last executing test programs: 1.133636409s ago: executing program 2 (id=1471): syz_emit_ethernet(0x72, &(0x7f0000000ac0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x3c, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "3549a3", 0x0, 0x2f, 0x0, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@fragment={0xa5}], "e45e0d37"}}}}}}}, 0x0) 945.333178ms ago: executing program 0 (id=1474): syz_emit_ethernet(0xfe2f, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x0, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x0, 0xf989, "fbf555f7bd7d050b03d5a10659a687"}]}}}}}}}, 0x0) 945.032436ms ago: executing program 2 (id=1475): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x60}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 823.208509ms ago: executing program 0 (id=1478): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa4}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 823.080449ms ago: executing program 1 (id=1479): syz_emit_ethernet(0x4e, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x18, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0x41, '\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}}}}, 0x0) 721.676502ms ago: executing program 3 (id=1480): syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @empty=0xe0000001}, {0x0, 0x17c1, 0x8}}}}}, 0x0) 721.466976ms ago: executing program 1 (id=1481): syz_emit_ethernet(0x7a, &(0x7f00000001c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60000b28000c2f00fe800000000000000000000000100002fe8000000000000000000000000000aa242088be"], 0x0) 629.415595ms ago: executing program 2 (id=1482): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x2c}, [@ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1010000}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xb682, &(0x7f000000cf3d)=""/195}, 0x48) 592.824623ms ago: executing program 3 (id=1483): ioprio_set$pid(0x2, 0x0, 0x8008) 561.065568ms ago: executing program 0 (id=1484): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x50}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) 534.431443ms ago: executing program 1 (id=1485): syz_emit_ethernet(0x86, &(0x7f0000000040)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x50, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "5b29ab", 0x0, 0x11, 0x0, @mcast2, @mcast1, [@dstopts={0x0, 0x0, '\x00', [@ra={0x5, 0x3a}]}], "fb36eeca6fad50b375a22a584d16ca55"}}}}}}}, 0x0) 385.737451ms ago: executing program 3 (id=1486): futex_waitv(&(0x7f0000000bc0)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f0000000f40), 0x7f00) 385.540745ms ago: executing program 1 (id=1487): prctl$PR_SET_TIMERSLACK(0x1d, 0xffffffffffffffe1) 363.851073ms ago: executing program 2 (id=1488): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000b80)=ANY=[@ANYBLOB="9feb01005ffc"], 0x0, 0xfc5f}, 0x20) 273.597727ms ago: executing program 0 (id=1489): bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x51, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000}, 0x48) 273.494409ms ago: executing program 3 (id=1490): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000063012100000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) 267.175981ms ago: executing program 1 (id=1491): bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@ifindex, 0xffffffffffffffff, 0x11, 0x0, 0x0, @prog_id}, 0x20) 196.45448ms ago: executing program 2 (id=1492): mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xcf393388a9efd10c) 63.971009ms ago: executing program 0 (id=1493): keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0) 63.662355ms ago: executing program 3 (id=1494): membarrier(0x4, 0x0) 303.002µs ago: executing program 1 (id=1495): mount$9p_virtio(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x0, &(0x7f0000000740)={'trans=virtio,', {[{@noextend}]}}) 160.734µs ago: executing program 2 (id=1496): syz_usb_connect$cdc_ncm(0x3, 0x6e, &(0x7f0000000680)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x47b, 0x7}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x36}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x20}}}}}}}]}}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0}) 69.77µs ago: executing program 3 (id=1497): lsm_set_self_attr(0x64, &(0x7f0000001c40)={0x68, 0x0, 0x20}, 0x20, 0x0) 0s ago: executing program 0 (id=1498): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x0, [{0x0, 0x2, 0x1000000}]}, @typedef={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x3e}, 0x20) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:56847' (ED25519) to the list of known hosts. [ 59.203547][ T5272] cgroup: Unknown subsys name 'net' [ 59.401101][ T5272] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 60.974100][ T5272] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 70.040634][ T1217] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.043944][ T1217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.211020][ T3182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.218802][ T3182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.490718][ C0] vkms_vblank_simulate: vblank timer overrun [ 71.895006][ T5665] mmap: syz.2.266 (5665) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 72.119737][ C0] vkms_vblank_simulate: vblank timer overrun [ 72.454694][ C0] vkms_vblank_simulate: vblank timer overrun [ 73.787005][ C0] vkms_vblank_simulate: vblank timer overrun [ 