last executing test programs:
1.069266021s ago: executing program 2 (id=544):
syz_usbip_server_init(0x5)
636.987083ms ago: executing program 0 (id=556):
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080))
636.877467ms ago: executing program 3 (id=557):
mq_unlink(&(0x7f0000000000)='.\x00')
636.65926ms ago: executing program 1 (id=558):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @empty}, {0x16, 0x0, 0x0, @local}}}}}, 0x0)
526.210383ms ago: executing program 0 (id=559):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @dev, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @local, @empty, @empty, @local}}}}, 0x0)
525.955236ms ago: executing program 1 (id=560):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x0, 0xff}, 0x48)
525.889826ms ago: executing program 3 (id=561):
keyctl$get_security(0x11, 0x0, 0x0, 0x0)
407.015773ms ago: executing program 3 (id=562):
syz_emit_ethernet(0x6e, &(0x7f0000000980)={@local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0xff, @remote, @mcast2, {[], @dest_unreach={0x1, 0x0, 0x0, 0x34, '\x00', {0x6, 0x6, "803e65", 0x7, 0x6, 0xff, @remote, @empty, [], "3568c9a22d5fe718"}}}}}}}, 0x0)
406.686244ms ago: executing program 0 (id=563):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x12)
358.161245ms ago: executing program 1 (id=564):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="e5ffffff000000007111bf00000000008510000002000000850006000000000095000810000000009541f0366e402759"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
346.169308ms ago: executing program 2 (id=565):
syz_emit_ethernet(0x7e, &(0x7f0000001a40)={@random="0f539af21094", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x48, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x4, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x2c, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [@hopopts={0x2f, 0x1, '\x00', [@calipso={0x7, 0x8, {0x22ebffff, 0x0, 0xfc}}]}]}}}}}}}, 0x0)
341.835252ms ago: executing program 3 (id=566):
syz_emit_ethernet(0x22, &(0x7f0000000040)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x17}, @local, @void, {@arp={0x806, @generic={0x206, 0x22eb, 0x6, 0x0, 0x9, @local, "", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}}}}, 0x0)
282.468504ms ago: executing program 0 (id=567):
syz_open_dev$ptys(0xc, 0x3, 0x0)
238.265137ms ago: executing program 1 (id=568):
prctl$PR_SET_MM(0x35, 0x2, &(0x7f0000ffd000/0x2000)=nil)
228.423371ms ago: executing program 2 (id=569):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e00)={&(0x7f0000000c40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x3, 0x0, 0x0, [{}]}]}}, &(0x7f0000000d00)=""/198, 0x32, 0xc6, 0x1}, 0x20)
228.220227ms ago: executing program 3 (id=570):
syz_emit_ethernet(0xda, &(0x7f0000000240)={@local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x2a, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xd, "5e000000ff000000000000"}, {0x0, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}, @cipso={0x86, 0x49, 0x0, [{0x0, 0x7, "4b6cefc500"}, {0x0, 0xc, "df61168c24ac88ad078c"}, {0x0, 0xa, "2189ea43a2149b84"}, {0x0, 0x12, "ffd11634eea26b0faffa0dea2e903528"}, {0x0, 0x9, "02a20948fd7406"}, {0x0, 0xb, "ccf0294e2a3bdb4aa4"}]}, @ssrr={0x89, 0xb, 0x0, [@private, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}, "a811a23da43974ff"}}}}}, 0x0)
135.978852ms ago: executing program 1 (id=571):
syz_emit_vhci(&(0x7f0000001540)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x41c}}}, 0x7)
135.711209ms ago: executing program 2 (id=572):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="850000005f0000006a0a007f000000005500000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
119.212813ms ago: executing program 3 (id=573):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x3e}, [@ldst={0x6}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
57.798943ms ago: executing program 0 (id=574):
iopl(0x2)
56.077015ms ago: executing program 0 (id=575):
clock_getres(0x9, 0x0)
436.347µs ago: executing program 2 (id=576):
syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaa5a123b57aa08060001080006040001aaaaaaaaaaaaac1414bb0180c2000000ac1414"], 0x0)
76.944µs ago: executing program 2 (id=577):
mount$9p_virtio(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x0, &(0x7f0000000740)={'trans=virtio,', {[{@noextend}]}})
0s ago: executing program 1 (id=578):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x3a, 0x0, @empty, @empty}, {0x8100, 0x0, 0x8}}}}}, 0x0)
kernel console output (not intermixed with test programs):
Warning: Permanently added '[localhost]:5728' (ED25519) to the list of known hosts.
