1 has an invalid length. [ 1279.205169][T14455] Process accounting resumed [ 1279.541459][T31036] loop6: detected capacity change from 0 to 524287999 [ 1280.436207][T31042] netlink: 'syz.1.5440': attribute type 9 has an invalid length. [ 1280.542062][T31050] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5441'. [ 1280.544570][T31050] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5441'. [ 1281.529254][T31161] No buffer was provided with the request [ 1281.567261][T31163] overlayfs: missing 'lowerdir' [ 1281.657363][T31166] netlink: 'syz.2.5445': attribute type 1 has an invalid length. [ 1282.051890][T31277] No buffer was provided with the request [ 1282.128935][T31279] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5447'. [ 1283.225063][T31391] overlayfs: missing 'lowerdir' [ 1283.251567][T31391] netlink: 'syz.1.5453': attribute type 1 has an invalid length. [ 1283.980249][T31612] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5457'. [ 1284.738131][T31621] overlayfs: missing 'lowerdir' [ 1284.839038][T31623] netlink: 'syz.2.5460': attribute type 1 has an invalid length. [ 1285.033666][T31632] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5462'. [ 1285.037186][T31632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5462'. [ 1285.681974][T31746] »»»»»»7 speed is unknown, defaulting to 1000 [ 1285.720200][T31748] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.5465'. [ 1285.722868][T31748] openvswitch: netlink: Message has 44053 unknown bytes. [ 1286.231637][T31962] 9pnet_fd: Insufficient options for proto=fd [ 1286.756010][T31971] 9pnet_virtio: no channels available for device ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 1287.206740][T31985] »»»»»»7 speed is unknown, defaulting to 1000 [ 1287.526228][T31993] No buffer was provided with the request [ 1288.071517][T32104] overlayfs: failed to clone lowerpath [ 1288.077431][T32104] overlayfs: missing 'lowerdir' [ 1288.318441][T32108] tipc: Enabling of bearer rejected, already enabled [ 1288.512810][T32152] netlink: 9 bytes leftover after parsing attributes in process `syz.0.5488'. [ 1288.515944][T32152] 0·: renamed from hsr0 [ 1288.518116][T32152] 0·: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1288.521174][T32152] 0·: entered allmulticast mode [ 1288.522641][T32152] hsr_slave_0: entered allmulticast mode [ 1288.524976][T32152] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 1288.875915][T32218] overlayfs: missing 'lowerdir' [ 1288.898388][T32218] netlink: 'syz.1.5490': attribute type 1 has an invalid length. [ 1289.129243][T32325] siw: device registration error -23 [ 1289.162013][T32326] "syz.1.5491" (32326) uses obsolete ecb(arc4) skcipher [ 1289.229372][T32320] cgroup: fork rejected by pids controller in /syz1 [ 1289.839826][T32544] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5497'. [ 1290.089339][T32549] overlayfs: missing 'lowerdir' [ 1290.116145][T32549] netlink: 'syz.2.5499': attribute type 1 has an invalid length. [ 1290.172867][T32550] "syz.1.5498" (32550) uses obsolete ecb(arc4) skcipher [ 1290.335076][T32660] smc: ib device syz0 ibport 1 applied user defined pnetid SYZ1 [ 1290.555775][ T309] 9pnet_virtio: no channels available for device ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 1291.216118][ T5946] page_pool_release_retry() stalled pool shutdown: id 40, 1 inflight 121 sec [ 1291.703002][ T737] 9pnet_fd: Insufficient options for proto=fd [ 1291.969068][T14455] usb 5-1: new full-speed USB device number 35 using dummy_hcd [ 1292.033254][ T853] netlink: 'syz.3.5523': attribute type 9 has an invalid length. [ 1292.045170][ T853] fuse: Unknown parameter 'group_i00000000000000000000' [ 1292.130135][T14455] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 1292.132491][T14455] usb 5-1: config 0 has no interface number 0 [ 1292.134740][T14455] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1292.138010][T14455] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 1292.148776][T14455] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1292.152479][T14455] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64 [ 1292.155829][T14455] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1292.160034][T14455] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1292.162678][T14455] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1292.169280][T14455] usb 