last executing test programs: 699.844361ms ago: executing program 0 (id=799): syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @broadcast}, @redirect={0x8, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @remote}}}}}}, 0x0) 640.171823ms ago: executing program 0 (id=803): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x17, 0x4, &(0x7f0000000480)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x1}]}, &(0x7f0000000140)='syzkaller\x00', 0x5}, 0x90) 590.448018ms ago: executing program 0 (id=805): clock_getres(0xfffffffffffffffa, 0x0) 497.715873ms ago: executing program 0 (id=810): request_key(&(0x7f0000000a40)='rxrpc_s\x00', &(0x7f0000000a80)={'syz', 0x2}, &(0x7f0000000ac0)='ip6tnl0\x00', 0xffffffffffffffff) 494.67697ms ago: executing program 2 (id=813): process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x200000000000022e, 0x0, 0x0, 0x0) 419.494731ms ago: executing program 3 (id=814): landlock_restrict_self(0xffffffffffffffff, 0x2000000) 419.318255ms ago: executing program 0 (id=815): syz_open_dev$sg(&(0x7f0000000040), 0xa, 0x101080) 401.373083ms ago: executing program 3 (id=816): bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0) 360.217322ms ago: executing program 1 (id=824): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000003000000000000000000000d02000000010000000000008ce1000000005f"], 0x0, 0x33}, 0x20) 357.46351ms ago: executing program 2 (id=825): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x4, 0x4, 0x1000008}, 0x48) 355.958418ms ago: executing program 0 (id=817): syz_usb_connect$cdc_ecm(0x3, 0x4d, &(0x7f0000000380)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x16, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x2d0}}, {{0x9, 0x5, 0x3, 0x2, 0x240}}}}}]}}]}}, 0x0) 270.118648ms ago: executing program 1 (id=818): clock_settime(0xffffffffffffffff, &(0x7f0000000080)) 269.99283ms ago: executing program 3 (id=819): memfd_create(0x0, 0x18) 269.892003ms ago: executing program 2 (id=820): msync(&(0x7f0000ffb000/0x1000)=nil, 0xffffffffdf004fff, 0x4) 210.431133ms ago: executing program 3 (id=821): syz_emit_ethernet(0xe, &(0x7f0000002d40)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@generic={0x6000}}}, 0x0) 210.299251ms ago: executing program 1 (id=822): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@fwd={0x2}]}, {0x0, [0x0]}}, &(0x7f00000005c0)=""/240, 0x27, 0xf0, 0x1}, 0x20) 150.248761ms ago: executing program 2 (id=823): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000000000000100000d00000000040000000200000000000000e3ff0001"], 0x0, 0x46}, 0x20) 150.11053ms ago: executing program 3 (id=826): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22}, 0x48) 149.987578ms ago: executing program 1 (id=827): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x10000000, 0x10, 0x10, 0x2, [@int={0xfffffffe, 0x0, 0x0, 0x1, 0x5, 0x2, 0x0, 0x0, 0x6}]}}, 0x0, 0x2a}, 0x20) 83.045234ms ago: executing program 3 (id=828): syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) 82.918116ms ago: executing program 1 (id=829): bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000080)={@map=0x1, 0xffffffffffffffff, 0x5, 0x0, 0xffffffffffffffff, @prog_id}, 0x20) 82.878767ms ago: executing program 2 (id=830): syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b07"], 0xfc) 133.675µs ago: executing program 2 (id=831): bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@cgroup, 0x6, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 0s ago: executing program 1 (id=832): mount$9p_virtio(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x0, &(0x7f0000000740)={'trans=virtio,', {[{@noextend}]}}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:51388' (ED25519) to the list of known hosts. [ 49.369593][ T5329] cgroup: Unknown subsys name 'net' [ 49.531563][ T5329] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 50.566839][ T5329] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.881360][ T5491] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.885985][ T5491] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.889752][ T5491] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.901157][ T5496] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.920022][ T4768] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 58.923583][ T4768] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.927731][ T4768] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.931469][ T4768] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.940717][ T4768] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.943392][ T5495] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.946832][ T4768] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.951911][ T4768] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 58.954980][ T4768] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.958152][ T4768] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.961502][ T4768] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.972669][ T4768] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.977537][ T4768] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 58.984521][ T4768] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 59.031079][ T5491] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 59.034321][ T5491] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 59.037459][ T5491] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 59.040442][ T5491] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 59.043734][ T5491] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 59.046942][ T5491] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 59.480819][ T5490] chnl_net:caif_netlink_parms(): no params data found [ 59.507110][ T5497] chnl_net:caif_netlink_parms(): no params data found [ 59.559726][ T5493] chnl_net:caif_netlink_parms(): no params data found [ 59.764366][ T5497] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.767373][ T5497] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.771090][ T5497] bridge_slave_0: entered allmulticast mode [ 59.773868][ T5497] bridge_slave_0: entered promiscuous mode [ 59.778029][ T5497] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.781055][ T5497] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.783730][ T5497] bridge_slave_1: entered allmulticast mode [ 59.787062][ T5497] bridge_slave_1: entered promiscuous mode [ 59.907798][ T5490] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.910968][ T5490] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.913443][ T5490] bridge_slave_0: entered allmulticast mode [ 59.916110][ T5490] bridge_slave_0: entered promiscuous mode [ 59.919412][ T5490] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.921957][ T5490] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.924327][ T5490] bridge_slave_1: entered allmulticast mode [ 59.927440][ T5490] bridge_slave_1: entered promiscuous mode [ 59.954539][ T5493] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.957507][ T5493] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.961754][ T5493] bridge_slave_0: entered allmulticast mode [ 59.964861][ T5493] bridge_slave_0: entered promiscuous mode [ 59.972653][ T5497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.983754][ T5497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.058533][ T5493] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.061816][ T5493] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.064755][ T5493] bridge_slave_1: entered allmulticast mode [ 60.067569][ T5493] bridge_slave_1: entered promiscuous mode [ 60.143020][ T5497] team0: Port device team_slave_0 added [ 60.148238][ T5490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.153616][ T5493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.158318][ T5497] team0: Port device team_slave_1 added [ 60.212006][ T5490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.238585][ T5493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.259361][ T5497] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.261715][ T5497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.269106][ T5497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.274515][ T5497] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.276571][ T5497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.285295][ T5497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.288842][ T5501] chnl_net:caif_netlink_parms(): no params data found [ 60.329823][ T5493] team0: Port device team_slave_0 added [ 60.350414][ T5490] team0: Port device team_slave_0 added [ 60.357195][ T5493] team0: Port device team_slave_1 added [ 60.394217][ T5490] team0: Port device team_slave_1 added [ 60.500666][ T5493] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.502933][ T5493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.512187][ T5493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.525802][ T5497] hsr_slave_0: entered promiscuous mode [ 60.528378][ T5497] hsr_slave_1: entered promiscuous mode [ 60.574920][ T5490] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.577464][ T5490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.587936][ T5490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.593441][ T5493] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.596123][ T5493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.604725][ T5493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.634128][ T5490] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.636717][ T5490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.646429][ T5490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.674193][ T5501] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.677063][ T5501] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.680528][ T5501] bridge_slave_0: entered allmulticast mode [ 60.684391][ T5501] bridge_slave_0: entered promiscuous mode [ 60.692052][ T5501] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.695153][ T5501] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.698303][ T5501] bridge_slave_1: entered allmulticast mode [ 60.702835][ T5501] bridge_slave_1: entered promiscuous mode [ 60.784892][ T5501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.794630][ T5501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.918457][ T5493] hsr_slave_0: entered promiscuous mode [ 60.921763][ T5493] hsr_slave_1: entered promiscuous mode [ 60.924127][ T5493] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.927733][ T5493] Cannot create hsr debugfs directory [ 60.934947][ T5490] hsr_slave_0: entered promiscuous mode [ 60.939090][ T5490] hsr_slave_1: entered promiscuous mode [ 60.942997][ T5490] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.945931][ T5490] Cannot create hsr debugfs directory [ 60.975458][ T5501] team0: Port device team_slave_0 added [ 60.980581][ T4768] Bluetooth: hci2: command tx timeout [ 60.983131][ T4768] Bluetooth: hci0: command tx timeout [ 60.985169][ T5501] team0: Port device team_slave_1 added [ 61.060199][ T5491] Bluetooth: hci3: command tx timeout [ 61.062661][ T4768] Bluetooth: hci1: command tx timeout [ 61.152051][ T5501] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.155014][ T5501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.168769][ T5501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.220398][ T5501] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.223292][ T5501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.233587][ T5501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.422543][ T5501] hsr_slave_0: entered promiscuous mode [ 61.425973][ T5501] hsr_slave_1: entered promiscuous mode [ 61.428835][ T5501] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.436644][ T5501] Cannot create hsr debugfs directory [ 61.493452][ T5497] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.527816][ T5497] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.545965][ T5497] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 61.555544][ T5497] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 61.603372][ T5490] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 61.613493][ T5490] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 61.637005][ T5490] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 61.649167][ T5490] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 61.702230][ T5493] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 61.713753][ T5493] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 61.721571][ T5493] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 61.729525][ T5493] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 61.787614][ T5501] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 61.795563][ T5501] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 61.806880][ T5501] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 61.813711][ T5501] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 61.877740][ T5497] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.904245][ T5497] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.934955][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.938027][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.956686][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.959260][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.991070][ T5490] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.004765][ T5493] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.043800][ T5490] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.059007][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.061977][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.076164][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.079190][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.089209][ T5493] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.095042][ T5501] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.124615][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.127811][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.146444][ T5501] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.152997][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.155435][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.163716][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.166799][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.201696][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.204695][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.279017][ T5497] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.339738][ T5497] veth0_vlan: entered promiscuous mode [ 62.356426][ T5497] veth1_vlan: entered promiscuous mode [ 62.395324][ T5497] veth0_macvtap: entered promiscuous mode [ 62.406954][ T5490] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.413890][ T5497] veth1_macvtap: entered promiscuous mode [ 62.445654][ T5497] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.463012][ T5493] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.471720][ T5501] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.476794][ T5497] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.491443][ T5497] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.494881][ T5497] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.498057][ T5497] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.502276][ T5497] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.513928][ T5490] veth0_vlan: entered promiscuous mode [ 62.529596][ T5490] veth1_vlan: entered promiscuous mode [ 62.601707][ T5490] veth0_macvtap: entered promiscuous mode [ 62.629398][ T5490] veth1_macvtap: entered promiscuous mode [ 62.650619][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.650941][ T5501] veth0_vlan: entered promiscuous mode [ 62.653917][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.662090][ T5493] veth0_vlan: entered promiscuous mode [ 62.680545][ T5493] veth1_vlan: entered promiscuous mode [ 62.696004][ T5501] veth1_vlan: entered promiscuous mode [ 62.715434][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.720223][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.726063][ T5490] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.737919][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.741968][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.748214][ T5490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.755118][ T5490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.762700][ T5490] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.779069][ T5490] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.783332][ T5490] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.786863][ T5490] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.790382][ T5490] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.802283][ T5493] veth0_macvtap: entered promiscuous mode [ 62.826481][ T5501] veth0_macvtap: entered promiscuous mode [ 62.841730][ T5493] veth1_macvtap: entered promiscuous mode [ 62.845542][ T5501] veth1_macvtap: entered promiscuous mode [ 62.888817][ T5493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.894480][ T5493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.898336][ T5493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.902507][ T5493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.909005][ T5493] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.919429][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.924693][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.932755][ T5493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.936826][ T5493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.940699][ T5493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.944807][ T5493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.951480][ T5493] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.954955][ T5501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.959519][ T5501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.964492][ T5501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.968062][ T5501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.972662][ T5501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.976855][ T5501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.983080][ T5501] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.999306][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.002501][ T5493] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.006112][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.006940][ T5493] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.013968][ T5493] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.017616][ T5493] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.024390][ T5501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.030027][ T5501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.034053][ T5501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.038454][ T5501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.042518][ T5501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.046259][ T5501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.052360][ T5501] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.066053][ T5501] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.069685][ T5501] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.070542][ T5491] Bluetooth: hci2: command tx timeout [ 63.075174][ T5501] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.075877][ T4768] Bluetooth: hci0: command tx timeout [ 63.079092][ T5501] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.140407][ T4768] Bluetooth: hci1: command tx timeout [ 63.142893][ T4768] Bluetooth: hci3: command tx timeout [ 63.218909][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.229728][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.271374][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.277132][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.301463][ T5568] tmpfs: Bad value for 'mpol' [ 63.308021][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.317847][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.365348][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.374752][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.910869][ T5528] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 64.121352][ T5528] usb 6-1: Using ep0 maxpacket: 32 [ 64.129381][ T5528] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 720 [ 64.137508][ T5528] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 64.142728][ T5528] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 64.153909][ T5528] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 64.158569][ T5528] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 64.168290][ T5528] usb 6-1: SerialNumber: syz [ 64.180983][ T5592] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 64.184128][ T5592] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 64.192858][ T5528] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 64.197236][ T5528] cdc_acm 6-1:1.0: This needs exactly 3 endpoints [ 64.216120][ T5528] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22 [ 64.426174][ T5528] usb 6-1: USB disconnect, device number 2 [ 64.879067][ T39] audit: type=1326 audit(1724767316.577:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.0.200" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0 [ 65.151381][ T5491] Bluetooth: hci0: command tx timeout [ 65.153969][ T5491] Bluetooth: hci2: command tx timeout [ 65.230075][ T5491] Bluetooth: hci3: command tx timeout [ 65.230296][ T4768] Bluetooth: hci1: command tx timeout [ 66.115559][ T5767] syz.0.240(5767): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 67.220241][ T4768] Bluetooth: hci2: command tx timeout [ 67.243300][ T4768] Bluetooth: hci0: command tx timeout [ 67.300930][ T4768] Bluetooth: hci1: command tx timeout [ 67.449907][ T39] audit: type=1326 audit(1724767319.147:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5884 comm="syz.0.301" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0 [ 68.741862][ T57] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 68.945589][ T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 68.951080][ T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64 [ 68.956000][ T57] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 68.992592][ T57] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 69.020231][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 69.024340][ T57] usb 6-1: SerialNumber: syz [ 69.048412][ T5953] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 69.053486][ T5953] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 69.057502][ T57] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 69.061409][ T57] cdc_acm 6-1:1.0: This needs exactly 3 endpoints [ 