last executing test programs: 1.5612768s ago: executing program 3 (id=1144): add_key$fscrypt_provisioning(&(0x7f0000000080), 0x0, &(0x7f0000000400)={0x1, 0x0, @c}, 0x29, 0xfffffffffffffffb) 1.456410489s ago: executing program 3 (id=1149): syz_emit_ethernet(0x3a, &(0x7f0000000600)={@multicast, @dev, @val, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @broadcast, @dev={0xac, 0x14, 0x14, 0x20}}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, '=.R', 0x0, "b09809"}}}}}}, 0x0) 1.341564765s ago: executing program 3 (id=1153): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x801, 0x2}]}]}}, 0x0, 0x32, 0x0, 0x8, 0x8001}, 0x20) 1.28326864s ago: executing program 3 (id=1157): bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x5, 0x100004, 0x220104, 0xb, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48) 1.179597533s ago: executing program 3 (id=1163): syz_emit_ethernet(0x76, &(0x7f0000000340)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e400ff", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, '\x00', 0x0, 0x11, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x4}}, [], "17c1ff0cb18496eb25051a167604e82e"}}}}}}}, 0x0) 1.053426596s ago: executing program 3 (id=1167): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x20000007, 0x0, 0x1}, 0x48) 362.097495ms ago: executing program 2 (id=1188): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) 361.959264ms ago: executing program 0 (id=1189): clock_nanosleep(0xc, 0x0, 0x0, 0x0) 361.894794ms ago: executing program 1 (id=1190): bpf$MAP_CREATE(0x0, &(0x7f0000003940)=@base={0x21, 0x0, 0x0, 0x40000000, 0x400}, 0x48) 300.036597ms ago: executing program 2 (id=1191): syz_emit_ethernet(0x5a, &(0x7f00000000c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x4, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010104, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0x0, 0x5, 0x0, 0x0, {[@md5sig={0x1d, 0x12, "910000000000006f00"}, @md5sig={0x13, 0x12, "047362d4843af5cce037a189c9077f3f"}]}}}}}}}, 0x0) 299.872164ms ago: executing program 1 (id=1192): add_key$fscrypt_v1(&(0x7f0000004e00), &(0x7f0000004e40)={'fscrypt:', @desc3}, &(0x7f0000004e80)={0x0, "97f57c22181b67d5118416c2cf87c15cd6e56db481e3c7a9c68fb511a1e2242ace8fcaff85a1f8d4cb775806faf3a1897311d5b5fb539d38d63dab508e33e03c", 0x17}, 0x48, 0xfffffffffffffffc) 299.831839ms ago: executing program 0 (id=1193): epoll_create1(0x21c690180979b791) 206.674271ms ago: executing program 2 (id=1194): fanotify_init(0x4c, 0x0) 206.61749ms ago: executing program 0 (id=1195): getgroups(0x44, &(0x7f0000000040)) 139.095086ms ago: executing program 1 (id=1196): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="e5ffffff000000007111bf00000000008510000002000000850006000000000095000810000000009541f0366e402759"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) 138.900031ms ago: executing program 2 (id=1197): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000880)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006916000000000000bf67000000000000170600000fff01006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f3d2401000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08508460b603daf5a7d1dbdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ffa78b02af242f8ee5476d4ef7a6f0c4704403b9bad2b648e90f89c54ca2d6b792beb3302600ff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b06e7f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d545741fbbbea3e47b1750f272980087b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adfff3f6daed3cdfee7de13ad4f90"], &(0x7f0000000100)='GPL\x00'}, 0x48) 138.736922ms ago: executing program 0 (id=1198): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x4, &(0x7f0000000080)=@framed={{}, [@generic={0x34, 0x0, 0x0, 0x1, 0x7f000000}]}, &(0x7f00000001c0)='syzkaller\x00', 0x9}, 0x90) 74.9351ms ago: executing program 1 (id=1199): syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @random="b0c942034375", @void, {@ipv4={0x8864, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x22, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 74.742673ms ago: executing program 0 (id=1200): get_mempolicy(0x0, &(0x7f0000000040), 0xfffffffffffffc01, &(0x7f0000ffc000/0x3000)=nil, 0x4) 74.66059ms ago: executing program 2 (id=1201): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x9}, {0xc}, {}, {}, {}]}]}}, &(0x7f0000000500)=""/199, 0x4e, 0xc7, 0x1}, 0x20) 74.52968ms ago: executing program 1 (id=1202): add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0608262300ba8b0ad775b31b", 0xe, 0xfffffffffffffffc) 419.816µs ago: executing program 0 (id=1203): keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000080)=' hash=', 0x0) 179.439µs ago: executing program 2 (id=1204): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x4, 0x1804}, 0x48) 0s ago: executing program 1 (id=1205): mount$9p_virtio(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x0, &(0x7f0000000740)={'trans=virtio,', {[{@noextend}]}}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:63111' (ED25519) to the list of known hosts. [ 51.571607][ T5309] cgroup: Unknown subsys name 'net' [ 51.914130][ T5309] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 53.214480][ T5309] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 60.233034][ T5427] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 60.237263][ T5427] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 60.240382][ T5427] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 60.244372][ T5427] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 60.247324][ T5427] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 60.251736][ T5430] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 60.252338][ T5431] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 60.259634][ T5431] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 60.264029][ T5431] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 60.269520][ T5431] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 60.273561][ T5431] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 60.277674][ T5435] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 60.279822][ T5434] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 60.281951][ T5435] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 60.284848][ T5434] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 60.288908][ T4782] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 60.290399][ T5434] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 60.294459][ T4782] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 60.295340][ T5434] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 60.298441][ T4782] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 60.300345][ T5434] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 60.302795][ T4782] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 60.305442][ T5434] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 60.307566][ T4782] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 60.666228][ T5424] chnl_net:caif_netlink_parms(): no params data found [ 60.678315][ T5436] chnl_net:caif_netlink_parms(): no params data found [ 60.816604][ T5432] chnl_net:caif_netlink_parms(): no params data found [ 60.887894][ T5425] chnl_net:caif_netlink_parms(): no params data found [ 61.008437][ T5424] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.011684][ T5424] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.019134][ T5424] bridge_slave_0: entered allmulticast mode [ 61.025580][ T5424] bridge_slave_0: entered promiscuous mode [ 61.033017][ T5424] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.039100][ T5424] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.053958][ T5424] bridge_slave_1: entered allmulticast mode [ 61.072851][ T5424] bridge_slave_1: entered promiscuous mode [ 61.138471][ T5436] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.141671][ T5436] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.145418][ T5436] bridge_slave_0: entered allmulticast mode [ 61.149370][ T5436] bridge_slave_0: entered promiscuous mode [ 61.258343][ T5436] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.260933][ T5436] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.264790][ T5436] bridge_slave_1: entered allmulticast mode [ 61.268790][ T5436] bridge_slave_1: entered promiscuous mode [ 61.333910][ T5424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.345111][ T5424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.405789][ T5436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.480753][ T5432] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.484039][ T5432] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.487150][ T5432] bridge_slave_0: entered allmulticast mode [ 61.491167][ T5432] bridge_slave_0: entered promiscuous mode [ 61.498394][ T5436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.527534][ T5425] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.530067][ T5425] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.532692][ T5425] bridge_slave_0: entered allmulticast mode [ 61.535535][ T5425] bridge_slave_0: entered promiscuous mode [ 61.540948][ T5424] team0: Port device team_slave_0 added [ 61.543641][ T5432] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.546907][ T5432] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.550129][ T5432] bridge_slave_1: entered allmulticast mode [ 61.554301][ T5432] bridge_slave_1: entered promiscuous mode [ 61.658117][ T5424] team0: Port device team_slave_1 added [ 61.661085][ T5425] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.665363][ T5425] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.668499][ T5425] bridge_slave_1: entered allmulticast mode [ 61.672409][ T5425] bridge_slave_1: entered promiscuous mode [ 61.717734][ T5432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.823673][ T5425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.829960][ T5432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.866261][ T5436] team0: Port device team_slave_0 added [ 61.870216][ T5436] team0: Port device team_slave_1 added [ 61.890017][ T5424] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.893208][ T5424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.902948][ T5424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.911106][ T5425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.964110][ T5424] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.966917][ T5424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.976565][ T5424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.013618][ T5432] team0: Port device team_slave_0 added [ 62.019385][ T5432] team0: Port device team_slave_1 added [ 62.049917][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.053092][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.064637][ T5436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.095398][ T5425] team0: Port device team_slave_0 added [ 62.129615][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.132262][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.141311][ T5436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.156590][ T5425] team0: Port device team_slave_1 added [ 62.160183][ T5432] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.163315][ T5432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.172043][ T5432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.177296][ T5432] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.179876][ T5432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.188238][ T5432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.293453][ T4782] Bluetooth: hci1: command tx timeout [ 62.295942][ T4782] Bluetooth: hci0: command tx timeout [ 62.353227][ T5424] hsr_slave_0: entered promiscuous mode [ 62.356506][ T5424] hsr_slave_1: entered promiscuous mode [ 62.360817][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.365885][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.373426][ T5431] Bluetooth: hci3: command tx timeout [ 62.374298][ T4782] Bluetooth: hci2: command tx timeout [ 62.374566][ T5425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.384753][ T5425] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.387453][ T5425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.395669][ T5425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.447988][ T5436] hsr_slave_0: entered promiscuous mode [ 62.451450][ T5436] hsr_slave_1: entered promiscuous mode [ 62.455312][ T5436] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.458879][ T5436] Cannot create hsr debugfs directory [ 62.475250][ T5432] hsr_slave_0: entered promiscuous mode [ 62.478246][ T5432] hsr_slave_1: entered promiscuous mode [ 62.481381][ T5432] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.484579][ T5432] Cannot create hsr debugfs directory [ 62.681725][ T5425] hsr_slave_0: entered promiscuous mode [ 62.687621][ T5425] hsr_slave_1: entered promiscuous mode [ 62.690397][ T5425] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.693724][ T5425] Cannot create hsr debugfs directory [ 63.123280][ T5436] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 63.131815][ T5436] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 63.149541][ T5436] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 63.158758][ T5436] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 63.189788][ T5425] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.198029][ T5425] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.205195][ T5425] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.239325][ T5425] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.258297][ T5424] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 63.270969][ T5424] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 63.285644][ T5424] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 63.292394][ T5424] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 63.377186][ T5432] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 63.383620][ T5432] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 63.390578][ T5432] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 63.399885][ T5432] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 63.514123][ T5436] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.565338][ T5425] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.575461][ T5436] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.596731][ T5424] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.602203][ T1209] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.605296][ T1209] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.635191][ T1209] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.638313][ T1209] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.666365][ T5425] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.679049][ T5432] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.694974][ T5424] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.705597][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.708423][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.725687][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.728300][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.743283][ T5432] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.757970][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.760559][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.766452][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.769662][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.786381][ T5436] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.807279][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.810416][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.835255][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.838483][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.948428][ T5425] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.000883][ T5436] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.060243][ T5436] veth0_vlan: entered promiscuous mode [ 64.075726][ T5436] veth1_vlan: entered promiscuous mode [ 64.131093][ T5436] veth0_macvtap: entered promiscuous mode [ 64.139827][ T5424] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.159029][ T5436] veth1_macvtap: entered promiscuous mode [ 64.192307][ T5432] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.208864][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.228160][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.239312][ T5436] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.246660][ T5436] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.250492][ T5436] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.254539][ T5436] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.266184][ T5425] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.277624][ T5424] veth0_vlan: entered promiscuous mode [ 64.339071][ T5424] veth1_vlan: entered promiscuous mode [ 64.373109][ T5431] Bluetooth: hci0: command tx timeout [ 64.373397][ T4782] Bluetooth: hci1: command tx timeout [ 64.418556][ T5432] veth0_vlan: entered promiscuous mode [ 64.418642][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.424665][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.435670][ T5425] veth0_vlan: entered promiscuous mode [ 64.453300][ T4782] Bluetooth: hci3: command tx timeout [ 64.454342][ T5431] Bluetooth: hci2: command tx timeout [ 64.455738][ T5432] veth1_vlan: entered promiscuous mode [ 64.473003][ T5425] veth1_vlan: entered promiscuous mode [ 64.493816][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.497198][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.513161][ T5424] veth0_macvtap: entered promiscuous mode [ 64.520443][ T5424] veth1_macvtap: entered promiscuous mode [ 64.555892][ T5432] veth0_macvtap: entered promiscuous mode [ 64.573934][ T5432] veth1_macvtap: entered promiscuous mode [ 64.596329][ T5425] veth0_macvtap: entered promiscuous mode [ 64.603749][ T5425] veth1_macvtap: entered promiscuous mode [ 64.609792][ T5424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.617754][ T5424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.629470][ T5424] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.637198][ T5424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.641678][ T5424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.648964][ T5424] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.656522][ T5432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.660395][ T5432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.664948][ T5432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.669063][ T5432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.675391][ T5432] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.695570][ T5424] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.699505][ T5424] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.703487][ T5424] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.706967][ T5424] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.715078][ T5432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.720622][ T5432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.724589][ T5432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.729120][ T5432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.738942][ T5432] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.774696][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.779558][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.784775][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.789204][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.793812][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.798048][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.804579][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.809753][ T5432] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.814219][ T5432] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.817537][ T5432] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.820458][ T5432] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.878279][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.882984][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.886875][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.891499][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.908896][ T5425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.919706][ T5425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.927048][ T5425] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.969157][ T5425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.972363][ T5425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.979664][ T5425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.983389][ T5425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.049701][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.058883][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.138863][ T90] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.142264][ T90] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.150766][ T1209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.157336][ T90] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.160754][ T90] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.164420][ T1209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.228586][ T90] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.235569][ T90] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.304985][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.308588][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.774799][ T39] audit: type=1326 audit(1725628440.082:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5527 comm="syz.3.79" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 66.466363][ T5431] Bluetooth: hci0: command tx timeout [ 66.467948][ T4782] Bluetooth: hci1: command tx timeout [ 66.546651][ T4782] Bluetooth: hci3: command tx timeout [ 66.546685][ T5431] Bluetooth: hci2: command tx timeout [ 66.625827][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 66.820960][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 66.833859][ T10] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 66.860235][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.877843][ T10] usb 7-1: config 0 descriptor?? [ 67.109399][ T10] ath6kl: Failed to submit usb control message: -71 [ 67.112675][ T10] ath6kl: unable to send the bmi data to the device: -71 [ 67.132008][ T10] ath6kl: Unable to send get target info: -71 [ 67.136586][ T10] ath6kl: Failed to init ath6kl core: -71 [ 67.166755][ T10] ath6kl_usb 7-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 67.197590][ T10] usb 7-1: USB disconnect, device number 2 [ 67.690136][ T5648] ip_tunnel: non-ECT from 172.30.0.1 with TOS=0x2 [ 67.916248][ T5660] futex_wake_op: syz.2.144 tries to shift op by 32; fix this program [ 68.174379][ T5678] tmpfs: Bad value for 'mpol' [ 68.543115][ T5431] Bluetooth: hci1: command tx timeout [ 68.632999][ T5431] Bluetooth: hci2: command tx timeout [ 68.644539][ T5431] Bluetooth: hci3: command tx timeout [ 70.014101][ T25] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 70.223216][ T25] usb 7-1: Using ep0 maxpacket: 8 [ 70.227904][ T25] usb 7-1: config 0 has an invalid interface number: 143 but max is 0 [ 70.232227][ T25] usb 7-1: config 0 has no interface number 0 [ 70.236039][ T25] usb 7-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 70.240855][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.253399][ T25] usb 7-1: config 0 descriptor?? [ 70.387995][ T25] viperboard 7-1:0.143: version 0.00 found at bus 007 address 003 [ 70.464931][ T25] viperboard-i2c viperboard-i2c.3.auto: failure setting i2c_bus_freq to 100 [ 70.476306][ T25] viperboard-i2c viperboard-i2c.3.auto: probe with driver viperboard-i2c failed with error -5 [ 70.529530][ T25] usb 7-1: USB disconnect, device number 3 [ 73.067545][ T5986] PKCS7: Unknown OID: [4] 2.19.0.2.86.14.43(bad) [ 73.083017][ T1429] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 73.087816][ T5986] PKCS7: Only support pkcs7_signedData type [ 73.268206][ T1429] usb 8-1: Using ep0 maxpacket: 32 [ 73.325202][ T1429] usb 8-1: unable to get BOS descriptor or descriptor too short [ 73.362609][ T1429] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.369521][ T1429] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 73.374991][ T1429] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 73.379416][ T1429] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 73.419565][ T1429] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 73.533777][ T1429] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 73.537695][ T1429] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.560420][ T1429] usb 8-1: Product: syz [ 73.566378][ T1429] usb 8-1: Manufacturer: syz [ 73.569243][ T1429] usb 8-1: SerialNumber: syz [ 73.843209][ T1429] cdc_ncm 8-1:1.0: bind() failure [ 73.849702][ T1429] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found [ 73.857228][ T1429] cdc_ncm 8-1:1.1: bind() failure [ 73.866077][ T1429] usb 8-1: USB disconnect, device number 2 [ 76.390616][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.395577][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.495642][ T6179] dns_resolver: Unsupported server list version (0) [ 76.925831][ T6216] syz.1.416 (6216): attempted to duplicate a private mapping with mremap. This is not supported. [ 78.637757][ T6346] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 78.637757][ T6346] Ue[%#s' [ 81.444232][ T6564] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0002 with DS=0x7 [ 82.294183][ T39] audit: type=1326 audit(1725628456.612:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6622 comm="syz.3.620" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 82.517460][ T6629] could not allocate digest TFM handle rmd128-generic [ 82.541949][ T6642] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0004 with DS=0x7 [ 82.779367][ T6658] 9pnet_fd: Insufficient options for proto=fd [ 82.893610][ T6661] futex_wake_op: syz.3.636 tries to shift op by -1; fix this program [ 83.037316][ T6668] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0001 with DS=0x7 [ 84.692015][ C0] Adjusting tsc more than 11% (5229273 