last executing test programs: 3.669562362s ago: executing program 0 (id=3689): r0 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x707c, 0x0, 0x4, 0x8000288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000400)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0x81, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 3.629404199s ago: executing program 0 (id=3690): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0) 3.539185664s ago: executing program 0 (id=3691): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={@mcast2, @empty, 0x20, 0x20}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000080)={0x1c, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0x17, 0x0, 0x0, @fd=r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) unshare(0x4020200) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x10) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, 0x0) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="fdaf24bd7000000000000e00000008000300", @ANYRES32=r8, @ANYBLOB="9a6662cf45188ab176242f2495648c8be63a2bdea1e220cc7724c82a1f3b396dcd8917f5e9cd039f90220a61bc21df082ed505f0da88d020f3799f327dd8d6a8977bbc6c68c95268f4b325590a16a3db5defbb348a49f5c5ce34472be868b4d6192edd717e3f0ac13aef6d09fc2099a75b07b6809665ab374559d4369aad9b04aa26f095ad124e8869ab0d551c1dd9edb57b3e177e110b86ef9951a57656671c28c02cce3164d0bd53a4e73791270da3a6d2616bc01ac0f28e893ad7b86cf01af5ffd6a197019c0e1613517016b176ed8d51e0"], 0x1c}, 0x1, 0xffa6, 0x0, 0x400c0c1}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r9, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 3.177337944s ago: executing program 2 (id=3695): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000040)=0x4, 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c) 2.690894261s ago: executing program 0 (id=3703): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') creat(&(0x7f0000000400)='./bus\x00', 0x0) lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x3, 0x2, 0xc, 0x0, 0x2, "e727"}, 0xb, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x1af, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @broadcast, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$IPT_SO_GET_ENTRIES(r4, 0x0, 0x41, &(0x7f0000001200)=ANY=[], &(0x7f0000001140)=0x2a0) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) capset(0x0, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x7, 0x6}) open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fg=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r6, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r6, &(0x7f00000000c0)={0x50, 0x0, r7, {0x7, 0x1f, 0x0, 0x7ab78c4493c52f9b, 0x0, 0x0, 0x3, 0xffffffff}}, 0x50) creat(&(0x7f0000000000)='./file0\x00', 0x40) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x1) ppoll(&(0x7f0000000080)=[{r5, 0x42c0}], 0x1, 0x0, 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000005640)=[{&(0x7f0000000040)="e0", 0x1}], 0x1}, 0x0) 2.237802473s ago: executing program 2 (id=3707): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0xe0000002}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x400002}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x40c0080) 2.139116851s ago: executing program 2 (id=3708): r0 = openat2(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x308300, 0xdb, 0x2}, 0x18) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="04230d00c90001"], 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_INFO(r0, 0x0, 0x4000000) 2.059951636s ago: executing program 2 (id=3709): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xbd) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10) syz_emit_ethernet(0x72, &(0x7f0000000000)={@local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x3c, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "974367", 0x0, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [], "e4073d2d9d9074f6738f6fe9"}}}}}}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x5) ioctl$TCFLSH(r3, 0x8926, 0x20001114) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) bpf$BPF_TASK_FD_QUERY(0x24, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) syz_emit_ethernet(0x63, &(0x7f0000000180)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2d, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0xc}, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x3, "3abc2ac2bfb0f9366574005770a981d0425b685b7f39f2bf671c53"}]}}}}}}, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = dup3(0xffffffffffffffff, r4, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000040)=0x3, 0x4) r7 = socket$netlink(0x10, 0x3, 0x0) writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r7, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000780)={0x73622a85, 0x880, 0x1}) dup3(r5, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.800731009s ago: executing program 1 (id=3710): sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={0x78, 0x7, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x58, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_META_SREG={0x8}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x18}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0) 1.800229298s ago: executing program 0 (id=3711): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={@mcast2, @empty, 0x20, 0x20}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000080)={0x1c, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0x17, 0x0, 0x0, @fd=r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) unshare(0x4020200) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x10) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, 0x0) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="fdaf24bd7000000000000e00000008000300", @ANYRES32=r8, @ANYBLOB="9a6662cf45188ab176242f2495648c8be63a2bdea1e220cc7724c82a1f3b396dcd8917f5e9cd039f90220a61bc21df082ed505f0da88d020f3799f327dd8d6a8977bbc6c68c95268f4b325590a16a3db5defbb348a49f5c5ce34472be868b4d6192edd717e3f0ac13aef6d09fc2099a75b07b6809665ab374559d4369aad9b04aa26f095ad124e8869ab0d551c1dd9edb57b3e177e110b86ef9951a57656671c28c02cce3164d0bd53a4e73791270da3a6d2616bc01ac0f28e893ad7b86cf01af5ffd6a197019c0e1613517016b176ed8d51e0"], 0x1c}, 0x1, 0xffa6, 0x0, 0x400c0c1}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r9, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 1.729527454s ago: executing program 1 (id=3712): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0xff, 0xfffff010}, {0x6, 0x5, 0x5, 0x100000}]}, 0x8) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0) 1.729001183s ago: executing program 1 (id=3713): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x154, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x124, 0x2, [@TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_STAB={0x104, 0x2, "547d9ed0effe82c024750032ea49f09c72384049bcc87e42ca7e2c78d6a85178e447e32b5f4e4fabff6fb16a40901dc4221e42eb745b6332c476d0c3aefed8dc95af179570cf8cc43bc29eb93c6e78f5e1153d3d7c1542f77dc4b29877e2002685e850f2969cf2164fbf8db7e1713786899d2a8ab03ca5accb2e9b50e1fb7a4e3681b35f0f68461daa4f4e1583b9a02195dee35ae7c8bca085399157d5f30c2ec691c39267b2655c782b363a11645a0c78a39fab8c0ce69f11f2db45ee16e2975a80664f687d01bd7444244a25bdb9ec5b0fa8b1afc0254ddbca2e22ca1b189502b74d7ec4665c23804df713183d428f50a0d64e31e110c707eb3fe69f437992"}, @TCA_CHOKE_MAX_P={0x8}]}}]}, 0x154}}, 0x0) 1.527841365s ago: executing program 1 (id=3715): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r0, &(0x7f0000000000)='7', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e20, @loopback}}}, 0x84) 1.374249954s ago: executing program 3 (id=3716): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x4000001, @mcast2, 0x2}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='geneve1\x00', 0x65) write(r0, &(0x7f00000000c0)="8f2a0a65", 0x4) 1.261313496s ago: executing program 3 (id=3717): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) modify_ldt$read(0x0, 0x0, 0x0) 1.149478346s ago: executing program 3 (id=3718): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syz_tun\x00'}]}]}]}], {0x14}}, 0x80}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000bc0)={@local, @broadcast, @void, {@ipv4={0x8864, @dccp={{0x5, 0x4, 0x1, 0x6, 0x24, 0x66, 0x0, 0xff, 0x21, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x26}}, {{0x4e24, 0x4e22, 0x4, 0x1, 0x2, 0x0, 0x0, 0x7, 0x1, "8e2b70", 0x3, "b00e14"}}}}}}, 0x0) 1.148372734s ago: executing program 2 (id=3719): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xbd) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10) syz_emit_ethernet(0x72, &(0x7f0000000000)={@local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x3c, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "974367", 0x0, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [], "e4073d2d9d9074f6738f6fe9"}}}}}}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x5) ioctl$TCFLSH(r3, 0x8926, 0x20001114) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) bpf$BPF_TASK_FD_QUERY(0x24, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) syz_emit_ethernet(0x63, &(0x7f0000000180)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2d, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0xc}, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x3, "3abc2ac2bfb0f9366574005770a981d0425b685b7f39f2bf671c53"}]}}}}}}, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = dup3(0xffffffffffffffff, r4, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000040)=0x3, 0x4) r7 = socket$netlink(0x10, 0x3, 0x0) writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r7, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000780)={0x73622a85, 0x880, 0x1}) dup3(r5, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.107394918s ago: executing program 3 (id=3720): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') creat(&(0x7f0000000400)='./bus\x00', 0x0) lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x3, 0x2, 0xc, 0x0, 0x2, "e727"}, 0xb, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x1af, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @broadcast, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$IPT_SO_GET_ENTRIES(r4, 0x0, 0x41, &(0x7f0000001200)=ANY=[], &(0x7f0000001140)=0x2a0) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) capset(0x0, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x7, 0x6}) open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fg=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r6, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r6, &(0x7f00000000c0)={0x50, 0x0, r7, {0x7, 0x1f, 0x0, 0x7ab78c4493c52f9b, 0x0, 0x0, 0x3, 0xffffffff}}, 0x50) creat(&(0x7f0000000000)='./file0\x00', 0x40) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x1) ppoll(&(0x7f0000000080)=[{r5, 0x42c0}], 0x1, 0x0, 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000005640)=[{&(0x7f0000000040)="e0", 0x1}], 0x1}, 0x0) 841.065645ms ago: executing program 0 (id=3721): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={@mcast2, @empty, 0x20, 0x20}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000080)={0x1c, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0x17, 0x0, 0x0, @fd=r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) unshare(0x4020200) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdir(0x0, 0x10) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="fdaf24bd7000000000000e00000008000300", @ANYRES32=r8, @ANYBLOB="9a6662cf45188ab176242f2495648c8be63a2bdea1e220cc7724c82a1f3b396dcd8917f5e9cd039f90220a61bc21df082ed505f0da88d020f3799f327dd8d6a8977bbc6c68c95268f4b325590a16a3db5defbb348a49f5c5ce34472be868b4d6192edd717e3f0ac13aef6d09fc2099a75b07b6809665ab374559d4369aad9b04aa26f095ad124e8869ab0d551c1dd9edb57b3e177e110b86ef9951a57656671c28c02cce3164d0bd53a4e73791270da3a6d2616bc01ac0f28e893ad7b86cf01af5ffd6a197019c0e1613517016b176ed8d51e0"], 0x1c}, 0x1, 0xffa6, 0x0, 0x400c0c1}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r9, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 622.31197ms ago: executing program 1 (id=3722): r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$nl_generic(0x11, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xfd9c, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x100, 0xe000000, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="02142000110000000040000000000000030005000000000002000000ffffffff0000000000000000080012000000010000000000000000000600000000000027b20e97a6a9ecae000000ee00000000000000000000000000fc020000000000000000000000000000030006000000000002000000e000000100000000000000"], 0x88}}, 0x0) r6 = socket$key(0xf, 0x3, 0x2) socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$key(r6, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0xf, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x1, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@empty, @in6=@private2}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x80}}, 0x0) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r7, 0xffffffffffffffff, 0x0) r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_WANTLQI(r8, 0x0, 0x2, 0x0, &(0x7f0000000380)) getsockopt$MRT6(0xffffffffffffffff, 0x29, 0xd0, 0x0, 0x0) 215.008394ms ago: executing program 2 (id=3723): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={@mcast2, @empty, 0x20, 0x20}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000080)={0x1c, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0x17, 0x0, 0x0, @fd=r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) unshare(0x4020200) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mkdir(0x0, 0x10) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="fdaf24bd7000000000000e00000008000300", @ANYRES32=r8, @ANYBLOB="9a6662cf45188ab176242f2495648c8be63a2bdea1e220cc7724c82a1f3b396dcd8917f5e9cd039f90220a61bc21df082ed505f0da88d020f3799f327dd8d6a8977bbc6c68c95268f4b325590a16a3db5defbb348a49f5c5ce34472be868b4d6192edd717e3f0ac13aef6d09fc2099a75b07b6809665ab374559d4369aad9b04aa26f095ad124e8869ab0d551c1dd9edb57b3e177e110b86ef9951a57656671c28c02cce3164d0bd53a4e73791270da3a6d2616bc01ac0f28e893ad7b86cf01af5ffd6a197019c0e1613517016b176ed8d51e0"], 0x1c}, 0x1, 0xffa6, 0x0, 0x400c0c1}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r9, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 133.072121ms ago: executing program 3 (id=3724): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r2, 0x1a8}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PORT={0x6, 0x2, 0x1, 0x0, 0x4e24}]}}}]}, 0x3c}}, 0x0) 348.99µs ago: executing program 3 (id=3725): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'xfrm0\x00', 0x0}) r2 = socket(0x11, 0x3, 0x0) sendto$packet(r2, &(0x7f00000008c0)="6fa4bf90aa8a2fa38a8f6c8fa168f069adfc79fefab38d472b35afef1abf5976aa851156780bb0fe39e1880b25e386d2", 0x6d, 0x0, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @random="0786dbd848f5"}, 0x14) 0s ago: executing program 1 (id=3726): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x2c, r0, 0x1, 0x0, 0x25dfdbfc, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1450}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008800}, 0x40880) kernel console output (not intermixed with test programs): 12.041425][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 412.044721][ T57] libceph: connect (1)[c::]:6789 error -101 [ 412.046877][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 412.194770][T12571] ceph: No mds server is up or the cluster is laggy [ 412.343769][T12581] mkiss: ax0: crc mode is auto. [ 412.489122][T12586] netlink: 'syz.2.1471': attribute type 4 has an invalid length. [ 412.505561][T12586] netlink: 'syz.2.1471': attribute type 4 has an invalid length. [ 413.360356][T12601] mkiss: ax0: crc mode is auto. [ 413.442217][T12605] input: syz1 as /devices/virtual/input/input19 [ 413.663589][T12608] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 413.665952][T12608] overlayfs: failed to set xattr on upper [ 413.675395][T12608] overlayfs: ...falling back to redirect_dir=nofollow. [ 413.678141][T12608] overlayfs: ...falling back to index=off. [ 413.680071][T12608] overlayfs: ...falling back to uuid=null. [ 413.976346][T12610] netlink: 'syz.1.1482': attribute type 4 has an invalid length. [ 413.984443][T12610] netlink: 'syz.1.1482': attribute type 4 has an invalid length. [ 414.307038][T12615] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 414.647530][T12626] cgroup2: Unknown parameter 'smackfsfloor' [ 416.511790][T12654] mkiss: ax0: crc mode is auto. [ 416.748195][T12665] netlink: 'syz.3.1487': attribute type 4 has an invalid length. [ 416.860515][T12668] netlink: 'syz.3.1487': attribute type 4 has an invalid length. [ 417.537298][T12681] overlayfs: missing 'lowerdir' [ 417.601782][ T40] audit: type=1804 audit(2000000249.653:297): pid=12688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1496" name="/newroot/364/bus/bus" dev="overlay" ino=2139 res=1 errno=0 [ 417.621964][T12688] fuse: Unknown parameter 'fg' [ 417.624552][ T40] audit: type=1804 audit(2000000249.673:298): pid=12688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1496" name="/newroot/364/bus/file0" dev="overlay" ino=2140 res=1 errno=0 [ 417.980528][ T57] libceph: connect (1)[c::]:6789 error -101 [ 417.982673][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 418.047225][T12699] ceph: No mds server is up or the cluster is laggy [ 419.030134][T12722] overlayfs: failed to resolve './file1': -2 [ 419.836055][T12736] overlayfs: missing 'lowerdir' [ 420.905242][T12759] overlayfs: failed to resolve './file0': -2 [ 421.616971][ T40] audit: type=1804 audit(2000000253.674:299): pid=12771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1515" name="/newroot/370/bus/bus" dev="overlay" ino=2179 res=1 errno=0 [ 421.628873][T12771] fuse: Unknown parameter 'fg' [ 421.630889][ T40] audit: type=1804 audit(2000000253.684:300): pid=12771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1515" name="/newroot/370/bus/file0" dev="overlay" ino=2180 res=1 errno=0 [ 421.764594][T12775] mkiss: ax0: crc mode is auto. [ 422.025900][T12779] netlink: 'syz.3.1516': attribute type 4 has an invalid length. [ 422.030983][T12779] netlink: 'syz.3.1516': attribute type 4 has an invalid length. [ 422.480954][T12787] mkiss: ax1: crc mode is auto. [ 422.613566][T12792] netlink: 'syz.1.1518': attribute type 4 has an invalid length. [ 422.625114][T12792] netlink: 'syz.1.1518': attribute type 4 has an invalid length. [ 423.162245][T12800] tc_dump_action: action bad kind [ 423.197357][T12800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1521'. [ 423.950434][ T40] audit: type=1804 audit(2000000256.004:301): pid=12816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1524" name="/newroot/388/bus/bus" dev="overlay" ino=2306 res=1 errno=0 [ 423.954342][T12816] fuse: Unknown parameter 'fg' [ 423.961650][ T40] audit: type=1804 audit(2000000256.014:302): pid=12816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1524" name="/newroot/388/bus/file0" dev="overlay" ino=2307 res=1 errno=0 [ 425.243777][T12853] netlink: 'syz.3.1530': attribute type 1 has an invalid length. [ 425.285961][T12853] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1530'. [ 425.790558][T12864] vivid-002: disconnect [ 425.792859][T12864] vivid-002: reconnect [ 426.134785][T12894] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 426.137294][T12894] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 426.140472][T12894] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 426.142860][T12894] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 428.125740][T12926] tc_dump_action: action bad kind [ 428.171293][T12926] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1542'. [ 428.208684][T12931] netlink: 'syz.0.1543': attribute type 1 has an invalid length. [ 428.211965][T12931] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1543'. [ 428.301260][T12939] vivid-001: disconnect [ 428.303914][T12939] vivid-001: reconnect [ 428.899015][T12956] mkiss: ax0: crc mode is auto. [ 429.061886][T12961] netlink: 'syz.3.1547': attribute type 4 has an invalid length. [ 429.253305][T12960] mkiss: ax1: crc mode is auto. [ 429.462537][T12970] netlink: 'syz.0.1548': attribute type 4 has an invalid length. [ 429.471894][T12970] netlink: 'syz.0.1548': attribute type 4 has an invalid length. [ 430.392413][T12984] mkiss: ax0: crc mode is auto. [ 430.510180][T12986] netlink: 'syz.3.1554': attribute type 4 has an invalid length. [ 430.516757][T12986] netlink: 'syz.3.1554': attribute type 4 has an invalid length. [ 432.530991][T13027] mkiss: ax0: crc mode is auto. [ 432.751224][T13032] netlink: 'syz.2.1562': attribute type 4 has an invalid length. [ 432.752943][ T8] hid-generic 0000:0000:0000.0002: item fetching failed at offset 0/1 [ 432.757806][ T8] hid-generic 0000:0000:0000.0002: probe with driver hid-generic failed with error -22 [ 432.778474][T13032] netlink: 'syz.2.1562': attribute type 4 has an invalid length. [ 432.972857][T13041] netlink: 'syz.0.1563': attribute type 29 has an invalid length. [ 432.976428][T13041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1563'. [ 433.030393][T13037] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 433.703194][T13054] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 435.430689][ T1327] libceph: connect (1)[c::]:6789 error -101 [ 435.435078][ T1327] libceph: mon0 (1)[c::]:6789 connect error [ 435.616097][ T1177] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 435.675820][T13096] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1577'. [ 435.932812][T13103] overlayfs: missing 'lowerdir' [ 436.007303][ T1327] libceph: connect (1)[c::]:6789 error -101 [ 436.016615][ T1327] libceph: mon0 (1)[c::]:6789 connect error [ 436.111279][T13091] ceph: No mds server is up or the cluster is laggy [ 437.657506][T13132] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1586'. [ 437.700263][T13138] overlayfs: missing 'lowerdir' [ 438.140633][T13156] IPVS: length: 46 != 8 [ 439.456972][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.639249][T13178] mkiss: ax0: crc mode is auto. [ 439.746117][T13182] netlink: 'syz.2.1598': attribute type 4 has an invalid length. [ 439.756518][T13182] netlink: 'syz.2.1598': attribute type 4 has an invalid length. [ 440.074139][ T40] audit: type=1804 audit(2000000272.125:303): pid=13187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1600" name="/newroot/394/bus/bus" dev="overlay" ino=2315 res=1 errno=0 [ 440.620206][ T40] audit: type=1326 audit(2000000272.675:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.635938][ T40] audit: type=1326 audit(2000000272.675:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.642984][ T40] audit: type=1326 audit(2000000272.675:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.650044][ T40] audit: type=1326 audit(2000000272.675:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.657239][ T40] audit: type=1326 audit(2000000272.675:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.666110][ T40] audit: type=1326 audit(2000000272.675:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.672576][ T40] audit: type=1326 audit(2000000272.675:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.687078][ T40] audit: type=1326 audit(2000000272.675:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.690590][T13199] mkiss: ax0: crc mode is auto. [ 440.693466][ T40] audit: type=1326 audit(2000000272.675:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13195 comm="syz.0.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f3f579 code=0x7ffc0000 [ 440.827259][T13204] netlink: 'syz.2.1604': attribute type 4 has an invalid length. [ 440.851324][T13206] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1602'. [ 440.851447][T13204] netlink: 'syz.2.1604': attribute type 4 has an invalid length. [ 442.622897][T13238] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1611'. [ 442.792998][T13244] mkiss: ax0: crc mode is auto. [ 442.947850][T13249] netlink: 'syz.2.1612': attribute type 4 has an invalid length. [ 442.955358][T13249] netlink: 'syz.2.1612': attribute type 4 has an invalid length. [ 443.329410][T13258] fuse: Unknown parameter 'fg' [ 443.340705][T13254] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 443.343093][T13254] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 443.347354][T13254] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 443.349734][T13254] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 444.532484][T13278] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1621'. [ 445.638874][T13310] bridge_slave_1: left allmulticast mode [ 445.640690][T13310] bridge_slave_1: left promiscuous mode [ 445.644061][T13310] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.702552][T13303] pim6reg527: entered allmulticast mode [ 446.149147][T13315] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 446.151606][T13315] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 446.155511][T13315] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 446.158808][T13315] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 446.162230][T13315] batman_adv: batadv0: Removing interface: ipvlan2 [ 446.179551][T13315] team0: Port device batadv0 removed [ 446.282540][T13317] overlayfs: missing 'lowerdir' [ 446.374030][T13321] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1631'. [ 446.736050][T13329] netlink: zone id is out of range [ 446.737699][T13329] netlink: zone id is out of range [ 446.739338][T13329] netlink: zone id is out of range [ 446.740892][T13329] netlink: zone id is out of range [ 447.033270][T13335] cgroup2: Unknown parameter 'smackfsfloor' [ 447.477617][T13343] program syz.3.1634 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 447.544177][T13346] ubi0: attaching mtd0 [ 447.550442][T13346] ubi0: scanning is finished [ 447.552119][T13346] ubi0: empty MTD device detected [ 447.744079][T13346] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 447.754941][T13346] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 447.762245][T13346] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 447.764637][T13346] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 447.767237][T13346] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 447.769421][T13346] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 447.786815][T13346] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3832132392 [ 447.790102][T13346] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 447.796355][T13353] ubi0: background thread "ubi_bgt0d" started, PID 13353 [ 448.235715][T13359] overlayfs: missing 'lowerdir' [ 449.378233][ T1458] hid-generic 0000:0000:0000.0003: item fetching failed at offset 0/1 [ 449.381905][ T1458] hid-generic 0000:0000:0000.0003: probe with driver hid-generic failed with error -22 [ 449.658493][T13387] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1647'. [ 450.695170][ T57] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 450.845170][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 450.848994][ T57] usb 6-1: config 0 has no interfaces? [ 450.851358][ T57] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 450.855470][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.860325][ T57] usb 6-1: config 0 descriptor?? [ 452.560662][ T57] usb 6-1: USB disconnect, device number 9 [ 452.586858][T13397] overlayfs: missing 'lowerdir' [ 452.683934][T13404] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 452.687580][T13404] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 452.720724][T13404] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 452.723138][T13404] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 455.291765][T13445] overlayfs: missing 'lowerdir' [ 456.214653][T13458] mkiss: ax0: crc mode is auto. [ 456.323526][T13460] netlink: 'syz.3.1664': attribute type 4 has an invalid length. [ 456.328868][T13460] netlink: 'syz.3.1664': attribute type 4 has an invalid length. [ 457.436545][ T40] kauditd_printk_skb: 60 callbacks suppressed [ 457.436556][ T40] audit: type=1804 audit(2000000289.496:373): pid=13477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1668" name="/newroot/413/bus/bus" dev="overlay" ino=2458 res=1 errno=0 [ 457.447187][T13477] fuse: Unknown parameter 'fg' [ 457.449094][ T40] audit: type=1804 audit(2000000289.506:374): pid=13477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1668" name="/newroot/413/bus/file0" dev="overlay" ino=2459 res=1 errno=0 [ 457.509524][T13482] overlayfs: missing 'lowerdir' [ 457.549905][T13484] mkiss: ax0: crc mode is auto. [ 457.719134][T13488] netlink: 'syz.0.1671': attribute type 4 has an invalid length. [ 457.751946][T13488] netlink: 'syz.0.1671': attribute type 4 has an invalid length. [ 458.823690][T13506] netlink: 'syz.0.1676': attribute type 10 has an invalid length. [ 459.213457][T13515] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1678'. [ 459.276982][T13519] fuse: Unknown parameter 'fg' [ 459.279456][ T40] audit: type=1804 audit(2000000291.336:375): pid=13519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1679" name="/newroot/416/bus/file0" dev="overlay" ino=2447 res=1 errno=0 [ 459.326660][T13523] mkiss: ax0: crc mode is auto. [ 459.448226][T13529] netlink: 'syz.1.1680': attribute type 4 has an invalid length. [ 460.239853][T13539] mkiss: ax0: crc mode is auto. [ 460.358071][T13544] netlink: 'syz.1.1684': attribute type 4 has an invalid length. [ 460.360739][T13544] netlink: 'syz.1.1684': attribute type 4 has an invalid length. [ 461.191134][T13559] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1688'. [ 461.251273][T13561] overlayfs: failed to clone upperpath [ 461.278609][T13561] fuse: Unknown parameter 'fg' [ 461.333192][T13565] mkiss: ax0: crc mode is auto. [ 461.444162][T13569] netlink: 'syz.3.1691': attribute type 4 has an invalid length. [ 461.451669][T13569] netlink: 'syz.3.1691': attribute type 4 has an invalid length. [ 461.831662][T13574] overlayfs: missing 'lowerdir' [ 462.168661][T13581] netlink: 'syz.0.1694': attribute type 4 has an invalid length. [ 462.179919][T13581] netlink: 'syz.0.1694': attribute type 4 has an invalid length. [ 463.021395][T13598] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1697'. [ 463.300479][T13608] overlayfs: missing 'lowerdir' [ 463.344307][T13610] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1702'. [ 463.394540][ T1458] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 463.483342][T13617] mkiss: ax0: crc mode is auto. [ 463.568712][ T1458] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 463.574781][ T1458] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.593249][ T1458] usb 7-1: config 0 descriptor?? [ 463.615063][T13621] netlink: 'syz.3.1703': attribute type 4 has an invalid length. [ 463.632412][T13621] netlink: 'syz.3.1703': attribute type 4 has an invalid length. [ 464.298927][T13628] mkiss: ax1: crc mode is auto. [ 464.396438][ T1458] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 464.399057][ T1458] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 464.401658][ T1458] [drm:udl_init] *ERROR* Selecting channel failed [ 464.413678][ T1458] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 3 [ 464.416952][ T1458] [drm] Initialized udl on minor 3 [ 464.420135][ T1458] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 464.423350][ T1458] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 464.429167][ T5980] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 464.433339][ T5980] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 464.436538][ T1458] usb 7-1: USB disconnect, device number 5 [ 464.440135][ T5980] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 464.573715][T13631] netlink: 'syz.1.1705': attribute type 4 has an invalid length. [ 464.591318][T13633] mkiss: ax0: crc mode is auto. [ 464.708677][T13635] netlink: 'syz.3.1706': attribute type 4 has an invalid length. [ 464.716057][T13635] netlink: 'syz.3.1706': attribute type 4 has an invalid length. [ 466.103393][T13657] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1711'. [ 466.215651][T13665] mkiss: ax0: crc mode is auto. [ 466.534083][T13671] netlink: 'syz.1.1714': attribute type 4 has an invalid length. [ 466.536998][T13671] netlink: 'syz.1.1714': attribute type 4 has an invalid length. [ 466.770892][T13681] overlayfs: failed to clone upperpath [ 467.325550][T13689] mkiss: ax0: crc mode is auto. [ 467.476240][T13693] netlink: 'syz.1.1718': attribute type 4 has an invalid length. [ 467.482948][T13693] netlink: 'syz.1.1718': attribute type 4 has an invalid length. [ 467.614277][ T63] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 467.644701][T13697] CIFS mount error: No usable UNC path provided in device string! [ 467.644701][T13697] [ 467.644722][T13697] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 467.671326][T13696] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1720'. [ 467.937738][T13703] xt_CT: No such helper "snmp_trap" [ 467.950668][T13703] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1719'. [ 468.077968][T13708] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1722'. [ 468.904440][T13726] netlink: 'syz.0.1726': attribute type 4 has an invalid length. [ 468.915305][T13726] netlink: 'syz.0.1726': attribute type 4 has an invalid length. [ 470.035698][T13746] overlayfs: failed to clone upperpath [ 470.370855][T13749] mkiss: ax0: crc mode is auto. [ 470.384881][T13751] mkiss: ax1: crc mode is auto. [ 470.496604][T13754] netlink: 'syz.3.1732': attribute type 4 has an invalid length. [ 470.503161][T13754] netlink: 'syz.3.1732': attribute type 4 has an invalid length. [ 470.530594][T13755] netlink: 'syz.2.1731': attribute type 4 has an invalid length. [ 470.540921][T13755] netlink: 'syz.2.1731': attribute type 4 has an invalid length. [ 471.481437][T13776] mkiss: ax0: crc mode is auto. [ 471.605979][T13780] netlink: 'syz.2.1737': attribute type 4 has an invalid length. [ 471.789833][T13785] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1739'. [ 471.850651][T13789] overlayfs: missing 'lowerdir' [ 471.861002][T13790] overlayfs: failed to clone upperpath [ 472.445481][T13803] mkiss: ax0: crc mode is auto. [ 472.557711][T13808] netlink: 'syz.2.1744': attribute type 4 has an invalid length. [ 472.561173][T13808] netlink: 'syz.2.1744': attribute type 4 has an invalid length. [ 473.472319][T13829] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1749'. [ 473.918372][T13842] overlayfs: failed to clone upperpath [ 475.416540][T13870] mkiss: ax0: crc mode is auto. [ 475.524299][T13877] netlink: 'syz.3.1757': attribute type 4 has an invalid length. [ 475.532947][T13877] netlink: 'syz.3.1757': attribute type 4 has an invalid length. [ 476.991497][T13906] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1764'. [ 478.327493][T13933] overlayfs: failed to clone upperpath [ 478.553585][T13936] mkiss: ax0: crc mode is auto. [ 478.670126][T13939] netlink: 'syz.2.1771': attribute type 4 has an invalid length. [ 478.733773][T13939] netlink: 'syz.2.1771': attribute type 4 has an invalid length. [ 478.990525][T13946] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1773'. [ 481.041595][T13984] /dev/nbd2: Can't open blockdev [ 483.348568][T14024] netlink: 'syz.3.1790': attribute type 4 has an invalid length. [ 483.749993][T14030] mkiss: ax0: crc mode is auto. [ 484.091498][T14036] netlink: 'syz.2.1792': attribute type 4 has an invalid length. [ 484.110442][T14036] netlink: 'syz.2.1792': attribute type 4 has an invalid length. [ 484.278246][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 485.368700][T14065] mmap: syz.3.1798 (14065) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 485.834861][T14075] 8021q: adding VLAN 0 to HW filter on device bond1 [ 486.333243][ T5946] Bluetooth: hci4: command 0xfc11 tx timeout [ 486.333324][ T5953] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 486.451549][T14081] overlayfs: failed to resolve './file0': -2 [ 486.456672][T14081] fuse: Unknown parameter 'fg' [ 488.072779][T14125] netlink: 'syz.1.1810': attribute type 10 has an invalid length. [ 488.080067][T14125] netlink: 'syz.1.1810': attribute type 10 has an invalid length. [ 488.089227][T14125] team0: Port device netdevsim0 removed [ 488.095286][T14125] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 488.325315][T14127] overlayfs: failed to resolve './file0': -2 [ 488.338465][T14127] fuse: Unknown parameter 