5-1: config 0 descriptor?? [ 1292.171565][ T737] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1292.176972][T14455] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 1292.395517][ T737] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5520'. [ 1292.505443][ T737] SET target dimension over the limit! [ 1292.532185][ T5946] usb 5-1: USB disconnect, device number 35 [ 1292.536172][ T5946] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 1292.624196][ T1089] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5529'. [ 1293.002110][ T1216] netlink: 'syz.2.5534': attribute type 1 has an invalid length. [ 1293.042285][ T1216] bond2: (slave gretap2): making interface the new active one [ 1293.046411][ T1216] bond2: (slave gretap2): Enslaving as an active interface with an up link [ 1293.342186][ T1338] overlayfs: missing 'lowerdir' [ 1293.469279][ T1342] netlink: 'syz.1.5542': attribute type 1 has an invalid length. [ 1293.609617][ T1450] overlayfs: missing 'lowerdir' [ 1293.631261][ T1450] netlink: 'syz.2.5543': attribute type 1 has an invalid length. [ 1293.823135][ T1457] overlayfs: missing 'lowerdir' [ 1294.851947][ T1790] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5555'. [ 1295.247438][ T1895] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1295.337217][ T1895] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1295.413890][ T1895] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1295.540133][ T1895] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 1295.646667][ T1895] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20001 - 0 [ 1295.655174][ T1895] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20001 - 0 [ 1295.673996][ T1895] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20001 - 0 [ 1295.702874][ T1895] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20001 - 0 [ 1295.930405][ T2113] netlink: 'syz.0.5568': attribute type 9 has an invalid length. [ 1295.935388][ T2113] fuse: Unknown parameter 'group_id00000000000000000000' [ 1296.685207][ T2237] overlayfs: missing 'lowerdir' [ 1296.789392][ T2339] netlink: 'syz.3.5579': attribute type 1 has an invalid length. [ 1296.850791][ T2339] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1297.380385][ T2696] overlayfs: missing 'lowerdir' [ 1297.620810][ T2830] No buffer was provided with the request [ 1297.810139][ T2968] overlayfs: missing 'lowerdir' [ 1298.008056][ T3109] SET target dimension over the limit! [ 1298.038363][ T40] kauditd_printk_skb: 71 callbacks suppressed [ 1298.038374][ T40] audit: type=1326 audit(2000000358.980:11389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3152 comm="syz.2.5607" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1298.046360][ T40] audit: type=1326 audit(2000000358.990:11390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3152 comm="syz.2.5607" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1298.052644][ T40] audit: type=1326 audit(2000000359.000:11391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3152 comm="syz.2.5607" exe="/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1298.068791][ T40] audit: type=1326 audit(2000000359.000:11392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3152 comm="syz.2.5607" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1298.075132][ T40] audit: type=1326 audit(2000000359.000:11393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3152 comm="syz.2.5607" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7ffc0000 [ 1298.567332][ T3428] No buffer was provided with the request [ 1298.927096][ T3670] »»»»»»7 speed is unknown, defaulting to 1000 [ 1299.231441][ T3755] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1299.271603][ T3762] netlink: 'syz.0.5643': attribute type 9 has an invalid length. [ 1299.400850][ T3808] overlayfs: missing 'lowerdir' [ 1299.410138][ T3810] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5652'. [ 1299.542559][ T3906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5659'. [ 1299.551128][ T3914] overlayfs: missing 'lowerdir' [ 1299.581999][ T3926] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.5661'. [ 1299.702541][ T3934] netlink: 'syz.3.5658': attribute type 1 has an invalid