[ 60.217818][ T5335] cgroup: Unknown subsys name 'net'
[ 60.418910][ T5335] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 62.112539][ T5335] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 73.420682][ T5380] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 73.437273][ T5380] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 73.444839][ T5380] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 73.453818][ T4776] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 73.459518][ T4776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 73.465837][ T5380] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 73.471159][ T5380] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 73.475807][ T5380] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 73.480474][ T5380] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 73.495558][ T5392] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 73.500603][ T5392] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 73.506122][ T5392] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 73.511552][ T5392] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 73.512814][ T5388] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 73.519648][ T5390] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 73.521913][ T5392] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 73.524695][ T5388] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 73.527188][ T5392] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 73.534773][ T5388] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 73.549034][ T67] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 73.555660][ T5393] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 73.556079][ T67] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 73.579598][ T4776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 73.584465][ T4776] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 74.359355][ T5391] chnl_net:caif_netlink_parms(): no params data found
[ 74.399469][ T5379] chnl_net:caif_netlink_parms(): no params data found
[ 74.483491][ T5384] chnl_net:caif_netlink_parms(): no params data found
[ 74.608347][ T5385] chnl_net:caif_netlink_parms(): no params data found
[ 74.994839][ T5391] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.999455][ T5391] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.003949][ T5391] bridge_slave_0: entered allmulticast mode
[ 75.008484][ T5391] bridge_slave_0: entered promiscuous mode
[ 75.122331][ T5379] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.130189][ T5379] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.134443][ T5379] bridge_slave_0: entered allmulticast mode
[ 75.140305][ T5379] bridge_slave_0: entered promiscuous mode
[ 75.146426][ T5379] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.149700][ T5379] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.152880][ T5379] bridge_slave_1: entered allmulticast mode
[ 75.157622][ T5379] bridge_slave_1: entered promiscuous mode
[ 75.162493][ T5391] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.170456][ T5391] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.174289][ T5391] bridge_slave_1: entered allmulticast mode
[ 75.179940][ T5391] bridge_slave_1: entered promiscuous mode
[ 75.220861][ T5384] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.223982][ T5384] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.228537][ T5384] bridge_slave_0: entered allmulticast mode
[ 75.232016][ T5384] bridge_slave_0: entered promiscuous mode
[ 75.240549][ T5384] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.259229][ T5384] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.262345][ T5384] bridge_slave_1: entered allmulticast mode
[ 75.272808][ T5384] bridge_slave_1: entered promiscuous mode
[ 75.566641][ T5383] Bluetooth: hci3: command tx timeout
[ 75.575297][ T5383] Bluetooth: hci0: command tx timeout
[ 75.668620][ T5383] Bluetooth: hci1: command tx timeout
[ 75.668649][ T4776] Bluetooth: hci2: command tx timeout
[ 75.707264][ T5379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 75.714217][ T5379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 75.724936][ T5391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 75.732710][ T5391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 75.737692][ T5385] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.740592][ T5385] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.743958][ T5385] bridge_slave_0: entered allmulticast mode
[ 75.748202][ T5385] bridge_slave_0: entered promiscuous mode
[ 75.752889][ T5385] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.758419][ T5385] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.761604][ T5385] bridge_slave_1: entered allmulticast mode
[ 75.765469][ T5385] bridge_slave_1: entered promiscuous mode
[ 75.770925][ T5384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 75.776597][ T5384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 75.978896][ T5379] team0: Port device team_slave_0 added
[ 76.121159][ T5385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.185487][ T5379] team0: Port device team_slave_1 added
[ 76.193706][ T5391] team0: Port device team_slave_0 added
[ 76.199543][ T5391] team0: Port device team_slave_1 added