76.791879][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.808191][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.813145][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.823887][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.828694][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.846204][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.852146][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.853564][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.859482][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.859753][ T5842] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 76.871241][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.875729][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.878289][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 76.902231][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 76.919738][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.923672][ T5847] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.927521][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.955943][ T4770] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 76.980524][ T4770] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 76.999296][ T4770] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.044778][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.076018][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.081299][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.086916][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.122140][ T5847] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.125746][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.356182][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 77.504583][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 77.965892][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.970340][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.973762][ T5840] bridge_slave_0: entered allmulticast mode [ 77.978043][ T5840] bridge_slave_0: entered promiscuous mode [ 78.074366][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.076894][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.081418][ T5840] bridge_slave_1: entered allmulticast mode [ 78.085394][ T5840] bridge_slave_1: entered promiscuous mode [ 78.135992][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.142890][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.146204][ T5841] bridge_slave_0: entered allmulticast mode [ 78.150702][ T5841] bridge_slave_0: entered promiscuous mode [ 78.160223][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 78.203074][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.208599][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 78.221501][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.225502][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.229246][ T5841] bridge_slave_1: entered allmulticast mode [ 78.233065][ T5841] bridge_slave_1: entered promiscuous mode [ 78.248073][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.321259][ T5840] team0: Port device team_slave_0 added [ 78.428434][ T5840] team0: Port device team_slave_1 added [ 78.597536][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.600825][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.613822][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.622415][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.669509][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.672664][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.683052][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.718236][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.777403][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.782947][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.787161][ T5848] bridge_slave_0: entered allmulticast mode [ 78.791253][ T5848] bridge_slave_0: entered promiscuous mode [ 78.854682][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.858071][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.864236][ T5848] bridge_slave_1: entered allmulticast mode [ 78.868299][ T5848] bridge_slave_1: entered promiscuous mode [ 78.923958][ T5847] Bluetooth: hci1: command tx timeout [ 78.945357][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.948883][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.952524][ T5837] bridge_slave_0: entered allmulticast mode [ 78.956670][ T5837] bridge_slave_0: entered promiscuous mode [ 78.965382][ T5841] team0: Port device team_slave_0 added [ 78.972725][ T5841] team0: Port device team_slave_1 added [ 78.999392][ T5847] Bluetooth: hci0: command tx timeout [ 79.047953][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.052084][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.055555][ T5837] bridge_slave_1: entered allmulticast mode [ 79.060452][ T5837] bridge_slave_1: entered promiscuous mode [ 79.089076][ T5847] Bluetooth: hci2: command tx timeout [ 79.125210][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.132319][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.144575][ T5840] hsr_slave_0: entered promiscuous mode [ 79.148389][ T5840] hsr_slave_1: entered promiscuous mode [ 79.159069][ T5847] Bluetooth: hci3: command tx timeout [ 79.197123][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.200999][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.232285][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.377304][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.380383][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.398218][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.431078][ T5848] team0: Port device team_slave_0 