length. [ 1299.735500][ T3934] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1299.878186][ T4048] overlayfs: missing 'lowerdir' [ 1300.283212][ T4263] veth1_macvtap: mtu greater than device maximum [ 1300.437544][ T4283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5687'. [ 1300.462980][ T4287] overlayfs: missing 'lowerdir' [ 1300.617818][ T4401] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5695'. [ 1300.669073][ T4308] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1300.904954][ T4521] overlayfs: missing 'lowerdir' [ 1300.983156][ T4568] netlink: 'syz.1.5705': attribute type 4 has an invalid length. [ 1301.047376][ T4628] overlayfs: missing 'lowerdir' [ 1301.750778][ T4929] overlayfs: missing 'lowerdir' [ 1301.861179][ T4949] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5716'. [ 1301.958494][ T4946] netlink: 'syz.1.5715': attribute type 1 has an invalid length. [ 1301.982924][ T4950] netlink: 'syz.3.5714': attribute type 9 has an invalid length. [ 1302.204543][ T4977] overlayfs: missing 'lowerdir' [ 1302.330099][ T5073] netlink: 'syz.0.5723': attribute type 1 has an invalid length. [ 1302.348859][ T5076] netlink: 'syz.2.5725': attribute type 8 has an invalid length. [ 1302.373134][ T5073] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1303.016724][ T5410] overlayfs: missing 'lowerdir' [ 1303.523035][ T5745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5754'. [ 1303.646382][ T5763] overlayfs: missing 'lowerdir' [ 1303.672816][ T5765] No buffer was provided with the request [ 1303.759077][ T5770] netlink: 'syz.1.5765': attribute type 1 has an invalid length. [ 1304.534748][ T6149] overlayfs: missing 'lowerdir' [ 1304.945403][ T6153] netlink: 'syz.0.5779': attribute type 1 has an invalid length. [ 1304.980133][ T6153] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1305.357078][ T6305] netlink: 'syz.3.5785': attribute type 9 has an invalid length. [ 1305.375491][ T6305] fuse: Bad value for 'user_id' [ 1305.377123][ T6305] fuse: Bad value for 'user_id' [ 1305.447258][ T6381] overlayfs: missing 'lowerdir' [ 1305.853158][ T6491] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5789'. [ 1306.295690][ T6603] overlayfs: missing 'lowerdir' [ 1306.733333][ T6732] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5800'. [ 1307.165525][ T6854] tipc: Enabling of bearer rejected, failed to enable media [ 1307.384098][ T6858] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000 [ 1307.620237][ T6862] netlink: 'syz.0.5819': attribute type 9 has an invalid length. [ 1307.723444][ T6867] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5820'. [ 1308.178951][ T6900] No buffer was provided with the request [ 1308.954044][ T7015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5841'. [ 1309.232345][ T7123] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5842'. [ 1309.558424][ T7241] overlayfs: missing 'lowerdir' [ 1309.937465][ T7452] »»»»»»7 speed is unknown, defaulting to 1000 [ 1309.970329][ T7456] overlayfs: missing 'lowerdir' [ 1310.123389][ T7569] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5861'. [ 1310.133585][ T7572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5864'. [ 1310.208165][ T7577] No buffer was provided with the request [ 1310.498519][ T7688] overlayfs: missing 'lowerdir' [ 1310.719691][ T7790] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1310.818256][ T7797] overlayfs: missing 'lowerdir' [ 1310.992128][ T7801] overlayfs: missing 'lowerdir' [ 1311.070999][ T7806] netlink: 830 bytes leftover after parsing attributes in process `syz.2.5877'. [ 1311.124323][ T7807] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5876'. [ 1311.228110][ T7807] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1311.941014][ T8034] netem: incorrect ge model size [ 1311.948193][ T8034] netem: change failed [ 1311.962827][ T8036] netlink: del zone limit has 4 unknown bytes [ 1311.994819][ T8039] tipc: Enabled bearer , priority 22 [ 1311.998313][ T8040] sch_fq: defrate 113 ignored. [ 1312.078234][ T8052] overlayfs: missing 'lowerdir' [ 1312.113294][ T8054] overlayfs: missing 'lowerdir' [ 1312.160316][ T8056] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5894'. [ 1312.397842][ T40] audit: type=1326 