last executing test programs: 103.156514ms ago: executing program 2 (id=3): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000001d00)=@qipcrtr, 0x80, 0x0}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000080)={0x4, 0x8001}) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x8}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast]}, 0x80, 0x0}, 0x0) socket$netlink(0x10, 0x3, 0x12) r2 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x1c1) mkdirat(r2, &(0x7f0000000100)='./control\x00', 0x0) getdents64(r2, &(0x7f0000000480)=""/79, 0x4f) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) 96.461321ms ago: executing program 3 (id=4): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet_udp(0x2, 0x2, 0x0) (async) r2 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) (async) setsockopt$sock_int(r2, 0x1, 0x35, &(0x7f0000000040)=0x1, 0x4) (async) r3 = socket$pppl2tp(0x18, 0x1, 0x1) (async, rerun: 64) r4 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 64) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e) (async) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) 694.411µs ago: executing program 3 (id=5): open(&(0x7f0000000140)='./file1\x00', 0x60142, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2020) open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x1030002}}, 0x50) read$FUSE(r0, &(0x7f00000065c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10) creat(&(0x7f0000003400)='./file1\x00', 0x0) 502.024µs ago: executing program 1 (id=2): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$dsp(r2, &(0x7f00000004c0)='\x00', 0x1) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) write$UHID_INPUT(r4, &(0x7f0000000a00)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r4, 0x0) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r3, 0xc0884123, &(0x7f00000003c0)={0x6, "bec28100dc85c47e75b7a9d8c4374ca89e3734e814af55eb159434149f65d9d77d9b797d524e8cdae69f99aeb10e4c6ad803b7bdc6a6d3ed3afce8a2129739e1", {0x1, 0xc3d}}) poll(&(0x7f0000000000), 0x20000000000000ea, 0x7) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000040)="f7790066baa00066b86b4266efb8010000000f01d966b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07c4a1157cbd006800000f01d9c4033921820f47a753fd", 0x51}], 0x1, 0x40, 0x0, 0x0) syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 332.315µs ago: executing program 0 (id=1): r0 = socket$can_bcm(0x1d, 0x2, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r1, 0x400, 0x0) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000040), 0x0, 0x0, 0x0) accept$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000200)=0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r2}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') read$FUSE(r4, &(0x7f00000020c0)={0x2020}, 0x2020) r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r5, 0xc010640c, &(0x7f0000000040)={0x11}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x6, 0x6, &(0x7f0000000280)=ANY=[@ANYBLOB="183d00000200000000000000000000003b3908850000001500000087b4c0ff00000000e13303d511c3d23ae5ff0684bc64e069837331140684a2482d9bd4c879dc6537543667bd05c7f66ca20968525efe35559e60acda48c592c52f3903964d60968758"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', r2, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000180)={'tunl0\x00', 0x800}) socket$can_bcm(0x1d, 0x2, 0x2) (async) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) (async) fcntl$setlease(r1, 0x400, 0x0) (async) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000040), 0x0, 0x0, 0x0) (async) accept$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000200)=0x10) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r2}, 0x10) (async) socket$nl_netfilter(0x10, 0x3, 0xc) (async) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') (async) read$FUSE(r4, &(0x7f00000020c0)={0x2020}, 0x2020) (async) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) (async) ioctl$DRM_IOCTL_GET_CAP(r5, 0xc010640c, &(0x7f0000000040)={0x11}) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x6, 0x6, &(0x7f0000000280)=ANY=[@ANYBLOB="183d00000200000000000000000000003b3908850000001500000087b4c0ff00000000e13303d511c3d23ae5ff0684bc64e069837331140684a2482d9bd4c879dc6537543667bd05c7f66ca20968525efe35559e60acda48c592c52f3903964d60968758"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', r2, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94) (async) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000180)={'tunl0\x00', 0x800}) (async) 70.447µs ago: executing program 3 (id=6): mount(0x0, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x10, &(0x7f0000002380)=0x9, 0x4) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000002300)={{0x1, 0x1, 0x18, r0}, './bus\x00'}) fanotify_mark(r2, 0x1, 0x8001800, 0xffffffffffffff9c, &(0x7f0000002340)='./bus\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve1\x00', 0x0}) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'veth0_to_team\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$WG_CMD_GET_DEVICE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)={0x1c, r7, 0x327, 0x70bd27, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020) r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$link(0x8, 0x0, r10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r11 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb) setsockopt$ax25_int(r11, 0x101, 