'fg' [ 489.063107][T14135] mkiss: ax0: crc mode is auto. [ 489.214996][T14142] netlink: 'syz.2.1814': attribute type 4 has an invalid length. [ 489.223727][T14142] netlink: 'syz.2.1814': attribute type 4 has an invalid length. [ 490.223355][T14169] overlayfs: failed to resolve './file0': -2 [ 490.236752][T14169] fuse: Unknown parameter 'fg' [ 490.260202][T14170] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 490.742781][T14185] overlayfs: missing 'lowerdir' [ 490.831840][T14188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1824'. [ 490.837260][T14188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1824'. [ 490.844774][T14188] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 491.366272][T14197] mkiss: ax0: crc mode is auto. [ 491.570782][T14201] netlink: 'syz.2.1827': attribute type 4 has an invalid length. [ 491.585529][T14201] netlink: 'syz.2.1827': attribute type 4 has an invalid length. [ 491.741047][T14204] mkiss: ax1: crc mode is auto. [ 491.898096][T14207] netlink: 'syz.3.1828': attribute type 4 has an invalid length. [ 491.901205][T14207] netlink: 'syz.3.1828': attribute type 4 has an invalid length. [ 492.254072][T14216] mkiss: ax0: crc mode is auto. [ 492.330217][T14219] overlayfs: missing 'lowerdir' [ 492.367050][T14220] netlink: 'syz.1.1831': attribute type 4 has an invalid length. [ 492.370433][T14222] overlayfs: failed to resolve './file1': -2 [ 492.375543][T14220] netlink: 'syz.1.1831': attribute type 4 has an invalid length. [ 492.376163][T14222] fuse: Unknown parameter 'fg' [ 493.003722][T14238] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1836'. [ 493.009159][T14238] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1836'. [ 493.671581][T14255] mkiss: ax0: crc mode is auto. [ 493.807834][T14260] netlink: 'syz.3.1840': attribute type 4 has an invalid length. [ 493.814430][T14260] netlink: 'syz.3.1840': attribute type 4 has an invalid length. [ 493.886304][T14261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1841'. [ 494.764780][T14269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1843'. [ 495.170734][T14282] netlink: 'syz.0.1846': attribute type 4 has an invalid length. [ 495.176361][T14282] netlink: 'syz.0.1846': attribute type 4 has an invalid length. [ 496.261094][T14307] overlayfs: missing 'lowerdir' [ 496.436231][T14314] netlink: 'syz.0.1853': attribute type 4 has an invalid length. [ 496.459979][T14314] netlink: 'syz.0.1853': attribute type 4 has an invalid length. [ 496.891218][T14320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1855'. [ 498.181896][ T1327] libceph: connect (1)[c::]:6789 error -101 [ 498.186324][ T1327] libceph: mon0 (1)[c::]:6789 connect error [ 498.288888][T14347] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 498.350836][T14348] netlink: 'syz.0.1860': attribute type 4 has an invalid length. [ 498.359000][T14348] netlink: 'syz.0.1860': attribute type 4 has an invalid length. [ 498.457767][ T1327] libceph: connect (1)[c::]:6789 error -101 [ 498.463014][T14337] ceph: No mds server is up or the cluster is laggy [ 498.465216][ T1327] libceph: mon0 (1)[c::]:6789 connect error [ 499.301496][T14371] netlink: 'syz.0.1865': attribute type 4 has an invalid length. [ 499.306324][T14371] netlink: 'syz.0.1865': attribute type 4 has an invalid length. [ 499.612432][ T1177] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 499.653697][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1866'. [ 500.114890][T14389] netlink: 'syz.2.1867': attribute type 4 has an invalid length. [ 500.126361][T14382] netlink: 'syz.2.1867': attribute type 4 has an invalid length. [ 500.422787][T14396] IPVS: length: 46 != 8 [ 500.740212][T14402] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1872'. [ 500.895822][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.737283][T14422] mkiss: ax0: crc mode is auto. [ 501.944421][T14431] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1878'. [ 502.060943][T14433] netlink: 'syz.1.1877': attribute type 4 has an invalid length. [ 502.101929][T14433] netlink: 'syz.1.1877': attribute type 4 has an invalid length. [ 502.857566][T14443] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1880'. [ 503.397683][T14457] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 503.491160][T14459] overlayfs: missing 'lowerdir' [ 504.337784][T14479] mkiss: ax0: crc mode is auto. [ 504.657941][T14484] netlink: 'syz.1.1889': attribute type 4 has an invalid length. [ 504.785055][T14486] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1898'. [ 504.897565][T14491] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1890'. [ 504.900333][T14491] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1890'. [ 505.730100][T14497] overlayfs: missing 'lowerdir' [ 505.789165][T14502] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1894'. [ 506.228494][T14523] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1900'. [ 506.892817][T14542] overlayfs: missing 'lowerdir' [ 506.921974][T14544] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1905'. [ 507.193686][T14539] Dead loop on virtual device ip6_vti0, fix it urgently! [ 507.196150][T14539] Dead loop on virtual device ip6_vti0, fix it urgently! [ 507.198350][T14539] Dead loop on virtual device ip6_vti0, fix it urgently! [ 507.200543][T14539] Dead loop on virtual device ip6_vti0, fix it urgently! [ 507.203366][T14539] Dead loop on virtual device ip6_vti0, fix it urgently! [ 507.205588][T14539] Dead loop on virtual device ip6_vti0, fix it urgently! [ 507.275746][T14546] netlink: 'syz.3.1905': attribute type 4 has an invalid length. [ 507.278368][T14546] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1905'. [ 507.459487][T14546] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1905'. [ 507.728107][T14560] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1909'. [ 507.981956][T14568] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1908'. [ 508.717908][T14592] overlayfs: missing 'lowerdir' [ 510.895259][T14627] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 512.208209][T14657] mkiss: ax0: crc mode is auto. [ 512.367731][T14660] netlink: 'syz.2.1926': attribute type 4 has an invalid length. [ 512.376963][T14660] netlink: 'syz.2.1926': attribute type 4 has an invalid length. [ 513.664098][T14695] mkiss: ax0: crc mode is auto. [ 513.670847][T14695] misc userio: Invalid payload size [ 513.672818][T14695] misc userio: No port type given on /dev/userio [ 514.053256][T14699] 8021q: adding VLAN 0 to HW filter on device bond2 [ 514.196726][T14701] misc userio: The device must be registered before sending interrupts [ 514.225074][T14689] misc userio: The device must be registered before sending interrupts [ 514.228430][T14689] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 515.332973][T14726] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1939'. [ 515.922229][T14736] IPVS: set_ctl: invalid protocol: 33 224.0.0.2:20000 [ 516.987511][T14746] mkiss: ax0: crc mode is auto. [ 517.119085][T14751] netlink: 'syz.2.1948': attribute type 4 has an invalid length. [ 517.127897][T14751] netlink: 'syz.2.1948': attribute type 4 has an invalid length. [ 518.491817][T14780] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1952'. [ 518.495058][T14780] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1952'. [ 518.989821][T14787] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1956'. [ 519.413669][T14797] mkiss: ax0: crc mode is auto. [ 519.537973][T14799] netlink: 'syz.2.1960': attribute type 4 has an invalid length. [ 519.544028][T14799] netlink: 'syz.2.1960': attribute type 4 has an invalid length. [ 519.932199][T14809] pim6reg527: entered allmulticast mode [ 520.455760][T14814] program syz.2.1963 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 520.537252][T14817] ubi: mtd0 is already attached to ubi0 [ 520.656868][T14821] netlink: 'syz.3.1964': attribute type 10 has an invalid length. [ 520.710556][T14822] netlink: 'syz.3.1964': attribute type 10 has an invalid length. [ 520.952056][T14821] team0: Port device netdevsim0 added [ 520.962527][T14822] team0: Port device netdevsim0 removed [ 520.965793][T14822] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 521.561253][T14841] mkiss: ax0: crc mode is auto. [ 521.581320][T14842] ip6gretap0: entered promiscuous mode [ 521.746004][T14846] netlink: 'syz.1.1970': attribute type 4 has an invalid length. [ 521.752351][T14846] netlink: 'syz.1.1970': attribute type 4 has an invalid length. [ 522.415200][T14857] mkiss: ax0: crc mode is auto. [ 522.585653][T14861] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1974'. [ 522.906964][T14867] netlink: 'syz.2.1973': attribute type 4 has an invalid length. [ 522.944132][T14869] can0: slcan on ttyS3. [ 523.081924][T14872] can0 (unregistered): slcan off ttyS3. [ 523.199692][T14879] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1976'. [ 523.204974][T14879] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1976'. [ 523.208734][T14879] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1976'. [ 523.213554][T14879] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1976'. [ 523.478736][T14892] mkiss: ax0: crc mode is auto. [ 523.885451][T14899] netlink: 'syz.2.1979': attribute type 4 has an invalid length. [ 523.888623][T14899] netlink: 'syz.2.1979': attribute type 4 has an invalid length. [ 525.442809][T14936] netlink: 'syz.0.1987': attribute type 4 has an invalid length. [ 525.868105][T14942] mkiss: ax0: crc mode is auto. [ 526.006855][T14946] netlink: 'syz.2.1989': attribute type 4 has an invalid length. [ 526.054179][T14946] netlink: 'syz.2.1989': attribute type 4 has an invalid length. [ 526.497414][T14958] netlink: 'syz.0.1991': attribute type 4 has an invalid length. [ 526.501903][T14958] netlink: 'syz.0.1991': attribute type 4 has an invalid length. [ 527.168975][T14970] netlink: 'syz.2.1995': attribute type 12 has an invalid length. [ 527.488205][T14993] netlink: 'syz.3.1997': attribute type 137 has an invalid length. [ 527.711743][ T57] libceph: connect (1)[c::]:6789 error -101 [ 527.722411][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 527.733338][T15002] ceph: No mds server is up or the cluster is laggy [ 527.736896][ T57] libceph: connect (1)[c::]:6789 error -101 [ 527.739044][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 527.914571][T15010] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 527.919270][T15010] macvtap1: entered promiscuous mode [ 527.921917][T15010] macvtap1: entered allmulticast mode [ 527.924094][T15010] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 527.929471][T15010] mac80211_hwsim hwsim6 wlan0: left allmulticast mode [ 527.935062][T15010] mac80211_hwsim hwsim6 wlan0: left promiscuous mode [ 528.040818][T15014] mkiss: ax0: crc mode is auto. [ 528.254987][T15018] netlink: 'syz.1.2000': attribute type 4 has an invalid length. [ 528.984308][T15040] mkiss: ax0: crc mode is auto. [ 529.019706][T15041] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2005'. [ 529.106853][T15044] netlink: 'syz.1.2006': attribute type 4 has an invalid length. [ 529.109610][T15044] netlink: 'syz.1.2006': attribute type 4 has an invalid length. [ 529.223840][T15047] pim6reg527: entered allmulticast mode [ 531.112260][T15087] netlink: 'syz.0.2017': attribute type 4 has an invalid length. [ 531.117053][T15087] netlink: 'syz.0.2017': attribute type 4 has an invalid length. [ 531.215303][T15090] overlayfs: failed to clone lowerpath [ 531.611183][ T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 533.517292][T15135] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2028'. [ 535.163712][T15164] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2034'. [ 535.803752][T15175] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2036'. [ 536.866292][T15203] netlink: 'syz.3.2043': attribute type 4 has an invalid length. [ 536.876917][T15203] netlink: 'syz.3.2043': attribute type 4 has an invalid length. [ 536.890513][ T5946] Bluetooth: hci0: command 0x0406 tx timeout [ 537.210313][ T5946] Bluetooth: hci3: command 0x040f tx timeout [ 537.751270][T15224] netlink: 'syz.0.2048': attribute type 4 has an invalid length. [ 537.764177][T15223] netlink: 'syz.3.2049': attribute type 2 has an invalid length. [ 537.766583][T15223] netlink: 'syz.3.2049': attribute type 8 has an invalid length. [ 537.768984][T15223] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2049'. [ 540.604857][T15292] netlink: 'syz.0.2065': attribute type 4 has an invalid length. [ 540.608146][T15292] netlink: 'syz.0.2065': attribute type 4 has an invalid length. [ 540.664707][T15294] fuse: Unknown parameter 'fg' [ 541.173906][T15306] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 542.682193][T15333] tc_dump_action: action bad kind [ 543.452843][T15346] ipvlan1: entered allmulticast mode [ 543.454532][T15346] veth0_vlan: entered allmulticast mode [ 544.791007][T15369] smc: removing ib device syz0 [ 544.889907][ T6214] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 545.040045][ T6214] usb 7-1: device descriptor read/64, error -71 [ 545.108316][T15377] netlink: 'syz.3.2087': attribute type 39 has an invalid length. [ 545.289844][ T6214] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 545.429938][ T6214] usb 7-1: device descriptor read/64, error -71 [ 545.542616][ T6214] usb usb7-port1: attempt power cycle [ 545.879922][ T6214] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 545.900491][ T6214] usb 7-1: device descriptor read/8, error -71 [ 546.139847][ T6214] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 546.284058][ T6214] usb 7-1: device descriptor read/8, error -71 [ 546.432418][ T6214] usb usb7-port1: unable to enumerate USB device [ 546.725373][T15397] ucma_write: process 2164 (syz.1.2093) changed security contexts after opening file descriptor, this is not allowed. [ 547.060660][ T5950] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 547.209767][ T5950] usb 6-1: Using ep0 maxpacket: 32 [ 547.213137][ T5950] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 547.216543][ T5950] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 547.221033][ T5950] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 547.224217][ T5950] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.227912][ T5950] usb 6-1: config 0 descriptor?? [ 547.599212][T15413] ebtables: wrong size: *len 120, entries_size 48, replsz 48 [ 547.790040][T15427] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 547.978486][T15431] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 548.370347][T15436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2103'. [ 548.376754][T15436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2103'. [ 549.785910][ T5950] usbhid 6-1:0.0: can't add hid device: -71 [ 549.787809][ T5950] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 549.791972][ T5950] usb 6-1: USB disconnect, device number 10 [ 549.883758][T15456] mkiss: ax0: crc mode is auto. [ 549.996003][T15458] netlink: 'syz.1.2109': attribute type 4 has an invalid length. [ 550.003053][T15458] netlink: 'syz.1.2109': attribute type 4 has an invalid length. [ 550.176420][T15463] netlink: 'syz.0.2110': attribute type 4 has an invalid length. [ 550.962746][T15474] ip6gretap0: entered promiscuous mode [ 551.164913][T15476] mkiss: ax0: crc mode is auto. [ 551.241312][T15479] netlink: 'syz.2.2114': attribute type 4 has an invalid length. [ 551.246397][T15479] netlink: 'syz.2.2114': attribute type 4 has an invalid length. [ 552.135665][T15499] overlayfs: missing 'lowerdir' [ 552.142720][T15499] fuse: Unknown parameter 'fg' [ 552.180936][T15501] 8021q: adding VLAN 0 to HW filter on device bond0 [ 552.524624][T15508] input: syz0 as /devices/virtual/input/input26 [ 554.628049][T15544] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2129'. [ 554.665957][T15550] mkiss: ax0: crc mode is auto. [ 554.773766][T15556] netlink: 'syz.1.2130': attribute type 4 has an invalid length. [ 554.784166][T15556] netlink: 'syz.1.2130': attribute type 4 has an invalid length. [ 556.549821][T15596] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2140'. [ 556.608663][T15597] netlink: 'syz.1.2140': attribute type 4 has an invalid length. [ 556.613566][T15597] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2140'. [ 556.624856][T15597] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2140'. [ 557.227511][T15607] netlink: 'syz.0.2143': attribute type 4 has an invalid length. [ 557.233500][T15607] netlink: 'syz.0.2143': attribute type 4 has an invalid length. [ 557.722924][T15617] mkiss: ax0: crc mode is auto. [ 558.040470][T15625] netlink: 'syz.2.2145': attribute type 4 has an invalid length. [ 559.427987][T15661] netlink: 'syz.0.2154': attribute type 4 has an invalid length. [ 559.433605][T15661] netlink: 'syz.0.2154': attribute type 4 has an invalid length. [ 559.790681][T15671] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 559.792642][T15671] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 559.795943][T15671] vhci_hcd vhci_hcd.0: Device attached [ 559.989469][T14202] vhci_hcd: vhci_device speed not set [ 560.049210][T14202] usb 39-1: new full-speed USB device number 2 using vhci_hcd [ 561.557798][T15672] vhci_hcd: connection reset by peer [ 561.572096][ T9759] vhci_hcd: stop threads [ 561.574097][ T9759] vhci_hcd: release socket [ 561.575966][ T9759] vhci_hcd: disconnect device [ 561.600015][T15709] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2163'. [ 561.781825][T15715] netlink: 'syz.1.2164': attribute type 4 has an invalid length. [ 561.792113][T15715] netlink: 'syz.1.2164': attribute type 4 has an invalid length. [ 562.002442][ T40] audit: type=1326 audit(2000000394.065:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.008885][ T40] audit: type=1326 audit(2000000394.065:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.015259][ T40] audit: type=1326 audit(2000000394.065:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.022109][ T40] audit: type=1326 audit(2000000394.065:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.029307][ T40] audit: type=1326 audit(2000000394.065:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.035749][ T40] audit: type=1326 audit(2000000394.065:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.043641][ T40] audit: type=1326 audit(2000000394.065:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.050315][ T40] audit: type=1326 audit(2000000394.065:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.058984][ T40] audit: type=1326 audit(2000000394.065:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.065798][ T40] audit: type=1326 audit(2000000394.065:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15718 comm="syz.2.