audit(2000000373.340:11394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.405768][ T40] audit: type=1326 audit(2000000373.350:11395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.413093][ T40] audit: type=1326 audit(2000000373.360:11396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.419207][ T40] audit: type=1326 audit(2000000373.370:11397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.425808][ T40] audit: type=1326 audit(2000000373.370:11398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.435268][ T40] audit: type=1326 audit(2000000373.370:11399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.441320][ T40] audit: type=1326 audit(2000000373.370:11400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.447375][ T40] audit: type=1326 audit(2000000373.370:11401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.458710][ T40] audit: type=1326 audit(2000000373.380:11402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.467560][ T40] audit: type=1326 audit(2000000373.380:11403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.1.5904" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 1312.568053][ T8395] overlayfs: missing 'lowerdir' [ 1313.229433][ T8719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5918'. [ 1313.295500][ T8792] overlayfs: missing 'lowerdir' [ 1313.446576][ T8830] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1313.808799][T14455] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 1313.958807][T14455] usb 5-1: Using ep0 maxpacket: 8 [ 1313.961647][T14455] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 1313.964043][T14455] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 1313.967124][T14455] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1313.970883][T14455] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1313.973449][T14455] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1313.990886][T14455] usbtmc 5-1:16.0: bulk endpoints not found [ 1314.311840][ T9055] overlayfs: missing 'lowerdir' [ 1315.439003][ T9273] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5939'. [ 1315.602254][ T9281] netlink: 'syz.1.5942': attribute type 29 has an invalid length. [ 1315.605291][ T9281] netlink: 'syz.1.5942': attribute type 29 has an invalid length. [ 1315.608353][ T9281] netlink: 'syz.1.5942': attribute type 29 has an invalid length. [ 1316.583760][T14455] usb 5-1: USB disconnect, device number 36 [ 1316.626151][ T9639] tipc: Enabled bearer , priority 10 [ 1316.860472][ T9860] overlayfs: missing 'lowerdir' [ 1316.921142][ T9863] netlink: 'syz.0.5964': attribute type 9 has an invalid length. [ 1316.932216][ T9863] fuse: Unknown parameter 'grou00000000000000000000' [ 1317.122926][ T9978] netlink: 'syz.1.5977': attribute type 3 has an invalid length. [ 1317.125145][ T9978] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.5977'. [ 1317.404418][T10103] No buffer was provided with the request [ 1317.581067][T10220] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5994'. [ 1317.805345][T10326] netlink: 92 bytes leftover after parsing attributes in process `syz.2.5996'. [ 1317.811381][T10326] netlink: 92 bytes leftover after parsing attributes in process `syz.2.5996'. [ 1318.179140][T10541] overlayfs: missing 'lowerdir' [ 1318.255756][T10544] netlink: 'syz.1.6002': attribute type 9 has an invalid length. [ 1318.287983][T10613] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6001'. [ 1318.319968][T10613] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1318.322675][T10648] overlayfs: missing 'lowerdir' [ 1319.471543][T11423] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6022'. [ 1319.561521][T11508] overlayfs: missing 'lowerdir' [ 1319.673878][T11511] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1320.065264][T11641] overlayfs: missing 'lowerdir' [ 1320.244340][T11745] overlayfs: missing 'lowerdir' [ 1320.376506][T11749] netlink: 'syz.3.6043': attribute type 1 has an invalid length. [ 1320.399934][T11749] cgroup: fork rejected by pids controller in /syz3 [ 1320.433747][T11749] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1320.840412][T11972] overlayfs: missing 'lowerdir' [ 1321.046412][T12176] netlink: 'syz.0.6050': attribute type 9 has an invalid length. [ 1321.051968][T12176] fuse: Bad value for 'user_id' [ 1321.053750][T12176] fuse: Bad value for 'user_id' [ 1321.380965][T12317] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6058'. [ 1322.762940][T13376] overlayfs: missing 'lowerdir' [ 1322.967201][T13492] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6088'. [ 1323.040066][T13498] overlayfs: missing 'lowerdir' [ 1323.071035][T13500] overlayfs: missing 'lowerdir' [ 1323.745544][T13738] overlayfs: missing 'lowerdir' [ 1323.882781][T13843] netlink: 'syz.3.6111': attribute type 1 has an invalid length. [ 1323.960320][T13843] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1324.366040][T14271] netlink: 'syz.0.6127': attribute type 9 has an invalid length. [ 1324.398642][T14271] fuse: Bad value for 'user_id' [ 1324.400423][T14271] fuse: Bad value for 'user_id' [ 1325.193458][T14807] »»»»»»7 speed is unknown, defaulting to 1000 [ 1326.214836][T15144] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6150'. [ 1327.004198][T15663] No buffer was provided with the request [ 1327.252638][T15784] overlayfs: missing 'lowerdir' [ 1327.370399][T15880] netlink: 'syz.0.6171': attribute type 1 has an invalid length. [ 1327.393341][T15880] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1327.776852][T16295] overlayfs: missing 'lowerdir' [ 1327.918770][T16406] libceph: resolve '400' (ret=-3): failed [ 1328.012931][T16401] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1328.542763][T16937] overlayfs: missing 'lowerdir' [ 1328.880946][T17147] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6198'. [ 1329.111276][T17273] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6212'. [ 1329.176316][T17280] overlayfs: failed to clone upperpath [ 1329.772506][T17400] netlink: 100 bytes leftover after parsing attributes in process `syz.1.6223'. [ 1329.775999][T17400] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6223'. [ 1330.162517][T17507] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6227'. [ 1330.298466][T17715] overlayfs: missing 'lowerdir' [ 1330.883030][T18334] overlayfs: missing 'lowerdir' [ 1330.934530][T18346] overlayfs: failed to clone upperpath [ 1331.036297][T18454] overlayfs: missing 'lowerdir' [ 1331.504676][T18888] overlayfs: missing 'lowerdir' [ 1332.631461][T19331] No buffer was provided with the request [ 1333.439964][T19926] netlink: 750 bytes leftover after parsing attributes in process `syz.3.6281'. [ 1333.512291][T19969] overlayfs: missing 'lowerdir' [ 1333.553836][T19971] netlink: 'syz.0.6278': attribute type 9 has an invalid length. [ 1333.567018][T19975] No buffer was provided with the request [ 1333.575499][T19971] fuse: Bad value for 'fd' [ 1333.593581][T19976] Process accounting resumed [ 1333.675178][T20081] overlayfs: missing 'lowerdir' [ 1334.127951][T20500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6297'. [ 1334.469459][T20620] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4234274794 (67748396704 ns) > initial count (26801589552 ns). Using initial count to start timer. [ 1334.617802][T20722] overlayfs: missing 'lowerdir' [ 1335.682053][T21047] overlayfs: missing 'lowerdir' [ 1335.810014][T21052] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6315'. [ 1336.178945][ T5946] page_pool_release_retry() stalled pool shutdown: id 41, 51 inflight 60 sec [ 1336.265544][T21577] overlayfs: missing 'lowerdir' [ 1336.291222][T21579] Process accounting resumed [ 1336.401885][T21683] overlayfs: missing 'lowerdir' [ 1336.540773][T21793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6332'. [ 1336.577727][T21793] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1337.201110][T21906] overlayfs: missing 'lowerdir' [ 1337.331503][T22011] No buffer was provided with the request [ 1337.620776][T22227] overlayfs: missing 'lowerdir' [ 1337.850643][T22439] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6351'. [ 1338.020873][T22439] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1338.165475][T22666] overlayfs: missing 'lowerdir' [ 1338.409574][T22879] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6369'. [ 1338.707949][T22997] overlayfs: missing 'lowerdir' [ 1339.219643][T23320] overlayfs: failed to clone upperpath [ 1339.522673][T23433] overlayfs: missing 'lowerdir' [ 1339.645669][T23537] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6391'. [ 