69.064257][ T57] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22 [ 69.291393][ T1417] usb 6-1: USB disconnect, device number 3 [ 72.680413][ T5564] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 72.942265][ T5564] usb 7-1: Using ep0 maxpacket: 32 [ 72.944568][ T57] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 72.953155][ T5564] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 720 [ 72.958241][ T5564] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 72.980484][ T5564] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 73.010211][ T5564] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 73.019910][ T5564] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 73.025611][ T5564] usb 7-1: SerialNumber: syz [ 73.040556][ T6294] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 73.084814][ T6294] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 73.089290][ T5564] cdc_acm 7-1:1.0: Control and data interfaces are not separated! [ 73.130199][ T5564] cdc_acm 7-1:1.0: This needs exactly 3 endpoints [ 73.145734][ T5564] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -22 [ 73.212563][ T57] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 73.216887][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.238634][ T57] usb 5-1: config 0 descriptor?? [ 73.444236][ T5028] usb 7-1: USB disconnect, device number 2 [ 73.513920][ T57] ath6kl: Failed to submit usb control message: -71 [ 73.517178][ T57] ath6kl: unable to send the bmi data to the device: -71 [ 73.529940][ T57] ath6kl: Unable to send get target info: -71 [ 73.534280][ T57] ath6kl: Failed to init ath6kl core: -71 [ 73.536971][ T57] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 73.546087][ T57] usb 5-1: USB disconnect, device number 2 [ 73.923987][ T6358] PKCS7: Unknown OID: [4] 2.19.0.2.86.14.43(bad) [ 73.928864][ T6358] PKCS7: Only support pkcs7_signedData type [ 74.676077][ T4768] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 74.680386][ T4768] Bluetooth: hci2: Injecting HCI hardware error event [ 74.709762][ T5491] Bluetooth: hci2: hardware error 0x00 [ 74.758349][ T6417] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 74.758349][ T6417] Ue[%#s' [ 75.419935][ T57] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 75.611819][ T57] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 75.618566][ T57] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64 [ 75.637653][ T57] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 75.696402][ T57] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 75.710673][ T6500] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd [ 75.718619][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 75.747095][ T6486] could not allocate digest TFM handle rmd128-generic [ 75.759939][ T57] usb 5-1: SerialNumber: syz [ 75.764670][ T6450] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 75.786533][ T6450] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 75.793123][ T57] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 75.798424][ T57] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 75.819905][ T57] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22 [ 76.025522][ T57] usb 5-1: USB disconnect, device number 3 [ 76.511487][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.514832][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.829971][ T5491] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 78.321051][ T57] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 78.533479][ T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 78.538422][ T57] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 78.543246][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.557550][ T57] usb 6-1: config 0 descriptor?? [ 78.802133][ T57] ath6kl: Failed to submit usb control message: -71 [ 78.805502][ T57] ath6kl: unable to send the bmi data to the device: -71 [ 78.808528][ T57] ath6kl: Unable to send get target info: -71 [ 78.813529][ T57] ath6kl: Failed to init ath6kl core: -71 [ 78.816641][ T57] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 78.825954][ T57] usb 6-1: USB disconnect, device number 4 [ 81.056103][ T5535] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 81.098355][ C0] ================================================================== [ 81.118005][ C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2de0/0x3cb0 [ 81.121397][ C0] Read of size 8 at addr ffff88802ba82018 by task syz.3.828/6955 [ 81.138326][ C0] [ 81.139294][ C0] CPU: 0 UID: 0 PID: 6955 Comm: syz.3.828 Not tainted 6.11.0-rc5-syzkaller-00015-g3e9bff3bbe13 #0 [ 81.143296][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.147642][ C0] Call Trace: [ 81.150179][ C0] [ 81.151461][ C0] dump_stack_lvl+0x116/0x1f0 [ 81.153560][ C0] print_report+0xc3/0x620 [ 81.155760][ C0] ? __virt_addr_valid+0x5e/0x590 [ 81.158520][ C0] ? __phys_addr+0xc6/0x150 [ 81.161845][ C0] kasan_report+0xd9/0x110 [ 81.164554][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 81.167879][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 81.171540][ C0] __lock_acquire+0x2de0/0x3cb0 [ 81.174334][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 81.176379][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 81.178393][ C0] lock_acquire+0x1b1/0x560 [ 81.181550][ C0] ? p9_req_put+0xaf/0x250 [ 81.184120][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 81.187104][ C0] ? __pfx_lock_release+0x10/0x10 [ 81.189776][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 81.192585][ C0] ? p9_req_put+0xaf/0x250 [ 81.194612][ C0] p9_req_put+0xaf/0x250 [ 81.196502][ C0] req_done+0x1e7/0x2f0 [ 81.203239][ C0] ? __pfx_req_done+0x10/0x10 [ 81.205550][ C0] ? __pfx_req_done+0x10/0x10 [ 81.208176][ C0] vring_interrupt+0x31b/0x400 [ 81.210629][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 81.213134][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 81.215912][ C0] handle_irq_event+0xab/0x1e0 [ 81.218235][ C0] handle_edge_irq+0x263/0xd10 [ 81.220384][ C0] __common_interrupt+0xdf/0x250 [ 81.222584][ C0] common_interrupt+0xab/0xd0 [ 81.224890][ C0] [ 81.226175][ C0] [ 81.227363][ C0] asm_common_interrupt+0x26/0x40 [ 81.229572][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0xc/0x20 [ 81.232641][ C0] Code: 00 e9 b8 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 0c 24 40 0f b6 d6 <40> 0f b6 f7 bf 01 00 00 00 e9 86 fe ff ff 66 0f 1f 44 00 00 90 90 [ 81.241281][ C0] RSP: 0018:ffffc9000f2bf670 EFLAGS: 00000246 [ 81.244106][ C0] RAX: ffffc9000f2bf920 RBX: 0000000000000001 RCX: ffffffff81d1e72b [ 81.247323][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000 [ 81.250327][ C0] RBP: 8400000052d2c805 R08: 0000000000000007 R09: 0000000000000000 [ 81.250715][ T5535] usb 5-1: Using ep0 maxpacket: 32 [ 81.253098][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000805 [ 81.253106][ C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000f2bfa98 [ 81.257020][ T5535] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 720 [ 81.258116][ C0] ? unmap_page_range+0xf1b/0x3bf0 [ 81.266298][ T5535] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 81.267032][ C0] unmap_page_range+0xf1b/0x3bf0 [ 81.283420][ T5535] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 81.285144][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 81.304062][ C0] ? mas_next_slot+0xb2a/0x1140 [ 81.306239][ C0] ? uprobe_munmap+0x20/0x5d0 [ 81.308362][ C0] unmap_single_vma+0x194/0x2b0 [ 81.310538][ C0] unmap_vmas+0x22f/0x490 [ 81.312792][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 81.313082][ T5535] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 81.315443][ C0] ? __pfx_lock_release+0x10/0x10 [ 81.320062][ T5535] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 81.322270][ C0] ? lru_add_drain_cpu+0x454/0x860 [ 81.327061][ T5535] usb 5-1: SerialNumber: syz [ 81.329656][ C0] exit_mmap+0x1b8/0xb20 [ 81.341045][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 81.341984][ T6931] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 81.343515][ C0] __mmput+0x12a/0x480 [ 81.346826][ T6931] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 81.349128][ C0] mmput+0x62/0x70 [ 81.354199][ C0] do_exit+0x9bf/0x2bb0 [ 81.356417][ C0] ? get_signal+0x8fb/0x26e0 [ 81.358546][ C0] ? __pfx_do_exit+0x10/0x10 [ 81.361300][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 81.363649][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 81.366022][ C0] do_group_exit+0xd3/0x2a0 [ 81.368058][ T5535] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 81.368133][ C0] get_signal+0x265a/0x26e0 [ 81.371647][ T5535] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 81.373637][ C0] ? __pfx_get_signal+0x10/0x10 [ 81.376938][ T5535] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22 [ 81.379077][ C0] ? __pfx_do_futex+0x10/0x10 [ 81.385627][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 81.388081][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 81.391076][ C0] syscall_exit_to_user_mode+0x150/0x2a0 [ 81.393597][ C0] __do_fast_syscall_32+0x80/0x120 [ 81.395859][ C0] do_fast_syscall_32+0x32/0x80 [ 81.397957][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.401069][ C0] RIP: 0023:0xf7fd6579 [ 81.403638][ C0] Code: Unable to access opcode bytes at 0xf7fd654f. [ 81.407125][ C0] RSP: 002b:00000000f577660c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 81.412198][ C0] RAX: fffffffffffffe00 RBX: 00000000f7494f88 RCX: 0000000000000080 [ 81.416953][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7494f8c [ 81.422017][ C0] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 81.426579][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.430056][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.434434][ C0] [ 81.435819][ C0] [ 81.436937][ C0] Allocated by task 6957: [ 81.438817][ C0] kasan_save_stack+0x33/0x60 [ 81.440891][ C0] kasan_save_track+0x14/0x30 [ 81.443052][ C0] __kasan_kmalloc+0xaa/0xb0 [ 81.445035][ C0] p9_client_create+0xcf/0x11b0 [ 81.446964][ C0] v9fs_session_init+0x1f8/0x1a80 [ 81.449024][ C0] v9fs_mount+0xc6/0xa50 [ 81.450767][ C0] legacy_get_tree+0x109/0x220 [ 81.452603][ C0] vfs_get_tree+0x8f/0x380 [ 81.454318][ C0] path_mount+0x6e1/0x1f10 [ 81.456104][ C0] __ia32_sys_mount+0x292/0x310 [ 81.458221][ C0] __do_fast_syscall_32+0x73/0x120 [ 81.460590][ C0] do_fast_syscall_32+0x32/0x80 [ 81.462969][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.465677][ C0] [ 81.466762][ C0] Freed by task 6957: [ 81.468522][ C0] kasan_save_stack+0x33/0x60 [ 81.470804][ C0] kasan_save_track+0x14/0x30 [ 81.472924][ C0] kasan_save_free_info+0x3b/0x60 [ 81.475315][ C0] poison_slab_object+0xf7/0x160 [ 81.477462][ C0] __kasan_slab_free+0x32/0x50 [ 81.479571][ C0] kfree+0x12a/0x3b0 [ 81.481282][ C0] p9_client_create+0x9ca/0x11b0 [ 81.483472][ C0] v9fs_session_init+0x1f8/0x1a80 [ 81.485720][ C0] v9fs_mount+0xc6/0xa50 [ 81.487494][ C0] legacy_get_tree+0x109/0x220 [ 81.489334][ C0] vfs_get_tree+0x8f/0x380 [ 81.491079][ C0] path_mount+0x6e1/0x1f10 [ 81.492770][ C0] __ia32_sys_mount+0x292/0x310 [ 81.494678][ C0] __do_fast_syscall_32+0x73/0x120 [ 81.496651][ C0] do_fast_syscall_32+0x32/0x80 [ 81.498510][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.501841][ C0] [ 81.502938][ C0] The buggy address belongs to the object at ffff88802ba82000 [ 81.502938][ C0] which belongs to the cache kmalloc-512 of size 512 [ 81.509202][ C0] The buggy