[ 76.203810][ T5385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.314886][ T5384] team0: Port device team_slave_0 added
[ 76.460069][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.463080][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.481245][ T5379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.490849][ T5384] team0: Port device team_slave_1 added
[ 76.614349][ T5391] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.620151][ T5391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.632140][ T5391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.641545][ T5385] team0: Port device team_slave_0 added
[ 76.647650][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.650422][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.660621][ T5379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.700001][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.709989][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[ 76.746840][ T5384] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.749845][ T5384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.776662][ T5384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.782594][ T5391] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.785428][ T5391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.796180][ T5391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.804361][ T5385] team0: Port device team_slave_1 added
[ 76.818112][ T5384] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.821441][ T5384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.831368][ T5384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.978186][ T5391] hsr_slave_0: entered promiscuous mode
[ 76.982394][ T5391] hsr_slave_1: entered promiscuous mode
[ 77.151976][ T5385] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.154832][ T5385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.167151][ T5385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 77.177838][ T5379] hsr_slave_0: entered promiscuous mode
[ 77.181274][ T5379] hsr_slave_1: entered promiscuous mode
[ 77.184557][ T5379] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 77.192208][ T5379] Cannot create hsr debugfs directory
[ 77.205559][ T5384] hsr_slave_0: entered promiscuous mode
[ 77.209579][ T5384] hsr_slave_1: entered promiscuous mode
[ 77.212707][ T5384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 77.219949][ T5384] Cannot create hsr debugfs directory
[ 77.229415][ T5385] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 77.232474][ T5385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.242748][ T5385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 77.591107][ T5385] hsr_slave_0: entered promiscuous mode
[ 77.594486][ T5385] hsr_slave_1: entered promiscuous mode
[ 77.609845][ T5385] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 77.612967][ T5385] Cannot create hsr debugfs directory
[ 77.645173][ T4776] Bluetooth: hci0: command tx timeout
[ 77.647390][ T4776] Bluetooth: hci3: command tx timeout
[ 77.727783][ T5383] Bluetooth: hci2: command tx timeout
[ 77.735389][ T5383] Bluetooth: hci1: command tx timeout
[ 77.950191][ T5391] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 77.982135][ T5391] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 77.989134][ T5391] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 77.999903][ T5391] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 78.099230][ T5384] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 78.107270][ T5384] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 78.114322][ T5384] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 78.123874][ T5384] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 78.250727][ T5379] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 78.258890][ T5379] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 78.264836][ T5379] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 78.274333][ T5379] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 78.304797][ T5391] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.371375][ T5385] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 78.378582][ T5385] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 78.403310][ T5384] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.412592][ T5385] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 78.421963][ T5385] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 78.443025][ T5391] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.496374][ T5384] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.518296][ T40] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.521125][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.526908][ T40] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.530506][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.565409][ T97] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.568332][ T97] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.626094][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.629920][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.761237][ T5385] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.806824][ T5379] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.830922][ T5385] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.865360][ T1206] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.869422][ T1206] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.883486][ T5384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 78.898681][ T5379] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.920046][ T1206] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.922819][ T1206] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.958103][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.961322][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.987485][ T721] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.990857][ T721] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 79.141101][ T5391] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.222318][ T5379] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 79.249948][ T5384] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.308290][ T5384] veth0_vlan: entered promiscuous mode
[ 79.321163][ T5384] veth1_vlan: entered promiscuous mode
[ 79.369928][ T5391] veth0_vlan: entered promiscuous mode
[ 79.385802][ T5391] veth1_vlan: entered promiscuous mode
[ 79.409113][ T5385] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.481008][ T5384] veth0_macvtap: entered promiscuous mode
[ 79.499039][ T5384] veth1_macvtap: entered promiscuous mode
[ 79.553790][ T5391] veth0_macvtap: entered promiscuous mode
[ 79.564414][ T5391] veth1_macvtap: entered promiscuous mode
[ 79.592350][ T5391] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.629055][ T5384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 79.633525][ T5384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 79.659418][ T5384] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.676775][ T5385] veth0_vlan: entered promiscuous mode
[ 79.689113][ T5384] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 79.722425][ T5384] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.727396][ T5384] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.744231][ T5384] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.747275][ T5384] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.753921][ T5385] veth1_vlan: entered promiscuous mode
[ 79.771932][ T5383] Bluetooth: hci3: command tx timeout
[ 79.800522][ T4776] Bluetooth: hci0: command tx timeout
[ 79.803742][ T5391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 79.803787][ T5391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 79.806078][ T5391] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 79.809854][ T5391] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.827523][ T4776] Bluetooth: hci1: command tx timeout
[ 79.828962][ T67] Bluetooth: hci2: command tx timeout
[ 79.834401][ T5391] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.834423][ T5391] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.834442][ T5391] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.839690][ T5379] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.910503][ T5385] veth0_macvtap: entered promiscuous mode
[ 80.027137][ T5385] veth1_macvtap: entered promiscuous mode
[ 80.097991][ T5385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 80.102718][ T5385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.107166][ T5385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 80.111941][ T5385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.117969][ T5385] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.143727][ T5385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.148986][ T5385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.157964][ T5385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.162501][ T5385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.186440][ T5385] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.212157][ T5385] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.213245][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.227650][ T5385] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.231291][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.241313][ T5385] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.248683][ T5385] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.342892][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.347050][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.375805][ T5379] veth0_vlan: entered promiscuous mode
[ 80.429891][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.432065][ T97] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.433528][ T5379] veth1_vlan: entered promiscuous mode
[ 80.439854][ T97] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.444797][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.514135][ T97] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.522517][ T97] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.572751][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.577926][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.619756][ T5379] veth0_macvtap: entered promiscuous mode
[ 80.627748][ T5379] veth1_macvtap: entered promiscuous mode