0x6, &(0x7f0000000100), 0x4) r12 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) sendmsg$NFT_BATCH(r1, &(0x7f00000024c0)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x12c8038}, 0xc, &(0x7f0000002480)={&(0x7f0000002540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a00010000020a0108000000000000000000000002d40006004eceaa5107ff947f315af9e45aeebe5a244d6e27fa7f053cea845e26903203b411c0a7f7d75888d9d345df0ba58de48de3b3e7bd13d8937b36f76fb75871284802487326217e2c3722eef0f742ec5e27df2f9d2d26dbe45abf55ecec9252682639c47e20470e44f39159694dafa94c74aaa7a8be9f0ef03e6f2930f880aaded77e42bfa37758f1ca52547958d57de2d3ed5e04e46af162b56a96e46503a095cec1de437d65bd50860dac39cad751424d25b828a64e0c9944d4b680c5d1fd05442684fadabd6bdb42635ba1e451fcd87a0c00044000000000000000050900010073797a310000000048000000000a01020000000000000000059e000908000240000000010c00044000000000000000030900010073797a31000000000c00044000000000000000020800024000000002140000001100010000000000000000000a00200a"], 0x170}, 0x1, 0x0, 0x0, 0x20000810}, 0x4000000) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r12, 0x8914, &(0x7f0000000000)) ioctl$sock_netrom_SIOCADDRT(r8, 0x890b, &(0x7f0000000280)={0x1, @bcast, @bpq0, 0xffff, 'syz0\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xfffffdba, 0x2, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @default, @default]}) ioctl$sock_netrom_SIOCADDRT(r8, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x6, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default]}) setsockopt$ax25_SO_BINDTODEVICE(r11, 0x101, 0x19, &(0x7f0000002500)=@bpq0, 0x10) r13 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_ifreq(r13, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) sendto$packet(r1, &(0x7f0000002280)="0b031200e0ff64000200475400f6a13bb1000000086086dd48035c2d9575a74112f06490c9d8e3e66c275a8e365374c046469de71cc9e93e123a4d284695a0139dc9c35311baede8b72350f96bf7766a97126e4c2bacc3faeaed6633a549b83b4fc3438e8cff8e3947", 0x69, 0x0, &(0x7f0000000140)={0x11, 0x66aff59f0b39f99d, r3, 0x1, 0x4, 0x6, @broadcast}, 0x3) 0s ago: executing program 2 (id=7): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x6, 0x3}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) kernel console output (not intermixed with test programs): [ 38.248474][ T40] audit: type=1400 audit(1735525462.672:81): avc: denied { rlimitinh } for pid=5914 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.254204][ T40] audit: type=1400 audit(1735525462.672:82): avc: denied { siginh } for pid=5914 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 39.824856][ T40] audit: type=1400 audit(1735525464.262:83): avc: denied { read } for pid=5329 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 39.833073][ T40] audit: type=1400 audit(1735525464.262:84): avc: denied { append } for pid=5329 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.841888][ T40] audit: type=1400 audit(1735525464.262:85): avc: denied { open } for pid=5329 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.850150][ T40] audit: type=1400 audit(1735525464.262:86): avc: denied { getattr } for pid=5329 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:53925' (ED25519) to the list of known hosts. [ 39.980747][ T40] audit: type=1400 audit(1735525464.422:87): avc: denied { name_bind } for pid=5918 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 41.513254][ T5920] cgroup: Unknown subsys name 'net' [ 41.660546][ T5920] cgroup: Unknown subsys name 'cpuset' [ 41.664176][ T5920] cgroup: Unknown subsys name 'rlimit' [ 41.795074][ T5925] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 42.358772][ T5920] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 43.827224][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 43.827239][ T40] audit: type=1400 audit(1735525468.262:105): avc: denied { execmem } for pid=5927 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 43.977777][ T40] audit: type=1400 audit(1735525468.412:106): avc: denied { create } for pid=5931 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 43.983672][ T40] audit: type=1400 audit(1735525468.412:107): avc: denied { read write } for pid=5931 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 43.990847][ T40] audit: type=1400 audit(1735525468.412:108): avc: denied { open } for pid=5931 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 43.997906][ T40] audit: type=1400 audit(1735525468.432:109): avc: denied { ioctl } for pid=5931 comm="syz-executor" path="socket:[1725]" dev="sockfs" ino=1725 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 44.010681][ T5933] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 44.013712][ T5933] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 44.016190][ T5933] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 44.019009][ T5933] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 44.021413][ T5933] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 44.024202][ T5933] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 44.026484][ T5933] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 44.028848][ T5933] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 44.034687][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 44.035562][ T40] audit: type=1400 audit(1735525468.472:110): avc: denied { read } for pid=5934 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 44.037359][ T5936] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 44.043210][ T40] audit: type=1400 audit(1735525468.472:111): avc: denied { open } for pid=5934 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 44.046187][ T5936] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 44.047384][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 44.048053][ T5938] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 44.048169][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 44.049223][ T5942] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 44.049426][ T5942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 44.049724][ T5942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 44.049915][ T5942] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 44.050018][ T5942] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 44.052962][ T40] audit: type=1400 audit(1735525468.472:112): avc: denied { mounton } for pid=5934 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 44.059326][ T5933] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 44.080833][ T5933] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 44.083498][ T5933] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 44.085805][ T5933] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 44.088286][ T5942] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 44.121037][ T40] audit: type=1400 audit(1735525468.562:113): avc: denied { module_request } for pid=5934 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 44.149978][ T5934] chnl_net:caif_netlink_parms(): no params data found [ 44.221487][ T5939] chnl_net:caif_netlink_parms(): no params data found [ 44.272513][ T5931] chnl_net:caif_netlink_parms(): no params data found [ 44.278826][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.281247][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.283455][ T5934] bridge_slave_0: entered allmulticast mode [ 44.285722][ T5934] bridge_slave_0: entered promiscuous mode [ 44.293267][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.295393][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.297526][ T5934] bridge_slave_1: entered allmulticast mode [ 44.299748][ T5934] bridge_slave_1: entered promiscuous mode [ 44.380061][ T5934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.399837][ T5941] chnl_net:caif_netlink_parms(): no params data found [ 44.403799][ T5934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.408228][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.410382][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.412533][ T5939] bridge_slave_0: entered allmulticast mode [ 44.414733][ T5939] bridge_slave_0: entered promiscuous mode [ 44.424968][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.427123][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.429656][ T5931] bridge_slave_0: entered allmulticast mode [ 44.431917][ T5931] bridge_slave_0: entered promiscuous mode [ 44.459121][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.461267][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.463420][ T5939] bridge_slave_1: entered allmulticast mode [ 44.465631][ T5939] bridge_slave_1: entered promiscuous mode [ 44.475923][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.478157][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.480294][ T5931] bridge_slave_1: entered allmulticast mode [ 44.482821][ T5931] bridge_slave_1: entered promiscuous mode [ 44.494958][ T5934] team0: Port device team_slave_0 added [ 44.499842][ T5934] team0: Port device team_slave_1 added [ 44.510100][ T5939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.513761][ T5939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.562353][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.589300][ T5939] team0: Port device team_slave_0 added [ 44.592003][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.594748][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.596946][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.599261][ T5941] bridge_slave_0: entered allmulticast mode [ 44.601485][ T5941] bridge_slave_0: entered promiscuous mode [ 44.604127][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.606232][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.613893][ T5934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.618787][ T5939] team0: Port device team_slave_1 added [ 44.635306][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.637459][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.639692][ T5941] bridge_slave_1: entered allmulticast mode [ 44.641902][ T5941] bridge_slave_1: entered promiscuous mode [ 44.652406][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.654481][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.662099][ T5934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.673848][ T5931] team0: Port device team_slave_0 added [ 44.683858][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.699442][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.701539][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.709191][ T5939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.713280][ T5931] team0: Port device team_slave_1 added [ 44.715574][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.717660][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.725629][ T5939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.730297][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.759207][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.761325][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.769041][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.787982][ T5941] team0: Port device team_slave_0 added [ 44.790844][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.792930][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.800532][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.811858][ T5941] team0: Port device team_slave_1 added [ 44.824609][ T5934] hsr_slave_0: entered promiscuous mode [ 44.826723][ T5934] hsr_slave_1: entered promiscuous mode [ 44.869250][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.871534][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.879214][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.884035][ T5939] hsr_slave_0: entered promiscuous mode [ 44.886041][ T5939] hsr_slave_1: entered promiscuous mode [ 44.888715][ T5939] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.891148][ T5939] Cannot create hsr debugfs directory [ 44.894556][ T5931] hsr_slave_0: entered promiscuous mode [ 44.896712][ T5931] hsr_slave_1: entered promiscuous mode [ 44.899417][ T5931] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.901679][ T5931] Cannot create hsr debugfs directory [ 44.911722][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.913824][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.921959][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.988916][ T5941] hsr_slave_0: entered promiscuous mode [ 44.991356][ T5941] hsr_slave_1: entered promiscuous mode [ 44.993324][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.995575][ T5941] Cannot create hsr debugfs directory [ 45.116793][ T5934] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 45.122886][ T5934] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 45.126362][ T5934] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 45.133092][ T5934] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 45.145860][ T5931] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 45.152739][ T5931] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 45.157465][ T5931] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 45.167335][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.169960][ T5934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.172703][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.174941][ T5934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.180134][ T96] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.183423][ T96] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.201508][ T5931] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 45.236300][ T5941] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.240438][ T5941] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 45.244653][ T5941] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 45.249121][ T5941] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 45.271850][ T5939] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 45.280915][ T5939] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 45.284182][ T5939] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 45.289872][ T5939] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 45.313606][ T5934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.339728][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.347171][ T5931] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.352121][ T5934] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.359266][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.361478][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.364807][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.367053][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.376749][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.379015][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.382690][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.384888][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.396350][ T5939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.406077][ T5939] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.415650][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.422022][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.424143][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.432029][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.434142][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.443082][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.460491][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.462659][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.466479][ T40] audit: type=1400 audit(1735525469.902:114): avc: denied { sys_module } for pid=5931 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 45.472727][ T5939] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 45.476209][ T5939] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 45.485692][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.487947][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.534040][ T5934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.541626][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.572116][ T5931] veth0_vlan: entered promiscuous mode [ 45.575643][ T5934] veth0_vlan: entered promiscuous mode [ 45.580000][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.583440][ T5939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.587200][ T5931] veth1_vlan: entered promiscuous mode [ 45.592767][ T5934] veth1_vlan: entered promiscuous mode [ 45.618734][ T5934] veth0_macvtap: entered promiscuous mode [ 45.625189][ T5941] veth0_vlan: entered promiscuous mode [ 45.628981][ T5934] veth1_macvtap: entered promiscuous mode [ 45.635321][ T5931] veth0_macvtap: entered promiscuous mode [ 45.641504][ T5931] veth1_macvtap: entered promiscuous mode [ 45.648375][ T5941] veth1_vlan: entered promiscuous mode [ 45.652122][ T5939] veth0_vlan: entered promiscuous mode [ 45.658171][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.664621][ T5931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.669073][ T5931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.672750][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.676470][ T5939] veth1_vlan: entered promiscuous mode [ 45.682975][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.686555][ T5931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.690127][ T5931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.693934][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.700745][ T5931] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.704297][ T5931] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.706905][ T5931] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.709950][ T5931] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.720249][ T5934] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.722866][ T5934] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.725451][ T5934] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.729715][ T5934] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.740240][ T5939] veth0_macvtap: entered promiscuous mode [ 45.748266][ T5941] veth0_macvtap: entered promiscuous mode [ 45.754060][ T5939] veth1_macvtap: entered promiscuous mode [ 45.759082][ T5941] veth1_macvtap: entered promiscuous mode [ 45.784879][ T96] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.787296][ T96] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.792413][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.796558][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.800874][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.805044][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.810003][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.813129][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.816210][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.819183][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.822258][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.825129][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.828305][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.831662][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.843647][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.847692][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.851634][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.855774][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.860698][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.863850][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.866847][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.869874][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.872944][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.875788][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.878934][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.882290][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.894207][ T5941] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.896542][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.898242][ T5941] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.900154][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.902644][ T5941] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.907446][ T5941] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.911031][ T5939] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.913643][ T5939] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.916283][ T5939] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.919355][ T5939] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.926676][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.930770][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.940200][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.942531][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.977881][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.979526][ T5931] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 45.980220][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.992080][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.995310][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.016555][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.022478][ T1191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.023079][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.024818][ T1191] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.108775][ T5942] Bluetooth: hci3: command tx timeout [ 46.108778][ T5286] Bluetooth: hci2: command tx timeout [ 46.109044][ T5286] Bluetooth: hci0: command tx timeout [ 46.110520][ T5933] Bluetooth: hci1: command tx timeout [ 46.121140][ T6004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.125559][ T6004] bond0: (slave rose0): Enslaving as an active interface with an up link [ 46.132392][ T6003] ================================================================== [ 46.134748][ T6003] BUG: KASAN: slab-use-after-free in ax25_release+0x99a/0xa10 [ 46.136978][ T6003] Read of size 1 at addr ffff88802d3a0ecc by task syz.3.6/6003 [ 46.140955][ T6003] [ 46.141675][ T6003] CPU: 3 UID: 0 PID: 6003 Comm: syz.3.6 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 46.144698][ T6003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 46.147855][ T6003] Call Trace: [ 46.148868][ T6003] [ 46.149761][ T6003] dump_stack_lvl+0x116/0x1f0 [ 46.151179][ T6003] print_report+0xc3/0x620 [ 46.152515][ T6003] ? __virt_addr_valid+0x5e/0x590 [ 46.154024][ T6003] ? __phys_addr+0xc6/0x150 [ 46.155340][ T6003] kasan_report+0xd9/0x110 [ 46.156696][ T6003] ? ax25_release+0x99a/0xa10 [ 46.158099][ T6003] ? ax25_release+0x99a/0xa10 [ 46.159517][ T6003] ax25_release+0x99a/0xa10 [ 46.160984][ T6003] __sock_release+0xb0/0x270 [ 46.162451][ T6003] ? __pfx_sock_close+0x10/0x10 [ 46.163939][ T6003] sock_close+0x1c/0x30 [ 46.165269][ T6003] __fput+0x3f8/0xb60 [ 46.166574][ T6003] ? _raw_spin_unlock_irq+0x23/0x50 [ 46.168151][ T6003] task_work_run+0x14e/0x250 [ 46.169515][ T6003] ? __pfx_task_work_run+0x10/0x10 [ 46.171049][ T6003] ? __pfx___do_sys_close_range+0x10/0x10 [ 46.172766][ T6003] syscall_exit_to_user_mode+0x27b/0x2a0 [ 46.174438][ T6003] do_syscall_64+0xda/0x250 [ 46.175829][ T6003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.177618][ T6003] RIP: 0033:0x7f655db85d29 [ 46.179039][ T6003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.185370][ T6003] RSP: 002b:00007ffeabe26088 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 46.187858][ T6003] RAX: 0000000000000000 RBX: 000000000000b39b RCX: 00007f655db85d29 [ 46.190205][ T6003] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 46.192553][ T6003] RBP: 00007f655dd77ba0 R08: 0000000000000001 R09: 00007ffeabe2637f [ 46.194898][ T6003] R10: 00007f655da00000 R11: 0000000000000246 R12: 000000000000b3fa [ 46.197268][ T6003] R13: 00007f655dd75fa0 R14: 0000000000000032 R15: ffffffffffffffff [ 46.199639][ T6003] [ 46.200578][ T6003] [ 46.201306][ T6003] Allocated by task 6004: [ 46.202596][ T6003] kasan_save_stack+0x33/0x60 [ 46.204001][ T6003] kasan_save_track+0x14/0x30 [ 46.205403][ T6003] __kasan_kmalloc+0xaa/0xb0 [ 46.206806][ T6003] ax25_dev_device_up+0x47/0x690 [ 46.208305][ T6003] ax25_device_event+0x485/0x610 [ 46.209793][ T6003] notifier_call_chain+0xb7/0x410 [ 46.211645][ T6003] call_netdevice_notifiers_info+0xbe/0x140 [ 46.213897][ T6003] __dev_notify_flags+0x12d/0x2e0 [ 46.215395][ T6003] dev_change_flags+0x10c/0x160 [ 46.216874][ T6003] dev_ifsioc+0x9c8/0x10b0 [ 46.218213][ T6003] dev_ioctl+0x224/0x10c0 [ 46.219500][ T6003] sock_do_ioctl+0x19e/0x280 [ 46.220896][ T6003] sock_ioctl+0x228/0x6c0 [ 46.222188][ T6003] __x64_sys_ioctl+0x190/0x200 [ 46.223620][ T6003] do_syscall_64+0xcd/0x250 [ 46.224986][ T6003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.226760][ T6003] [ 46.227489][ T6003] Freed by task 6004: [ 46.228691][ T6003] kasan_save_stack+0x33/0x60 [ 46.230064][ T6003] kasan_save_track+0x14/0x30 [ 46.231476][ T6003] kasan_save_free_info+0x3b/0x60 [ 46.232983][ T6003] __kasan_slab_free+0x51/0x70 [ 46.234420][ T6003] kfree+0x14f/0x4b0 [ 46.235596][ T6003] ax25_dev_device_down+0x341/0x400 [ 46.237143][ T6003] ax25_device_event+0x4b5/0x610 [ 46.238610][ T6003] notifier_call_chain+0xb7/0x410 [ 46.240118][ T6003] call_netdevice_notifiers_info+0xbe/0x140 [ 46.241882][ T6003] dev_close_many+0x333/0x6a0 [ 46.243292][ T6003] dev_close+0x181/0x230 [ 46.244568][ T6003] bpq_device_event+0x820/0xaf0 [ 46.246028][ T6003] notifier_call_chain+0xb7/0x410 [ 46.247542][ T6003] call_netdevice_notifiers_info+0xbe/0x140 [ 46.249312][ T6003] dev_close_many+0x333/0x6a0 [ 46.250732][ T6003] dev_close+0x181/0x230 [ 46.252010][ T6003] bond_enslave+0x1f67/0x6040 [ 46.253419][ T6003] bond_do_ioctl+0x60e/0x6d0 [ 46.254802][ T6003] dev_ifsioc+0x1ea/0x10b0 [ 46.256147][ T6003] dev_ioctl+0x224/0x10c0 [ 46.257432][ T6003] sock_do_ioctl+0x19e/0x280 [ 46.258801][ T6003] sock_ioctl+0x228/0x6c0 [ 46.260380][ T6003] __x64_sys_ioctl+0x190/0x200 [ 46.261980][ T6003] do_syscall_64+0xcd/0x250 [ 46.263549][ T6003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.265514][ T6003] [ 46.266231][ T6003] The buggy address belongs to the object at ffff88802d3a0e00 [ 46.266231][ T6003] which belongs to the cache kmalloc-256 of size 256 [ 46.270295][ T6003] The buggy address is located 204 bytes inside of [ 46.270295][ T6003] freed 256-byte region [ffff88802d3a0e00, ffff88802d3a0f00) [ 46.274302][ T6003] [ 46.275024][ T6003] The buggy address belongs to the physical page: [ 46.277068][ T6003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d3a0 [ 46.279678][ T6003] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 46.282607][ T6003] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 46.284835][ T6003] page_type: f5(slab) [ 46.286061][ T6003] raw: 00fff00000000040 ffff88801b042b40 dead000000000122 0000000000000000 [ 46.288569][ T6003] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 46.290993][ T6003] head: 00fff00000000040 ffff88801b042b40 