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 562.095032][T15723] netlink: 'syz.3.2166': attribute type 4 has an invalid length. [ 562.103561][T15723] netlink: 'syz.3.2166': attribute type 4 has an invalid length. [ 562.158502][T15725] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2167'. [ 562.330009][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.628588][T15736] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 562.953423][T15739] mkiss: ax0: crc mode is auto. [ 563.028734][T15740] netlink: 'syz.1.2170': attribute type 4 has an invalid length. [ 563.041543][T15740] netlink: 'syz.1.2170': attribute type 4 has an invalid length. [ 563.320758][T15747] netlink: 200 bytes leftover after parsing attributes in process `syz.0.2172'. [ 563.608874][ T39] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 563.938632][T15761] overlayfs: missing 'lowerdir' [ 563.958886][T15761] fuse: Unknown parameter 'fg' [ 564.269509][T15772] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 564.988787][ T9] usb 7-1: new full-speed USB device number 10 using dummy_hcd [ 565.092190][T15790] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2181'. [ 565.149950][ T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 565.153120][ T9] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 565.157153][ T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice= 0.00 [ 565.160482][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 565.164417][ T9] usb 7-1: config 0 descriptor?? [ 565.198718][T14202] vhci_hcd: vhci_device speed not set [ 565.680188][T15803] netlink: 'syz.0.2185': attribute type 4 has an invalid length. [ 565.689934][T15803] netlink: 'syz.0.2185': attribute type 4 has an invalid length. [ 565.751958][T15798] netlink: 'syz.3.2184': attribute type 1 has an invalid length. [ 565.766278][T15798] 8021q: adding VLAN 0 to HW filter on device bond2 [ 565.771568][T15798] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2184'. [ 566.838767][T15826] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 567.615201][T15838] netlink: 200 bytes leftover after parsing attributes in process `syz.0.2191'. [ 567.785006][ T9] usbhid 7-1:0.0: can't add hid device: -71 [ 567.787048][ T9] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 567.792536][ T9] usb 7-1: USB disconnect, device number 10 [ 568.550544][T15857] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 568.553639][T15857] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 568.571279][T15857] fuse: Unknown parameter 'fg' [ 569.395851][T15872] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2200'. [ 569.415984][T15874] ipvlan1: entered allmulticast mode [ 569.417705][T15874] veth0_vlan: entered allmulticast mode [ 572.131413][T15915] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 572.134085][T15915] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 572.141370][T15915] fuse: Unknown parameter 'fg' [ 572.274733][T15921] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2210'. [ 572.279754][T15921] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2210'. [ 572.839212][T15930] 8021q: adding VLAN 0 to HW filter on device bond3 [ 573.582033][T15941] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2215'. [ 574.072119][T15955] netlink: 'syz.0.2218': attribute type 4 has an invalid length. [ 574.165599][T15955] netlink: 'syz.0.2218': attribute type 4 has an invalid length. [ 574.638516][T15970] netlink: 'syz.2.2222': attribute type 4 has an invalid length. [ 574.663507][T15970] netlink: 'syz.2.2222': attribute type 4 has an invalid length. [ 575.288205][ T5953] Bluetooth: hci3: command 0x040f tx timeout [ 576.003277][T15980] overlayfs: failed to clone upperpath [ 577.751188][ T57] libceph: connect (1)[c::]:6789 error -101 [ 577.753116][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 577.754986][T16010] ceph: No mds server is up or the cluster is laggy [ 577.804031][T16022] netlink: 'syz.3.2232': attribute type 4 has an invalid length. [ 577.815358][T16022] netlink: 'syz.3.2232': attribute type 4 has an invalid length. [ 577.821064][T16023] netlink: 'syz.0.2233': attribute type 4 has an invalid length. [ 577.831219][T16023] netlink: 'syz.0.2233': attribute type 4 has an invalid length. [ 578.016273][T16029] fuse: Unknown parameter 'fg' [ 579.269568][T16063] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2242'. [ 579.422647][T16069] fuse: Unknown parameter 'fg' [ 579.425459][ T40] kauditd_printk_skb: 31 callbacks suppressed [ 579.425468][ T40] audit: type=1804 audit(2000000411.486:417): pid=16069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2244" name="/newroot/548/bus/file0" dev="overlay" ino=3266 res=1 errno=0 [ 580.073303][T16076] netlink: 'syz.3.2247': attribute type 39 has an invalid length. [ 580.152854][T16083] netlink: 'syz.3.2249': attribute type 4 has an invalid length. [ 580.159027][T16083] netlink: 'syz.3.2249': attribute type 4 has an invalid length. [ 580.224805][T16085] netlink: 'syz.0.2246': attribute type 4 has an invalid length. [ 580.230622][T16085] netlink: 'syz.0.2246': attribute type 4 has an invalid length. [ 581.117902][ T5953] Bluetooth: hci2: command 0x0406 tx timeout [ 581.292692][T16102] overlayfs: failed to clone upperpath [ 581.297164][T16102] fuse: Unknown parameter 'fg' [ 581.760440][T16118] netlink: 'syz.1.2255': attribute type 2 has an invalid length. [ 581.763393][T16118] netlink: 'syz.1.2255': attribute type 8 has an invalid length. [ 581.766608][T16118] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2255'. [ 582.863627][T16131] netlink: 'syz.2.2257': attribute type 39 has an invalid length. [ 583.805299][T16148] netlink: 'syz.0.2261': attribute type 4 has an invalid length. [ 583.816290][T16148] netlink: 'syz.0.2261': attribute type 4 has an invalid length. [ 583.984533][T16152] mkiss: ax0: crc mode is auto. [ 584.664730][T16166] overlayfs: failed to clone upperpath [ 584.669760][T16166] fuse: Unknown parameter 'fg' [ 586.399924][T16198] overlayfs: failed to clone upperpath [ 586.524056][T16203] random: crng reseeded on system resumption [ 587.028120][T16210] validate_nla: 2 callbacks suppressed [ 587.028136][T16210] netlink: 'syz.3.2275': attribute type 4 has an invalid length. [ 587.043262][T16210] netlink: 'syz.3.2275': attribute type 4 has an invalid length. [ 587.232090][ T40] audit: type=1804 audit(2000000419.296:418): pid=16217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2278" name="/newroot/557/bus/bus" dev="overlay" ino=3322 res=1 errno=0 [ 587.242772][T16217] fuse: Unknown parameter 'fg' [ 587.244668][ T40] audit: type=1804 audit(2000000419.306:419): pid=16217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2278" name="/newroot/557/bus/file0" dev="overlay" ino=3323 res=1 errno=0 [ 587.752769][T16227] netlink: 'syz.0.2281': attribute type 39 has an invalid length. [ 588.144005][T16237] netlink: 'syz.2.2283': attribute type 4 has an invalid length. [ 588.154489][T16237] netlink: 'syz.2.2283': attribute type 4 has an invalid length. [ 588.868718][T16245] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2285'. [ 589.140707][T16250] overlayfs: failed to clone upperpath [ 589.145076][T16250] fuse: Unknown parameter 'fg' [ 589.900263][T16265] netlink: 'syz.3.2290': attribute type 4 has an invalid length. [ 589.905627][T16265] netlink: 'syz.3.2290': attribute type 4 has an invalid length. [ 589.999135][T16268] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2292'. [ 590.010614][T16268] netlink: 'syz.0.2292': attribute type 4 has an invalid length. [ 590.013009][T16268] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2292'. [ 590.017153][T16268] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2292'. [ 590.229298][ T40] audit: type=1804 audit(2000000422.296:420): pid=16276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2301" name="/newroot/575/bus/bus" dev="overlay" ino=3324 res=1 errno=0 [ 590.232083][T16276] fuse: Unknown parameter 'fg' [ 590.239313][ T40] audit: type=1804 audit(2000000422.306:421): pid=16276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2301" name="/newroot/575/bus/file0" dev="overlay" ino=3325 res=1 errno=0 [ 590.310234][T16274] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 590.313714][T16274] macvtap1: entered promiscuous mode [ 590.315389][T16274] macvtap1: entered allmulticast mode [ 590.317084][T16274] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 590.320587][T16274] mac80211_hwsim hwsim4 wlan0: left allmulticast mode [ 590.322930][T16274] mac80211_hwsim hwsim4 wlan0: left promiscuous mode [ 591.869180][T16309] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2304'. [ 591.877487][T16306] 9pnet_fd: Insufficient options for proto=fd [ 591.989118][T16312] netlink: 'syz.1.2304': attribute type 4 has an invalid length. [ 591.992239][T16312] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2304'. [ 591.996761][T16312] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2304'. [ 593.519229][T16338] netlink: 'syz.3.2310': attribute type 4 has an invalid length. [ 593.526529][T16338] netlink: 'syz.3.2310': attribute type 4 has an invalid length. [ 594.092545][T16347] netlink: 'syz.1.2311': attribute type 4 has an invalid length. [ 594.116919][T16347] netlink: 'syz.1.2311': attribute type 4 has an invalid length. [ 594.928652][T16362] netlink: 'syz.0.2317': attribute type 39 has an invalid length. [ 594.952902][T16363] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2312'. [ 594.955843][T16363] unsupported nlmsg_type 40 [ 595.077111][ T6214] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 595.227010][ T6214] usb 6-1: Using ep0 maxpacket: 8 [ 595.229813][ T6214] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 595.232862][ T6214] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 595.235702][ T6214] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 595.238832][ T6214] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 595.242668][ T6214] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 595.245345][ T6214] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 595.252689][ T6214] usbtmc 6-1:16.0: bulk endpoints not found [ 595.607115][ T39] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 596.697330][T16394] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 597.026557][T16427] netlink: 200 bytes leftover after parsing attributes in process `syz.0.2325'. [ 597.077309][T16433] overlayfs: failed to clone upperpath [ 597.086041][T16433] fuse: Unknown parameter 'fg' [ 597.208969][T16441] netlink: 'syz.2.2327': attribute type 6 has an invalid length. [ 598.175858][ T1458] usb 6-1: USB disconnect, device number 11 [ 598.967583][T16478] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2334'. [ 599.968156][T16497] can0: slcan on pts0. [ 600.010384][T16493] netlink: 'syz.3.2337': attribute type 4 has an invalid length. [ 600.027703][T16493] netlink: 'syz.3.2337': attribute type 4 has an invalid length. [ 600.047063][T16497] can0 (unregistered): slcan off pts0. [ 600.955273][T16526] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2343'. [ 601.663666][T16542] netlink: 'syz.1.2347': attribute type 1 has an invalid length. [ 601.677365][T16542] 8021q: adding VLAN 0 to HW filter on device bond3 [ 601.701404][T16542] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2347'. [ 601.799490][T16545] x86/PAT: syz.2.2348:16545 freeing invalid memtype [mem 0xfed00000-0xfed00fff] [ 601.807692][T16545] netlink: 'syz.2.2348': attribute type 1 has an invalid length. [ 601.813108][T16545] netlink: 'syz.2.2348': attribute type 1 has an invalid length. [ 601.815543][T16545] netlink: 'syz.2.2348': attribute type 3 has an invalid length. [ 601.818469][T16545] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2348'. [ 601.829293][T16545] x86/PAT: syz.2.2348:16545 freeing invalid memtype [mem 0xfed00000-0xfed00fff] [ 601.873041][T16547] mkiss: ax0: crc mode is auto. [ 603.125154][T16570] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2354'. [ 604.544477][T16603] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 605.327797][T16618] mkiss: ax0: crc mode is auto. [ 605.445161][T16620] netlink: 'syz.2.2365': attribute type 4 has an invalid length. [ 605.454351][T16620] netlink: 'syz.2.2365': attribute type 4 has an invalid length. [ 605.710766][T16622] netfs: Couldn't get user pages (rc=-14) [ 605.770341][T16627] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 605.772529][T16627] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 606.058325][T16635] netlink: 'syz.3.2368': attribute type 39 has an invalid length. [ 606.474250][T16646] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 608.200236][T16671] netlink: 'syz.2.2373': attribute type 1 has an invalid length. [ 608.220005][T16671] 8021q: adding VLAN 0 to HW filter on device bond1 [ 608.260585][T16671] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2373'. [ 608.768145][T16686] netlink: 'syz.1.2377': attribute type 4 has an invalid length. [ 608.776637][T16686] netlink: 'syz.1.2377': attribute type 4 has an invalid length. [ 609.199693][T16692] netlink: 'syz.2.2379': attribute type 39 has an invalid length. [ 610.436435][T16717] netlink: 'syz.3.2384': attribute type 4 has an invalid length. [ 610.443540][T16717] netlink: 'syz.3.2384': attribute type 4 has an invalid length. [ 611.688834][T16740] netlink: 'syz.2.2391': attribute type 39 has an invalid length. [ 611.723742][T16741] netlink: 'syz.0.2389': attribute type 1 has an invalid length. [ 611.749281][T16741] 8021q: adding VLAN 0 to HW filter on device bond1 [ 611.765739][T16741] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2389'. [ 613.015117][T16757] netlink: 'syz.0.2394': attribute type 4 has an invalid length. [ 613.022059][T16757] netlink: 'syz.0.2394': attribute type 4 has an invalid length. [ 613.981546][T16785] netlink: 'syz.1.2400': attribute type 39 has an invalid length. [ 614.004193][T16786] netlink: 'syz.2.2399': attribute type 1 has an invalid length. [ 614.027709][T16786] bond2: entered promiscuous mode [ 614.029857][T16786] 8021q: adding VLAN 0 to HW filter on device bond2 [ 614.108673][T16786] 8021q: adding VLAN 0 to HW filter on device bond2 [ 614.111044][T16786] bond2: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 614.114215][T16786] bond2: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 614.123400][T16786] bond2: (slave ip6gre1): making interface the new active one [ 614.126219][T16786] ip6gre1: entered promiscuous mode [ 614.132370][T16786] bond2: (slave ip6gre1): Enslaving as an active interface with an up link [ 614.323873][T16794] netlink: 'syz.3.2401': attribute type 4 has an invalid length. [ 614.342887][T16794] netlink: 'syz.3.2401': attribute type 4 has an invalid length. [ 614.772937][T16803] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 614.775197][T16803] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 616.314358][T16829] netlink: 'syz.2.2408': attribute type 39 has an invalid length. [ 617.085399][T16839] netlink: 'syz.0.2410': attribute type 4 has an invalid length. [ 617.108024][T16839] netlink: 'syz.0.2410': attribute type 4 has an invalid length. [ 617.939215][T16852] netlink: 'syz.0.2415': attribute type 4 has an invalid length. [ 617.944787][T16852] netlink: 'syz.0.2415': attribute type 4 has an invalid length. [ 618.850993][T16871] netlink: 'syz.2.2418': attribute type 4 has an invalid length. [ 618.910318][T16872] netlink: 'syz.2.2418': attribute type 4 has an invalid length. [ 620.393798][T16895] netlink: 200 bytes leftover after parsing attributes in process `syz.0.2423'. [ 621.377223][T16905] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 621.377223][T16905] program syz.2.2425 not setting count and/or reply_len properly [ 621.419393][T16905] 9pnet_fd: Insufficient options for proto=fd [ 622.617904][T16935] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2431'. [ 622.897877][T16941] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2433'. [ 623.269758][T16946] mkiss: ax0: crc mode is auto. [ 623.301461][T16951] mkiss: ax1: crc mode is auto. [ 623.418962][T16956] netlink: 'syz.1.2435': attribute type 4 has an invalid length. [ 623.432064][T16956] netlink: 'syz.1.2435': attribute type 4 has an invalid length. [ 623.478169][T16958] netlink: 'syz.2.2436': attribute type 4 has an invalid length. [ 623.526973][T16957] netlink: 'syz.2.2436': attribute type 4 has an invalid length. [ 623.779067][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 623.851143][ T5980] libceph: connect (1)[c::]:6789 error -101 [ 623.853470][ T5980] libceph: mon0 (1)[c::]:6789 connect error [ 623.896201][T16965] ceph: No mds server is up or the cluster is laggy [ 623.960277][T16970] Bluetooth: MGMT ver 1.23 [ 624.127179][ T5980] libceph: connect (1)[c::]:6789 error -101 [ 624.129687][ T5980] libceph: mon0 (1)[c::]:6789 connect error [ 624.468340][ T57] libceph: connect (1)[c::]:6789 error -101 [ 624.471177][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 624.475168][ T57] libceph: connect (1)[c::]:6789 error -101 [ 624.477571][T16969] ceph: No mds server is up or the cluster is laggy [ 624.481104][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 624.781222][T16988] netlink: 'syz.2.2441': attribute type 39 has an invalid length. [ 624.898341][T16995] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2443'. [ 624.950691][T16998] random: crng reseeded on system resumption [ 625.369115][T17007] mkiss: ax0: crc mode is auto. [ 625.772064][T17010] netlink: 'syz.2.2447': attribute type 4 has an invalid length. [ 625.802484][T17010] netlink: 