[ 80.646973][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 80.651072][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.659193][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 80.663965][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.668021][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 80.671973][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.678371][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.692706][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.704010][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.710311][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.715561][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.719453][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 80.734025][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 80.746826][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.754625][ T5379] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.765267][ T5379] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.769388][ T5379] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.773273][ T5379] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.924590][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.928856][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 81.009985][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 81.013698][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 81.242850][ T5464] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 81.245707][ T5464] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 81.257859][ T5464] vhci_hcd vhci_hcd.0: Device attached
[ 81.293157][ T5465] vhci_hcd: connection closed
[ 81.298376][ T11] vhci_hcd: stop threads
[ 81.315862][ T11] vhci_hcd: release socket
[ 81.318255][ T11] vhci_hcd: disconnect device
[ 81.818408][ T67] Bluetooth: hci0: command tx timeout
[ 81.900749][ T67] Bluetooth: hci3: command tx timeout
[ 81.901144][ T5383] Bluetooth: hci1: command tx timeout
[ 81.984670][ T5383] Bluetooth: hci2: command tx timeout
[ 85.445055][ T5664] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[ 86.661592][ T5742] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0001 with DS=0x7
[ 86.963815][ T30] cfg80211: failed to load regulatory.db
[ 87.353113][ T5778] futex_wake_op: syz.0.179 tries to shift op by 32; fix this program
[ 89.999977][ T5383] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 90.003912][ T5383] Bluetooth: hci0: Injecting HCI hardware error event
[ 90.008042][ T5383] Bluetooth: hci0: hardware error 0x00
[ 90.245049][ T5926] dccp_v6_rcv: dropped packet with invalid checksum
[ 90.256554][ T5927] 9pnet_fd: Insufficient options for proto=fd
[ 90.759328][ T67] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 90.763462][ T67] Bluetooth: hci2: Injecting HCI hardware error event
[ 90.775123][ T67] Bluetooth: hci2: hardware error 0x00
[ 92.065895][ T39] audit: type=1326 audit(1725481370.202:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6018 comm="syz.0.297" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x0
[ 92.199252][ T5383] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 92.705829][ T39] audit: type=1326 audit(1725481370.874:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.0.323" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x0
[ 92.809056][ T67] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 92.863356][ T6086] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[ 93.451778][ T67] Bluetooth: hci1: command 0x0406 tx timeout
[ 94.586619][ T6193] IPv6: addrconf: prefix option has invalid lifetime
[ 95.669442][ T6256] dccp_invalid_packet: invalid packet type
[ 96.300278][ T6296] IPv6: addrconf: prefix option has invalid lifetime
[ 97.289954][ T6368] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun!
[ 98.556160][ T6457] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[ 98.560234][ T6457] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 98.566389][ T6457] vhci_hcd vhci_hcd.0: Device attached
[ 98.578682][ T6458] vhci_hcd: connection closed
[ 98.582998][ T11] vhci_hcd: stop threads
[ 98.587652][ T11] vhci_hcd: release socket
[ 98.590033][ T11] vhci_hcd: disconnect device
[ 99.263145][ T6508] futex_wake_op: syz.2.538 tries to shift op by -1; fix this program
[ 99.428276][ T6520] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[ 99.430880][ T6520] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 99.434063][ T6520] vhci_hcd vhci_hcd.0: Device attached
[ 99.466957][ T6521] vhci_hcd: connection closed
[ 99.467166][ T11] vhci_hcd: stop threads
[ 99.470955][ T11] vhci_hcd: release socket
[ 99.472659][ T11] vhci_hcd: disconnect device
[ 99.483296][ T6524] UBIFS error (pid: 6524): cannot open "ubifs", error -22
[ 100.475016][ C0] ==================================================================
[ 100.482309][ C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2de0/0x3cb0
[ 100.485938][ C0] Read of size 8 at addr ffff888060251418 by task syz-executor/5379
[ 100.490817][ C0]
[ 100.491883][ C0] CPU: 0 UID: 0 PID: 5379 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0
[ 100.508096][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 100.516384][ C0] Call Trace:
[ 100.517859][ C0]
[ 100.519146][ C0] dump_stack_lvl+0x116/0x1f0
[ 100.521868][ C0] print_report+0xc3/0x620
[ 100.523819][ C0] ? __virt_addr_valid+0x5e/0x590
[ 100.543633][ C0] ? __phys_addr+0xc6/0x150
[ 100.545699][ C0] kasan_report+0xd9/0x110
[ 100.547398][ C0] ? __lock_acquire+0x2de0/0x3cb0
[ 100.549666][ C0] ? __lock_acquire+0x2de0/0x3cb0
[ 100.552361][ C0] __lock_acquire+0x2de0/0x3cb0