added [ 79.437619][ T5848] team0: Port device team_slave_1 added [ 79.505455][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.606182][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.609276][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.619885][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.690464][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.707161][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.713953][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.728030][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.818422][ T5841] hsr_slave_0: entered promiscuous mode [ 79.827037][ T5841] hsr_slave_1: entered promiscuous mode [ 79.832989][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.836130][ T5841] Cannot create hsr debugfs directory [ 79.871368][ T5837] team0: Port device team_slave_0 added [ 79.877512][ T5837] team0: Port device team_slave_1 added [ 80.092008][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.095086][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.105310][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.150762][ T5848] hsr_slave_0: entered promiscuous mode [ 80.154677][ T5848] hsr_slave_1: entered promiscuous mode [ 80.158124][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.161710][ T5848] Cannot create hsr debugfs directory [ 80.172081][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.175497][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.192439][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.411326][ T5837] hsr_slave_0: entered promiscuous mode [ 80.414724][ T5837] hsr_slave_1: entered promiscuous mode [ 80.437876][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 80.441810][ T5837] Cannot create hsr debugfs directory [ 80.597395][ T5840] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.702704][ T5840] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.770613][ T5840] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.778289][ T5840] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.008951][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.011697][ T5847] Bluetooth: hci1: command tx timeout [ 81.019670][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.026869][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.034470][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.080314][ T5847] Bluetooth: hci0: command tx timeout [ 81.135500][ T5841] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.144401][ T5841] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.152761][ T5841] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.169396][ T5847] Bluetooth: hci2: command tx timeout [ 81.184841][ T5841] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.254065][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.255553][ T5847] Bluetooth: hci3: command tx timeout [ 81.315693][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.323739][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.364231][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.371398][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 81.456374][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.482401][ T3182] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.486893][ T3182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.516064][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.536853][ T1217] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.540677][ T1217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.575633][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.601850][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.635301][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.641019][ T1217] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.643811][ T1217] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.679090][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.719986][ T3182] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.723902][ T3182] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.732123][ T3182] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.735393][ T3182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.742096][ T3182] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.745300][ T3182] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.763645][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.797804][ T3182] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.801517][ T3182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.830903][ T3182] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.834135][ T3182] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.853626][ T5848] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.924921][ T5841] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.956714][ T5837] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 81.961267][ T5837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.123051][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.135300][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.150042][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.180912][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.239666][ T5848] veth0_vlan: entered promiscuous mode [ 82.261803][ T5840] veth0_vlan: entered promiscuous mode [ 82.271034][ T5840] veth1_vlan: entered promiscuous mode [ 82.295479][ T5848] veth1_vlan: entered promiscuous mode [ 82.396894][ T5837] veth0_vlan: entered promiscuous mode [ 82.424306][ T5841] veth0_vlan: entered promiscuous mode [ 