1339.689680][T23537] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 1340.819436][T24001] overlayfs: missing 'lowerdir' [ 1340.866916][T24108] netlink: 'syz.1.6411': attribute type 4 has an invalid length. [ 1340.871379][T24108] netlink: 'syz.1.6411': attribute type 4 has an invalid length. [ 1340.942187][T24118] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6405'. [ 1341.240656][T24448] overlayfs: missing 'lowerdir' [ 1341.382508][T24663] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.6420'. [ 1341.385233][T24663] openvswitch: netlink: Message has 44053 unknown bytes. [ 1341.602833][T24880] »»»»»»7 speed is unknown, defaulting to 1000 [ 1341.652585][T24882] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6423'. [ 1341.982682][T24996] overlayfs: missing 'lowerdir' [ 1342.120554][T25103] overlayfs: missing 'lowerdir' [ 1342.591922][T25453] No buffer was provided with the request [ 1342.704018][T25459] overlayfs: missing 'lowerdir' [ 1342.837203][T25579] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6442'. [ 1343.793074][T26210] overlayfs: missing 'lowerdir' [ 1343.888476][T26215] No buffer was provided with the request [ 1344.081806][T26428] netlink: 'syz.2.6462': attribute type 21 has an invalid length. [ 1344.122983][T26433] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6464'. [ 1344.130218][T26433] macvtap0: entered promiscuous mode [ 1344.131645][T26433] erspan0: entered promiscuous mode [ 1344.133005][T26433] macvtap0: entered allmulticast mode [ 1344.134420][T26433] erspan0: entered allmulticast mode [ 1344.152409][T26433] erspan0: left allmulticast mode [ 1344.153950][T26433] erspan0: left promiscuous mode [ 1344.222196][T26543] overlayfs: missing 'lowerdir' [ 1344.704051][T26858] overlayfs: missing 'lowerdir' [ 1344.758684][T26970] overlayfs: missing 'lowerdir' [ 1345.322552][T27390] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6481'. [ 1345.771607][T27625] netlink: 'syz.0.6484': attribute type 9 has an invalid length. [ 1345.781121][T27625] fuse: Unknown parameter 'fd0x0000000000000008' [ 1346.100366][T27940] overlayfs: failed to clone upperpath [ 1346.117386][T27941] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6486'. [ 1346.371845][T28057] overlayfs: missing 'lowerdir' [ 1346.618214][T28272] overlayfs: missing 'lowerdir' [ 1346.757169][T28376] overlayfs: missing 'lowerdir' [ 1347.008279][T28661] overlayfs: failed to clone upperpath [ 1347.079165][T28686] ------------[ cut here ]------------ [ 1347.081033][T28686] refcount_t: underflow; use-after-free. [ 1347.082781][T28686] WARNING: CPU: 2 PID: 28686 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 [ 1347.085321][T28686] Modules linked in: [ 1347.086894][T28686] CPU: 2 UID: 0 PID: 28686 Comm: syz.1.6517 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0 [ 1347.091769][T28686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1347.094931][T28686] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 1347.096655][T28686] Code: ff 89 de e8 e8 34 f7 fc 84 db 0f 85 66 ff ff ff e8 3b 3a f7 fc c6 05 ef 62 88 0b 01 90 48 c7 c7 e0 06 d3 8b e8 27 6b b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 3a f7 fc 0f b6 1d ca 62 88 0b 31 [ 1347.101925][T28686] RSP: 0018:ffffc90003a9f9b8 EFLAGS: 00010282 [ 1347.103674][T28686] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000cd11000 [ 1347.105839][T28686] RDX: 0000000000080000 RSI: ffffffff817a2276 RDI: 0000000000000001 [ 1347.107978][T28686] RBP: ffff88806811e8d0 R08: 0000000000000001 R09: 0000000000000000 [ 1347.110377][T28686] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001 [ 1347.112595][T28686] R13: 0000000000000000 R14: ffff88806811e8d0 R15: ffff88804ffc6000 [ 1347.114946][T28686] FS: 0000000000000000(0000) GS:ffff88802b600000(0063) knlGS:00000000f50f6b40 [ 1347.117365][T28686] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 1347.119358][T28686] CR2: 00000000f73ad194 CR3: 000000004dd04000 CR4: 0000000000352ef0 [ 1347.121851][T28686] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1347.124397][T28686] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 1347.126886][T28686] Call Trace: [ 1347.127864][T28686] [ 1347.128699][T28686] ? __warn+0xea/0x3c0 [ 1347.129973][T28686] ? __pfx_vprintk_emit+0x10/0x10 [ 1347.131283][T28686] ? refcount_warn_saturate+0x14a/0x210 [ 1347.132852][T28686] ? report_bug+0x3c0/0x580 [ 1347.134451][T28686] ? handle_bug+0x54/0xa0 [ 1347.135620][T28686] ? exc_invalid_op+0x17/0x50 [ 1347.136872][T28686] ? asm_exc_invalid_op+0x1a/0x20 [ 1347.138271][T28686] ? __warn_printk+0x1a6/0x350 [ 1347.139757][T28686] ? refcount_warn_saturate+0x14a/0x210 [ 1347.141288][T28686] ? refcount_warn_saturate+0x149/0x210 [ 1347.142834][T28686] io_tx_ubuf_complete+0x236/0x280 [ 1347.144254][T28686] ? __io_submit_flush_completions+0xb85/0x1df0 [ 1347.146077][T28686] io_send_zc_cleanup+0x8a/0x1c0 [ 1347.147427][T28686] ? __pfx_io_send_zc_cleanup+0x10/0x10 [ 1347.148983][T28686] __io_submit_flush_completions+0xcb3/0x1df0 [ 1347.150814][T28686] ctx_flush_and_put.constprop.0+0x9a/0x410 [ 1347.152457][T28686] io_handle_tw_list+0x431/0x540 [ 1347.153836][T28686] ? __pfx_io_handle_tw_list+0x10/0x10 [ 1347.155326][T28686] ? lock_acquire.part.0+0x11b/0x380 [ 1347.156788][T28686] ? find_held_lock+0x2d/0x110 [ 1347.158107][T28686] tctx_task_work_run+0xac/0x390 [ 1347.159579][T28686] tctx_task_work+0x7b/0xd0 [ 1347.160802][T28686] ? __pfx_tctx_task_work+0x10/0x10 [ 1347.162221][T28686] ? _raw_spin_unlock_irq+0x23/0x50 [ 1347.163601][T28686] ? lockdep_hardirqs_on+0x7c/0x110 [ 1347.164985][T28686] task_work_run+0x14e/0x250 [ 1347.166225][T28686] ? __pfx_task_work_run+0x10/0x10 [ 1347.167582][T28686] get_signal+0x1d3/0x26c0 [ 1347.169013][T28686] ? __pfx_get_signal+0x10/0x10 [ 1347.170404][T28686] ? fput+0x67/0x440 [ 1347.171577][T28686] ? __do_sys_io_uring_enter+0x60f/0x1670 [ 1347.173215][T28686] arch_do_signal_or_restart+0x90/0x7e0 [ 1347.174797][T28686] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1347.176552][T28686] ? __sys_setsockopt+0x1cd/0x230 [ 1347.178045][T28686] syscall_exit_to_user_mode+0x150/0x2a0 [ 1347.179698][T28686] __do_fast_syscall_32+0x80/0x120 [ 1347.181132][T28686] do_fast_syscall_32+0x32/0x80 [ 1347.182506][T28686] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1347.184265][T28686] RIP: 0023:0xf746e579 [ 1347.185433][T28686] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1347.190695][T28686] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 1347.192984][T28686] RAX: 0000000000000800 RBX: 0000000000000003 RCX: 00000000000047bc [ 1347.195178][T28686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1347.197341][T28686] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1347.199527][T28686] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1347.202048][T28686] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1347.204192][T28686] [ 1347.205069][T28686] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1347.207074][T28686] CPU: 2 UID: 0 PID: 28686 Comm: syz.1.6517 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0 [ 1347.210007][T28686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1347.213035][T28686] Call Trace: [ 1347.213988][T28686] [ 1347.214821][T28686] dump_stack_lvl+0x3d/0x1f0 [ 1347.216116][T28686] panic+0x71d/0x800 [ 1347.217231][T28686] ? __pfx_panic+0x10/0x10 [ 1347.218511][T28686] ? show_trace_log_lvl+0x29d/0x3d0 [ 1347.219964][T28686] ? refcount_warn_saturate+0x14a/0x210 [ 1347.221565][T28686] check_panic_on_warn+0xab/0xb0 [ 1347.222974][T28686] __warn+0xf6/0x3c0 [ 1347.224070][T28686] ? __pfx_vprintk_emit+0x10/0x10 [ 1347.225471][T28686] ? refcount_warn_saturate+0x14a/0x210 [ 1347.226994][T28686] report_bug+0x3c0/0x580 [ 1347.228203][T28686] handle_bug+0x54/0xa0 [ 1347.229386][T28686] exc_invalid_op+0x17/0x50 [ 1347.230604][T28686] asm_exc_invalid_op+0x1a/0x20 [ 1347.231923][T28686] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 1347.233543][T28686] Code: ff 89 de e8 e8 34 f7 fc 84 db 0f 85 66 ff ff ff e8 3b 3a f7 fc c6 05 ef 62 88 0b 01 90 48 c7 c7 e0 06 d3 8b e8 27 6b b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 3a f7 fc 0f b6 1d ca 62 88 0b 31 [ 1347.239115][T28686] RSP: 0018:ffffc90003a9f9b8 EFLAGS: 00010282 [ 1347.240762][T28686] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000cd11000 [ 1347.242972][T28686] RDX: 0000000000080000 RSI: ffffffff817a2276 RDI: 0000000000000001 [ 1347.245028][T28686] RBP: ffff88806811e8d0 R08: 0000000000000001 R09: 0000000000000000 [ 1347.247115][T28686] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001 [ 1347.249206][T28686] R13: 