[ 100.554585][ C0] ? __pfx___lock_acquire+0x10/0x10
[ 100.556751][ C0] ? __pfx___lock_acquire+0x10/0x10
[ 100.559234][ C0] lock_acquire+0x1b1/0x560
[ 100.561451][ C0] ? p9_req_put+0xaf/0x250
[ 100.563675][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 100.565914][ C0] ? __pfx_lock_release+0x10/0x10
[ 100.568292][ C0] _raw_spin_lock_irqsave+0x3a/0x60
[ 100.571527][ C0] ? p9_req_put+0xaf/0x250
[ 100.576017][ C0] p9_req_put+0xaf/0x250
[ 100.578037][ C0] req_done+0x1e7/0x2f0
[ 100.580218][ C0] ? __pfx_req_done+0x10/0x10
[ 100.582307][ C0] ? __pfx_req_done+0x10/0x10
[ 100.584459][ C0] vring_interrupt+0x31b/0x400
[ 100.586707][ C0] ? __pfx_vring_interrupt+0x10/0x10
[ 100.589018][ C0] __handle_irq_event_percpu+0x229/0x7c0
[ 100.591258][ C0] handle_irq_event+0xab/0x1e0
[ 100.593113][ C0] handle_edge_irq+0x263/0xd10
[ 100.595009][ C0] __common_interrupt+0xdf/0x250
[ 100.597205][ C0] common_interrupt+0xab/0xd0
[ 100.599271][ C0]
[ 100.600624][ C0]
[ 100.602390][ C0] asm_common_interrupt+0x26/0x40
[ 100.605157][ C0] RIP: 0010:lock_acquire+0x1f2/0x560
[ 100.607501][ C0] Code: c1 05 5a 37 99 7e 83 f8 01 0f 85 ea 02 00 00 9c 58 f6 c4 02 0f 85 d5 02 00 00 48 85 ed 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 100.615555][ C0] RSP: 0018:ffffc900036bf560 EFLAGS: 00000206
[ 100.618540][ C0] RAX: dffffc0000000000 RBX: 1ffff920006d7eae RCX: 0000000000000001
[ 100.622028][ C0] RDX: 0000000000000001 RSI: ffffffff8b4cd360 RDI: ffffffff8bb07e20
[ 100.625931][ C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2d122e0
[ 100.632713][ C0] R10: ffffffff96891707 R11: 0000000000000000 R12: 0000000000000000
[ 100.637123][ C0] R13: 0000000000000000 R14: ffffffff8ddb93e0 R15: 0000000000000000
[ 100.640932][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 100.643266][ C0] ? __pfx_lock_release+0x10/0x10
[ 100.645922][ C0] ? __pfx_lock_release+0x10/0x10
[ 100.648276][ C0] page_table_check_set+0x11a/0x9d0
[ 100.650677][ C0] ? page_table_check_set+0x114/0x9d0
[ 100.652953][ C0] __page_table_check_ptes_set+0x2d0/0x3e0
[ 100.655703][ C0] ? vm_normal_page+0x13c/0x2b0
[ 100.657889][ C0] ? __pfx___page_table_check_ptes_set+0x10/0x10
[ 100.660306][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 100.662379][ C0] copy_page_range+0x1e16/0x57b0
[ 100.664288][ C0] ? __pfx_copy_page_range+0x10/0x10
[ 100.666056][ C0] ? __pfx_lock_release+0x10/0x10
[ 100.668007][ C0] ? __pfx_mas_store+0x10/0x10
[ 100.670119][ C0] ? down_write+0x14e/0x200
[ 100.671928][ C0] ? up_write+0x1b2/0x520
[ 100.674739][ C0] copy_mm+0x1340/0x2550
[ 100.676938][ C0] ? find_held_lock+0x2d/0x110
[ 100.679857][ C0] ? __pfx_copy_mm+0x10/0x10
[ 100.681994][ C0] ? __raw_spin_lock_init+0x3a/0x110
[ 100.684821][ C0] copy_process+0x3ea8/0x6f50
[ 100.687359][ C0] ? __pfx_mark_lock+0x10/0x10
[ 100.689219][ C0] ? __pfx_copy_process+0x10/0x10
[ 100.691180][ C0] ? __lock_acquire+0xbdd/0x3cb0
[ 100.693097][ C0] kernel_clone+0xfd/0x960
[ 100.694948][ C0] ? __pfx_kernel_clone+0x10/0x10
[ 100.697267][ C0] ? find_held_lock+0x59/0x110
[ 100.699352][ C0] __do_compat_sys_ia32_clone+0xb7/0x100
[ 100.701782][ C0] ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[ 100.704256][ C0] __do_fast_syscall_32+0x73/0x120
[ 100.706477][ C0] do_fast_syscall_32+0x32/0x80
[ 100.708587][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 100.711343][ C0] RIP: 0023:0xf7f58579
[ 100.727916][ C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 100.735231][ C0] RSP: 002b:00000000ff95a86c EFLAGS: 00000292 ORIG_RAX: 0000000000000078
[ 100.738176][ C0] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 100.741213][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000574a64a8
[ 100.756551][ C0] RBP: 00000000f73dfff4 R08: 0000000000000000 R09: 0000000000000000
[ 100.759977][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 100.763255][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 100.776017][ C0]
[ 100.777384][ C0]
[ 100.778567][ C0] Allocated by task 6586:
[ 100.780471][ C0] kasan_save_stack+0x33/0x60
[ 100.782571][ C0] kasan_save_track+0x14/0x30
[ 100.784692][ C0] __kasan_kmalloc+0xaa/0xb0
[ 100.786766][ C0] p9_client_create+0xcf/0x11b0
[ 100.788930][ C0] v9fs_session_init+0x1f8/0x1a80
[ 100.800036][ C0] v9fs_mount+0xc6/0xa50
[ 100.801811][ C0] legacy_get_tree+0x109/0x220
[ 100.804013][ C0] vfs_get_tree+0x8f/0x380
[ 100.805956][ C0] path_mount+0x6e1/0x1f10
[ 100.826874][ C0] __ia32_sys_mount+0x292/0x310
[ 100.829014][ C0] __do_fast_syscall_32+0x73/0x120
[ 100.831411][ C0] do_fast_syscall_32+0x32/0x80
[ 100.833721][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 100.837535][ C0]
[ 100.838572][ C0] Freed by task 6586:
[ 100.840521][ C0] kasan_save_stack+0x33/0x60
[ 100.843009][ C0] kasan_save_track+0x14/0x30
[ 100.845737][ C0] kasan_save_free_info+0x3b/0x60
[ 100.848214][ C0] poison_slab_object+0xf7/0x160
[ 100.850879][ C0] __kasan_slab_free+0x32/0x50
[ 100.853041][ C0] kfree+0x12a/0x3b0
[ 100.854639][ C0] p9_client_create+0x9ca/0x11b0
[ 100.856421][ C0] v9fs_session_init+0x1f8/0x1a80
[ 100.858327][ C0] v9fs_mount+0xc6/0xa50
[ 100.860393][ C0] legacy_get_tree+0x109/0x220
[ 100.862650][ C0] vfs_get_tree+0x8f/0x380
[ 100.864846][ C0] path_mount+0x6e1/0x1f10
[ 100.867178][ C0] __ia32_sys_mount+0x292/0x310
[ 100.869995][ C0] __do_fast_syscall_32+0x73/0x120