'syz.2.2447': attribute type 4 has an invalid length. [ 625.914120][T17016] netlink: 'syz.0.2449': attribute type 4 has an invalid length. [ 625.936625][T17016] netlink: 'syz.0.2449': attribute type 4 has an invalid length. [ 626.999038][T17031] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2452'. [ 627.076987][T17036] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 627.212907][T17039] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2451'. [ 627.215919][T17039] bridge_slave_0: default FDB implementation only supports local addresses [ 627.633128][ T63] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 628.081113][T17051] mkiss: ax0: crc mode is auto. [ 629.534846][T17070] mkiss: ax0: crc mode is auto. [ 629.731413][T17076] netlink: 'syz.2.2460': attribute type 4 has an invalid length. [ 629.782109][T17075] netlink: 'syz.2.2460': attribute type 4 has an invalid length. [ 629.903138][T17081] netlink: 'syz.3.2462': attribute type 4 has an invalid length. [ 629.954910][T17083] netlink: 'syz.3.2462': attribute type 4 has an invalid length. [ 630.756786][T17090] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2463'. [ 630.838223][T17096] netlink: 'syz.3.2465': attribute type 39 has an invalid length. [ 630.983064][T17104] mkiss: ax0: crc mode is auto. [ 631.807002][T17118] netlink: 'syz.0.2471': attribute type 1 has an invalid length. [ 631.826057][T17118] bond2: (slave gretap1): making interface the new active one [ 631.828843][T17118] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 632.374554][T17131] mkiss: ax0: crc mode is auto. [ 632.509189][T17133] netlink: 'syz.2.2474': attribute type 4 has an invalid length. [ 632.518635][T17133] netlink: 'syz.2.2474': attribute type 4 has an invalid length. [ 632.683216][T17135] mkiss: ax1: crc mode is auto. [ 632.804571][T17142] netlink: 'syz.1.2475': attribute type 4 has an invalid length. [ 632.810654][T17139] netlink: 'syz.0.2477': attribute type 39 has an invalid length. [ 634.276884][ T5980] libceph: connect (1)[c::]:6789 error -101 [ 634.279542][ T5980] libceph: mon0 (1)[c::]:6789 connect error [ 634.361089][T17170] ceph: No mds server is up or the cluster is laggy [ 635.538545][T17197] validate_nla: 1 callbacks suppressed [ 635.538556][T17197] netlink: 'syz.0.2487': attribute type 4 has an invalid length. [ 635.545544][T17197] netlink: 'syz.0.2487': attribute type 4 has an invalid length. [ 635.564383][T17199] mkiss: ax0: crc mode is auto. [ 635.745852][T17201] netlink: 'syz.2.2488': attribute type 4 has an invalid length. [ 635.767345][T17201] netlink: 'syz.2.2488': attribute type 4 has an invalid length. [ 636.609121][T17224] netlink: zone id is out of range [ 636.613107][T17224] netlink: zone id is out of range [ 638.573093][T17250] netlink: 'syz.3.2499': attribute type 4 has an invalid length. [ 638.587428][T17250] netlink: 'syz.3.2499': attribute type 4 has an invalid length. [ 638.606893][T17251] netlink: 'syz.0.2501': attribute type 4 has an invalid length. [ 638.635682][T17251] netlink: 'syz.0.2501': attribute type 4 has an invalid length. [ 639.766581][ T5980] libceph: connect (1)[c::]:6789 error -101 [ 639.768510][ T5980] libceph: mon0 (1)[c::]:6789 connect error [ 639.859970][T17286] netlink: 'syz.0.2505': attribute type 1 has an invalid length. [ 639.862343][T17286] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.2505'. [ 639.924137][T17289] overlayfs: failed to clone upperpath [ 640.214862][T17283] ceph: No mds server is up or the cluster is laggy [ 640.219317][ T5980] libceph: connect (1)[c::]:6789 error -101 [ 640.221274][ T5980] libceph: mon0 (1)[c::]:6789 connect error [ 641.097748][T17307] mkiss: ax0: crc mode is auto. [ 641.144112][T17309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2512'. [ 641.211465][T17316] netlink: 'syz.2.2511': attribute type 4 has an invalid length. [ 641.218740][T17316] netlink: 'syz.2.2511': attribute type 4 has an invalid length. [ 641.246214][T17317] netlink: 'syz.3.2513': attribute type 4 has an invalid length. [ 641.252234][T17317] netlink: 'syz.3.2513': attribute type 4 has an invalid length. [ 641.555183][T17325] random: crng reseeded on system resumption [ 641.763926][T17322] netlink: 'syz.1.2514': attribute type 3 has an invalid length. [ 642.457287][ T5980] libceph: connect (1)[c::]:6789 error -101 [ 642.459011][ T5980] libceph: mon0 (1)[c::]:6789 connect error [ 642.506401][T17348] ceph: No mds server is up or the cluster is laggy [ 642.719290][T17357] netlink: 240 bytes leftover after parsing attributes in process `syz.1.2518'. [ 642.722125][T17357] NCSI netlink: No device for ifindex 0 [ 643.618001][T17371] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2521'. [ 643.970899][T17380] 9pnet_fd: Insufficient options for proto=fd [ 644.074555][T17381] netlink: 'syz.2.2524': attribute type 4 has an invalid length. [ 644.329995][T17385] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2526'. [ 644.339145][T17385] vlan2: entered allmulticast mode [ 644.340818][T17385] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 644.344580][T17385] mac80211_hwsim hwsim3 wlan1: left allmulticast mode [ 645.823122][T17423] mkiss: ax0: crc mode is auto. [ 646.067222][T17429] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 646.687484][T17439] netdevsim netdevsim1: Direct firmware load for . [ 646.687484][T17439] failed with error -2 [ 646.690793][T17439] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 646.690793][T17439] [ 647.344878][T17457] mkiss: ax0: crc mode is auto. [ 647.461364][T17460] netlink: 'syz.1.2541': attribute type 4 has an invalid length. [ 647.487363][T17460] netlink: 'syz.1.2541': attribute type 4 has an invalid length. [ 648.589965][T17487] random: crng reseeded on system resumption [ 648.711917][T17488] ebtables: wrong size: *len 80, entries_size 144, replsz 144 [ 649.249496][T17492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2547'. [ 649.275334][T17486] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2546'. [ 649.445111][T17497] netlink: 'syz.1.2548': attribute type 39 has an invalid length. [ 649.483156][T17499] netlink: 200 bytes leftover after parsing attributes in process `syz.0.2557'. [ 649.676881][T17503] netlink: 'syz.0.2550': attribute type 39 has an invalid length. [ 649.859301][T17511] netlink: zone id is out of range [ 649.860961][T17511] netlink: zone id is out of range [ 650.741213][T17533] 9pnet_fd: Insufficient options for proto=fd [ 650.760337][T17533] netlink: 'syz.1.2554': attribute type 4 has an invalid length. [ 651.244550][T17538] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 651.294010][T17541] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2559'. [ 651.758675][T17551] dvmrp0: entered allmulticast mode [ 651.886626][T17553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2561'. [ 651.889298][T17553] netlink: 'syz.1.2561': attribute type 1 has an invalid length. [ 652.157132][T17560] mkiss: ax0: crc mode is auto. [ 652.438664][T17561] netlink: 'syz.1.2572': attribute type 4 has an invalid length. [ 652.449583][T17561] netlink: 'syz.1.2572': attribute type 4 has an invalid length. [ 653.524576][T17593] netlink: 'syz.1.2569': attribute type 1 has an invalid length. [ 653.526966][T17593] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.2569'. [ 653.537246][T17593] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 653.801848][T17596] 9pnet_fd: Insufficient options for proto=fd [ 653.809169][T17596] 9pnet_virtio: no channels available for device syz [ 653.813420][T17596] netlink: 'syz.3.2570': attribute type 4 has an invalid length. [ 654.844571][T17616] random: crng reseeded on system resumption [ 654.965313][T17605] mkiss: ax0: crc mode is auto. [ 654.984798][T17605] misc userio: Invalid payload size [ 654.987298][T17605] misc userio: No port type given on /dev/userio [ 655.051594][T17621] misc userio: The device must be registered before sending interrupts [ 655.084897][T17621] misc userio: The device must be registered before sending interrupts [ 656.101884][T17641] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 657.441209][T17664] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 657.532048][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.600494][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.959503][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.961816][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.964392][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.966861][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.970005][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.972674][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.976494][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.978920][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 657.981224][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.017984][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.020943][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.023527][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.026387][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.030812][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.033512][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.036816][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.039608][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.042369][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.045524][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.049287][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.052750][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.055465][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.059434][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.062275][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.065270][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.068103][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.070643][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.074800][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.078681][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.082091][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.085860][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.088536][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.090969][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.095236][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.098570][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.102741][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.105083][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.107367][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.109943][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.112352][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.116815][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.119862][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.122726][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.125311][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.128588][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.132124][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.135303][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.138373][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.141538][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.145066][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.147973][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.152452][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.155943][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.159223][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.162500][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.165227][T11825] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 658.176651][T11825] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 658.320982][T17686] netlink: 'syz.1.2590': attribute type 39 has an invalid length. [ 658.692619][T17696] random: crng reseeded on system resumption [ 658.811923][T17697] ebtables: wrong size: *len 80, entries_size 144, replsz 144 [ 659.077432][T17695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2591'. [ 659.603591][ T63] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 659.874837][T17718] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2596'. [ 659.881973][T17718] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2596'. [ 659.889205][T17718] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2596'. [ 659.896508][T17718] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2596'. [ 660.084118][T17726] netlink: zone id is out of range [ 660.085862][T17726] netlink: zone id is out of range [ 660.087355][T17726] netlink: zone id is out of range [ 660.088929][T17726] netlink: zone id is out of range [ 660.090466][T17726] netlink: zone id is out of range [ 660.092550][T17726] netlink: zone id is out of range [ 660.113463][T17726] netlink: zone id is out of range [ 660.116682][T17726] netlink: del zone limit has 4 unknown bytes [ 660.160830][T17730] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2606'. [ 660.607660][T17742] macvlan0: entered allmulticast mode [ 660.609957][T17742] veth1_vlan: entered allmulticast mode [ 660.615991][T17742] pim6reg: entered allmulticast mode [ 660.641885][T17742] input: syz1 as /devices/virtual/input/input28 [ 661.320654][T17749] netlink: 'syz.1.2602': attribute type 1 has an invalid length. [ 661.332157][T17749] bridge0: port 1(bridge_slave_0) entered disabled state [ 661.444252][T17758] overlayfs: failed to clone lowerpath [ 661.466277][T17759] netlink: 'syz.0.2604': attribute type 4 has an invalid length. [ 661.471570][T17759] netlink: 'syz.0.2604': attribute type 4 has an invalid length. [ 661.478967][T17760] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 661.754869][T17758] ebtables: wrong size: *len 80, entries_size 144, replsz 144 [ 661.885856][T17771] mkiss: ax0: crc mode is auto. [ 661.904661][T17771] misc userio: Invalid payload size [ 661.907319][T17771] misc userio: No port type given on /dev/userio [ 661.977133][T17772] misc userio: The device must be registered before sending interrupts [ 661.989133][T17772] misc userio: The device must be registered before sending interrupts [ 663.698719][T17794] fuse: Bad value for 'fd' [ 663.729240][T17800] netlink: 'syz.3.2614': attribute type 39 has an invalid length. [ 664.105134][T17810] netlink: 'syz.3.2616': attribute type 10 has an invalid length. [ 664.478310][T17816] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2617'. [ 664.714319][T17816] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2617'. [ 664.717561][T17816] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2617'. [ 664.845266][T17832] overlayfs: failed to clone lowerpath [ 665.307199][T17832] ebtables: wrong size: *len 80, entries_size 144, replsz 144 [ 665.766283][T17861] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2624'. [ 666.641952][T17874] dvmrp0: entered allmulticast mode [ 666.742840][T17874] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2627'. [ 666.745812][T17874] netlink: 'syz.0.2627': attribute type 1 has an invalid length. [ 666.942145][T17886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2635'. [ 667.216609][T17890] netlink: 'syz.2.2628': attribute type 10 has an invalid length. [ 667.270158][T17890] team0: Port device netdevsim0 removed [ 667.275045][T17890] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 667.277991][T17890] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 667.782462][T17898] 9pnet_fd: Insufficient options for proto=fd [ 670.285693][T17944] netlink: 'syz.1.2642': attribute type 10 has an invalid length. [ 670.588677][T17951] netlink: 'syz.2.2643': attribute type 39 has an invalid length. [ 672.187057][T17981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2649'. [ 672.190828][T17981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2649'. [ 672.357249][T17987] netlink: 'syz.0.2652': attribute type 39 has an invalid length. [ 673.197692][T18002] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2655'. [ 673.200408][T18002] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2655'. [ 673.203658][T18002] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2655'. [ 673.206482][T18002] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2655'. [ 674.219454][T18025] tipc: Started in network mode [ 674.221568][T18025] tipc: Node identity ffffffff, cluster identity 4711 [ 674.224611][T18025] tipc: Node number set to 4294967295 [ 674.245357][T18027] netlink: 'syz.2.2661': attribute type 4 has an invalid length. [ 675.215534][T18043] overlayfs: failed to clone upperpath [ 675.220898][T18043] fuse: Unknown parameter 'fg' [ 676.196592][T18069] netlink: 'syz.0.2671': attribute type 39 has an invalid length. [ 677.638024][T18101] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2677'. [ 678.349582][T18116] netlink: 'syz.1.2681': attribute type 39 has an invalid length. [ 678.408930][T18119] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2682'. [ 679.495548][T18141] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2686'. [ 679.499262][T18141] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2686'. [ 680.262974][T18155] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 680.822982][T18163] netlink: 'syz.2.2690': attribute type 39 has an invalid length. [ 680.852137][T18167] netlink: 'syz.2.2692': attribute type 4 has an invalid length. [ 680.855820][T18167] netlink: 'syz.2.2692': attribute type 4 has an invalid length. [ 681.023691][T18177] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2691'. [ 681.343062][T18186] netlink: 'syz.0.2696': attribute type 39 has an invalid length. [ 681.415284][T18184] team0 (unregistering): Port device team_slave_0 removed [ 681.419714][T18184] team0 (unregistering): Port device team_slave_1 removed [ 681.467234][T18190] netlink: 'syz.0.2697': attribute type 4 has an invalid length. [ 681.473345][T18190] netlink: 'syz.0.2697': attribute type 4 has an invalid length. [ 681.537911][T18192] netlink: 'syz.3.2698': attribute type 39 has an invalid length. [ 681.580384][T18194] netlink: 'syz.3.2699': attribute