last executing test programs: 1.013828621s ago: executing program 3 (id=2720): unshare(0x62040200) socket$inet6(0xa, 0x2, 0x3a) 843.135609ms ago: executing program 3 (id=2724): ioperm(0x0, 0xb2, 0x4) mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x20000000, 0x0) 843.054179ms ago: executing program 3 (id=2725): r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0), 0x82, 0x0) writev(r0, &(0x7f0000000600)=[{&(0x7f0000000280)="f5", 0x1}], 0x1) 781.667111ms ago: executing program 3 (id=2728): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000380)=""/135, 0x87}], 0x1, 0x154, 0x0) 733.496693ms ago: executing program 3 (id=2733): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x83, &(0x7f0000000040)=ANY=[], 0x1000f) 658.747789ms ago: executing program 3 (id=2736): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x4, &(0x7f0000000b40)) pause() 244.361546ms ago: executing program 2 (id=2755): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.stat\x00', 0x275a, 0x0) mq_getsetattr(r0, 0x0, 0x0) 242.65716ms ago: executing program 0 (id=2756): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)={0x34, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0xc, 0x0, 0x0, @u64=0x7}]}]}, 0x34}}, 0xc000) 242.560256ms ago: executing program 1 (id=2757): r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14, 0x3ed}, [], {0x14, 0x3ed}}, 0x28}}, 0x0) 241.540552ms ago: executing program 2 (id=2758): mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 175.295108ms ago: executing program 1 (id=2759): r0 = syz_open_dev$sndpcmc(&(0x7f0000001800), 0x1, 0x20080) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r0, 0xc0884123, &(0x7f0000001840)={0x1, "3dba1ae023b40a2f8fc6fe5cef4c0ac9d94581e617e2bf8279933b9ea1cc1ef986462fdf92b30f220382b2dbefa52971af1bf19862302bb2fbf48a9c3cdb2e38", {0x77c4, 0x5}}) 174.838028ms ago: executing program 0 (id=2760): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000340)={0x1, 0x1}) 174.529057ms ago: executing program 0 (id=2761): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0xb, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8}, @TCA_SKBEDIT_PTYPE={0x6, 0x4}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x60}}}}]}]}, 0x70}}, 0x0) 172.200251ms ago: executing program 1 (id=2767): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) writev(r0, &(0x7f0000002440)=[{&(0x7f0000001e80)="162c9a3a12f67759e778ad83a273f609fb5cf5b7", 0x14}, {0x0}, {0x0}, {0x0, 0x63}], 0x4) 118.221319ms ago: executing program 2 (id=2762): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000004c0)='tlb_flush\x00', r0}, 0x10) 117.924617ms ago: executing program 0 (id=2763): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x200008f, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc038563b, &(0x7f00000001c0)={{0x1, 0x1, 0x18}, './file0\x00'}) 117.527961ms ago: executing program 1 (id=2764): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ENCRYPT={0x5, 0xc, 0x1}]}}}]}, 0x3c}}, 0x0) 60.636164ms ago: executing program 2 (id=2765): setuid(0xee01) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 60.390103ms ago: executing program 0 (id=2766): r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000040)="9e", 0x1}], 0x1}], 0x1, 0xfc) 60.020215ms ago: executing program 1 (id=2768): r0 = socket(0x2b, 0x80801, 0x1) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x30, &(0x7f0000000040), &(0x7f0000000080)=0xc) 13.073272ms ago: executing program 2 (id=2769): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@migrate={0xa0, 0x21, 0xd39, 0x0, 0x0, {{@in6=@empty, @in=@broadcast, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0xff}}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in=@broadcast, @in=@dev, 0x0, 0x0, 0x0, 0x3000000, 0x11, 0x2}]}]}, 0xa0}}, 0x0) 9.451166ms ago: executing program 2 (id=2770): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)={0x34, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0xc, 0x0, 0x0, @u64=0x7}]}]}, 0x34}}, 0xc000) 5.260166ms ago: executing program 0 (id=2777): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0x48, &(0x7f00000005c0), 0x4) 0s ago: executing program 1 (id=2771): r0 = syz_open_dev$dri(&(0x7f0000000a80), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864b1, &(0x7f00000001c0)={0x0, 0x3, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:43748' (ED25519) to the list of known hosts. [ 33.940587][ T5258] cgroup: Unknown subsys name 'net' [ 34.108539][ T5258] cgroup: Unknown subsys name 'cpuset' [ 34.111786][ T5258] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.023546][ T5258] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 37.065339][ T5385] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 37.992141][ T5541] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 37.997300][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.999418][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.012313][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.014389][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.849196][ T5572] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 41.852909][ T4777] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 41.861386][ T4777] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 41.866409][ T5579] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 41.869047][ T5579] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 41.869291][ T5575] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 41.871120][ T5579] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 41.875876][ T5579] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 41.879690][ T5581] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 41.880213][ T5579] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 41.882530][ T5581] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 41.884377][ T5579] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 41.890318][ T5579] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 41.890448][ T5581] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 41.893382][ T5579] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 41.894444][ T5581] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 41.900267][ T5579] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 41.902511][ T66] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 41.905373][ T5572] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 41.909468][ T5572] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 41.910058][ T5583] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 41.913408][ T5572] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 41.915916][ T5572] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 41.918126][ T5572] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 42.117145][ T5577] chnl_net:caif_netlink_parms(): no params data found [ 42.124483][ T5570] chnl_net:caif_netlink_parms(): no params data found [ 42.131337][ T5573] chnl_net:caif_netlink_parms(): no params data found [ 42.215012][ T5580] chnl_net:caif_netlink_parms(): no params data found [ 42.342444][ T5573] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.344641][ T5573] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.348017][ T5573] bridge_slave_0: entered allmulticast mode [ 42.350463][ T5573] bridge_slave_0: entered promiscuous mode [ 42.353685][ T5573] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.355506][ T5573] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.357270][ T5573] bridge_slave_1: entered allmulticast mode [ 42.359236][ T5573] bridge_slave_1: entered promiscuous mode [ 42.396067][ T5577] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.398682][ T5577] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.401278][ T5577] bridge_slave_0: entered allmulticast mode [ 42.404265][ T5577] bridge_slave_0: entered promiscuous mode [ 42.408055][ T5577] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.410624][ T5577] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.413198][ T5577] bridge_slave_1: entered allmulticast mode [ 42.416350][ T5577] bridge_slave_1: entered promiscuous mode [ 42.446209][ T5570] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.448263][ T5570] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.450084][ T5570] bridge_slave_0: entered allmulticast mode [ 42.452026][ T5570] bridge_slave_0: entered promiscuous mode [ 42.454312][ T5570] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.456526][ T5570] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.458490][ T5570] bridge_slave_1: entered allmulticast mode [ 42.460374][ T5570] bridge_slave_1: entered promiscuous mode [ 42.501152][ T5573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.512583][ T5580] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.514561][ T5580] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.517761][ T5580] bridge_slave_0: entered allmulticast mode [ 42.519801][ T5580] bridge_slave_0: entered promiscuous mode [ 42.523694][ T5577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.528210][ T5577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.531397][ T5573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.541065][ T5580] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.542921][ T5580] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.544761][ T5580] bridge_slave_1: entered allmulticast mode [ 42.548737][ T5580] bridge_slave_1: entered promiscuous mode [ 42.582927][ T5570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.599292][ T5577] team0: Port device team_slave_0 added [ 42.612139][ T5570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.616714][ T5580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.623066][ T5577] team0: Port device team_slave_1 added [ 42.637098][ T5573] team0: Port device team_slave_0 added [ 42.650791][ T5580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.663303][ T5573] team0: Port device team_slave_1 added [ 42.687446][ T5570] team0: Port device team_slave_0 added [ 42.702441][ T5577] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.704525][ T5577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.712002][ T5577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.725099][ T5573] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.726840][ T5573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.733959][ T5573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.739363][ T5570] team0: Port device team_slave_1 added [ 42.755066][ T5577] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.756887][ T5577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.763211][ T5577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.767044][ T5573] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.769041][ T5573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.775730][ T5573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.798324][ T5580] team0: Port device team_slave_0 added [ 42.803453][ T5580] team0: Port device team_slave_1 added [ 42.822478][ T5570] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.824536][ T5570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.833873][ T5570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.839038][ T5570] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.840847][ T5570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.849387][ T5570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.863336][ T5580] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.865735][ T5580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.871957][ T5580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.876343][ T5580] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.878071][ T5580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.884301][ T5580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.916581][ T5570] hsr_slave_0: entered promiscuous mode [ 42.919429][ T5570] hsr_slave_1: entered promiscuous mode [ 42.949736][ T5577] hsr_slave_0: entered promiscuous mode [ 42.951750][ T5577] hsr_slave_1: entered promiscuous mode [ 42.953539][ T5577] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 42.955874][ T5577] Cannot create hsr debugfs directory [ 42.979514][ T5573] hsr_slave_0: entered promiscuous mode [ 42.981829][ T5573] hsr_slave_1: entered promiscuous mode [ 42.983436][ T5573] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 42.985459][ T5573] Cannot create hsr debugfs directory [ 43.009593][ T5580] hsr_slave_0: entered promiscuous mode [ 43.011339][ T5580] hsr_slave_1: entered promiscuous mode [ 43.012968][ T5580] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 43.014779][ T5580] Cannot create hsr debugfs directory [ 43.288726][ T5573] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 43.295852][ T5573] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 43.305096][ T5573] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 43.313740][ T5573] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 43.328169][ T5577] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 43.335470][ T5577] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 43.341919][ T5577] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 43.356241][ T5577] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 43.381231][ T5580] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 43.390952][ T5580] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 43.396269][ T5580] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 43.401375][ T5580] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 43.443507][ T5570] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 43.449834][ T5570] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 43.459122][ T5570] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 43.464245][ T5570] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 43.502097][ T5573] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.525462][ T5577] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.539395][ T5573] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.559519][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.561439][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.569113][ T5577] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.578516][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.580266][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.582796][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.584588][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.597261][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.599185][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.602759][ T5580] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.629160][ T5580] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.633591][ T5573] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 43.651539][ T1214] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.653907][ T1214] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.664027][ T1214] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.665942][ T1214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.675850][ T5570] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.698797][ T5570] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.709583][ T1214] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.711462][ T1214] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.726914][ T1214] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.729026][ T1214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.751851][ T5573] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.765815][ T5570] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 43.769152][ T5570] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 43.816187][ T5573] veth0_vlan: entered promiscuous mode [ 43.820648][ T5573] veth1_vlan: entered promiscuous mode [ 43.834235][ T5573] veth0_macvtap: entered promiscuous mode [ 43.844703][ T5573] veth1_macvtap: entered promiscuous mode [ 43.863244][ T5573] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.879775][ T5573] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.883690][ T5580] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.889645][ T5573] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.891910][ T5573] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.894697][ T5573] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.899475][ T5573] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.904424][ T5577] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.936162][ T5575] Bluetooth: hci3: command tx timeout [ 43.936167][ T4777] Bluetooth: hci1: command tx timeout [ 43.942892][ T5570] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.944091][ T1214] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.945401][ T4777] Bluetooth: hci2: command tx timeout [ 43.945425][ T5575] Bluetooth: hci0: command tx timeout [ 43.946975][ T1214] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.974474][ T5580] veth0_vlan: entered promiscuous mode [ 43.979928][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.982224][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.990123][ T5570] veth0_vlan: entered promiscuous mode [ 43.999390][ T5577] veth0_vlan: entered promiscuous mode [ 44.002927][ T5570] veth1_vlan: entered promiscuous mode [ 44.008571][ T5580] veth1_vlan: entered promiscuous mode [ 44.013446][ T5577] veth1_vlan: entered promiscuous mode [ 44.045518][ T5570] veth0_macvtap: entered promiscuous mode [ 44.051897][ T5580] veth0_macvtap: entered promiscuous mode [ 44.054620][ T5580] veth1_macvtap: entered promiscuous mode [ 44.061730][ T5570] veth1_macvtap: entered promiscuous mode [ 44.070064][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.072761][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.075862][ T5570] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.079388][ T5570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.082183][ T5570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.087159][ T5570] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.091000][ T5580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.093732][ T5580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.098958][ T5580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.101615][ T5580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.106842][ T5580] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.117551][ T5577] veth0_macvtap: entered promiscuous mode [ 44.121139][ T5577] veth1_macvtap: entered promiscuous mode [ 44.124652][ T5580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.129602][ T5580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.132235][ T5580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.134792][ T5580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.138919][ T5580] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.147927][ T5570] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.150089][ T5570] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.152215][ T5570] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.154306][ T5570] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.158762][ T5580] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.160957][ T5580] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.163121][ T5580] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.165921][ T5580] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.186127][ T5577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.188653][ T5577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.191106][ T5577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.193769][ T5577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.196353][ T5577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.198854][ T5577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.202026][ T5577] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.215643][ T5577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.218224][ T5577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.220690][ T5577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.223428][ T5577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.226135][ T5577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.228779][ T5577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.232337][ T5577] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.239977][ T5577] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.242678][ T5577] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.246819][ T5577] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.250336][ T5577] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.290579][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.293668][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.339676][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.341716][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.349639][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.355675][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.383231][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.387789][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.403418][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.408278][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.441583][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.445252][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.091640][ T5746] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 45.624933][ T39] audit: type=1326 audit(1729025056.414:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.1.292" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 46.029034][ T4777] Bluetooth: hci2: command tx timeout [ 46.032116][ T4777] Bluetooth: hci1: command tx timeout [ 46.034154][ T4777] Bluetooth: hci3: command tx timeout [ 47.122318][ T5946] UBIFS error (pid: 5946): cannot open "ubifs", error -22 [ 47.855901][ T5583] Bluetooth: hci0: command tx timeout [ 48.001210][ T6057] tmpfs: Unknown parameter 'smackfshat' [ 48.054576][ T6066] erofs: (device loop2): erofs_read_superblock: cannot find valid erofs superblock [ 48.095171][ T5583] Bluetooth: hci3: command tx timeout [ 48.219034][ T6091] erofs: (device loop3): erofs_read_superblock: cannot find valid erofs superblock [ 48.275225][ T56] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 48.428988][ T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 48.432830][ T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64 [ 48.437802][ T56] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 48.445302][ T56] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 48.449293][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 48.452658][ T56] usb 6-1: SerialNumber: syz [ 48.475489][ T6060] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 48.478435][ T6060] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 48.486170][ T56] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 48.489066][ T56] cdc_acm 6-1:1.0: This needs exactly 3 endpoints [ 48.491338][ T56] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22 [ 48.573649][ T6129] syz.3.448(6129): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 48.698411][ T56] usb 6-1: USB disconnect, device number 2 [ 48.736073][ T25] usb 5-1: new low-speed USB device number 2 using dummy_hcd [ 48.910291][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 48.913913][ T25] usb 5-1: New USB device found, idVendor=1a8d, idProduct=100d, bcdDevice=dd.34 [ 48.917893][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.932311][ T25] usb 5-1: config 0 descriptor?? [ 48.942317][ T6119] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 