[ 100.872909][ C0] do_fast_syscall_32+0x32/0x80
[ 100.875801][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 100.879000][ C0]
[ 100.880053][ C0] The buggy address belongs to the object at ffff888060251400
[ 100.880053][ C0] which belongs to the cache kmalloc-512 of size 512
[ 100.889944][ C0] The buggy address is located 24 bytes inside of
[ 100.889944][ C0] freed 512-byte region [ffff888060251400, ffff888060251600)
[ 100.899115][ C0]
[ 100.900725][ C0] The buggy address belongs to the physical page:
[ 100.904737][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x60250
[ 100.909970][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 100.913661][ C0] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 100.917018][ C0] page_type: 0xfdffffff(slab)
[ 100.919123][ C0] raw: 04fff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122
[ 100.922874][ C0] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[ 100.926637][ C0] head: 04fff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122
[ 100.930417][ C0] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[ 100.934867][ C0] head: 04fff00000000002 ffffea0001809401 ffffffffffffffff 0000000000000000
[ 100.938777][ C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[ 100.943197][ C0] page dumped because: kasan: bad access detected
[ 100.946015][ C0] page_owner tracks the page as allocated
[ 100.948649][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1206, tgid 1206 (kworker/u32:11), ts 79041410123, free_ts 78837613156
[ 100.957015][ C0] post_alloc_hook+0x2d1/0x350
[ 100.959083][ C0] get_page_from_freelist+0x1351/0x2e50
[ 100.961407][ C0] __alloc_pages_noprof+0x22b/0x2460
[ 100.963734][ C0] alloc_slab_page+0x4e/0xf0
[ 100.965896][ C0] new_slab+0x84/0x260
[ 100.967661][ C0] ___slab_alloc+0xdac/0x1870
[ 100.969763][ C0] __slab_alloc.constprop.0+0x56/0xb0
[ 100.971732][ C0] __kmalloc_noprof+0x379/0x410
[ 100.973657][ C0] fib6_info_alloc+0x40/0x160
[ 100.975740][ C0] ip6_route_info_create+0x337/0x1aa0
[ 100.978567][ C0] ip6_route_add+0x26/0x1c0
[ 100.980644][ C0] addrconf_prefix_route+0x2fe/0x510
[ 100.982911][ C0] addrconf_add_linklocal+0x32a/0x620
[ 100.985222][ C0] addrconf_addr_gen+0x37b/0x3d0
[ 100.987823][ C0] addrconf_init_auto_addrs+0x446/0x820
[ 100.990373][ C0] addrconf_notify+0x6ef/0x19d0
[ 100.992622][ C0] page last free pid 5425 tgid 5425 stack trace:
[ 100.995319][ C0] free_unref_page+0x64a/0xe40
[ 100.997455][ C0] __put_partials+0x14c/0x170
[ 101.000063][ C0] qlist_free_all+0x4e/0x140
[ 101.003151][ C0] kasan_quarantine_reduce+0x192/0x1e0
[ 101.005439][ C0] __kasan_kmalloc+0x8a/0xb0
[ 101.007434][ C0] __kmalloc_noprof+0x1e8/0x410
[ 101.009658][ C0] load_elf_phdrs+0x103/0x210
[ 101.011784][ C0] load_elf_binary+0x1fe/0x4db0
[ 101.013977][ C0] bprm_execve+0x703/0x1960
[ 101.016160][ C0] kernel_execve+0x2ef/0x3b0
[ 101.017994][ C0] call_usermodehelper_exec_async+0x255/0x4c0
[ 101.021150][ C0] ret_from_fork+0x45/0x80
[ 101.023362][ C0] ret_from_fork_asm+0x1a/0x30
[ 101.025392][ C0]
[ 101.026361][ C0] Memory state around the buggy address:
[ 101.028585][ C0] ffff888060251300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 101.031688][ C0] ffff888060251380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 101.034644][ C0] >ffff888060251400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 101.037356][ C0] ^
[ 101.039349][ C0] ffff888060251480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 101.042663][ C0] ffff888060251500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 101.046453][ C0] ==================================================================
[ 101.050351][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 101.053149][ C0] CPU: 0 UID: 0 PID: 5379 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00048-gc7fb1692dc01 #0
[ 101.057737][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 101.063698][ C0] Call Trace:
[ 101.065402][ C0]
[ 101.066875][ C0] dump_stack_lvl+0x3d/0x1f0
[ 101.069222][ C0] panic+0x6dc/0x7c0
[ 101.070911][ C0] ? __pfx_panic+0x10/0x10
[ 101.073166][ C0] ? rcu_is_watching+0x12/0xc0
[ 101.075536][ C0] ? __pfx_lock_release+0x10/0x10
[ 101.077997][ C0] ? check_panic_on_warn+0x1f/0xb0
[ 101.080573][ C0] check_panic_on_warn+0xab/0xb0
[ 101.083112][ C0] end_report+0x117/0x180
[ 101.085680][ C0] kasan_report+0xe9/0x110
[ 101.087647][ C0] ? __lock_acquire+0x2de0/0x3cb0
[ 101.089897][ C0] ? __lock_acquire+0x2de0/0x3cb0
[ 101.092640][ C0] __lock_acquire+0x2de0/0x3cb0
[ 101.099216][ C0] ? __pfx___lock_acquire+0x10/0x10
[ 101.107862][ C0] ? __pfx___lock_acquire+0x10/0x10
[ 101.110151][ C0] lock_acquire+0x1b1/0x560
[ 101.112676][ C0] ? p9_req_put+0xaf/0x250
[ 101.115024][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 101.117875][ C0] ? __pfx_lock_release+0x10/0x10
[ 101.128517][ C0] _raw_spin_lock_irqsave+0x3a/0x60
[ 101.131832][ C0] ? p9_req_put+0xaf/0x250
[ 101.134119][ C0] p9_req_put+0xaf/0x250
[ 101.135946][ C0] req_done+0x1e7/0x2f0
[ 101.138084][ C0] ? __pfx_req_done+0x10/0x10
[ 101.141032][ C0] ? __pfx_req_done+0x10/0x10
[ 101.143377][ C0] vring_interrupt+0x31b/0x400
[ 101.145866][ C0] ? __pfx_vring_interrupt+0x10/0x10
[ 101.149374][ C0] __handle_irq_event_percpu+0x229/0x7c0
[ 101.151687][ C0] handle_irq_event+0xab/0x1e0
[ 101.153625][ C0] handle_edge_irq+0x263/0xd10
[ 101.155555][ C0] __common_interrupt+0xdf/0x250