type 1 has an invalid length. [ 681.582954][T18194] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2699'. [ 681.642459][T18194] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2699'. [ 681.678264][T18199] netlink: 'syz.3.2700': attribute type 39 has an invalid length. [ 682.994290][T18226] CIFS: VFS: Malformed UNC in devname [ 682.998301][T18226] IPv6: NLM_F_CREATE should be specified when creating new route [ 683.011053][T18231] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2705'. [ 683.150157][T18237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2709'. [ 683.437012][T18240] validate_nla: 1 callbacks suppressed [ 683.437031][T18240] netlink: 'syz.2.2710': attribute type 4 has an invalid length. [ 683.444905][T18240] netlink: 'syz.2.2710': attribute type 4 has an invalid length. [ 683.864648][T18252] veth1_macvtap: left promiscuous mode [ 683.866427][T18252] macsec0: entered allmulticast mode [ 683.870717][T18252] veth1_macvtap: entered promiscuous mode [ 683.872863][T18252] veth1_macvtap: entered allmulticast mode [ 683.874791][T18252] macsec0: left allmulticast mode [ 683.876328][T18252] veth1_macvtap: left allmulticast mode [ 685.051242][T18274] netlink: 'syz.0.2717': attribute type 4 has an invalid length. [ 685.060902][T18274] netlink: 'syz.0.2717': attribute type 4 has an invalid length. [ 685.203903][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.125361][T18284] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2720'. [ 686.434172][T18298] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2721'. [ 686.455264][T18299] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2723'. [ 686.458194][T18299] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2723'. [ 686.756354][T18302] team0 (unregistering): Port device team_slave_0 removed [ 686.762210][T18302] team0 (unregistering): Port device team_slave_1 removed [ 686.796577][T18305] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 687.221780][T18313] netlink: 'syz.0.2727': attribute type 4 has an invalid length. [ 687.227378][T18313] netlink: 'syz.0.2727': attribute type 4 has an invalid length. [ 687.459391][T17620] libceph: connect (1)[c::]:6789 error -101 [ 687.461489][T17620] libceph: mon0 (1)[c::]:6789 connect error [ 687.724096][T17620] libceph: connect (1)[c::]:6789 error -101 [ 687.726483][T17620] libceph: mon0 (1)[c::]:6789 connect error [ 688.243018][T17620] libceph: connect (1)[c::]:6789 error -101 [ 688.245044][T17620] libceph: mon0 (1)[c::]:6789 connect error [ 688.280654][T18322] ceph: No mds server is up or the cluster is laggy [ 689.059727][T18356] netlink: 'syz.2.2736': attribute type 4 has an invalid length. [ 689.339511][T18358] netlink: 'syz.2.2736': attribute type 4 has an invalid length. [ 691.413480][T18402] netlink: 'syz.0.2744': attribute type 4 has an invalid length. [ 691.432925][T18402] netlink: 'syz.0.2744': attribute type 4 has an invalid length. [ 691.602738][T17087] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 691.958424][T18416] overlayfs: failed to clone upperpath [ 691.965151][T18416] fuse: Unknown parameter 'fg' [ 692.885986][T18428] : renamed from bond0 (while UP) [ 692.953407][T18430] net_ratelimit: 2 callbacks suppressed [ 692.953450][T18430] netlink: zone id is out of range [ 692.956799][T18430] netlink: zone id is out of range [ 692.958408][T18430] netlink: zone id is out of range [ 692.964705][T18430] netlink: zone id is out of range [ 692.978708][T18430] netlink: zone id is out of range [ 692.986000][T18430] netlink: zone id is out of range [ 693.000707][T18430] netlink: zone id is out of range [ 693.005034][T18430] netlink: zone id is out of range [ 693.008632][T18430] netlink: zone id is out of range [ 693.010304][T18430] netlink: zone id is out of range [ 694.231437][T18453] netlink: 'syz.1.2757': attribute type 39 has an invalid length. [ 694.542180][T18460] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2756'. [ 695.461163][T18470] netlink: 'syz.2.2760': attribute type 4 has an invalid length. [ 695.615093][T18475] CIFS: VFS: Malformed UNC in devname [ 695.619968][T18475] IPv6: NLM_F_CREATE should be specified when creating new route [ 695.873901][T18478] xt_hashlimit: Unknown mode mask 368, kernel too old? [ 696.274734][T18484] netlink: 272 bytes leftover after parsing attributes in process `syz.2.2764'. [ 696.277995][T18484] netlink: 272 bytes leftover after parsing attributes in process `syz.2.2764'. [ 696.426904][T18489] netlink: 'syz.3.2766': attribute type 39 has an invalid length. [ 697.762689][ T5946] Bluetooth: hci2: command 0x0406 tx timeout [ 698.215286][T18527] netlink: 'syz.1.2773': attribute type 4 has an invalid length. [ 698.565881][T18536] CIFS: VFS: Malformed UNC in devname [ 698.569395][T18536] IPv6: NLM_F_CREATE should be specified when creating new route [ 698.904055][T18543] netlink: 'syz.1.2778': attribute type 39 has an invalid length. [ 701.154082][T18597] netlink: 'syz.0.2787': attribute type 39 has an invalid length. [ 701.752307][T18614] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2790'. [ 702.722742][ T5953] Bluetooth: hci1: command 0x0406 tx timeout [ 703.041077][T18638] netlink: 'syz.3.2793': attribute type 4 has an invalid length. [ 703.881715][T18663] netlink: 'syz.3.2796': attribute type 39 has an invalid length. [ 704.837745][T18681] raw_sendmsg: syz.0.2800 forgot to set AF_INET. Fix it! [ 705.528668][T18696] netlink: 'syz.2.2805': attribute type 39 has an invalid length. [ 705.860558][T18708] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2807'. [ 706.956215][T18722] trusted_key: syz.3.2812 sent an empty control message without MSG_MORE. [ 707.271748][T18739] netlink: 'syz.0.2815': attribute type 39 has an invalid length. [ 707.487252][T18763] netlink: 200 bytes leftover after parsing attributes in process `syz.0.2821'. [ 708.000165][T18782] netlink: 'syz.2.2825': attribute type 4 has an invalid length. [ 708.329310][T18793] netlink: 'syz.1.2827': attribute type 39 has an invalid length. [ 710.694176][T18834] netlink: 'syz.2.2836': attribute type 39 has an invalid length. [ 710.778198][T18837] netlink: 'syz.2.2837': attribute type 4 has an invalid length. [ 711.201332][T18842] netlink: 'syz.0.2838': attribute type 4 has an invalid length. [ 711.756997][T18854] netlink: 'syz.1.2840': attribute type 10 has an invalid length. [ 711.761668][T18854] bridge0: port 3(syz_tun) entered disabled state [ 711.791821][T18854] bridge0: port 3(syz_tun) entered blocking state [ 711.794517][T18854] bridge0: port 3(syz_tun) entered forwarding state [ 711.797379][T18854] bridge0: port 1(bridge_slave_0) entered blocking state [ 711.800199][T18854] bridge0: port 1(bridge_slave_0) entered forwarding state [ 711.807425][T18854] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 711.875232][T18851] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2840'. [ 711.879348][T18851] syz_tun: left allmulticast mode [ 711.882049][T18851] syz_tun: left promiscuous mode [ 711.884363][T18851] bridge0: port 3(syz_tun) entered disabled state [ 711.893387][T18851] bridge_slave_0: left allmulticast mode [ 711.895719][T18851] bridge_slave_0: left promiscuous mode [ 711.899881][T18851] bridge0: port 1(bridge_slave_0) entered disabled state [ 711.945451][T18851] bond0: (slave bridge0): Releasing backup interface [ 712.563199][ T5946] Bluetooth: hci2: command 0x0406 tx timeout [ 713.248375][T18882] netlink: 'syz.0.2845': attribute type 4 has an invalid length. [ 713.291125][T18883] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2846'. [ 713.485190][T18889] netlink: 'syz.2.2848': attribute type 39 has an invalid length. [ 713.583685][T18893] netlink: 'syz.2.2849': attribute type 4 has an invalid length. [ 714.130357][T18899] tipc: Started in network mode [ 714.132447][T18899] tipc: Node identity 7f000001, cluster identity 4711 [ 714.136393][T18899] tipc: Enabled bearer , priority 10 [ 714.247622][T18904] netlink: 'syz.0.2851': attribute type 39 has an invalid length. [ 715.266621][T16674] tipc: Node number set to 2130706433 [ 715.339038][T18930] netlink: 'syz.0.2857': attribute type 39 has an invalid length. [ 715.505995][T18934] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 715.508848][T18934] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 715.511441][T18934] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 715.514154][T18934] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 715.796232][T18934] vxlan0: entered promiscuous mode [ 715.824004][T18934] vxlan0: entered allmulticast mode [ 715.840694][T18934] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 715.844023][T18934] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 715.847199][T18934] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 715.850040][T18934] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 715.946833][T18944] netlink: 'syz.2.2860': attribute type 39 has an invalid length. [ 716.223071][T18952] netlink: 'syz.1.2862': attribute type 4 has an invalid length. [ 716.661744][T18961] netlink: 'syz.0.2864': attribute type 39 has an invalid length. [ 716.990628][T18969] netlink: 'syz.2.2867': attribute type 39 has an invalid length. [ 717.891684][T18988] netlink: 'syz.0.2873': attribute type 39 has an invalid length. [ 718.008461][T18995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2871'. [ 718.656624][T19015] validate_nla: 5 callbacks suppressed [ 718.656640][T19015] netlink: 'syz.1.2880': attribute type 4 has an invalid length. [ 719.054119][T19023] netlink: 'syz.2.2883': attribute type 39 has an invalid length. [ 720.468841][T19056] netlink: 'syz.1.2889': attribute type 4 has an invalid length. [ 720.974697][T19063] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2890'. [ 720.979491][T19063] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2890'. [ 720.983350][T19063] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2890'. [ 721.302396][T19067] netlink: 'syz.2.2891': attribute type 4 has an invalid length. [ 721.368366][T19071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2893'. [ 721.378700][T19069] netlink: 'syz.1.2892': attribute type 39 has an invalid length. [ 721.741309][T19087] net_ratelimit: 5 callbacks suppressed [ 721.741320][T19087] openvswitch: netlink: Message has 218 unknown bytes. [ 722.468611][T19097] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2897'. [ 722.632771][T19101] netlink: 'syz.3.2900': attribute type 4 has an invalid length. [ 723.108043][T19113] netlink: 'syz.1.2902': attribute type 39 has an invalid length. [ 723.375200][T19117] bond0: entered promiscuous mode [ 723.376877][T19117] bond_slave_0: entered promiscuous mode [ 723.378906][T19117] bond_slave_1: entered promiscuous mode [ 723.380896][T19117] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 723.543084][ T5946] Bluetooth: hci3: unexpected event for opcode 0x1005 [ 723.612632][T18921] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 723.734107][T19123] netlink: 'syz.0.2905': attribute type 4 has an invalid length. [ 725.815980][T19166] netlink: 'syz.3.2913': attribute type 4 has an invalid length. [ 725.852996][T19167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2912'. [ 725.907698][T19168] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2912'. [ 726.510920][T19181] netlink: 'syz.0.2916': attribute type 4 has an invalid length. [ 726.669060][T19184] netlink: 'syz.2.2915': attribute type 10 has an invalid length. [ 726.673083][T19184] bridge0: port 3(syz_tun) entered disabled state [ 726.678213][T19184] bridge0: port 2(bridge_slave_1) entered disabled state [ 726.681187][T19184] bridge0: port 1(bridge_slave_0) entered disabled state [ 726.699820][T19184] bridge0: port 3(syz_tun) entered blocking state [ 726.702423][T19184] bridge0: port 3(syz_tun) entered forwarding state [ 726.705200][T19184] bridge0: port 2(bridge_slave_1) entered blocking state [ 726.707984][T19184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 726.710909][T19184] bridge0: port 1(bridge_slave_0) entered blocking state [ 726.713747][T19184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 726.724992][T19185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2915'. [ 726.725196][T19184] bridge0: entered promiscuous mode [ 726.731143][T19184] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 726.739383][T19185] syz_tun: left allmulticast mode [ 726.741290][T19185] syz_tun: left promiscuous mode [ 726.743420][T19185] bridge0: port 3(syz_tun) entered disabled state [ 726.749141][T19185] bridge_slave_1: left allmulticast mode [ 726.751508][T19185] bridge_slave_1: left promiscuous mode [ 726.754016][T19185] bridge0: port 2(bridge_slave_1) entered disabled state [ 726.759510][T19185] bridge_slave_0: left allmulticast mode [ 726.761948][T19185] bridge_slave_0: left promiscuous mode [ 726.764475][T19185] bridge0: port 1(bridge_slave_0) entered disabled state [ 726.854149][T19185] bond0: (slave bridge0): Releasing backup interface [ 726.857388][T19185] bridge0 (unregistering): left promiscuous mode [ 727.677441][T19200] overlayfs: failed to clone upperpath [ 728.073964][T19205] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 728.112583][ T40] audit: type=1800 audit(2000000053.909:422): pid=19206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2920" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 729.950397][T19235] netlink: 'syz.2.2926': attribute type 4 has an invalid length. [ 729.973326][T19236] netlink: 'syz.1.2927': attribute type 4 has an invalid length. [ 730.173782][T19242] netlink: 'syz.3.2928': attribute type 39 has an invalid length. [ 732.603663][T19271] overlayfs: failed to clone upperpath [ 732.697457][T19271] lo speed is unknown, defaulting to 1000 [ 732.700875][T19271] lo speed is unknown, defaulting to 1000 [ 732.703349][T19271] lo speed is unknown, defaulting to 1000 [ 732.739038][T19271] infiniband sz1: set active [ 732.740512][T19271] infiniband sz1: added lo [ 732.745459][T16674] lo speed is unknown, defaulting to 1000 [ 732.768933][T19271] RDS/IB: sz1: added [ 732.770575][T19271] smc: adding ib device sz1 with port count 1 [ 732.774264][T19271] smc: ib device sz1 port 1 has pnetid [ 732.778230][T19271] lo speed is unknown, defaulting to 1000 [ 732.816656][T19271] lo speed is unknown, defaulting to 1000 [ 732.854882][T19271] lo speed is unknown, defaulting to 1000 [ 732.896289][T19271] lo speed is unknown, defaulting to 1000 [ 733.165953][T16674] lo speed is unknown, defaulting to 1000 [ 733.391642][T19290] netlink: 'syz.3.2938': attribute type 4 has an invalid length. [ 733.512047][T19286] netlink: 'syz.0.2937': attribute type 39 has an invalid length. [ 733.617913][T19299] netlink: 'syz.1.2939': attribute type 4 has an invalid length. [ 734.427753][ T5946] Bluetooth: hci0: unexpected event for opcode 0x1005 [ 734.626710][T19320] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 734.730080][T19320] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 734.807235][T19320] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 734.895733][T19320] bond0: (slave netdevsim0): Releasing backup interface [ 734.902186][T19320] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode [ 734.911831][T19320] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.026201][T19320] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.034896][T19320] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.042517][T19320] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.051925][T19320] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.865133][T19331] : renamed from bond0 [ 735.870814][T19337] netlink: 'syz.0.2948': attribute type 39 has an invalid length. [ 735.982955][T19344] netlink: 'syz.3.2950': attribute type 4 has an invalid length. [ 736.288141][T19349] tc_dump_action: action bad kind [ 736.336035][T19349] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2952'. [ 736.366385][T19358] overlayfs: failed to clone upperpath [ 737.043051][T19368] trusted_key: encrypted_key: insufficient parameters specified [ 737.427880][ T5946] Bluetooth: hci2: unexpected event for opcode 0x1005 [ 737.745568][T19376] tipc: Enabling of bearer rejected, failed to enable media [ 738.018271][T19389] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 738.154555][T19392] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 738.169439][T19394] overlayfs: failed to clone upperpath [ 739.144246][T19413] netlink: 'syz.0.2966': attribute type 39 has an invalid length. [ 740.691973][T19447] netlink: 'syz.3.2974': attribute type 4 has an invalid length. [ 740.880807][T19443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2972'. [ 740.897819][T19443] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2972'. [ 740.920714][T19443] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2972'. [ 741.194232][T19453] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2975'. [ 741.769852][T19462] overlayfs: failed to clone upperpath [ 742.321525][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2979'. [ 742.712920][T19474] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2980'. [ 742.825334][T19478] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2980'. [ 743.045769][T19484] overlayfs: failed to clone upperpath [ 743.087199][T19490] netlink: 'syz.0.2985': attribute type 39 has an invalid length. [ 743.329642][T11825] libceph: connect (1)[c::]:6789 error -101 [ 743.331733][T11825] libceph: mon0 (1)[c::]:6789 connect error [ 743.593345][T11825] libceph: connect (1)[c::]:6789 error -101 [ 743.595458][T11825] libceph: mon0 (1)[c::]:6789 connect error [ 743.911343][T19494] ceph: No mds server is up or the cluster is laggy [ 744.318595][T19514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2996'. [ 744.511348][T19510] overlayfs: failed to clone upperpath [ 744.985340][T19526] netlink: 'syz.0.3000': attribute type 4 has an invalid length. [ 746.381229][ T40] audit: type=1326 audit(2000000072.179:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19559 comm="syz.2.2999" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ee579 code=0x0 [ 746.643557][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 746.699626][T19565] netlink: 