48.947378][ T25] option 5-1:0.0: GSM modem (1-port) converter detected [ 49.153274][ T25] usb 5-1: USB disconnect, device number 2 [ 49.159284][ T25] option 5-1:0.0: device disconnected [ 49.224956][ T5583] Bluetooth: hci2: command tx timeout [ 49.557172][ T57] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 49.783842][ T57] usb 6-1: config 0 has an invalid interface number: 241 but max is 0 [ 49.787254][ T57] usb 6-1: config 0 has no interface number 0 [ 49.789456][ T57] usb 6-1: config 0 interface 241 has no altsetting 0 [ 49.812145][ T57] usb 6-1: New USB device found, idVendor=0ace, idProduct=1611, bcdDevice=c4.63 [ 49.816203][ T57] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.819042][ T57] usb 6-1: Product: syz [ 49.820549][ T57] usb 6-1: Manufacturer: syz [ 49.822142][ T57] usb 6-1: SerialNumber: syz [ 49.835527][ T57] usb 6-1: config 0 descriptor?? [ 49.936808][ T5583] Bluetooth: hci0: command tx timeout [ 50.055965][ T57] cdc_acm 6-1:0.241: skipping garbage [ 50.062606][ T57] usb 6-1: USB disconnect, device number 3 [ 50.175269][ T5583] Bluetooth: hci3: command tx timeout [ 50.308255][ T6316] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun! [ 50.393560][ T6325] capability: warning: `syz.2.542' uses deprecated v2 capabilities in a way that may be insecure [ 50.625143][ T39] audit: type=1326 audit(1729025061.414:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6350 comm="syz.1.557" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 51.216642][ T5583] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 51.220553][ T5583] Bluetooth: hci1: Injecting HCI hardware error event [ 51.225389][ T5583] Bluetooth: hci1: hardware error 0x00 [ 52.216805][ T6497] syz.0.628[6497] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.216855][ T6497] syz.0.628[6497] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.220481][ T6497] syz.0.628[6497] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.228588][ C1] Adjusting tsc more than 11% (5229282 vs 7162514) [ 52.979206][ T6582] PKCS7: Unknown OID: [4] 2.19.0.2.86.14.43(bad) [ 52.989768][ T6582] PKCS7: Only support pkcs7_signedData type [ 53.070628][ T6594] Invalid ELF header type: 3 != 1 [ 53.465771][ T5583] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 53.658067][ T6670] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 53.660553][ T6670] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 53.675477][ T6670] vhci_hcd vhci_hcd.0: Device attached [ 53.676351][ T39] audit: type=1326 audit(1729027642.283:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.2.716" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0 [ 53.689640][ T6671] vhci_hcd: connection closed [ 53.693021][ T64] vhci_hcd: stop threads [ 53.696765][ T64] vhci_hcd: release socket [ 53.698419][ T64] vhci_hcd: disconnect device [ 53.864394][ T6694] dccp_invalid_packet: P.CsCov 4 exceeds packet length 28 [ 53.900066][ T39] audit: type=1326 audit(1729027642.488:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6697 comm="syz.2.727" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0 [ 53.927533][ T829] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 54.097417][ T829] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 54.101736][ T829] usb 8-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 54.105610][ T829] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.111783][ T829] usb 8-1: config 0 descriptor?? [ 54.341507][ T829] usb 8-1: USB disconnect, device number 2 [ 54.403980][ T6752] bpf: Bad value for 'uid' [ 54.697553][ T39] audit: type=1326 audit(1729027643.244:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6794 comm="syz.1.775" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 54.711614][ T39] audit: type=1326 audit(1729027643.253:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6796 comm="syz.0.776" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x0 [ 54.865146][ T39] audit: type=1326 audit(1729027643.393:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6814 comm="syz.2.785" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0 [ 55.110751][ T6854] IPv6: addrconf: prefix option has invalid lifetime [ 55.247928][ T6877] dccp_invalid_packet: P.Data Offset(10) too large [ 56.603821][ T7029] random: crng reseeded on system resumption [ 57.540013][ T39] audit: type=1326 audit(1729027874.889:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.1.943" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 57.586554][ T7146] futex_wake_op: syz.3.949 tries to shift op by -1; fix this program [ 57.827663][ T7174] syz.1.961 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 57.831423][ T7178] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd [ 57.907910][ T7186] capability: warning: `syz.3.967' uses 32-bit capabilities (legacy support in use) [ 58.370148][ T7247] dccp_invalid_packet: invalid packet type [ 58.632179][ T7281] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 59.051581][ T7328] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 59.886465][ T7439] dccp_invalid_packet: P.Data Offset(0) too small [ 59.910180][ T39] audit: type=1326 audit(1729031972.123:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.1.1096" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 60.659217][ T25] usb 7-1: new low-speed USB device number 2 using dummy_hcd [ 60.725941][ T7568] futex_wake_op: syz.1.1158 tries to shift op by 36; fix this program [ 60.843761][ T25] usb 7-1: unable to get BOS descriptor or descriptor too short [ 60.848586][ T25] usb 7-1: config 6 has an invalid interface number: 194 but max is 0 [ 60.852783][ T25] usb 7-1: config 6 has no interface number 0 [ 60.854710][ T25] usb 7-1: config 6 interface 194 altsetting 129 endpoint 0x4 has invalid maxpacket 1023, setting to 8 [ 60.858373][ T25] usb 7-1: config 6 interface 194 has no altsetting 0 [ 60.870604][ T25] usb 7-1: string descriptor 0 read error: -22 [ 60.873332][ T25] usb 7-1: New USB device found, idVendor=177f, idProduct=0400, bcdDevice= 0.00 [ 60.876518][ T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.881770][ T7518] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 60.886779][ T25] usb-storage 7-1:6.194: USB Mass Storage device detected [ 60.910212][ T25] usb-storage 7-1:6.194: Quirks match for vid 177f pid 0400: 4400 [ 61.124753][ T5646] usb 7-1: USB disconnect, device number 2 [ 61.584211][ T7638] futex_wake_op: syz.3.1192 tries to shift op by 36; fix this program [ 63.410278][ T7875] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 63.412893][ T7875] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 63.416332][ T7875] vhci_hcd vhci_hcd.0: Device attached [ 63.435381][ T7876] vhci_hcd: connection closed [ 63.440349][ T82] vhci_hcd: stop threads [ 63.443827][ T82] vhci_hcd: release socket [ 63.445981][ T82] vhci_hcd: disconnect device [ 63.502608][ T7885] futex_wake_op: syz.1.1316 tries to shift op by 32; fix this program [ 63.511358][ T7888] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 63.523815][ T7888] PKCS7: Only support pkcs7_signedData type [ 64.923029][ T39] audit: type=1326 audit(1729031977.807:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.0.1416" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x0 [ 65.356551][ T8146] ip_tunnel: non-ECT from 172.30.0.1 with TOS=0x2 [ 65.547063][ T8171] futex_wake_op: syz.1.1457 tries to shift op by -1; fix this program [ 66.034308][ T5583] Bluetooth: hci0: Unable to find connection with handle 0x0000 [ 66.359015][ T8272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 66.426057][ T8280] futex_wake_op: syz.2.1511 tries to shift op by 144; fix this program [ 66.609266][ T56] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 66.685431][ T39] audit: type=1326 audit(1729032747.647:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8307 comm="syz.2.1524" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0 [ 66.719941][ T8304] could not allocate digest TFM handle crct10dif-arm64-ce [ 66.747264][ T56] usb 5-1: Using ep0 maxpacket: 16 [ 66.751922][ T56] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023 [ 66.757631][ T56] usb 5-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47 [ 66.760860][ T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.763571][ T56] usb 5-1: Product: syz [ 66.764881][ T56] usb 5-1: Manufacturer: syz [ 66.775281][ T56] usb 5-1: SerialNumber: syz [ 66.785616][ T56] usb 5-1: config 0 descriptor?? [ 66.788896][ T8274] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 66.792313][ T56] mcba_usb 5-1:0.0: Can't find endpoints [ 67.007026][ T1285] usb 5-1: USB disconnect, device number 3 [ 67.242695][ T8364] mmap: syz.2.1550 (8364) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 67.547444][ T8397] binder: Bad value for 'max' [ 68.044416][ T8447] dccp_invalid_packet: pskb_may_pull failed [ 68.361484][ T8467] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 68.361484][ T8467] Ue[%#s' [ 68.776588][ T35] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 68.796161][ T8531] IPv6: addrconf: prefix option has invalid lifetime [ 68.863919][ T5583] Bluetooth: hci2: unexpected event 0x17 length: 14 > 6 [ 68.905196][ T8552] IPv6: addrconf: prefix option has invalid lifetime [ 68.930611][ T35] usb 6-1: unable to get BOS descriptor or descriptor too short [ 68.934036][ T35] usb 6-1: not running at top speed; connect to a high speed hub [ 68.938038][ T35] usb 6-1: config 1 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 68.942700][ T35] usb 6-1: config 1 interface 0 has no altsetting 0 [ 68.946936][ T35] usb 6-1: New USB device found, idVendor=05ac, idProduct=024d, bcdDevice= 0.40 [ 68.950342][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.953315][ T35] usb 6-1: Product: syz [ 68.954837][ T35] usb 6-1: Manufacturer: syz [ 68.956523][ T35] usb 6-1: SerialNumber: syz [ 68.961241][ T8484] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 69.171717][ T35] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/input/input5 [ 69.183926][ T35] usb 6-1: USB disconnect, device number 4 [ 69.186211][ T4824] bcm5974 6-1:1.0: could not read from device [ 70.110788][ T8702] virtio-fs: tag <(null)> not found [ 70.150617][ T8710] syz.2.1724 (8710): attempted to duplicate a private mapping with mremap. This is not supported. [ 70.306642][ T5583] Bluetooth: hci2: Malformed LE Event: 0x0b [ 70.652374][ T5583] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 70.655630][ T5583] Bluetooth: hci3: Injecting HCI hardware error event [ 70.659038][ T4777] Bluetooth: hci3: hardware error 0x00 [ 70.776901][ T1285] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 70.929234][ T1285] usb 7-1: Using ep0 maxpacket: 16 [ 70.945092][ T1285] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023 [ 70.974235][ T1285] usb 7-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47 [ 70.977512][ T1285] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.980416][ T1285] usb 7-1: Product: syz [ 70.981973][ T1285] usb 7-1: Manufacturer: syz [ 70.983612][ T1285] usb 7-1: SerialNumber: syz [ 70.989480][ T1285] usb 7-1: config 0 descriptor?? [ 70.992078][ T8772] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 70.996765][ T1285] mcba_usb 7-1:0.0: Can't find endpoints [ 71.099067][ T8847] futex_wake_op: syz.3.1792 tries to shift op by -1; fix this program [ 71.215915][ T5600] usb 7-1: USB disconnect, device number 3 [ 71.428085][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.430251][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.315947][ T5583] Bluetooth: hci3: unexpected event for opcode 0x0c05 [ 72.634640][ T4777] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 72.917507][ T9100] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0004 with DS=0x7 [ 73.193534][ T9131] IPv6: addrconf: prefix option has invalid lifetime [ 73.588310][ T39] audit: type=1326 audit(1729032754.901:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.1.1954" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 74.089102][ T9241] tmpfs: Bad value for 'mpol' [ 74.494310][ T39] audit: type=1326 audit(1729032755.846:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9307 comm="syz.2.2022" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0 [ 74.671896][ T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 74.824556][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 74.828255][ T9] usb 6-1: unable to get BOS descriptor or descriptor too short [ 74.839826][ T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 74.843949][ T9] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 74.848241][ T9] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 74.852106][ T9] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 74.857333][ T9] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 74.863258][ T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 74.866489][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.869326][ T9] usb 6-1: Product: syz [ 74.870855][ T9] usb 6-1: Manufacturer: syz [ 74.877136][ T9] usb 6-1: SerialNumber: syz [ 75.097022][ T9] cdc_ncm 6-1:1.0: bind() failure [ 75.107104][ T9] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 75.109974][ T9] cdc_ncm 6-1:1.1: bind() failure [ 75.114936][ T9] usb 6-1: USB disconnect, device number 5 [ 75.848496][ T9488] dns_resolver: Unsupported server list version (0) [ 76.075220][ T9522] futex_wake_op: syz.0.2128 tries to shift op by -1; fix this program [ 76.298778][ T830] cfg80211: failed to load regulatory.db [ 77.087339][ T9674] 9pnet: Unknown protocol version 9p20\++} [ 77.323368][ T9700] netlink: 'syz.1.2217': attribute type 1 has an invalid length. [ 77.326752][ T9700] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2217'. [ 77.333741][ T9700] netlink: 'syz.1.2217': attribute type 1 has an invalid length. [ 77.367577][ T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 77.511521][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 77.532087][ T9717] usb usb9: usbfs: process 9717 (syz.0.2225) did not claim interface 0 before use [ 77.535741][ T9] usb 8-1: config 0 has an invalid interface number: 143 but max is 0 [ 77.538355][ T9] usb 8-1: config 0 has no interface number 0 [ 77.542676][ T9] usb 8-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 77.545773][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.549514][ T9] usb 8-1: config 0 descriptor?? [ 77.579254][ T9721] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 77.664930][ T9] viperboard 8-1:0.143: version 0.00 found at bus 008 address 003 [ 77.686807][ T9] viperboard-i2c viperboard-i2c.3.auto: failure setting i2c_bus_freq to 100 [ 77.689369][ T9] viperboard-i2c viperboard-i2c.3.auto: probe with driver viperboard-i2c failed with error -5 [ 77.742795][ T9735] ipt_REJECT: TCP_RESET invalid for non-tcp [ 77.747855][ T9] usb 8-1: USB disconnect, device number 3 [ 77.968303][ T5600] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 78.129896][ T5600] usb 6-1: Using ep0 maxpacket: 16 [ 78.132692][ T5600] usb 6-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 78.135632][ T5600] usb 6-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 78.139254][ T5600] usb 6-1: config 0 interface 0 has no altsetting 0 [ 78.155005][ T5600] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 78.158005][ T5600] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.160746][ T5600] usb 6-1: Product: syz [ 78.161949][ T5600] usb 6-1: Manufacturer: syz [ 78.163173][ T5600] usb 6-1: SerialNumber: syz [ 78.188642][ T5600] usb 6-1: config 0 descriptor?? [ 78.195090][ T5600] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input6 [ 78.326186][ T39] audit: type=1326 audit(1729032759.866:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9789 