address is located 24 bytes inside of [ 81.509202][ C0] freed 512-byte region [ffff88802ba82000, ffff88802ba82200) [ 81.514904][ C0] [ 81.516116][ C0] The buggy address belongs to the physical page: [ 81.518950][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ba80 [ 81.522907][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 81.526891][ C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 81.533041][ C0] page_type: 0xfdffffff(slab) [ 81.535128][ C0] raw: 00fff00000000040 ffff888015842c80 0000000000000000 dead000000000001 [ 81.539045][ C0] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 81.543461][ C0] head: 00fff00000000040 ffff888015842c80 0000000000000000 dead000000000001 [ 81.548007][ C0] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 81.552039][ C0] head: 00fff00000000002 ffffea0000aea001 ffffffffffffffff 0000000000000000 [ 81.557273][ C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 81.562311][ C0] page dumped because: kasan: bad access detected [ 81.567657][ C0] page_owner tracks the page as allocated [ 81.571121][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5493, tgid 5493 (syz-executor), ts 61953016142, free_ts 61941998818 [ 81.580497][ C0] post_alloc_hook+0x2d1/0x350 [ 81.582575][ C0] get_page_from_freelist+0x1351/0x2e50 [ 81.585001][ C0] __alloc_pages_noprof+0x22b/0x2460 [ 81.587423][ C0] alloc_slab_page+0x4e/0xf0 [ 81.589808][ C0] new_slab+0x84/0x260 [ 81.591997][ C0] ___slab_alloc+0xdac/0x1870 [ 81.594756][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 81.598052][ C0] __kmalloc_noprof+0x379/0x410 [ 81.601031][ C0] fib6_info_alloc+0x40/0x160 [ 81.603479][ C0] ip6_route_info_create+0x337/0x1aa0 [ 81.604201][ T5528] usb 5-1: USB disconnect, device number 4 [ 81.606149][ C0] ip6_route_add+0x26/0x1c0 [ 81.611390][ C0] addrconf_prefix_route+0x2fe/0x510 [ 81.614286][ C0] add_v4_addrs+0x74b/0xa00 [ 81.616511][ C0] addrconf_init_auto_addrs+0x18a/0x820 [ 81.619346][ C0] addrconf_notify+0xe9e/0x19d0 [ 81.621829][ C0] notifier_call_chain+0xb9/0x410 [ 81.624822][ C0] page last free pid 5527 tgid 5527 stack trace: [ 81.627874][ C0] free_unref_page+0x64a/0xe40 [ 81.629960][ C0] __put_partials+0x14c/0x170 [ 81.631803][ C0] qlist_free_all+0x4e/0x140 [ 81.633472][ C0] kasan_quarantine_reduce+0x192/0x1e0 [ 81.635740][ C0] __kasan_slab_alloc+0x69/0x90 [ 81.637827][ C0] kmem_cache_alloc_node_noprof+0x153/0x310 [ 81.640420][ C0] __alloc_skb+0x2b3/0x380 [ 81.642477][ C0] alloc_skb_with_frags+0xe4/0x710 [ 81.644597][ C0] sock_alloc_send_pskb+0x7f1/0x980 [ 81.646663][ C0] mld_newpack.isra.0+0x1d4/0x7e0 [ 81.648679][ C0] add_grhead+0x299/0x340 [ 81.650357][ C0] add_grec+0x111e/0x1670 [ 81.652156][ C0] mld_ifc_work+0x41f/0xca0 [ 81.654020][ C0] process_one_work+0x958/0x1ad0 [ 81.655912][ C0] worker_thread+0x6c8/0xed0 [ 81.657694][ C0] kthread+0x2c1/0x3a0 [ 81.659391][ C0] [ 81.660398][ C0] Memory state around the buggy address: [ 81.662973][ C0] ffff88802ba81f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 81.666568][ C0] ffff88802ba81f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 81.670431][ C0] >ffff88802ba82000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.674677][ C0] ^ [ 81.676795][ C0] ffff88802ba82080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.680253][ C0] ffff88802ba82100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.683803][ C0] ================================================================== [ 81.687474][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 81.690760][ C0] CPU: 0 UID: 0 PID: 6955 Comm: syz.3.828 Not tainted 6.11.0-rc5-syzkaller-00015-g3e9bff3bbe13 #0 [ 81.697916][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.702829][ C0] Call Trace: [ 81.704148][ C0] [ 81.705512][ C0] dump_stack_lvl+0x3d/0x1f0 [ 81.707524][ C0] panic+0x6dc/0x7c0 [ 81.709201][ C0] ? __pfx_panic+0x10/0x10 [ 81.711098][ C0] ? rcu_is_watching+0x12/0xc0 [ 81.713164][ C0] ? __pfx_lock_release+0x10/0x10 [ 81.715624][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 81.718191][ C0] check_panic_on_warn+0xab/0xb0 [ 81.720486][ C0] end_report+0x117/0x180 [ 81.722699][ C0] kasan_report+0xe9/0x110 [ 81.724705][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 81.726924][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 81.729356][ C0] __lock_acquire+0x2de0/0x3cb0 [ 81.731641][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 81.734025][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 81.736320][ C0] lock_acquire+0x1b1/0x560 [ 81.738389][ C0] ? p9_req_put+0xaf/0x250 [ 81.740293][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 81.742498][ C0] ? __pfx_lock_release+0x10/0x10 [ 81.744723][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 81.746960][ C0] ? p9_req_put+0xaf/0x250 [ 81.749031][ C0] p9_req_put+0xaf/0x250 [ 81.750945][ C0] req_done+0x1e7/0x2f0 [ 81.752772][ C0] ? __pfx_req_done+0x10/0x10 [ 81.755201][ C0] ? __pfx_req_done+0x10/0x10 [ 81.757699][ C0] vring_interrupt+0x31b/0x400 [ 81.760029][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 81.763368][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 81.766380][ C0] handle_irq_event+0xab/0x1e0 [ 81.769029][ C0] handle_edge_irq+0x263/0xd10 [ 81.771847][ C0] __common_interrupt+0xdf/0x250 [ 81.774122][ C0] common_interrupt+0xab/0xd0 [ 81.776285][ C0] [ 81.778031][ C0] [ 81.779536][ C0] asm_common_interrupt+0x26/0x40 [ 81.781795][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0xc/0x20 [ 81.784556][ C0] Code: 00 e9 b8 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 0c 24 40 0f b6 d6 <40> 0f b6 f7 bf 01 00 00 00 e9 86 fe ff ff 66 0f 1f 44 00 00 90 90 [ 81.793306][ C0] RSP: 0018:ffffc9000f2bf670 EFLAGS: 00000246 [ 81.795996][ C0] RAX: ffffc9000f2bf920 RBX: 0000000000000001 RCX: ffffffff81d1e72b [ 81.799433][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000 [ 81.804085][ C0] RBP: 8400000052d2c805 R08: 0000000000000007 R09: 0000000000000000 [ 81.807712][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000805 [ 81.811505][ C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000f2bfa98 [ 81.815705][ C0] ? unmap_page_range+0xf1b/0x3bf0 [ 81.817950][ C0] unmap_page_range+0xf1b/0x3bf0 [ 81.820044][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 81.822468][ C0] ? mas_next_slot+0xb2a/0x1140 [ 81.824454][ C0] ? uprobe_munmap+0x20/0x5d0 [ 81.826533][ C0] unmap_single_vma+0x194/0x2b0 [ 81.828789][ C0] unmap_vmas+0x22f/0x490 [ 81.830610][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 81.832491][ C0] ? __pfx_lock_release+0x10/0x10 [ 81.834822][ C0] ? lru_add_drain_cpu+0x454/0x860 [ 81.837723][ C0] exit_mmap+0x1b8/0xb20 [ 81.839852][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 81.842736][ C0] __mmput+0x12a/0x480 [ 81.844594][ C0] mmput+0x62/0x70 [ 81.846225][ C0] do_exit+0x9bf/0x2bb0 [ 81.848216][ C0] ? get_signal+0x8fb/0x26e0 [ 81.850256][ C0] ? __pfx_do_exit+0x10/0x10 [ 81.852322][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 81.854555][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 81.856987][ C0] do_group_exit+0xd3/0x2a0 [ 81.859322][ C0] get_signal+0x265a/0x26e0 [ 81.862025][ C0] ? __pfx_get_signal+0x10/0x10 [ 81.864202][ C0] ? __pfx_do_futex+0x10/0x10 [ 81.866276][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 81.868886][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 81.871643][ C0] syscall_exit_to_user_mode+0x150/0x2a0 [ 81.874052][ C0] __do_fast_syscall_32+0x80/0x120 [ 81.876156][ C0] do_fast_syscall_32+0x32/0x80 [ 81.878368][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.881171][ C0] RIP: 0023:0xf7fd6579 [ 81.883002][ C0] Code: Unable to access opcode bytes at 0xf7fd654f. [ 81.885885][ C0] RSP: 002b:00000000f577660c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 81.889529][ C0] RAX: fffffffffffffe00 RBX: 00000000f7494f88 RCX: 0000000000000080 [ 81.892927][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7494f8c [ 81.896377][ C0] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 81.899585][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.902609][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.905635][ C0] [ 81.908315][ C0] Kernel Offset: disabled [ 81.910192][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 14:02:13 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa7725 RDI=ffffffff9511c240 RBP=ffffffff9511c200 RSP=ffffc90000007610 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fa76c0 R15=0000000000000000 RIP=ffffffff84fa774f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7416108 CR3=0000000059226000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffffc90004207a10 RCX=ffffffff813c9f36 RDX=ffff888027082440 RSI=ffffffff813c9fbf RDI=ffffc90004207a20 RBP=ffffc90004207f58 RSP=ffffc90004207988 R8 =0000000000000004 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000000 R12=ffffc90004200000 R13=ffffc90004208000 R14=0000000000000001 R15=0000000000000001 RIP=ffffffff818b1a06 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000ff82df6c CR3=000000005421a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=1ffff920001ddee8 RCX=ffffffff816952eb RDX=0000000000000000 RSI=ffffffff8bb05960 RDI=ffffffff8d77ab50 RBP=0000000000000002 RSP=ffffc90000eef720 R8 =0000000000000000 R9 =fffffbfff20228fb R10=ffffffff901147df R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=ffffffff8ddb94a0 R15=0000000000000000 RIP=ffffffff8171a1d3 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f72ce0f0 CR3=000000001cba8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7420ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813c94d1 RDX=ffff88801ace2440 RSI=0000000000000004 RDI=0000000000000001 RBP=ffffffff8b49d120 RSP=ffffc900031b7708 R8 =0000000000000001 R9 =0000000000000004 R10=0000000000000005 R11=0000000000000000 R12=0000000000000005 R13=0000000000000001 R14=0000000000000008 R15=ffffc900031b77ed RIP=ffffffff818b1c94 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fabfd9dc280 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73e1230 CR3=0000000025260000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000001003e004 Opmask01=0000000000000000 Opmask02=00000000fffffdff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff1a989da0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a2a2a2a2a2a2a 2a2a2a2a2a2a2a2a ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff00ff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffff00000000ff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7487757232b9f056 73732524d5a5f576 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 737373435c021e73 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73202c297325286b 636f6c66206f7420 656c62616e55006e 6f69746974726170 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000251 0000000000000000 31706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000002ef17a65 0000000037333735 313738373d44455a 494c414954494e49 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0045434168a33f31 4e490065545a4150 55175c5e51253334 206c6d3a313c2228 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 76777f7f7bf77f75 5f7f3c7d7f5f4955 5f7f5d5f7fbf377d 777d7f7b73fffb3f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0032303138353738 003d44453d494541 4954494249530039 3930003134322f37 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000002e440039 0000000034322f37 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000