'syz.0.2998': attribute type 10 has an invalid length. [ 747.408114][T19574] netlink: 'syz.0.3002': attribute type 4 has an invalid length. [ 747.579616][T19581] netlink: 'syz.1.3004': attribute type 1 has an invalid length. [ 747.588577][T19581] bond5: entered promiscuous mode [ 747.590313][T19581] 8021q: adding VLAN 0 to HW filter on device bond5 [ 747.699819][T19581] 8021q: adding VLAN 0 to HW filter on device bond5 [ 747.703141][T19581] bond5: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 747.707408][T19581] bond5: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 747.714639][T19581] bond5: (slave ip6gre1): making interface the new active one [ 747.717160][T19581] ip6gre1: entered promiscuous mode [ 747.719270][T19581] bond5: (slave ip6gre1): Enslaving as an active interface with an up link [ 747.791381][T19587] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3006'. [ 748.254567][T19603] netlink: 'syz.0.3007': attribute type 4 has an invalid length. [ 748.511131][T19607] netlink: 'syz.1.3008': attribute type 39 has an invalid length. [ 748.752203][T19612] gretap1: entered allmulticast mode [ 748.755619][T19612] bridge0: port 4(gretap1) entered blocking state [ 748.758501][T19612] bridge0: port 4(gretap1) entered disabled state [ 748.762169][T19612] gretap1: entered promiscuous mode [ 748.765033][T19612] bridge0: port 4(gretap1) entered blocking state [ 748.768115][T19612] bridge0: port 4(gretap1) entered forwarding state [ 748.787676][T19612] syz_tun: left allmulticast mode [ 748.789857][T19612] syz_tun: left promiscuous mode [ 748.792045][T19612] bridge0: port 3(syz_tun) entered disabled state [ 748.804353][T19612] bridge_slave_0: left allmulticast mode [ 748.806827][T19612] bridge_slave_0: left promiscuous mode [ 748.809209][T19612] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.815164][T19612] bridge_slave_1: left allmulticast mode [ 748.817743][T19612] bridge_slave_1: left promiscuous mode [ 748.820194][T19612] bridge0: port 2(bridge_slave_1) entered disabled state [ 748.831249][T19612] bond0: (slave bond_slave_0): Releasing backup interface [ 748.839963][T19614] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3010'. [ 748.843935][T19612] bond0: (slave bond_slave_1): Releasing backup interface [ 748.859036][T19612] bond0: (slave netdevsim0): Releasing backup interface [ 748.864369][T19612] gretap1: left promiscuous mode [ 748.866161][T19612] bridge0: port 4(gretap1) entered disabled state [ 748.896368][T19613] lo speed is unknown, defaulting to 1000 [ 749.473462][T19625] netlink: 'syz.0.3012': attribute type 10 has an invalid length. [ 749.476812][T19625] bridge0: port 3(syz_tun) entered disabled state [ 749.480601][T19625] bridge0: port 2(bridge_slave_1) entered disabled state [ 749.483182][T19625] bridge0: port 1(bridge_slave_0) entered disabled state [ 749.501311][T19625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3012'. [ 749.504937][T19625] syz_tun: left allmulticast mode [ 749.506933][T19625] syz_tun: left promiscuous mode [ 749.509385][T19625] bridge0: port 3(syz_tun) entered disabled state [ 749.513570][T19620] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3011'. [ 749.517958][T19620] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3011'. [ 749.521436][T19620] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3011'. [ 749.532734][T19625] bridge_slave_1: left allmulticast mode [ 749.534533][T19625] bridge_slave_1: left promiscuous mode [ 749.536571][T19625] bridge0: port 2(bridge_slave_1) entered disabled state [ 749.543586][T19625] bridge_slave_0: left allmulticast mode [ 749.545349][T19625] bridge_slave_0: left promiscuous mode [ 749.547307][T19625] bridge0: port 1(bridge_slave_0) entered disabled state [ 750.057727][T19632] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3014'. [ 750.155650][T19637] netlink: 'syz.3.3015': attribute type 4 has an invalid length. [ 750.729117][T19647] overlayfs: failed to clone upperpath [ 750.738712][T19647] rdma_rxe: rxe_newlink: failed to add lo [ 751.739495][T19664] netlink: 'syz.1.3021': attribute type 10 has an invalid length. [ 751.966038][T19665] netlink: 'syz.3.3020': attribute type 4 has an invalid length. [ 752.775491][T19681] netlink: 'syz.3.3025': attribute type 39 has an invalid length. [ 752.855965][T19685] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3026'. [ 753.072410][T19690] netlink: 'syz.0.3027': attribute type 4 has an invalid length. [ 753.714815][T19706] ipt_REJECT: ECHOREPLY no longer supported. [ 753.970783][T19714] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.087067][T19714] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.177716][T19714] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.185634][T19719] netlink: 'syz.3.3033': attribute type 10 has an invalid length. [ 754.197364][T19719] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 754.286758][T19714] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.518449][T19714] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 754.526494][T19714] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 754.534363][T19714] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 754.539338][T19714] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 754.563807][T19721] netlink: 'syz.2.3034': attribute type 39 has an invalid length. [ 754.625125][T19725] netlink: 'syz.0.3036': attribute type 39 has an invalid length. [ 755.210795][T19731] 9pnet_fd: Insufficient options for proto=fd [ 755.213399][T19732] netlink: 'syz.2.3037': attribute type 10 has an invalid length. [ 755.228333][ T5946] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 755.238321][T19734] Process accounting resumed [ 755.309658][T19738] netlink: 'syz.3.3040': attribute type 4 has an invalid length. [ 755.602702][T18921] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 755.631289][T19744] trusted_key: encrypted_key: insufficient parameters specified [ 756.177315][T19755] netlink: 'syz.3.3045': attribute type 39 has an invalid length. [ 756.237516][T19757] netlink: 'syz.3.3046': attribute type 39 has an invalid length. [ 757.416055][T19781] siw: device registration error -23 [ 757.435472][T19783] fuse: Bad value for 'fd' [ 757.453245][T19783] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3051'. [ 757.472615][T19783] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3051'. [ 757.621392][T19792] netlink: 'syz.1.3054': attribute type 39 has an invalid length. [ 757.654806][T19794] netlink: 'syz.2.3053': attribute type 4 has an invalid length. [ 757.777045][T19796] netlink: 'syz.1.3055': attribute type 39 has an invalid length. [ 758.630993][T19764] syz.3.3047 (19764) used greatest stack depth: 19360 bytes left [ 759.005502][T19786] Set syz1 is full, maxelem 65536 reached [ 759.256257][T19819] netlink: 'syz.0.3061': attribute type 4 has an invalid length. [ 760.568993][T19846] netlink: 'syz.3.3066': attribute type 4 has an invalid length. [ 761.481855][T19861] netlink: 'syz.2.3077': attribute type 4 has an invalid length. [ 761.945333][T19867] bond0: entered promiscuous mode [ 761.946936][T19867] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 762.040013][ T5946] Bluetooth: hci1: unexpected event for opcode 0x1005 [ 762.236484][T19863] IPVS: persistence engine module ip_vs_pe_& not found [ 762.507730][T19880] netlink: 'syz.0.3079': attribute type 4 has an invalid length. [ 763.975736][T19900] netlink: 'syz.2.3078': attribute type 39 has an invalid length. [ 764.176471][T19914] netlink: 'syz.1.3081': attribute type 39 has an invalid length. [ 764.506335][ T5953] Bluetooth: hci3: unexpected event for opcode 0x1005 [ 764.816701][T19921] IPVS: persistence engine module ip_vs_pe_& not found [ 764.935465][T19870] Set syz1 is full, maxelem 65536 reached [ 764.981726][T19929] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? [ 765.083210][T19933] netlink: 'syz.3.3086': attribute type 4 has an invalid length. [ 765.331136][T19938] lo speed is unknown, defaulting to 1000 [ 765.442717][ T5953] Bluetooth: hci0: command 0x0406 tx timeout [ 765.593271][T19932] ebtables: wrong size: *len 120, entries_size 48, replsz 48 [ 766.033315][ T5953] Bluetooth: hci0: unexpected subevent 0x1a length: 10 > 6 [ 766.086639][T19944] netlink: 'syz.3.3088': attribute type 39 has an invalid length. [ 766.112997][ T5953] Bluetooth: hci2: unexpected event for opcode 0x202f [ 766.213158][T19958] netlink: 'syz.0.3095': attribute type 39 has an invalid length. [ 766.367667][T19966] netlink: 'syz.3.3098': attribute type 39 has an invalid length. [ 766.554500][T19977] netlink: 'syz.0.3097': attribute type 4 has an invalid length. [ 766.704230][T19980] lo speed is unknown, defaulting to 1000 [ 767.076187][T19988] overlayfs: failed to clone upperpath [ 767.118364][T19991] netlink: 'syz.1.3104': attribute type 39 has an invalid length. [ 767.215193][T19996] netlink: 'syz.1.3106': attribute type 39 has an invalid length. [ 767.281956][T20000] netlink: 'syz.1.3108': attribute type 39 has an invalid length. [ 767.339988][ T5953] Bluetooth: hci1: unexpected event for opcode 0x2060 [ 767.983949][T20024] netlink: 'syz.2.3114': attribute type 39 has an invalid length. [ 768.097644][T20031] netlink: 'syz.2.3116': attribute type 4 has an invalid length. [ 768.417136][T20042] overlayfs: failed to clone upperpath [ 768.504759][ T40] audit: type=1800 audit(2000000094.308:424): pid=20048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3119" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 770.066974][ T5953] Bluetooth: hci0: unexpected event for opcode 0x041b [ 770.076979][T20097] overlayfs: failed to clone upperpath [ 770.343050][T20101] /dev/nullb0: Can't lookup blockdev [ 770.984637][T20119] validate_nla: 8 callbacks suppressed [ 770.984648][T20119] netlink: 'syz.0.3145': attribute type 39 has an invalid length. [ 772.185672][T20136] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 772.187592][T20136] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 772.236310][T20143] netlink: 'syz.3.3150': attribute type 4 has an invalid length. [ 772.241028][ T5953] Bluetooth: hci2: unexpected event for opcode 0x2041 [ 772.330357][T20146] overlayfs: failed to clone upperpath [ 772.467133][ T5953] Bluetooth: hci0: unexpected event for opcode 0x2011 [ 772.485401][T20157] dns_resolver: Unsupported content type (24) [ 772.499818][T20159] netlink: 'syz.2.3157': attribute type 39 has an invalid length. [ 772.549279][ T5953] Bluetooth: hci0: unexpected event for opcode 0x0c24 [ 772.579492][T20169] netlink: 'syz.1.3162': attribute type 39 has an invalid length. [ 772.678562][T20183] netlink: 'syz.1.3169': attribute type 39 has an invalid length. [ 772.750482][ T40] audit: type=1800 audit(2000000098.548:425): pid=20187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3171" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 772.793255][ T5953] Bluetooth: hci3: unexpected event for opcode 0x0c03 [ 772.909715][T20196] netlink: 'syz.1.3175': attribute type 39 has an invalid length. [ 773.019372][T20205] netlink: 'syz.1.3178': attribute type 39 has an invalid length. [ 773.128231][ T5953] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 773.184622][T20219] netlink: 'syz.1.3185': attribute type 39 has an invalid length. [ 774.304473][T20255] netlink: 'syz.1.3196': attribute type 39 has an invalid length. [ 774.334103][T20261] netlink: 'syz.3.3199': attribute type 39 has an invalid length. [ 774.625736][T20265] overlayfs: failed to clone upperpath [ 774.891566][T20273] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 775.570822][T20290] infiniband sz1: set down [ 775.574662][ T57] lo speed is unknown, defaulting to 1000 [ 775.577636][ T57] lo speed is unknown, defaulting to 1000 [ 775.800675][T20275] syz.3.3205 (20275) used greatest stack depth: 19200 bytes left [ 776.544318][T20321] Set syz1 is full, maxelem 65536 reached [ 776.582122][T20326] validate_nla: 2 callbacks suppressed [ 776.582132][T20326] netlink: 'syz.2.3218': attribute type 39 has an invalid length. [ 777.776983][ T5953] Bluetooth: hci2: unexpected event for opcode 0x2012 [ 778.880174][T20387] overlayfs: failed to clone upperpath [ 779.072280][T20328] syz.2.3219 (20328) used greatest stack depth: 18864 bytes left [ 779.638789][T20416] netlink: 'syz.2.3249': attribute type 39 has an invalid length. [ 779.925572][T20435] netlink: 'syz.0.3258': attribute type 39 has an invalid length. [ 779.965979][T20442] overlayfs: failed to clone upperpath [ 780.413698][T20460] netlink: 'syz.2.3264': attribute type 4 has an invalid length. [ 781.055542][T20496] netlink: 'syz.3.3280': attribute type 39 has an invalid length. [ 781.552955][T20512] netlink: 'syz.2.3286': attribute type 4 has an invalid length. [ 781.845294][ T5953] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 781.848150][ T5953] Bluetooth: hci2: Injecting HCI hardware error event [ 781.852750][ T5946] Bluetooth: hci2: hardware error 0x00 [ 781.872762][T20516] netlink: 'syz.0.3289': attribute type 39 has an invalid length. [ 782.661020][T20529] gretap1: entered allmulticast mode [ 782.809201][T20542] overlayfs: failed to clone upperpath [ 782.947883][T20539] bond0: (slave bond_slave_0): Releasing backup interface [ 782.950264][T20539] bond_slave_0: left promiscuous mode [ 782.970580][T20539] bond0: (slave bond_slave_1): Releasing backup interface [ 782.974147][T20545] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3291'. [ 782.977241][T20539] bond_slave_1: left promiscuous mode [ 783.000988][T20539] team0: Port device team_slave_0 removed [ 783.021596][T20539] team0: Port device team_slave_1 removed [ 783.030788][T20539] bond5: (slave ip6gre1): Releasing backup interface [ 783.033179][T20539] ip6gre1: left promiscuous mode [ 783.775147][T20591] netlink: 'syz.2.3315': attribute type 39 has an invalid length. [ 783.862313][T20597] netlink: 'syz.2.3326': attribute type 39 has an invalid length. [ 783.922712][ T5946] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 784.121034][T20608] overlayfs: failed to clone upperpath [ 784.294118][T20613] netlink: 676 bytes leftover after parsing attributes in process `syz.1.3323'. [ 784.298390][T20613] netlink: 676 bytes leftover after parsing attributes in process `syz.1.3323'. [ 785.386614][T20641] netlink: 'syz.2.3336': attribute type 39 has an invalid length. [ 785.725889][T20651] netlink: 'syz.2.3338': attribute type 39 has an invalid length. [ 785.852837][T20656] netlink: 'syz.2.3339': attribute type 4 has an invalid length. [ 786.107008][T20660] netlink: 'syz.1.3340': attribute type 10 has an invalid length. [ 786.410987][T20671] netlink: 'syz.3.3345': attribute type 39 has an invalid length. [ 786.712411][T20677] netlink: 'syz.0.3342': attribute type 10 has an invalid length. [ 786.933623][T20680] netlink: 'syz.2.3347': attribute type 39 has an invalid length. [ 786.974799][T20682] gretap1: entered allmulticast mode [ 786.977164][T20682] bridge0: port 1(gretap1) entered blocking state [ 786.979153][T20682] bridge0: port 1(gretap1) entered disabled state [ 786.982002][T20682] gretap1: entered promiscuous mode [ 786.988511][T20682] bridge0: port 1(gretap1) entered blocking state [ 786.990510][T20682] bridge0: port 1(gretap1) entered forwarding state [ 786.993843][T20675] bridge0: port 1(hsr_slave_1) entered blocking state [ 786.996071][T20675] bridge0: port 1(hsr_slave_1) entered disabled state [ 786.998253][T20675] hsr_slave_1: entered allmulticast mode [ 787.000575][T20675] hsr_slave_1: left allmulticast mode [ 787.014262][T20682] : (slave bond_slave_0): Releasing backup interface [ 787.016860][T20682] bond_slave_0: left promiscuous mode [ 787.023230][T20682] : (slave bond_slave_1): Releasing backup interface [ 787.026190][T20682] bond_slave_1: left promiscuous mode [ 787.040066][T20682] : (slave netdevsim0): Releasing backup interface [ 787.043376][T20682] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 787.049909][T20682] bond2: (slave ip6gre1): Releasing backup interface [ 787.051961][T20682] ip6gre1: left promiscuous mode [ 787.057379][T20682] gretap1: left promiscuous mode [ 787.059046][T20682] bridge0: port 1(gretap1) entered disabled state [ 787.109737][T20686] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3348'. [ 787.401779][T20704] overlayfs: failed to clone upperpath [ 787.602899][T18921] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 788.151494][T20732] netlink: 'syz.1.3360': attribute type 10 has an invalid length. [ 789.347833][T20769] netlink: 'syz.3.3375': attribute type 4 has an invalid length. [ 789.708218][T20773] overlayfs: failed to clone upperpath [ 789.945602][T20784] netlink: 'syz.0.3380': attribute type 39 has an invalid length. [ 790.547232][T20805] vcan0: entered allmulticast mode [ 790.619240][ T5946] Bluetooth: hci0: unexpected event for opcode 0x1005 [ 790.875567][T20813] netlink: 'syz.0.3389': attribute type 39 has an invalid length. [ 791.363105][T20827] overlayfs: failed to clone upperpath [ 791.489542][T20834] netlink: 'syz.2.3399': attribute type 39 has an invalid length. [ 791.492318][T20836] netlink: 'syz.3.3398': attribute type 39 has an invalid length. [ 791.534918][ T40] audit: type=1326 audit(2000000117.338:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20837 comm="syz.3.3400" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f20579 code=0x0 [ 791.771472][T20855] netlink: 'syz.2.3403': attribute type 4 has an invalid length. [ 792.514891][T20869] lo speed is unknown, defaulting to 1000 [ 792.740553][T20866] ebtables: wrong size: *len 120, entries_size 48, replsz 48 [ 793.285651][T20883] vcan0: entered allmulticast mode [ 793.319560][T20888] netlink: 'syz.1.3410': attribute type 39 has an invalid length. [ 793.705736][T20897] overlayfs: failed to clone upperpath [ 793.780985][T20904] netlink: 'syz.2.3415': attribute type 39 has an invalid length. [ 793.830055][T20907] netlink: 'syz.2.3416': attribute type 39 has an invalid length. [ 793.913045][T20910] netlink: 'syz.2.3417': attribute type 4 has an invalid length. [ 793.931608][T20911] netlink: 'syz.0.3412': attribute type 10 has an invalid length. [ 794.244705][T20917] netlink: 