dead000000000122 0000000000000000 [ 46.293506][ T6003] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 46.296023][ T6003] head: 00fff00000000001 ffffea0000b4e801 ffffffffffffffff 0000000000000000 [ 46.298548][ T6003] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 46.301086][ T6003] page dumped because: kasan: bad access detected [ 46.302980][ T6003] page_owner tracks the page as allocated [ 46.304673][ T6003] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6001, tgid 5999 (syz.1.2), ts 46086172956, free_ts 46085737874 [ 46.310665][ T6003] post_alloc_hook+0x2d1/0x350 [ 46.312107][ T6003] get_page_from_freelist+0xfce/0x2f80 [ 46.313723][ T6003] __alloc_pages_noprof+0x223/0x25b0 [ 46.315296][ T6003] new_slab+0xca/0x410 [ 46.316528][ T6003] ___slab_alloc+0xd7d/0x17a0 [ 46.317944][ T6003] __slab_alloc.constprop.0+0x56/0xb0 [ 46.319556][ T6003] __kmalloc_node_noprof+0x2f0/0x510 [ 46.321520][ T6003] alloc_slab_obj_exts+0x41/0xa0 [ 46.322994][ T6003] new_slab+0x314/0x410 [ 46.324257][ T6003] ___slab_alloc+0xd7d/0x17a0 [ 46.325666][ T6003] __slab_alloc.constprop.0+0x56/0xb0 [ 46.327257][ T6003] kmem_cache_alloc_lru_noprof+0xff/0x3d0 [ 46.328971][ T6003] alloc_inode+0xbf/0x230 [ 46.330567][ T6003] new_inode+0x22/0x210 [ 46.332158][ T6003] __debugfs_create_file+0x11a/0x660 [ 46.333906][ T6003] debugfs_create_file_full+0x6d/0xa0 [ 46.335479][ T6003] page last free pid 6003 tgid 6003 stack trace: [ 46.337344][ T6003] free_unref_page+0x661/0x1080 [ 46.338792][ T6003] qlist_free_all+0x4e/0x120 [ 46.340159][ T6003] kasan_quarantine_reduce+0x195/0x1e0 [ 46.341991][ T6003] __kasan_slab_alloc+0x69/0x90 [ 46.343831][ T6003] kmem_cache_alloc_lru_noprof+0x226/0x3d0 [ 46.345595][ T6003] proc_alloc_inode+0x25/0x200 [ 46.347011][ T6003] alloc_inode+0x5d/0x230 [ 46.348390][ T6003] new_inode+0x22/0x210 [ 46.349643][ T6003] proc_pid_make_inode+0x22/0x160 [ 46.351126][ T6003] proc_pident_instantiate+0x85/0x320 [ 46.352692][ T6003] proc_pident_lookup+0x226/0x2a0 [ 46.354181][ T6003] lookup_open.isra.0+0x92d/0x14c0 [ 46.355695][ T6003] path_openat+0x904/0x2d60 [ 46.357057][ T6003] do_filp_open+0x20c/0x470 [ 46.358424][ T6003] do_sys_openat2+0x17a/0x1e0 [ 46.359767][ T6003] __x64_sys_openat+0x175/0x210 [ 46.361213][ T6003] [ 46.362098][ T6003] Memory state around the buggy address: [ 46.364023][ T6003] ffff88802d3a0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.366382][ T6003] ffff88802d3a0e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.368748][ T6003] >ffff88802d3a0e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.371090][ T6003] ^ [ 46.372975][ T6003] ffff88802d3a0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.375370][ T6003] ffff88802d3a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.377739][ T6003] ================================================================== [ 46.383302][ T6003] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 46.386058][ T6003] CPU: 2 UID: 0 PID: 6003 Comm: syz.3.6 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 46.389663][ T6003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 46.393804][ T6003] Call Trace: [ 46.395204][ T6003] [ 46.396475][ T6003] dump_stack_lvl+0x3d/0x1f0 [ 46.398451][ T6003] panic+0x71d/0x800 [ 46.400127][ T6003] ? __pfx_panic+0x10/0x10 [ 46.402016][ T6003] ? preempt_schedule_thunk+0x1a/0x30 [ 46.403823][ T6003] ? preempt_schedule_common+0x44/0xc0 [ 46.405852][ T6003] ? check_panic_on_warn+0x1f/0xb0 [ 46.408045][ T6003] check_panic_on_warn+0xab/0xb0 [ 46.410125][ T6003] end_report+0x117/0x180 [ 46.411448][ T6003] kasan_report+0xe9/0x110 [ 46.412818][ T6003] ? ax25_release+0x99a/0xa10 [ 46.414782][ T6003] ? ax25_release+0x99a/0xa10 [ 46.416654][ T6003] ax25_release+0x99a/0xa10 [ 46.418478][ T6003] __sock_release+0xb0/0x270 [ 46.420138][ T6003] ? __pfx_sock_close+0x10/0x10 [ 46.421933][ T6003] sock_close+0x1c/0x30 [ 46.423188][ T6003] __fput+0x3f8/0xb60 [ 46.424421][ T6003] ? _raw_spin_unlock_irq+0x23/0x50 [ 46.426137][ T6003] task_work_run+0x14e/0x250 [ 46.427551][ T6003] ? __pfx_task_work_run+0x10/0x10 [ 46.429117][ T6003] ? __pfx___do_sys_close_range+0x10/0x10 [ 46.430849][ T6003] syscall_exit_to_user_mode+0x27b/0x2a0 [ 46.432550][ T6003] do_syscall_64+0xda/0x250 [ 46.433926][ T6003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.435778][ T6003] RIP: 0033:0x7f655db85d29 [ 46.437116][ T6003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.442851][ T6003] RSP: 002b:00007ffeabe26088 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 46.445976][ T6003] RAX: 0000000000000000 RBX: 000000000000b39b RCX: 00007f655db85d29 [ 46.448763][ T6003] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 46.451170][ T6003] RBP: 00007f655dd77ba0 R08: 0000000000000001 R09: 00007ffeabe2637f [ 46.453534][ T6003] R10: 00007f655da00000 R11: 0000000000000246 R12: 000000000000b3fa [ 46.456072][ T6003] R13: 00007f655dd75fa0 R14: 0000000000000032 R15: ffffffffffffffff [ 46.458860][ T6003] [ 46.460408][ T6003] Kernel Offset: disabled [ 46.461705][ T6003] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:24:30 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=cc28787ffb2da2bd RCX=ffffffff82110657 RDX=ffff888022a70000 RSI=0000000000000007 RDI=0000000000000005 RBP=000000000000000b RSP=ffffc90003437a88 R8 =0000000000000005 R9 =0000000000000007 R10=000000000000000b R11=0000000000000001 R12=76ba0be17e777b68 