[ 101.157515][ C0] common_interrupt+0xab/0xd0
[ 101.174202][ C0]
[ 101.175888][ C0]
[ 101.177667][ C0] asm_common_interrupt+0x26/0x40
[ 101.182804][ C0] RIP: 0010:lock_acquire+0x1f2/0x560
[ 101.185662][ C0] Code: c1 05 5a 37 99 7e 83 f8 01 0f 85 ea 02 00 00 9c 58 f6 c4 02 0f 85 d5 02 00 00 48 85 ed 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 101.195009][ C0] RSP: 0018:ffffc900036bf560 EFLAGS: 00000206
[ 101.197625][ C0] RAX: dffffc0000000000 RBX: 1ffff920006d7eae RCX: 0000000000000001
[ 101.201593][ C0] RDX: 0000000000000001 RSI: ffffffff8b4cd360 RDI: ffffffff8bb07e20
[ 101.206233][ C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2d122e0
[ 101.210902][ C0] R10: ffffffff96891707 R11: 0000000000000000 R12: 0000000000000000
[ 101.216692][ C0] R13: 0000000000000000 R14: ffffffff8ddb93e0 R15: 0000000000000000
[ 101.220199][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 101.222451][ C0] ? __pfx_lock_release+0x10/0x10
[ 101.225612][ C0] ? __pfx_lock_release+0x10/0x10
[ 101.228766][ C0] page_table_check_set+0x11a/0x9d0
[ 101.232050][ C0] ? page_table_check_set+0x114/0x9d0
[ 101.235006][ C0] __page_table_check_ptes_set+0x2d0/0x3e0
[ 101.238135][ C0] ? vm_normal_page+0x13c/0x2b0
[ 101.240971][ C0] ? __pfx___page_table_check_ptes_set+0x10/0x10
[ 101.244340][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 101.247232][ C0] copy_page_range+0x1e16/0x57b0
[ 101.249909][ C0] ? __pfx_copy_page_range+0x10/0x10
[ 101.252694][ C0] ? __pfx_lock_release+0x10/0x10
[ 101.255329][ C0] ? __pfx_mas_store+0x10/0x10
[ 101.259487][ C0] ? down_write+0x14e/0x200
[ 101.261624][ C0] ? up_write+0x1b2/0x520
[ 101.263890][ C0] copy_mm+0x1340/0x2550
[ 101.266327][ C0] ? find_held_lock+0x2d/0x110
[ 101.268484][ C0] ? __pfx_copy_mm+0x10/0x10
[ 101.270537][ C0] ? __raw_spin_lock_init+0x3a/0x110
[ 101.274158][ C0] copy_process+0x3ea8/0x6f50
[ 101.276618][ C0] ? __pfx_mark_lock+0x10/0x10
[ 101.279185][ C0] ? __pfx_copy_process+0x10/0x10
[ 101.282073][ C0] ? __lock_acquire+0xbdd/0x3cb0
[ 101.285161][ C0] kernel_clone+0xfd/0x960
[ 101.288017][ C0] ? __pfx_kernel_clone+0x10/0x10
[ 101.291143][ C0] ? find_held_lock+0x59/0x110
[ 101.293947][ C0] __do_compat_sys_ia32_clone+0xb7/0x100
[ 101.298037][ C0] ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[ 101.301812][ C0] __do_fast_syscall_32+0x73/0x120
[ 101.305052][ C0] do_fast_syscall_32+0x32/0x80
[ 101.308065][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 101.312001][ C0] RIP: 0023:0xf7f58579
[ 101.314666][ C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 101.324027][ C0] RSP: 002b:00000000ff95a86c EFLAGS: 00000292 ORIG_RAX: 0000000000000078
[ 101.327760][ C0] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 101.332223][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000574a64a8
[ 101.336604][ C0] RBP: 00000000f73dfff4 R08: 0000000000000000 R09: 0000000000000000
[ 101.340568][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 101.347085][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 101.352298][ C0]
[ 101.354735][ C0] Kernel Offset: disabled
[ 101.356846][ C0] Rebooting in 86400 seconds..
VM DIAGNOSIS:
17:53:38 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fc1565 RDI=ffffffff9a514600 RBP=ffffffff9a5145c0 RSP=ffffc90000007610
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3036303838386652
R12=0000000000000000 R13=0000000000000065 R14=ffffffff84fc1500 R15=0000000000000000
RIP=ffffffff84fc158f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7f455b8 CR3=0000000048f70000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
CPU#1
RAX=0000000000000000 RBX=1ffff920057bcebd RCX=ffffffff81f52dc9 RDX=ffff888021f4c880
RSI=ffffffff81f52e43 RDI=0000000000000007 RBP=0000000000054a13 RSP=ffffc9002bde75e0
R8 =0000000000000007 R9 =000000000007ffff R10=000000000000000a R11=0000000000000000
R12=ffff88803fff9140 R13=ffff88803fff9000 R14=ffff88807ffce000 R15=ffffc9002bde7a98
RIP=ffffffff818b1a20 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7440230 CR3=000000005ec68000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2
CPU#2
RAX=0000000000000001 RBX=ffffc90000e8f618 RCX=ffffffff8afb26de RDX=0000000000000001
RSI=ffffffff8bb07da0 RDI=ffffffff8d782b90 RBP=ffff888011c3a942 RSP=ffffc90000e8f568
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=ffffc90000e8f630 R14=ffff88802b3ba7b8 R15=ffffc90000e8f888
RIP=ffffffff8171a287 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe000008f000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055dd2fc3a000 CR3=00000000244a8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f738fff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3
CPU#3
RAX=0000000000000000 RBX=0000000000000002 RCX=ffffffff813c9599 RDX=ffff888025fd4880
RSI=0000000000000003 RDI=0000000000000001 RBP=ffffffff8b49d0c0 RSP=ffffc900039ef298
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000002 R11=0000000000000000
R12=0000000000000002 R13=0000000000000001 R14=0000000000000003 R15=0000000000000002
RIP=ffffffff818b1b2b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000d6000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7483048 CR3=000000005ec68000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000005000001bc 00000128ffffffef
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000