'syz.3.3420': attribute type 39 has an invalid length. [ 794.664509][T20929] netlink: 'syz.1.3423': attribute type 4 has an invalid length. [ 794.849333][T20934] netlink: 'syz.2.3425': attribute type 39 has an invalid length. [ 794.849615][T20935] ipt_REJECT: ECHOREPLY no longer supported. [ 794.900944][T20939] netlink: 'syz.2.3426': attribute type 39 has an invalid length. [ 795.177876][T20951] netlink: 'syz.3.3429': attribute type 39 has an invalid length. [ 796.526765][T20990] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3436'. [ 797.005071][ T40] audit: type=1326 audit(2000000122.812:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21001 comm="syz.1.3439" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf746e579 code=0x0 [ 798.728077][T21070] overlayfs: failed to clone upperpath [ 799.222936][T21076] validate_nla: 4 callbacks suppressed [ 799.222951][T21076] netlink: 'syz.1.3463': attribute type 4 has an invalid length. [ 799.378804][T21083] netlink: 'syz.0.3466': attribute type 39 has an invalid length. [ 799.412370][T21085] netlink: 'syz.3.3465': attribute type 4 has an invalid length. [ 800.645018][T21137] netlink: 'syz.2.3484': attribute type 4 has an invalid length. [ 802.335943][T21199] netlink: 'syz.3.3500': attribute type 39 has an invalid length. [ 802.344763][T21201] overlayfs: failed to clone upperpath [ 802.555887][T21215] netlink: 'syz.3.3506': attribute type 39 has an invalid length. [ 803.216842][T21236] netlink: 'syz.1.3515': attribute type 39 has an invalid length. [ 803.302490][T21247] netlink: 'syz.1.3517': attribute type 4 has an invalid length. [ 803.356674][T21249] netlink: 'syz.2.3519': attribute type 4 has an invalid length. [ 803.551816][T21253] netlink: 'syz.3.3521': attribute type 39 has an invalid length. [ 803.688586][T21265] overlayfs: failed to clone upperpath [ 804.238673][T21278] validate_nla: 2 callbacks suppressed [ 804.238684][T21278] netlink: 'syz.2.3529': attribute type 39 has an invalid length. [ 804.376589][T21291] netlink: 'syz.2.3534': attribute type 4 has an invalid length. [ 804.654285][T21300] netlink: 'syz.3.3536': attribute type 39 has an invalid length. [ 804.824421][T21307] netlink: 'syz.3.3538': attribute type 4 has an invalid length. [ 805.248030][T21316] netlink: 'syz.0.3542': attribute type 39 has an invalid length. [ 805.269551][T21314] netlink: 'syz.2.3540': attribute type 39 has an invalid length. [ 805.289915][T21320] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3543'. [ 805.297001][T21323] overlayfs: failed to clone upperpath [ 805.407631][T21335] netlink: 'syz.2.3548': attribute type 4 has an invalid length. [ 805.604431][T21341] netlink: 'syz.0.3551': attribute type 39 has an invalid length. [ 805.670628][T21349] netlink: 'syz.0.3555': attribute type 39 has an invalid length. [ 805.767992][T21357] lo speed is unknown, defaulting to 1000 [ 805.770011][T21357] lo speed is unknown, defaulting to 1000 [ 805.774318][T21357] lo speed is unknown, defaulting to 1000 [ 805.780841][T21357] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 805.803531][T21357] lo speed is unknown, defaulting to 1000 [ 805.806768][T21357] lo speed is unknown, defaulting to 1000 [ 805.808924][T21357] lo speed is unknown, defaulting to 1000 [ 805.810970][T21357] lo speed is unknown, defaulting to 1000 [ 805.882818][T21360] netlink: 'syz.0.3560': attribute type 39 has an invalid length. [ 806.310814][T21392] overlayfs: failed to clone upperpath [ 806.942832][T21421] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3584'. [ 807.470396][T21440] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3592'. [ 807.479573][T21440] –eth0_vlan: renamed from bridge_slave_1 (while UP) [ 807.516061][T21444] overlayfs: failed to clone upperpath [ 808.094075][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.549948][T21521] validate_nla: 9 callbacks suppressed [ 809.549964][T21521] netlink: 'syz.1.3619': attribute type 39 has an invalid length. [ 809.730179][T21535] netlink: 'syz.0.3624': attribute type 4 has an invalid length. [ 809.760523][T21533] netlink: 'syz.3.3625': attribute type 39 has an invalid length. [ 810.390944][T21549] netlink: 'syz.1.3627': attribute type 4 has an invalid length. [ 810.437061][T21548] netlink: 'syz.3.3628': attribute type 39 has an invalid length. [ 810.683251][T21561] netlink: 'syz.3.3632': attribute type 39 has an invalid length. [ 810.983084][T21579] netlink: 'syz.3.3636': attribute type 39 has an invalid length. [ 811.019841][T21581] netlink: 'syz.2.3637': attribute type 39 has an invalid length. [ 811.140713][T21592] netlink: 'syz.3.3643': attribute type 39 has an invalid length. [ 811.525897][T21606] netlink: 'syz.3.3653': attribute type 4 has an invalid length. [ 812.435263][ T5946] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 813.065470][T21700] bridge_slave_0: entered promiscuous mode [ 813.233249][T21711] overlayfs: failed to clone upperpath [ 813.698733][T21718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3690'. [ 814.621993][T21755] overlayfs: failed to clone upperpath [ 814.680245][T21756] validate_nla: 10 callbacks suppressed [ 814.680261][T21756] netlink: 'syz.1.3702': attribute type 4 has an invalid length. [ 814.833739][T21763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3705'. [ 815.299460][T21779] netlink: 'syz.2.3709': attribute type 4 has an invalid length. [ 815.302400][T21779] netlink: 'syz.2.3709': attribute type 4 has an invalid length. [ 816.277121][T21810] overlayfs: failed to clone upperpath [ 816.281681][T21808] netlink: 'syz.2.3719': attribute type 4 has an invalid length. [ 816.319024][T21808] netlink: 'syz.2.3719': attribute type 4 has an invalid length. [ 817.312302][T21822] ------------[ cut here ]------------ [ 817.315222][T21822] WARNING: CPU: 1 PID: 21822 at mm/shmem.c:1307 shmem_evict_inode+0x8b3/0xba0 [ 817.318957][T21822] Modules linked in: [ 817.320516][T21822] CPU: 1 UID: 0 PID: 21822 Comm: syz.0.3721 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0 [ 817.325709][T21822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 817.329122][T21822] RIP: 0010:shmem_evict_inode+0x8b3/0xba0 [ 817.330940][T21822] Code: e6 e8 b1 eb be ff 45 85 e4 75 aa e8 a7 f0 be ff 48 8b 74 24 28 48 8b 7c 24 30 e8 78 89 98 ff e9 1a fe ff ff e8 8e f0 be ff 90 <0f> 0b 90 e9 8d f9 ff ff e8 80 f0 be ff 4c 89 e2 48 b8 00 00 00 00 [ 817.337381][T21822] RSP: 0018:ffffc90025567798 EFLAGS: 00010293 [ 817.339946][T21822] RAX: 0000000000000000 RBX: ffff88805c6a4fe0 RCX: ffffffff81da163f [ 817.343604][T21822] RDX: ffff8880218dc880 RSI: ffffffff81da1cb2 RDI: 0000000000000007 [ 817.347136][T21822] RBP: ffffc900255678c8 R08: 0000000000000007 R09: 0000000000000000 [ 817.350414][T21822] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008 [ 817.353781][T21822] R13: 0000000000000000 R14: ffffed100b8d49f8 R15: dffffc0000000000 [ 817.356796][T21822] FS: 0000000000000000(0000) GS:ffff88802b500000(0000) knlGS:0000000000000000 [ 817.359596][T21822] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 817.362488][T21822] CR2: 00000000f739a85c CR3: 000000005af80000 CR4: 0000000000352ef0 [ 817.365934][T21822] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 817.369012][T21822] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 817.371739][T21822] Call Trace: [ 817.373226][T21822] [ 817.374245][T21822] ? __warn+0xea/0x3c0 [ 817.375534][T21822] ? shmem_evict_inode+0x8b3/0xba0 [ 817.377479][T21822] ? report_bug+0x3c0/0x580 [ 817.379465][T21822] ? handle_bug+0x54/0xa0 [ 817.381084][T21822] ? exc_invalid_op+0x17/0x50 [ 817.383095][T21822] ? asm_exc_invalid_op+0x1a/0x20 [ 817.384671][T21822] ? shmem_evict_inode+0x23f/0xba0 [ 817.386209][T21822] ? shmem_evict_inode+0x8b2/0xba0 [ 817.387812][T21822] ? shmem_evict_inode+0x8b3/0xba0 [ 817.389876][T21822] ? shmem_evict_inode+0x8b2/0xba0 [ 817.392047][T21822] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 817.394925][T21822] ? find_held_lock+0x2d/0x110 [ 817.396980][T21822] ? __pfx_shmem_evict_inode+0x10/0x10 [ 817.399277][T21822] ? evict+0x3c8/0x960 [ 817.400912][T21822] ? __pfx_lock_release+0x10/0x10 [ 817.402443][T21822] ? lock_acquire+0x2f/0xb0 [ 817.404424][T21822] ? __pfx_shmem_evict_inode+0x10/0x10 [ 817.406711][T21822] evict+0x409/0x960 [ 817.408395][T21822] ? __pfx_evict+0x10/0x10 [ 817.410300][T21822] iput+0x52a/0x890 [ 817.411947][T21822] ? __pfx_generic_delete_inode+0x10/0x10 [ 817.414432][T21822] dentry_unlink_inode+0x29c/0x480 [ 817.416621][T21822] __dentry_kill+0x1d0/0x600 [ 817.418601][T21822] dput.part.0+0x4b1/0x9b0 [ 817.420502][T21822] dput+0x1f/0x30 [ 817.422056][T21822] __fput+0x515/0xb60 [ 817.423959][T21822] ? _raw_spin_unlock_irq+0x23/0x50 [ 817.426290][T21822] task_work_run+0x14e/0x250 [ 817.428283][T21822] ? __pfx_task_work_run+0x10/0x10 [ 817.430589][T21822] ? do_raw_spin_unlock+0x172/0x230 [ 817.432883][T21822] do_exit+0xad8/0x2d70 [ 817.434583][T21822] ? get_signal+0x8f7/0x2610 [ 817.436454][T21822] ? __pfx_do_exit+0x10/0x10 [ 817.438259][T21822] ? do_raw_spin_lock+0x12d/0x2c0 [ 817.440314][T21822] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 817.442446][T21822] do_group_exit+0xd3/0x2a0 [ 817.444554][T21822] get_signal+0x2576/0x2610 [ 817.446525][T21822] ? __pfx_get_signal+0x10/0x10 [ 817.448834][T21822] ? __pfx_do_futex+0x10/0x10 [ 817.450888][T21822] arch_do_signal_or_restart+0x90/0x7e0 [ 817.453328][T21822] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 817.455912][T21822] syscall_exit_to_user_mode+0x150/0x2a0 [ 817.458329][T21822] __do_fast_syscall_32+0x80/0x120 [ 817.460661][T21822] do_fast_syscall_32+0x32/0x80 [ 817.462372][T21822] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 817.465053][T21822] RIP: 0023:0xf7f3f579 [ 817.466846][T21822] Code: Unable to access opcode bytes at 0xf7f3f54f. [ 817.469514][T21822] RSP: 002b:00000000f4c0160c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 817.473216][T21822] RAX: fffffffffffffe00 RBX: 00000000f7405138 RCX: 0000000000000080 [ 817.476349][T21822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f740513c [ 817.479113][T21822] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 817.482217][T21822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 817.485648][T21822] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 817.488951][T21822] [ 817.490310][T21822] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 817.493384][T21822] CPU: 1 UID: 0 PID: 21822 Comm: syz.0.3721 Not tainted 6.13.0-syzkaller-04858-g21266b8df522 #0 [ 817.497705][T21822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 817.502132][T21822] Call Trace: [ 817.503536][T21822] [ 817.504849][T21822] dump_stack_lvl+0x3d/0x1f0 [ 817.506883][T21822] panic+0x71d/0x800 [ 817.508555][T21822] ? __pfx_panic+0x10/0x10 [ 817.510497][T21822] ? show_trace_log_lvl+0x29d/0x3d0 [ 817.512515][T21822] ? check_panic_on_warn+0x1f/0xb0 [ 817.514568][T21822] ? shmem_evict_inode+0x8b3/0xba0 [ 817.516574][T21822] check_panic_on_warn+0xab/0xb0 [ 817.518445][T21822] __warn+0xf6/0x3c0 [ 817.520055][T21822] ? shmem_evict_inode+0x8b3/0xba0 [ 817.522215][T21822] report_bug+0x3c0/0x580 [ 817.523992][T21822] handle_bug+0x54/0xa0 [ 817.525756][T21822] exc_invalid_op+0x17/0x50 [ 817.527678][T21822] asm_exc_invalid_op+0x1a/0x20 [ 817.529736][T21822] RIP: 0010:shmem_evict_inode+0x8b3/0xba0 [ 817.532123][T21822] Code: e6 e8 b1 eb be ff 45 85 e4 75 aa e8 a7 f0 be ff 48 8b 74 24 28 48 8b 7c 24 30 e8 78 89 98 ff e9 1a fe ff ff e8 8e f0 be ff 90 <0f> 0b 90 e9 8d f9 ff ff e8 80 f0 be ff 4c 89 e2 48 b8 00 00 00 00 [ 817.540187][T21822] RSP: 0018:ffffc90025567798 EFLAGS: 00010293 [ 817.542774][T21822] RAX: 0000000000000000 RBX: ffff88805c6a4fe0 RCX: ffffffff81da163f [ 817.546124][T21822] RDX: ffff8880218dc880 RSI: ffffffff81da1cb2 RDI: 0000000000000007 [ 817.549437][T21822] RBP: ffffc900255678c8 R08: 0000000000000007 R09: 0000000000000000 [ 817.552774][T21822] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008 [ 817.556110][T21822] R13: 0000000000000000 R14: ffffed100b8d49f8 R15: dffffc0000000000 [ 817.559451][T21822] ? shmem_evict_inode+0x23f/0xba0 [ 817.561635][T21822] ? shmem_evict_inode+0x8b2/0xba0 [ 817.564027][T21822] ? shmem_evict_inode+0x8b2/0xba0 [ 817.566146][T21822] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 817.568796][T21822] ? find_held_lock+0x2d/0x110 [ 817.570817][T21822] ? __pfx_shmem_evict_inode+0x10/0x10 [ 817.573134][T21822] ? evict+0x3c8/0x960 [ 817.574964][T21822] ? __pfx_lock_release+0x10/0x10 [ 817.577166][T21822] ? lock_acquire+0x2f/0xb0 [ 817.579090][T21822] ? __pfx_shmem_evict_inode+0x10/0x10 [ 817.581453][T21822] evict+0x409/0x960 [ 817.583183][T21822] ? __pfx_evict+0x10/0x10 [ 817.585107][T21822] iput+0x52a/0x890 [ 817.586872][T21822] ? __pfx_generic_delete_inode+0x10/0x10 [ 817.589283][T21822] dentry_unlink_inode+0x29c/0x480 [ 817.591377][T21822] __dentry_kill+0x1d0/0x600 [ 817.593432][T21822] dput.part.0+0x4b1/0x9b0 [ 817.595363][T21822] dput+0x1f/0x30 [ 817.596899][T21822] __fput+0x515/0xb60 [ 817.598494][T21822] ? _raw_spin_unlock_irq+0x23/0x50 [ 817.600621][T21822] task_work_run+0x14e/0x250 [ 817.602617][T21822] ? __pfx_task_work_run+0x10/0x10 [ 817.604842][T21822] ? do_raw_spin_unlock+0x172/0x230 [ 817.607025][T21822] do_exit+0xad8/0x2d70 [ 817.608804][T21822] ? get_signal+0x8f7/0x2610 [ 817.610652][T21822] ? __pfx_do_exit+0x10/0x10 [ 817.612630][T21822] ? do_raw_spin_lock+0x12d/0x2c0 [ 817.614510][T21822] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 817.616331][T21822] do_group_exit+0xd3/0x2a0 [ 817.617894][T21822] get_signal+0x2576/0x2610 [ 817.619561][T21822] ? __pfx_get_signal+0x10/0x10 [ 817.621164][T21822] ? __pfx_do_futex+0x10/0x10 [ 817.622862][T21822] arch_do_signal_or_restart+0x90/0x7e0 [ 817.625211][T21822] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 817.627359][T21822] syscall_exit_to_user_mode+0x150/0x2a0 [ 817.629381][T21822] __do_fast_syscall_32+0x80/0x120 [ 817.631164][T21822] do_fast_syscall_32+0x32/0x80 [ 817.632936][T21822] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 817.635383][T21822] RIP: 0023:0xf7f3f579 [ 817.636901][T21822] Code: Unable to access opcode bytes at 0xf7f3f54f. [ 817.639287][T21822] RSP: 002b:00000000f4c0160c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 817.642286][T21822] RAX: fffffffffffffe00 RBX: 00000000f7405138 RCX: 0000000000000080 [ 817.645044][T21822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f740513c [ 817.647705][T21822] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 817.650843][T21822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 817.654065][T21822] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 817.657418][T21822] [ 817.659273][T21822] Kernel Offset: disabled [ 817.661109][T21822] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:38:59 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000001 RBX=ffff8880731fcb40 RCX=ffffffff8176c77e RDX=ffffed100e63f969 RSI=0000000000000004 RDI=ffffc900255ff680 RBP=1ffff92004abfecc RSP=ffffc900255ff650 R8 =0000000000000001 R9 =ffffed100e63f968 R10=ffff8880731fcb43 R11=0000000000000001 R12=ffff8880731fcb48 R13=ffff8880731fcb50 R14=ffff8880731fcb28 R15=ffffc900255ff898 RIP=ffffffff81fba5b0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f4c01bac CR3=000000006e790000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000b900000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8516b8a5 RDI=ffffffff9aac64c0 RBP=ffffffff9aac6480 RSP=ffffc90025567118 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000004 R12=0000000000000000 R13=0000000000000032 R14=ffffffff8516b840 R15=0000000000000000 RIP=ffffffff8516b8cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f739a85c CR3=000000005af80000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000b900000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000004 RBX=ffff888025972f92 RCX=0000000000000001 RDX=0000000000000002 RSI=ffff888025972f70 RDI=ffff888025972440 RBP=0000000000000003 RSP=ffffc900041f7270 R8 =0000000000000000 R9 =fffffbfff2dc2bc8 R10=ffffffff96e15e47 R11=0000000000000003 R12=0000000000000000 R13=ffff888025972440 R14=000000000000008c R15=ffff888025972f70 RIP=ffffffff8175f8c0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fae702d4d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055844f848000 CR3=000000004bcec000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=87d0407287d04072 87d0407287d04072 87d0407287d04072 87d0407287d04072 87d0407287d04072 87d0407287d04072 87d0407287d04072 87d0407287d04072 ZMM22=3374c9113374c911 3374c9113374c911 3374c9113374c911 3374c9113374c911 3374c9113374c911 3374c9113374c911 3374c9113374c911 3374c9113374c911 ZMM23=620e9393620e9393 620e9393620e9393 620e9393620e9393 620e9393620e9393 620e9393620e9393 620e9393620e9393 620e9393620e9393 620e9393620e9393 ZMM24=d42ba9ebd42ba9eb d42ba9ebd42ba9eb d42ba9ebd42ba9eb d42ba9ebd42ba9eb d42ba9ebd42ba9eb d42ba9ebd42ba9eb d42ba9ebd42ba9eb d42ba9ebd42ba9eb ZMM25=95f3e30695f3e306 95f3e30695f3e306 95f3e30695f3e306 95f3e30695f3e306 95f3e30695f3e306 95f3e30695f3e306 95f3e30695f3e306 95f3e30695f3e306 ZMM26=b87834c3b87834c3 b87834c3b87834c3 b87834c3b87834c3 b87834c3b87834c3 b87834c3b87834c3 b87834c3b87834c3 b87834c3b87834c3 b87834c3b87834c3 ZMM27=6342450263424502 6342450263424502 6342450263424502 6342450263424502 6342450263424502 6342450263424502 6342450263424502 6342450263424502 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=471d0000471d0000 471d0000471d0000 471d0000471d0000 471d0000471d0000 471d0000471d0000 471d0000471d0000 471d0000471d0000 471d0000471d0000 info registers vcpu 3 CPU#3 RAX=0000000000000003 RBX=ffffffff8b7a8800 RCX=ffffffff81e3237a RDX=0000000000000000 RSI=0000000000000000 RDI=ffff888025972458 RBP=00000000000004b3 RSP=ffffc900041f7ad0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffff888025972440 R13=0000000000000002 R14=ffffc900041f7d80 R15=fff0000000000fff RIP=ffffffff8167b2a0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fae702d4d00 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000056df9000 CR3=000000004bcec000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73acff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000