comm="syz.0.2261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 78.335731][ T39] audit: type=1326 audit(1729032759.877:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9789 comm="syz.0.2261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 78.352101][ T39] audit: type=1326 audit(1729032759.898:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9789 comm="syz.0.2261" exe="/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 78.358209][ T9792] netlink: 'syz.2.2262': attribute type 5 has an invalid length. [ 78.367997][ T39] audit: type=1326 audit(1729032759.908:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9789 comm="syz.0.2261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 78.469337][ T5600] usb 6-1: USB disconnect, device number 6 [ 78.553764][ T9812] xt_NFQUEUE: number of total queues is 0 [ 78.592879][ T9817] binder: 9815:9817 ioctl c00c620f 20000340 returned -22 [ 78.981381][ T39] audit: type=1326 audit(1729032760.559:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9866 comm="syz.0.2300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 78.995052][ T39] audit: type=1326 audit(1729032760.559:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9866 comm="syz.0.2300" exe="/syz-executor" sig=0 arch=40000003 syscall=143 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 79.018254][ T39] audit: type=1326 audit(1729032760.559:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9866 comm="syz.0.2300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 79.053879][ T39] audit: type=1326 audit(1729032760.559:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9866 comm="syz.0.2300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 79.055657][ T9879] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2306'. [ 79.499841][ T9940] Driver unsupported XDP return value 0 on prog (id 209) dev N/A, expect packet loss! [ 79.556597][ T9952] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2341'. [ 79.588569][ T9957] netlink: ct family unspecified [ 79.591304][ T9957] openvswitch: netlink: Actions may not be safe on all matching packets [ 79.611530][ T9959] xt_hashlimit: Unknown mode mask 368, kernel too old? [ 79.775163][ T9982] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2356'. [ 80.188229][T10036] random: crng reseeded on system resumption [ 80.199715][T10036] Restarting kernel threads ... done. [ 80.253788][T10044] tmpfs: Bad value for 'nr_blocks' [ 80.680725][T10105] UBIFS error (pid: 10105): cannot open "./file0", error -22 [ 80.809675][T10124] ata1.00: invalid multi_count 1 ignored [ 80.968352][T10144] netlink: 'syz.1.2432': attribute type 11 has an invalid length. [ 81.173533][T10180] syz.0.2450: attempt to access beyond end of device [ 81.173533][T10180] nbd0: rw=0, sector=2, nr_sectors = 1 limit=0 [ 81.334902][T10203] futex_wake_op: syz.3.2464 tries to shift op by -1; fix this program [ 81.511242][T10224] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20000 [ 81.609297][T10241] syz.1.2482 (10241): /proc/10240/oom_adj is deprecated, please use /proc/10240/oom_score_adj instead. [ 81.721076][ T35] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 81.810023][T10280] xt_nat: multiple ranges no longer supported [ 81.863086][T10289] ======================================================= [ 81.863086][T10289] WARNING: The mand mount option has been deprecated and [ 81.863086][T10289] and is ignored by this kernel. Remove the mand [ 81.863086][T10289] option from the mount to silence this warning. [ 81.863086][T10289] ======================================================= [ 81.876484][ T35] usb 5-1: Using ep0 maxpacket: 8 [ 81.881525][T10289] ufs: Invalid option: "..X;y" or missing value [ 81.883915][T10289] ufs: wrong mount options [ 81.892292][ T35] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 81.895989][ T35] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 81.902994][ T35] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 81.906357][ T35] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.909213][ T35] usb 5-1: Product: syz [ 81.910748][ T35] usb 5-1: Manufacturer: syz [ 81.913408][ T35] usb 5-1: SerialNumber: syz [ 81.975519][T10308] openvswitch: netlink: IP tunnel dst address not specified [ 82.023703][T10314] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2520'. [ 82.144669][ T35] usb 5-1: cannot find UAC_HEADER [ 82.165257][ T35] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 82.170077][ T35] usb 5-1: USB disconnect, device number 4 [ 82.183564][ T5361] udevd[5361]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 82.626209][ T5583] Bluetooth: hci2: command 0x0406 tx timeout [ 82.891158][T10351] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 83.030245][T10362] __vm_enough_memory: pid: 10362, comm: syz.2.2541, bytes: 4294963200 not enough memory for the allocation [ 83.170617][T10376] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 83.242047][T10384] netlink: 'syz.0.2554': attribute type 10 has an invalid length. [ 83.244861][T10384] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 83.248606][T10384] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 83.517087][T10417] netlink: 'syz.3.2570': attribute type 39 has an invalid length. [ 83.520998][T10417] netlink: 'syz.3.2570': attribute type 4 has an invalid length. [ 83.525159][T10417] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2570'. [ 83.529134][T10417] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.537379][T10417] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check. [ 83.746559][T10456] netlink: 'syz.2.2589': attribute type 3 has an invalid length. [ 83.749363][T10456] netlink: 666 bytes leftover after parsing attributes in process `syz.2.2589'. [ 83.969559][T10482] netlink: 'syz.2.2598': attribute type 10 has an invalid length. [ 83.993931][T10482] team0: Port device wlan1 added [ 84.192003][T10513] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2616'. [ 84.336724][T10534] netlink: 'syz.2.2625': attribute type 1 has an invalid length. [ 84.351290][T10534] netlink: 'syz.2.2625': attribute type 2 has an invalid length. [ 84.400974][T10538] xt_hashlimit: Unknown mode mask 368, kernel too old? [ 84.573049][T10553] warning: `syz.2.2633' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 84.956512][T10605] netlink: 'syz.0.2658': attribute type 11 has an invalid length. [ 84.971357][T10609] xt_NFQUEUE: number of total queues is 0 [ 85.060140][T10623] random: crng reseeded on system resumption [ 85.078132][T10627] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2666'. [ 85.088445][T10623] Restarting kernel threads ... done. [ 85.175266][T10642] netlink: 'syz.3.2675': attribute type 10 has an invalid length. [ 85.196957][T10644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2676'. [ 85.205868][T10642] team0: Port device wlan1 added [ 85.263350][T10651] random: crng reseeded on system resumption [ 85.269734][T10651] Restarting kernel threads ... done. [ 85.342303][T10661] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2685'. [ 85.650959][T10694] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 85.760203][T10701] PM: Enabling pm_trace changes system date and time during resume. [ 85.760203][T10701] PM: Correct system time has to be restored manually after resume. [ 85.786378][T10703] netlink: 'syz.1.2704': attribute type 10 has an invalid length. [ 85.844473][T10703] team0: Port device wlan1 added [ 85.985379][T10723] program syz.1.2713 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 86.078605][T10732] ata1.00: invalid multi_count 1 ignored [ 86.219625][T10748] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 86.229871][T10751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2727'. [ 86.232749][T10746] team0: Port device wlan1 added [ 86.603248][T10788] bond0: (slave netdevsim0): Error: Device can not be enslaved while up [ 86.701836][T10800] tmpfs: Bad value for 'size' [ 86.716602][T10804] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 86.810211][T10814] netlink: ct family unspecified [ 86.812079][T10814] openvswitch: netlink: Actions may not be safe on all matching packets [ 86.852471][T10818] usb usb8: usbfs: process 10818 (syz.0.2760) did not claim interface 0 before use [ 87.044542][T10838] netlink: ct family unspecified [ 87.048208][T10838] openvswitch: netlink: Actions may not be safe on all matching packets [ 87.083868][ C0] ================================================================== [ 87.086590][ C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2dfe/0x3ce0 [ 87.088605][ C0] Read of size 8 at addr ffff888000e75818 by task swapper/0/0 [ 87.092534][ C0] [ 87.093640][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0 [ 87.096406][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.099194][ C0] Call Trace: [ 87.100075][ C0] [ 87.100991][ C0] dump_stack_lvl+0x116/0x1f0 [ 87.102519][ C0] print_report+0xc3/0x620 [ 87.103954][ C0] ? __virt_addr_valid+0x5e/0x590 [ 87.105608][ C0] ? __phys_addr+0xc6/0x150 [ 87.106794][ C0] kasan_report+0xd9/0x110 [ 87.107954][ C0] ? __lock_acquire+0x2dfe/0x3ce0 [ 87.109226][ C0] ? __lock_acquire+0x2dfe/0x3ce0 [ 87.110563][ C0] __lock_acquire+0x2dfe/0x3ce0 [ 87.111888][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 87.113192][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 87.114830][ C0] lock_acquire.part.0+0x11b/0x380 [ 87.116185][ C0] ? p9_req_put+0xaf/0x250 [ 87.117278][ C0] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 87.118788][ C0] ? rcu_is_watching+0x12/0xc0 [ 87.120360][ C0] ? trace_lock_acquire+0x14a/0x1d0 [ 87.122373][ C0] ? p9_req_put+0xaf/0x250 [ 87.123840][ C0] ? lock_acquire+0x2f/0xb0 [ 87.125218][ C0] ? p9_req_put+0xaf/0x250 [ 87.126716][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 87.128207][ C0] ? p9_req_put+0xaf/0x250 [ 87.129411][ C0] p9_req_put+0xaf/0x250 [ 87.130554][ C0] req_done+0x1e7/0x2f0 [ 87.131658][ C0] ? __pfx_req_done+0x10/0x10 [ 87.132992][ C0] ? __pfx_req_done+0x10/0x10 [ 87.134340][ C0] vring_interrupt+0x31b/0x400 [ 87.135668][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 87.137072][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 87.138559][ C0] handle_irq_event+0xab/0x1e0 [ 87.139814][ C0] handle_edge_irq+0x263/0xd10 [ 87.141229][ C0] __common_interrupt+0xdf/0x250 [ 87.142897][ C0] common_interrupt+0xba/0xe0 [ 87.144314][ C0] [ 87.145194][ C0] [ 87.146033][ C0] asm_common_interrupt+0x26/0x40 [ 87.147436][ C0] RIP: 0010:default_idle+0xf/0x20 [ 87.148883][ C0] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 08 33 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 87.153997][ C0] RSP: 0018:ffffffff8da07e20 EFLAGS: 00000202 [ 87.155613][ C0] RAX: 000000000009d997 RBX: 0000000000000000 RCX: ffffffff8b137a49 [ 87.157955][ C0] RDX: 0000000000000000 RSI: ffffffff8b4cc8e0 RDI: ffffffff8bb12ae0 [ 87.160025][ C0] RBP: fffffbfff1b52af8 R08: 0000000000000001 R09: ffffed1005687025 [ 87.162127][ C0] R10: ffff88802b43812b R11: 0000000000000000 R12: 0000000000000000 [ 87.164280][ C0] R13: ffffffff8da957c0 R14: ffffffff901ce188 R15: 0000000000000000 [ 87.166837][ C0] ? ct_kernel_exit+0x139/0x190 [ 87.168431][ C0] default_idle_call+0x6d/0xb0 [ 87.170082][ C0] do_idle+0x32c/0x3f0 [ 87.171377][ C0] ? __pfx_do_idle+0x10/0x10 [ 87.172812][ C0] cpu_startup_entry+0x4f/0x60 [ 87.174299][ C0] rest_init+0x16b/0x2b0 [ 87.175558][ C0] ? acpi_subsystem_init+0x133/0x180 [ 87.176963][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 87.178636][ C0] start_kernel+0x3e4/0x4d0 [ 87.180049][ C0] x86_64_start_reservations+0x18/0x30 [ 87.181483][ C0] x86_64_start_kernel+0xb2/0xc0 [ 87.182765][ C0] common_startup_64+0x13e/0x148 [ 87.184268][ C0] [ 87.185151][ C0] [ 87.185790][ C0] Allocated by task 10844: [ 87.186896][ C0] kasan_save_stack+0x33/0x60 [ 87.188233][ C0] kasan_save_track+0x14/0x30 [ 87.189623][ C0] __kasan_kmalloc+0xaa/0xb0 [ 87.190855][ C0] p9_client_create+0xc8/0x1150 [ 87.192220][ C0] v9fs_session_init+0x1f8/0x1a80 [ 87.193618][ C0] v9fs_mount+0xc6/0xa50 [ 87.194833][ C0] legacy_get_tree+0x109/0x220 [ 87.196233][ C0] vfs_get_tree+0x8f/0x380 [ 87.197753][ C0] path_mount+0x6e1/0x1f10 [ 87.199032][ C0] __ia32_sys_mount+0x292/0x310 [ 87.200304][ C0] __do_fast_syscall_32+0x73/0x120 [ 87.201628][ C0] do_fast_syscall_32+0x32/0x80 [ 87.202883][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.204454][ C0] [ 87.205046][ C0] Freed by task 10844: [ 87.206056][ C0] kasan_save_stack+0x33/0x60 [ 87.207202][ C0] kasan_save_track+0x14/0x30 [ 87.208366][ C0] kasan_save_free_info+0x3b/0x60 [ 87.209642][ C0] __kasan_slab_free+0x51/0x70 [ 87.210944][ C0] kfree+0x14f/0x4b0 [ 87.212056][ C0] p9_client_create+0x97d/0x1150 [ 87.213541][ C0] v9fs_session_init+0x1f8/0x1a80 [ 87.215381][ C0] v9fs_mount+0xc6/0xa50 [ 87.216580][ C0] legacy_get_tree+0x109/0x220 [ 87.217889][ C0] vfs_get_tree+0x8f/0x380 [ 87.219247][ C0] path_mount+0x6e1/0x1f10 [ 87.220743][ C0] __ia32_sys_mount+0x292/0x310 [ 87.222150][ C0] __do_fast_syscall_32+0x73/0x120 [ 87.223542][ C0] do_fast_syscall_32+0x32/0x80 [ 87.224840][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.226422][ C0] [ 87.227089][ C0] The buggy address belongs to the object at ffff888000e75800 [ 87.227089][ C0] which belongs to the cache kmalloc-512 of size 512 [ 87.231327][ C0] The buggy address is located 24 bytes inside of [ 87.231327][ C0] freed 512-byte region [ffff888000e75800, ffff888000e75a00) [ 87.235921][ C0] [ 87.236605][ C0] The buggy address belongs to the physical page: [ 87.238903][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000e76000 pfn:0xe74 [ 87.243687][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 87.247120][ C0] flags: 0x7ff00000000040(head|node=0|zone=0|lastcpupid=0x7ff) [ 87.249670][ C0] page_type: f5(slab) [ 87.250954][ C0] raw: 007ff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122 [ 87.253742][ C0] raw: ffff888000e76000 000000008010000f 00000001f5000000 0000000000000000 [ 87.256039][ C0] head: 007ff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122 [ 87.258319][ C0] head: ffff888000e76000 000000008010000f 00000001f5000000 0000000000000000 [ 87.260590][ C0] head: 007ff00000000002 ffffea0000039d01 ffffffffffffffff 0000000000000000 [ 87.262829][ C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 87.265431][ C0] page dumped because: kasan: bad access detected [ 87.267470][ C0] page_owner tracks the page as allocated [ 87.269125][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1214, tgid 1214 (kworker/u32:10), ts 43339570569, free_ts 41795498395 [ 87.275247][ C0] post_alloc_hook+0x2d1/0x350 [ 87.276951][ C0] get_page_from_freelist+0x101e/0x3070 [ 87.278795][ C0] __alloc_pages_noprof+0x223/0x25a0 [ 87.280542][ C0] alloc_pages_mpol_noprof+0x2c9/0x610 [ 87.282664][ C0] new_slab+0x2ba/0x3f0 [ 87.284280][ C0] ___slab_alloc+0xd1d/0x16f0 [ 87.285806][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 87.287293][ C0] __kmalloc_cache_noprof+0x2c5/0x310 [ 87.289076][ C0] __ipv6_dev_mc_inc+0x2b7/0xc10 [ 87.290787][ C0] addrconf_dad_work+0x232/0x14d0 [ 87.292454][ C0] process_one_work+0x958/0x1b30 [ 87.293897][ C0] worker_thread+0x6c8/0xf00 [ 87.295551][ C0] kthread+0x2c1/0x3a0 [ 87.296755][ C0] ret_from_fork+0x45/0x80 [ 87.297987][ C0] ret_from_fork_asm+0x1a/0x30 [ 87.299458][ C0] page last free pid 5558 tgid 5558 stack trace: [ 87.301704][ C0] free_unref_page+0x5f4/0xdc0 [ 87.303362][ C0] vfree+0x17a/0x890 [ 87.304926][ C0] kcov_put+0x2a/0x40 [ 87.306299][ C0] kcov_close+0xd/0x20 [ 87.307871][ C0] __fput+0x3f6/0xb60 [ 87.308940][ C0] task_work_run+0x14e/0x250 [ 87.310166][ C0] do_exit+0xadd/0x2d70 [ 87.311263][ C0] do_group_exit+0xd3/0x2a0 [ 87.312694][ C0] get_signal+0x2658/0x26d0 [ 87.314003][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 87.315608][ C0] syscall_exit_to_user_mode+0x150/0x2a0 [ 87.317117][ C0] __do_fast_syscall_32+0x80/0x120 [ 87.318502][ C0] do_fast_syscall_32+0x32/0x80 [ 87.319784][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.321446][ C0] [ 87.322102][ C0] Memory state around the buggy address: [ 87.323587][ C0] ffff888000e75700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 87.325726][ C0] ffff888000e75780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 87.327911][ C0] >ffff888000e75800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 87.330355][ C0] ^ [ 87.331851][ C0] ffff888000e75880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 87.334937][ C0] ffff888000e75900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 87.337857][ C0] ================================================================== [ 87.340874][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 87.343502][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0 [ 87.347111][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.351168][ C0] Call Trace: [ 87.352336][ C0] [ 87.353694][ C0] dump_stack_lvl+0x3d/0x1f0 [ 87.356255][ C0] panic+0x71d/0x800 [ 87.359057][ C0] ? __pfx_panic+0x10/0x10 [ 87.360952][ C0] ? rcu_is_watching+0x12/0xc0 [ 87.362824][ C0] ? __pfx_lock_release+0x10/0x10 [ 87.364668][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 87.366512][ C0] check_panic_on_warn+0xab/0xb0 [ 87.368322][ C0] end_report+0x117/0x180 [ 87.369898][ C0] kasan_report+0xe9/0x110 [ 87.371527][ C0] ? __lock_acquire+0x2dfe/0x3ce0 [ 87.373326][ C0] ? __lock_acquire+0x2dfe/0x3ce0 [ 87.375534][ C0] __lock_acquire+0x2dfe/0x3ce0 [ 87.377935][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 87.380328][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 87.382780][ C0] lock_acquire.part.0+0x11b/0x380 [ 87.386168][ C0] ? p9_req_put+0xaf/0x250 [ 87.388845][ C0] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 87.391189][ C0] ? rcu_is_watching+0x12/0xc0 [ 87.393673][ C0] ? trace_lock_acquire+0x14a/0x1d0 [ 87.396384][ C0] ? p9_req_put+0xaf/0x250 [ 87.398655][ C0] ? lock_acquire+0x2f/0xb0 [ 87.400869][ C0] ? p9_req_put+0xaf/0x250 [ 87.403053][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 87.405033][ C0] ? p9_req_put+0xaf/0x250 [ 87.406597][ C0] p9_req_put+0xaf/0x250 [ 87.408475][ C0] req_done+0x1e7/0x2f0 [ 87.410537][ C0] ? __pfx_req_done+0x10/0x10 [ 87.413029][ C0] ? __pfx_req_done+0x10/0x10 [ 87.415079][ C0] vring_interrupt+0x31b/0x400 [ 87.417854][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 87.420667][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 87.424123][ C0] handle_irq_event+0xab/0x1e0 [ 87.427166][ C0] handle_edge_irq+0x263/0xd10 [ 87.429697][ C0] __common_interrupt+0xdf/0x250 [ 87.432300][ C0] common_interrupt+0xba/0xe0 [ 87.434654][ C0] [ 87.435725][ C0] [ 87.436783][ C0] asm_common_interrupt+0x26/0x40 [ 87.438558][ C0] RIP: 0010:default_idle+0xf/0x20 [ 87.440398][ C0] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 08 33 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 87.447825][ C0] RSP: 0018:ffffffff8da07e20 EFLAGS: 00000202 [ 87.450706][ C0] RAX: 000000000009d997 RBX: 0000000000000000 RCX: ffffffff8b137a49 [ 87.454351][ C0] RDX: 0000000000000000 RSI: ffffffff8b4cc8e0 RDI: ffffffff8bb12ae0 [ 87.457599][ C0] RBP: fffffbfff1b52af8 R08: 0000000000000001 R09: ffffed1005687025 [ 87.460812][ C0] R10: ffff88802b43812b R11: 0000000000000000 R12: 0000000000000000 [ 87.463647][ C0] R13: ffffffff8da957c0 R14: ffffffff901ce188 R15: 0000000000000000 [ 87.466462][ C0] ? ct_kernel_exit+0x139/0x190 [ 87.468252][ C0] default_idle_call+0x6d/0xb0 [ 87.469931][ C0] do_idle+0x32c/0x3f0 [ 87.471347][ C0] ? __pfx_do_idle+0x10/0x10 [ 87.472980][ C0] cpu_startup_entry+0x4f/0x60 [ 87.474668][ C0] rest_init+0x16b/0x2b0 [ 87.476138][ C0] ? acpi_subsystem_init+0x133/0x180 [ 87.478047][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 87.480288][ C0] start_kernel+0x3e4/0x4d0 [ 87.482261][ C0] x86_64_start_reservations+0x18/0x30 [ 87.484612][ C0] x86_64_start_kernel+0xb2/0xc0 [ 87.487120][ C0] common_startup_64+0x13e/0x148 [ 87.488998][ C0] [ 87.490551][ C0] Kernel Offset: disabled [ 87.492196][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:44:58 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8503db85 RDI=ffffffff9a63d260 RBP=ffffffff9a63d220 RSP=ffffc90000007598 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000061 R14=ffffffff8503db20 R15=0000000000000000 RIP=ffffffff8503dbaf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f74a6108 CR3=0000000029f5c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff8880291c53fa RCX=0000000000000001 RDX=dffffc0000000000 RSI=ffff8880291c53d8 RDI=ffff8880291c4880 RBP=ffffc90003d47720 RSP=ffffc90003d476f0 R8 =0000000000000000 R9 =fffffbfff2d31b8a R10=ffffffff9698dc57 R11=0000000000000000 R12=0000000000000000 R13=ffff8880291c53d8 R14=0000000000000006 R15=ffff8880291c4880 RIP=ffffffff8169e19e RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f155b8 CR3=000000005c87c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=dffffc0000000000 RCX=ffffffff8976aaa2 RDX=ffff8880226ba440 RSI=0000000000000000 RDI=0000000000000001 RBP=ffff888024d73900 RSP=ffffc90000540668 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffc900005406d0 R13=ffff88802539f400 R14=0000000000000001 R15=ffff88802539e780 RIP=ffffffff818cb91c RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc4e4314d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000056024de49000 CR3=000000002a6c6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=8dacce82b3fb044e 5bbc2667c58b7a86 8dacce82b3fb044e 5bbc2667c58b7a86 8dacce82b3fb044e 5bbc2667c58b7a86 8dacce82b3fb044e 5bbc2667c58b7a86 ZMM18=8fdb9f72bbedc2bd 48bed10193a1944f 8fdb9f72bbedc2bd 48bed10193a1944f 8fdb9f72bbedc2bd 48bed10193a1944f 8fdb9f72bbedc2bd 48bed10193a1944f ZMM19=ed0b000000000000 0000000000000204 ed0b000000000000 0000000000000203 ed0b000000000000 0000000000000202 ed0b000000000000 0000000000000201 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=5bbc26675bbc2667 5bbc26675bbc2667 5bbc26675bbc2667 5bbc26675bbc2667 5bbc26675bbc2667 5bbc26675bbc2667 5bbc26675bbc2667 5bbc26675bbc2667 ZMM22=b3fb044eb3fb044e b3fb044eb3fb044e b3fb044eb3fb044e b3fb044eb3fb044e b3fb044eb3fb044e b3fb044eb3fb044e b3fb044eb3fb044e b3fb044eb3fb044e ZMM23=8dacce828dacce82 8dacce828dacce82 8dacce828dacce82 8dacce828dacce82 8dacce828dacce82 8dacce828dacce82 8dacce828dacce82 8dacce828dacce82 ZMM24=93a1944f93a1944f 93a1944f93a1944f 93a1944f93a1944f 93a1944f93a1944f 93a1944f93a1944f 93a1944f93a1944f 93a1944f93a1944f 93a1944f93a1944f ZMM25=48bed10148bed101 48bed10148bed101 48bed10148bed101 48bed10148bed101 48bed10148bed101 48bed10148bed101 48bed10148bed101 48bed10148bed101 ZMM26=bbedc2bdbbedc2bd bbedc2bdbbedc2bd bbedc2bdbbedc2bd bbedc2bdbbedc2bd bbedc2bdbbedc2bd bbedc2bdbbedc2bd bbedc2bdbbedc2bd bbedc2bdbbedc2bd ZMM27=8fdb9f728fdb9f72 8fdb9f728fdb9f72 8fdb9f728fdb9f72 8fdb9f728fdb9f72 8fdb9f728fdb9f72 8fdb9f728fdb9f72 8fdb9f728fdb9f72 8fdb9f728fdb9f72 ZMM28=00000200000001ff 000001fe000001fd 000001fc000001fb 000001fa000001f9 000001f8000001f7 000001f6000001f5 000001f4000001f3 000001f2000001f1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=ed0b0000ed0b0000 ed0b0000ed0b0000 ed0b0000ed0b0000 ed0b0000ed0b0000 ed0b0000ed0b0000 ed0b0000ed0b0000 ed0b0000ed0b0000 ed0b0000ed0b0000 info registers vcpu 3 CPU#3 RAX=000000000003907b RBX=0000000000000003 RCX=ffffffff8b137a49 RDX=0000000000000000 RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12ae0 RBP=ffffed10036eb488 RSP=ffffc90000497e08 R8 =0000000000000001 R9 =ffffed10056e7025 R10=ffff88802b73812b R11=0000000000000000 R12=0000000000000003 R13=ffff88801b75a440 R14=ffffffff901ce188 R15=0000000000000000 RIP=ffffffff8b138e2f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f74a6108 CR3=0000000029e24000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000