R13=ffff888023a7b898 R14=6f632e766c6f7365 R15=ffff888023a7b880 RIP=ffffffff819a172b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f99ab842500 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f99ab9f0ea0 CR3=0000000035cba000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080000000 Opmask01=0000000000000004 Opmask02=000000000000001f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0302000100008881 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 75722f7261762f88 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a002075676f0087 868a898482818388 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3131313131313131 3131313131313131 3131313131313131 3131313131313131 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7463676f6c6b0073 25203a6465747261 74732064676f6c6b 006e3a63000a0920 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4552565e5d5a0042 14110b5554454350 45421155565e5d5a 005f0b52000a0911 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=0000000000000007 RCX=ffffffff814a58f2 RDX=0000000000000001 RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc90004067f58 RSP=ffffc90004067ec0 R8 =0000000000000001 R9 =ffffed1002444ed8 R10=ffff8880122276c7 R11=0000000000000000 R12=00007ff0309676c8 R13=0000000000000255 R14=ffff888024203a80 R15=0000000000000000 RIP=ffffffff819a1868 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055557d27c500 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff0309676c8 CR3=000000003364a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff030802a9a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff030802aa7 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff030802aa1 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff030802ab5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff030802b3b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff030802c19 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff03094b488 00007ff03094b480 00007ff03094b478 00007ff03094b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff0314ad100 00007ff03094b440 00007ff03094b458 00007ff03094b4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff03094b498 00007ff03094b490 00007ff03094b488 00007ff03094b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000000000000 0000000000000000 00000000000001c8 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff818e21f7 RDX=ffff888024718000 RSI=ffffffff818e21e5 RDI=0000000000000005 RBP=ffffc90004077c28 RSP=ffffc90004077b60 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=1ffff9200080ef70 R13=0000000000000000 R14=0000000000000001 R15=ffff88806a93fb80 RIP=ffffffff818e21e7 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00005555815fb500 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f99aba33130 CR3=000000002e75a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000ffc10000 Opmask01=0000000000000004 Opmask02=000000000000001f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0302000100008881 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 75722f7261762f88 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a002075676f0087 868a898482818388 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030303030303030 3030303030303030 3030303030303030 3030303030303030 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7463676f6c6b0073 25203a6465747261 74732064676f6c6b 006e3a63000a0920 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4453575f5c5b0043 15100a5455444251 44431054575f5c5b 005e0a53000a0910 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000079 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851bcd75 RDI=ffffffff9ab0fb20 RBP=ffffffff9ab0fae0 RSP=ffffc90003a17798 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000079 R14=ffffffff851bcd10 R15=0000000000000000 RIP=ffffffff851bcd9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055557cf67500 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000110c3073cc CR3=0000000029b48000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003065736f72 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f655dc02a9a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f655dc02aa7 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f655dc02aa1 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f655dc02ab5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f655dc02b3b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f655dc02c19 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 13a09546284d3a12 3ee9c91ce79d4646 c07453368e5a276c e6e3d8c99064f012 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47398eff8c8e43c3 4f3bb849a53366ed eafac3ac2b4c0004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b7e8edba1153c3c9 9d13a09546284d3a 123ee9c91ce79d46 46c07453368e5a27 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000002010a00 0000004800000000 317a797300010009 0500000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a20000a00000000 0000000000010011 0000001402000000 4002000802000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000004004000c 00000000317a7973 0001000903000000 000000004004000c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000040020008 09009e0500000000 0000000002010a00 0000004800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 317a797300010009 0500000000000000 4004000c7ad8fc51 e4a15b6342db6bbd ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000