82.438460][ T5848] veth0_macvtap: entered promiscuous mode [ 82.466340][ T5841] veth1_vlan: entered promiscuous mode [ 82.479527][ T5837] veth1_vlan: entered promiscuous mode [ 82.487020][ T5840] veth0_macvtap: entered promiscuous mode [ 82.496951][ T5840] veth1_macvtap: entered promiscuous mode [ 82.506595][ T5848] veth1_macvtap: entered promiscuous mode [ 82.579310][ T5841] veth0_macvtap: entered promiscuous mode [ 82.601481][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.626700][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.634230][ T5840] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.638399][ T5840] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.642337][ T5840] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.646157][ T5840] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.658828][ T5841] veth1_macvtap: entered promiscuous mode [ 82.677982][ T5837] veth0_macvtap: entered promiscuous mode [ 82.712458][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.718671][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.732093][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.741425][ T5837] veth1_macvtap: entered promiscuous mode [ 82.756577][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.768317][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.776679][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.810977][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.814624][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.818302][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.823653][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.842945][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.849246][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.853324][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.857642][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.867773][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.880679][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.884420][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.888049][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.893098][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.898181][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.942795][ T5841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.947181][ T5841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.952546][ T5841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.956891][ T5841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.966125][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.982367][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.986695][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.993331][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.997925][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.003547][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.009161][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.029279][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.032543][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.050244][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.054894][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.059307][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.063599][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.067543][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.073370][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.079084][ T5847] Bluetooth: hci1: command tx timeout [ 83.080591][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.105590][ T5837] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.118865][ T5837] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.122852][ T5837] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.126978][ T5837] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.159006][ T5847] Bluetooth: hci0: command tx timeout [ 83.250046][ T5847] Bluetooth: hci2: command tx timeout [ 83.257396][ T3182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.263023][ T3182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.289079][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.291997][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.319832][ T5847] Bluetooth: hci3: command tx timeout [ 83.353664][ T1217] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.357000][ T1217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.401380][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.405573][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.415039][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.418329][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.472780][ T1217] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.476926][ T1217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.553796][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.562736][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.169263][ T5847] Bluetooth: hci1: command tx timeout [ 85.259171][ T5847] Bluetooth: hci0: command tx timeout [ 85.329460][ T5847] Bluetooth: hci2: command tx timeout [ 85.424375][ T5847] Bluetooth: hci3: command tx timeout [ 87.709449][ T6107] binder: Binderfs stats mode cannot be changed during a remount [ 89.401622][ T6201] bpf: Bad value for 'uid' [ 89.609269][ T6214] futex_wake_op: syz.0.584 tries to shift op by 32; fix this program [ 91.053732][ T6321] 9pnet: Unknown protocol version 9p20\++} [ 91.288852][ T6338] tmpfs: Unknown parameter 'smackfshat' [ 91.444723][ T6355] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0001 with DS=0x7 [ 91.864888][ T39] audit: type=1326 audit(1724737415.856:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.1.671" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x0 [ 92.003448][ C2] Adjusting tsc more than 11% (5229272 vs 7162503) [ 92.172196][ T6417] futex_wake_op: syz.3.684 tries to shift op by -1; fix this program [ 92.319199][ T35] cfg80211: failed to load regulatory.db [ 92.651659][ T39] audit: type=1326 audit(1724737416.508:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6449 comm="syz.1.703" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x0 [ 93.581081][ T6504] could not allocate digest TFM handle rmd128-generic [ 94.153710][ T5847] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 94.174639][ T5847] Bluetooth: hci0: Injecting HCI hardware error event [ 94.179194][ T5847] Bluetooth: hci0: hardware error 0x00 [ 94.677715][ T6585] syz.0.768 (6585): attempted to duplicate a private mapping with mremap. This is not supported. [ 95.001276][ T5838] Bluetooth: hci0: unexpected event for opcode 0x0c14 [ 96.915495][ T5847] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 98.763104][ T30] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 98.975089][ T30] usb 7-1: Using ep0 maxpacket: 32 [ 98.981844][ T30] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 720 [ 98.990392][ T30] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 99.003750][ T30] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 99.018521][ T30] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 99.023277][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 99.028351][ T30] usb 7-1: SerialNumber: syz [ 99.036137][ T6845] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 99.041703][ T6845] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 99.053734][ T30] cdc_acm 7-1:1.0: Control and data interfaces are not separated! [ 99.080428][ T30] cdc_acm 7-1:1.0: This needs exactly 3 endpoints [ 99.091856][ T30] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -22 [ 99.343232][ T30] usb 7-1: USB disconnect, device number 2 [ 101.882143][ T39] audit: type=1326 audit(1724737425.801:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7043 comm="syz.0.996" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 102.349472][ T7087] tmpfs: Bad value for 'mpol' [ 102.596330][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 102.817338][ T9] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 102.838333][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.865781][ T9] usb 6-1: config 0 descriptor?? [ 102.986395][ T1294] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 103.167660][ T9] ath6kl: Failed to submit usb control message: -71 [ 103.171845][ T9] ath6kl: unable to send the bmi data to the device: -71 [ 103.179229][ T1294] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 103.187094][ T1294] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 103.188743][ T9] ath6kl: Unable to send get target info: -71 [ 103.193734][ T1294] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.211487][ T9] ath6kl: Failed to init ath6kl core: -71 [ 103.225320][ T9] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 103.260618][ T1294] usb 8-1: config 0 descriptor?? [ 103.303330][ T9] usb 6-1: USB disconnect, device number 2 [ 103.574426][ T1294] ath6kl: Failed to submit usb control message: -71 [ 103.577103][ T1294] ath6kl: unable to send the bmi data to the device: -71 [ 103.604672][ T1294] ath6kl: Unable to send get target info: -71 [ 103.608899][ T1294] ath6kl: Failed to init ath6kl core: -71 [ 103.626300][ T1294] ath6kl_usb 8-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 103.633014][ T1294] usb 8-1: USB disconnect, device number 2 [ 104.143637][ T7173] binder: Bad value for 'max' [ 106.301470][ T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 106.558835][ T9] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 106.562749][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.581586][ T9] usb 8-1: config 0 descriptor?? [ 106.878579][ T9] ath6kl: Failed to submit usb control message: -71 [ 106.919843][ T9] ath6kl: unable to send the bmi data to the device: -71 [ 106.923822][ T9] ath6kl: Unable to send get target info: -71 [ 106.974584][ T9] ath6kl: Failed to init ath6kl core: -71 [ 106.976920][ T9] ath6kl_usb 8-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 107.007908][ T9] usb 8-1: USB disconnect, device number 3 [ 108.275147][ T7415] IPv6: addrconf: prefix option has invalid lifetime [ 108.318946][ T5877] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 108.561957][ T5877] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 108.569001][ T5877] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.578801][ T5877] usb 5-1: config 0 descriptor?? [ 108.823857][ T5877] ath6kl: Failed to submit usb control message: -71 [ 108.830594][ T5877] ath6kl: unable to send the bmi data to the device: -71 [ 108.852146][ T5877] ath6kl: Unable to send get target info: -71 [ 108.856254][ T5877] ath6kl: Failed to init ath6kl core: -71 [ 108.859836][ T5877] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 108.901435][ T5877] usb 5-1: USB disconnect, device number 2 [ 109.194762][ T7478] PKCS7: Unknown OID: [4] 2.19.0.2.86.14.43(bad) [ 109.199598][ T7478] PKCS7: Only support pkcs7_signedData type [ 109.960289][ T7523] dns_resolver: Unsupported server list version (0) [ 110.314934][ T7549] dccp_v6_rcv: dropped packet with invalid checksum [ 110.856207][ T7589] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 110.856207][ T7589] Ue[%#s' [ 114.944890][ T7885] dccp_invalid_packet: invalid packet type [ 118.257592][ C0] ================================================================== [ 118.261789][ C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2de0/0x3cb0 [ 118.319086][ C0] Read of size 8 at addr ffff888026b6c418 by task kworker/u32:8/1106 [ 118.323153][ C0] [ 118.324142][ C0] CPU: 0 UID: 0 PID: 1106 Comm: kworker/u32:8 Not tainted 6.11.0-rc5-syzkaller-00015-g3e9bff3bbe13 #0 [ 118.330752][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 118.336224][ C0] Workqueue: bat_events batadv_nc_worker [ 118.339049][ C0] Call Trace: [ 118.343457][ C0] [ 118.345050][ C0] dump_stack_lvl+0x116/0x1f0 [ 118.347605][ C0] print_report+0xc3/0x620 [ 118.351443][ C0] ? __virt_addr_valid+0x5e/0x590 [ 118.353456][ C0] ? __phys_addr+0xc6/0x150 [ 118.355440][ C0] kasan_report+0xd9/0x110 [ 118.357373][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 118.359645][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 118.362043][ C0] __lock_acquire+0x2de0/0x3cb0 [ 118.364140][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 118.366398][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 118.368727][ C0] lock_acquire+0x1b1/0x560 [ 118.370840][ C0] ? p9_req_put+0xaf/0x250 [ 118.372931][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 118.375192][ C0] ? __pfx_lock_release+0x10/0x10 [ 118.379010][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 118.383288][ C0] ? p9_req_put+0xaf/0x250 [ 118.387021][ C0] p9_req_put+0xaf/0x250 [ 118.389582][ C0] req_done+0x1e7/0x2f0 [ 118.392039][ C0] ? __pfx_req_done+0x10/0x10 [ 118.394802][ C0] ? __pfx_req_done+0x10/0x10 [ 118.397472][ C0] vring_interrupt+0x31b/0x400 [ 118.399725][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 118.402268][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 118.406821][ C0] handle_irq_event+0xab/0x1e0 [ 118.409186][ C0] handle_edge_irq+0x263/0xd10 [ 118.411273][ C0] __common_interrupt+0xdf/0x250 [ 118.413888][ C0] common_interrupt+0xab/0xd0 [ 118.416284][ C0] [ 118.418443][ C0] [ 118.419925][ C0] asm_common_interrupt+0x26/0x40 [ 118.422495][ C0] RIP: 0010:lock_release+0x129/0x6f0 [ 118.425569][ C0] Code: 0f 85 d6 02 00 00 65 4c 8b 35 43 97 9a 7e 49 8d be dc 0a 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 59 05 00 00 41 [ 118.437333][ C0] RSP: 0018:ffffc90006bf7ad0 EFLAGS: 00000a03 [ 118.440327][ C0] RAX: dffffc0000000000 RBX: 1ffff92000d7ef5c RCX: ffffffff81694359 [ 118.444317][ C0] RDX: 0000000000000000 RSI: ffffffff8bb05960 RDI: ffff8880205caf1c [ 118.448500][ C0] RBP: ffffffff901178b8 R08: 0000000000000000 R09: fffffbfff20228fb [ 118.453142][ C0] R10: ffffffff901147df R11: 0000000000000000 R12: ffffffff8ddb94a0 [ 118.458073][ C0] R13: ffff8880158b0000 R14: ffff8880205ca440 R15: dffffc0000000000 [ 118.463468][ C0] ? lock_release+0xa9/0x6f0 [ 118.466322][ C0] ? batadv_nc_worker+0x887/0x1060 [ 118.469452][ C0] ? __pfx_lock_release+0x10/0x10 [ 118.472506][ C0] ? debug_object_deactivate+0x1f0/0x370 [ 118.475698][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 118.478141][ C0] batadv_nc_worker+0x88c/0x1060 [ 118.480496][ C0] ? __pfx_batadv_nc_worker+0x10/0x10 [ 118.483819][ C0] ? __pfx_lock_release+0x10/0x10 [ 118.486888][ C0] process_one_work+0x958/0x1ad0 [ 118.490371][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 118.493561][ C0] ? __pfx_process_one_work+0x10/0x10 [ 118.497139][ C0] ? assign_work+0x1a0/0x250 [ 118.501345][ C0] worker_thread+0x6c8/0xed0 [ 118.504163][ C0] ? __kthread_parkme+0x148/0x220 [ 118.507851][ C0] ? __pfx_worker_thread+0x10/0x10 [ 118.511014][ C0] kthread+0x2c1/0x3a0 [ 118.514805][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 118.517970][ C0] ? __pfx_kthread+0x10/0x10 [ 118.520815][ C0] ret_from_fork+0x45/0x80 [ 118.523547][ C0] ? __pfx_kthread+0x10/0x10 [ 118.526586][ C0] ret_from_fork_asm+0x1a/0x30 [ 118.529542][ C0] [ 118.531488][ C0] [ 118.533256][ C0] Allocated by task 8071: [ 118.535902][ C0] kasan_save_stack+0x33/0x60 [ 118.538771][ C0] kasan_save_track+0x14/0x30 [ 118.541645][ C0] __kasan_kmalloc+0xaa/0xb0 [ 118.544393][ C0] p9_client_create+0xcf/0x11b0 [ 118.547250][ C0] v9fs_session_init+0x1f8/0x1a80 [ 118.550335][ C0] v9fs_mount+0xc6/0xa50 [ 118.552910][ C0] legacy_get_tree+0x109/0x220 [ 118.555900][ C0] vfs_get_tree+0x8f/0x380 [ 118.558917][ C0] path_mount+0x6e1/0x1f10 [ 118.561616][ C0] __ia32_sys_mount+0x292/0x310 [ 118.564613][ C0] __do_fast_syscall_32+0x73/0x120 [ 118.568003][ C0] do_fast_syscall_32+0x32/0x80 [ 118.570978][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 118.574858][ C0] [ 118.576249][ C0] Freed by task 8071: [ 118.579188][ C0] kasan_save_stack+0x33/0x60 [ 118.582751][ C0] kasan_save_track+0x14/0x30 [ 118.585698][ C0] kasan_save_free_info+0x3b/0x60 [ 118.588974][ C0] poison_slab_object+0xf7/0x160 [ 118.592040][ C0] __kasan_slab_free+0x32/0x50 [ 118.594966][ C0] kfree+0x12a/0x3b0 [ 118.598071][ C0] p9_client_create+0x9ca/0x11b0 [ 118.601464][ C0] v9fs_session_init+0x1f8/0x1a80 [ 118.604590][ C0] v9fs_mount+0xc6/0xa50 [ 118.607228][ C0] legacy_get_tree+0x109/0x220 [ 118.612474][ C0] vfs_get_tree+0x8f/0x380 [ 118.615353][ C0] path_mount+0x6e1/0x1f10 [ 118.620476][ C0] __ia32_sys_mount+0x292/0x310 [ 118.624836][ C0] __do_fast_syscall_32+0x73/0x120 [ 118.628807][ C0] do_fast_syscall_32+0x32/0x80 [ 118.631971][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 118.636291][ C0] [ 118.637529][ T1294] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 118.642507][ C0] The buggy address belongs to the object at ffff888026b6c400 [ 118.642507][ C0] which belongs to the cache kmalloc-512 of size 512 [ 118.651775][ C0] The buggy address is located 24 bytes inside of [ 118.651775][ C0] freed 512-byte region [ffff888026b6c400, ffff888026b6c600) [ 118.662394][ C0] [ 118.662402][ C0] The buggy address belongs to the physical page: [ 118.662408][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888026b6dc00 pfn:0x26b6c [ 118.662424][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 118.662435][ C0] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 118.662449][ C0] page_type: 0xfdffffff(slab) [ 118.662462][ C0] raw: 00fff00000000040 ffff888015842c80 ffffea000048e200 dead000000000002 [ 118.693641][ C0] raw: ffff888026b6dc00 000000008010000e 00000001fdffffff 0000000000000000 [ 118.698921][ C0] head: 00fff00000000040 ffff888015842c80 ffffea000048e200 dead000000000002 [ 118.705322][ C0] head: ffff888026b6dc00 000000008010000e 00000001fdffffff 0000000000000000 [ 118.711496][ C0] head: 00fff00000000002 ffffea00009adb01 ffffffffffffffff 0000000000000000 [ 118.716796][ C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 118.723430][ C0] page dumped because: kasan: bad access detected [ 118.731255][ C0] page_owner tracks the page as allocated [ 118.734137][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x352800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL|__GFP_THISNODE), pid 5840, tgid 5840 (syz-executor), ts 82588410229, free_ts 82564170314 [ 118.749505][ C0] post_alloc_hook+0x2d1/0x350 [ 118.752569][ C0] get_page_from_freelist+0x1351/0x2e50 [ 118.756758][ C0] __alloc_pages_noprof+0x22b/0x2460 [ 118.760126][ C0] alloc_slab_page+0x4e/0xf0 [ 118.763079][ C0] new_slab+0x84/0x260 [ 118.765593][ C0] ___slab_alloc+0xdac/0x1870 [ 118.768408][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 118.771148][ C0] __kmalloc_node_noprof+0x367/0x440 [ 118.773828][ C0] alloc_slab_obj_exts+0x41/0xa0 [ 118.776348][ C0] new_slab+0x20f/0x260 [ 118.778869][ C0] ___slab_alloc+0xdac/0x1870 [ 118.781649][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 118.784906][ C0] kmem_cache_alloc_noprof+0x2ae/0x2f0 [ 118.788380][ C0] fib_insert_alias+0x43c/0xe30 [ 118.792088][ C0] fib_table_insert+0xaab/0x1d70 [ 118.795301][ C0] fib_magic+0x4d6/0x5c0 [ 118.798198][ C0] page last free pid 5875 tgid 5875 stack trace: [ 118.802511][ C0] free_unref_page+0x64a/0xe40 [ 118.805396][ C0] qlist_free_all+0x4e/0x140 [ 118.808266][ C0] kasan_quarantine_reduce+0x192/0x1e0 [ 118.811712][ C0] __kasan_slab_alloc+0x69/0x90 [ 118.814760][ C0] kmem_cache_alloc_node_noprof+0x153/0x310 [ 118.818437][ C0] __alloc_skb+0x2b3/0x380 [ 118.821814][ C0] alloc_skb_with_frags+0xe4/0x710 [ 118.825114][ C0] sock_alloc_send_pskb+0x7f1/0x980 [ 118.828521][ C0] mld_newpack.isra.0+0x1d4/0x7e0 [ 118.831811][ C0] add_grhead+0x299/0x340 [ 118.834560][ C0] add_grec+0x111e/0x1670 [ 118.837337][ C0] mld_ifc_work+0x41f/0xca0 [ 118.838473][ T1294] usb 7-1: Using ep0 maxpacket: 32 [ 118.840370][ C0] process_one_work+0x958/0x1ad0 [ 118.851308][ C0] worker_thread+0x6c8/0xed0 [ 118.854673][ C0] kthread+0x2c1/0x3a0 [ 118.857256][ C0] ret_from_fork+0x45/0x80 [ 118.859306][ C0] [ 118.860355][ C0] Memory state around the buggy address: [ 118.864028][ C0] ffff888026b6c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 118.869480][ C0] ffff888026b6c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 118.871133][ T1294] usb 7-1: unable to get BOS descriptor or descriptor too short [ 118.873644][ C0] >ffff888026b6c400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.891574][ C0] ^ [ 118.894117][ C0] ffff888026b6c480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.895753][ T1294] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.899164][ C0] ffff888026b6c500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 118.899175][ C0] ================================================================== [ 118.899182][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 118.899190][ C0] CPU: 0 UID: 0 PID: 1106 Comm: kworker/u32:8 Not tainted 6.11.0-rc5-syzkaller-00015-g3e9bff3bbe13 #0 [ 118.899207][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 118.899257][ C0] Workqueue: bat_events batadv_nc_worker [ 118.899281][ C0] Call Trace: [ 118.899325][ C0] [ 118.899333][ C0] dump_stack_lvl+0x3d/0x1f0 [ 118.899358][ C0] panic+0x6dc/0x7c0 [ 118.899416][ C0] ? __pfx_panic+0x10/0x10 [ 118.899473][ C0] ? rcu_is_watching+0x12/0xc0 [ 118.899492][ C0] ? __pfx_lock_release+0x10/0x10 [ 118.899549][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 118.899608][ C0] check_panic_on_warn+0xab/0xb0 [ 118.899627][ C0] end_report+0x117/0x180 [ 118.899644][ C0] kasan_report+0xe9/0x110 [ 118.899705][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 118.899759][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 118.899781][ C0] __lock_acquire+0x2de0/0x3cb0 [ 118.899803][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 118.899897][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 118.899920][ C0] lock_acquire+0x1b1/0x560 [ 118.899939][ C0] ? p9_req_put+0xaf/0x250 [ 118.900033][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 118.900050][ C0] ? __pfx_lock_release+0x10/0x10 [ 118.900070][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 118.900129][ C0] ? p9_req_put+0xaf/0x250 [ 118.900144][ C0] p9_req_put+0xaf/0x250 [ 118.900160][ C0] req_done+0x1e7/0x2f0 [ 118.900215][ C0] ? __pfx_req_done+0x10/0x10 [ 118.900229][ C0] ? __pfx_req_done+0x10/0x10 [ 118.900242][ C0] vring_interrupt+0x31b/0x400 [ 118.900303][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 118.900322][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 118.900406][ C0] handle_irq_event+0xab/0x1e0 [ 118.900430][ C0] handle_edge_irq+0x263/0xd10 [ 118.900451][ C0] __common_interrupt+0xdf/0x250 [ 118.900538][ C0] common_interrupt+0xab/0xd0 [ 118.900561][ C0] [ 118.900566][ C0] [ 118.900572][ C0] asm_common_interrupt+0x26/0x40 [ 118.900638][ C0] RIP: 0010:lock_release+0x129/0x6f0 [ 118.900658][ C0] Code: 0f 85 d6 02 00 00 65 4c 8b 35 43 97 9a 7e 49 8d be dc 0a 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 59 05 00 00 41 [ 118.900716][ C0] RSP: 0018:ffffc90006bf7ad0 EFLAGS: 00000a03 [ 118.900730][ C0] RAX: dffffc0000000000 RBX: 1ffff92000d7ef5c RCX: ffffffff81694359 [ 118.900741][ C0] RDX: 0000000000000000 RSI: ffffffff8bb05960 RDI: ffff8880205caf1c [ 118.900751][ C0] RBP: ffffffff901178b8 R08: 0000000000000000 R09: fffffbfff20228fb [ 118.900760][ C0] R10: ffffffff901147df R11: 0000000000000000 R12: ffffffff8ddb94a0 [ 118.900770][ C0] R13: ffff8880158b0000 R14: ffff8880205ca440 R15: dffffc0000000000 [ 118.900783][ C0] ? lock_release+0xa9/0x6f0 [ 118.900804][ C0] ? batadv_nc_worker+0x887/0x1060 [ 118.900824][ C0] ? __pfx_lock_release+0x10/0x10 [ 118.900842][ C0] ? debug_object_deactivate+0x1f0/0x370 [ 118.900865][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 118.900885][ C0] batadv_nc_worker+0x88c/0x1060 [ 118.900908][ C0] ? __pfx_batadv_nc_worker+0x10/0x10 [ 118.900927][ C0] ? __pfx_lock_release+0x10/0x10 [ 118.900949][ C0] process_one_work+0x958/0x1ad0 [ 118.900974][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 118.900993][ C0] ? __pfx_process_one_work+0x10/0x10 [ 118.901014][ C0] ? assign_work+0x1a0/0x250 [ 118.901034][ C0] worker_thread+0x6c8/0xed0 [ 118.901058][ C0] ? __kthread_parkme+0x148/0x220 [ 118.901074][ C0] ? __pfx_worker_thread+0x10/0x10 [ 118.901092][ C0] kthread+0x2c1/0x3a0 [ 118.901106][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 118.901122][ C0] ? __pfx_kthread+0x10/0x10 [ 118.901137][ C0] ret_from_fork+0x45/0x80 [ 118.901158][ C0] ? __pfx_kthread+0x10/0x10 [ 118.901173][ C0] ret_from_fork_asm+0x1a/0x30 [ 118.901196][ C0] [ 118.906325][ C0] Kernel Offset: disabled VM DIAGNOSIS: 05:44:02 Registers: info registers vcpu 0 CPU#0 RAX=000000000000000a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa7725 RDI=ffffffff9511c240 RBP=ffffffff9511c200 RSP=ffffc90000007610 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=53414b203a475542 R12=0000000000000000 R13=000000000000000a R14=ffffffff84fa76c0 R15=0000000000000000 RIP=ffffffff84fa774f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7486108 CR3=000000000db7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000006 RCX=ffffffff813c94d1 RDX=ffff88801a364880 RSI=0000000000000007 RDI=0000000000000001 RBP=ffffffff8b49d120 RSP=ffffc90002e07888 R8 =0000000000000001 R9 =0000000000000007 R10=0000000000000005 R11=0000000000000000 R12=0000000000000005 R13=0000000000000001 R14=0000000000000008 R15=ffffc90002e07975 RIP=ffffffff818b1a31 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007faa034a5280 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7330010 CR3=0000000047dec000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=00000000000001ff Opmask02=00000000103effff Opmask03=0000000000000000 Opmask04=00000000ffdfffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe65a7a190 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a2a2a2a2a2a2a 2a2a2a2a2a2a2a2a ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff000000ff000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffff00ff00000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff000000ff000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0b78cfff31eba9f8 7373261c0e1c961c ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000000 00006b636f6c6200 6c6175747269762f 736563697665642f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c005d0033706f6f 6c006b636f6c6200 6c6175747269762f 736563697665642f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000231 0000000000000000 33706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 68636163627c2a64 76787c2a64767c2a 72737c2a64737c2a 656d766e7c00312d ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 68303e3b3a38253b 3a253e3a6e68303b 21383b657a687438 2739243c3b243b27 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 69305f474f5b647c 6930382432273f39 7b27697a787c7a30 23333a3a38263342 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88801d3c8000 RCX=ffffffff814f5386 RDX=ffff88801d3c8000 RSI=0000000000000000 RDI=0000000000000007 RBP=ffffc90004b3ad80 RSP=ffffc90004b3fbd0 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffc90004b38000 R13=dffffc0000000000 R14=0000000000000000 R15=ffffc90004b3f618 RIP=ffffffff818b19a0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f745ced0 CR3=000000002770a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7470ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff8150e43b RDX=ffff88801c3a4880 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc900039f7d80 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffffff8dc6bb00 R13=ffff888011cfae00 R14=ffffc900039f7ea8 R15=0000000000000000 RIP=ffffffff8150e43b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000574d499c CR3=000000005325e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000