0000000000000000 R14: ffff88806811e8d0 R15: ffff88804ffc6000 [ 1347.251328][T28686] ? __warn_printk+0x1a6/0x350 [ 1347.252605][T28686] ? refcount_warn_saturate+0x149/0x210 [ 1347.254081][T28686] io_tx_ubuf_complete+0x236/0x280 [ 1347.255430][T28686] ? __io_submit_flush_completions+0xb85/0x1df0 [ 1347.257063][T28686] io_send_zc_cleanup+0x8a/0x1c0 [ 1347.258448][T28686] ? __pfx_io_send_zc_cleanup+0x10/0x10 [ 1347.260043][T28686] __io_submit_flush_completions+0xcb3/0x1df0 [ 1347.261682][T28686] ctx_flush_and_put.constprop.0+0x9a/0x410 [ 1347.263285][T28686] io_handle_tw_list+0x431/0x540 [ 1347.264640][T28686] ? __pfx_io_handle_tw_list+0x10/0x10 [ 1347.266125][T28686] ? lock_acquire.part.0+0x11b/0x380 [ 1347.267558][T28686] ? find_held_lock+0x2d/0x110 [ 1347.268887][T28686] tctx_task_work_run+0xac/0x390 [ 1347.270266][T28686] tctx_task_work+0x7b/0xd0 [ 1347.271496][T28686] ? __pfx_tctx_task_work+0x10/0x10 [ 1347.272866][T28686] ? _raw_spin_unlock_irq+0x23/0x50 [ 1347.274273][T28686] ? lockdep_hardirqs_on+0x7c/0x110 [ 1347.275749][T28686] task_work_run+0x14e/0x250 [ 1347.277043][T28686] ? __pfx_task_work_run+0x10/0x10 [ 1347.278556][T28686] get_signal+0x1d3/0x26c0 [ 1347.279816][T28686] ? __pfx_get_signal+0x10/0x10 [ 1347.281178][T28686] ? fput+0x67/0x440 [ 1347.282294][T28686] ? __do_sys_io_uring_enter+0x60f/0x1670 [ 1347.283867][T28686] arch_do_signal_or_restart+0x90/0x7e0 [ 1347.285410][T28686] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1347.287112][T28686] ? __sys_setsockopt+0x1cd/0x230 [ 1347.288537][T28686] syscall_exit_to_user_mode+0x150/0x2a0 [ 1347.290055][T28686] __do_fast_syscall_32+0x80/0x120 [ 1347.291461][T28686] do_fast_syscall_32+0x32/0x80 [ 1347.292795][T28686] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1347.294516][T28686] RIP: 0023:0xf746e579 [ 1347.295638][T28686] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1347.300824][T28686] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 1347.303068][T28686] RAX: 0000000000000800 RBX: 0000000000000003 RCX: 00000000000047bc [ 1347.305126][T28686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1347.307264][T28686] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1347.309534][T28686] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1347.311684][T28686] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1347.313929][T28686] [ 1347.315342][T28686] Kernel Offset: disabled [ 1347.316598][T28686] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:13:55 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff84c8db15 RDX=0000000000000004 RSI=0000000000000004 RDI=0000000000000001 RBP=ffffffff8bd3a3a0 RSP=ffffc9000132ebd0 R8 =0000000000000001 R9 =0000000000000002 R10=0000000000000004 R11=ffff88802ad70030 R12=0000000000000004 R13=0000000000000001 R14=0000000000000004 R15=0000000000000004 RIP=ffffffff81b9e910 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5927ba4 CR3=0000000075ab6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000003681691 RBX=0000000000000001 RCX=ffffffff8b557469 RDX=0000000000000000 RSI=ffffffff8b6cfc80 RDI=ffffffff8bd359e0 RBP=ffffed1003766000 RSP=ffffc9000048fe08 R8 =0000000000000001 R9 =ffffed10056a6f85 R10=ffff88802b537c2b R11=0000000000000000 R12=0000000000000001 R13=ffff88801bb30000 R14=ffffffff90628e10 R15=0000000000000000 RIP=ffffffff8b55884f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000008000e000 CR3=0000000075ab6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853ea9b5 RDI=ffffffff9ab72ea0 RBP=ffffffff9ab72e60 RSP=ffffc90003a9f338 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000035 R14=ffffffff9ab72e60 R15=0000000000000000 RIP=ffffffff853ea9df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73ad194 CR3=000000004dd04000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=fffffbfff20c51c2 RBX=fffffbfff20c51c3 RCX=ffffffff8196b149 RDX=fffffbfff20c51c3 RSI=0000000000000008 RDI=ffffffff90628e10 RBP=fffffbfff20c51c2 RSP=ffffc90003457550 R8 =0000000000000000 R9 =fffffbfff20c51c2 R10=ffffffff90628e17 R11=0000000000000007 R12=ffffffff8e1bd140 R13=0000000000000001 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff821c2695 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7ff55c0 CR3=0000000049f50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000