vs 7162503) [ 84.786263][ T6810] UBIFS error (pid: 6810): cannot open "ubifs", error -22 [ 86.963354][ T8] cfg80211: failed to load regulatory.db [ 87.542372][ T7043] futex_wake_op: syz.2.826 tries to shift op by -1; fix this program [ 87.575434][ T7046] virtio-fs: tag <(null)> not found [ 87.734238][ T7066] binder: Binderfs stats mode cannot be changed during a remount [ 89.055400][ T39] audit: type=1326 audit(1725628463.909:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7205 comm="syz.2.908" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x0 [ 89.175796][ T7220] bpf: Bad value for 'uid' [ 92.541128][ T7498] dccp_invalid_packet: invalid packet type [ 93.209291][ T7553] syz.3.1080(7553): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 94.283732][ T7655] capability: warning: `syz.3.1132' uses deprecated v2 capabilities in a way that may be insecure [ 95.131966][ T7733] mmap: syz.1.1170 (7733) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 95.933475][ T4782] Bluetooth: hci1: command 0x0406 tx timeout [ 96.043928][ T7797] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 96.046973][ T7797] PKCS7: Only support pkcs7_signedData type [ 96.117450][ C0] ================================================================== [ 96.121866][ C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2de0/0x3cb0 [ 96.129407][ C0] Read of size 8 at addr ffff888011cae418 by task kworker/0:3/5437 [ 96.136918][ C0] [ 96.137994][ C0] CPU: 0 UID: 0 PID: 5437 Comm: kworker/0:3 Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 96.143408][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.150393][ C0] Workqueue: events purge_vmap_node [ 96.156284][ C0] Call Trace: [ 96.158103][ C0] [ 96.159728][ C0] dump_stack_lvl+0x116/0x1f0 [ 96.162406][ C0] print_report+0xc3/0x620 [ 96.165552][ C0] ? __virt_addr_valid+0x5e/0x590 [ 96.167791][ C0] ? __phys_addr+0xc6/0x150 [ 96.170334][ C0] kasan_report+0xd9/0x110 [ 96.172857][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 96.175599][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 96.178424][ C0] __lock_acquire+0x2de0/0x3cb0 [ 96.180957][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 96.183889][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 96.186350][ C0] lock_acquire+0x1b1/0x560 [ 96.188618][ C0] ? p9_req_put+0xaf/0x250 [ 96.191176][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 96.194036][ C0] ? __pfx_lock_release+0x10/0x10 [ 96.199164][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 96.202526][ C0] ? p9_req_put+0xaf/0x250 [ 96.206341][ C0] p9_req_put+0xaf/0x250 [ 96.208747][ C0] req_done+0x1e7/0x2f0 [ 96.211147][ C0] ? __pfx_req_done+0x10/0x10 [ 96.213736][ C0] ? __pfx_req_done+0x10/0x10 [ 96.216382][ C0] vring_interrupt+0x31b/0x400 [ 96.219096][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 96.222266][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 96.226040][ C0] handle_irq_event+0xab/0x1e0 [ 96.229044][ C0] handle_edge_irq+0x263/0xd10 [ 96.232025][ C0] __common_interrupt+0xdf/0x250 [ 96.235105][ C0] common_interrupt+0xab/0xd0 [ 96.238072][ C0] [ 96.239924][ C0] [ 96.241804][ C0] asm_common_interrupt+0x26/0x40 [ 96.244948][ C0] RIP: 0010:free_unref_page+0x8f/0xe40 [ 96.250138][ C0] Code: 0f 85 4e 0b 00 00 48 8b 03 a8 40 0f 85 0f 04 00 00 4c 8d 73 08 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 80 3c 02 00 <0f> 85 c0 0b 00 00 4c 8b 6b 08 41 83 e5 01 48 b8 00 00 00 00 00 fc [ 96.262048][ C0] RSP: 0018:ffffc9000401fa30 EFLAGS: 00000246 [ 96.266933][ C0] RAX: dffffc0000000000 RBX: ffffea000179f440 RCX: ffffffff81dd1f80 [ 96.273771][ C0] RDX: 1ffffd40002f3e89 RSI: 0000000000000008 RDI: ffffea000179f440 [ 96.278424][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940002f3e88 [ 96.283281][ C0] R10: ffffea000179f447 R11: 0000000000000000 R12: 0000000000000000 [ 96.291561][ C0] R13: fffff52005d70000 R14: ffffea000179f448 R15: 800000005e7d1103 [ 96.296631][ C0] ? free_unref_page+0x50/0xe40 [ 96.298856][ C0] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 96.301763][ C0] ? __pfx_kasan_depopulate_vmalloc_pte+0x10/0x10 [ 96.305202][ C0] __apply_to_page_range+0x795/0xdd0 [ 96.307648][ C0] ? __pfx___apply_to_page_range+0x10/0x10 [ 96.310735][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 96.313456][ C0] kasan_release_vmalloc+0xac/0xc0 [ 96.316381][ C0] purge_vmap_node+0x3ec/0x920 [ 96.318819][ C0] ? __pfx_purge_vmap_node+0x10/0x10 [ 96.321318][ C0] process_one_work+0x958/0x1ad0 [ 96.323642][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 96.326662][ C0] ? __pfx_process_one_work+0x10/0x10 [ 96.329175][ C0] ? assign_work+0x1a0/0x250 [ 96.332491][ C0] worker_thread+0x6c8/0xed0 [ 96.334588][ C0] ? __kthread_parkme+0x148/0x220 [ 96.336829][ C0] ? __pfx_worker_thread+0x10/0x10 [ 96.339397][ C0] kthread+0x2c1/0x3a0 [ 96.341591][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 96.345911][ C0] ? __pfx_kthread+0x10/0x10 [ 96.348447][ C0] ret_from_fork+0x45/0x80 [ 96.350895][ C0] ? __pfx_kthread+0x10/0x10 [ 96.353360][ C0] ret_from_fork_asm+0x1a/0x30 [ 96.355622][ C0] [ 96.357077][ C0] [ 96.358266][ C0] Allocated by task 7803: [ 96.360599][ C0] kasan_save_stack+0x33/0x60 [ 96.363073][ C0] kasan_save_track+0x14/0x30 [ 96.365268][ C0] __kasan_kmalloc+0xaa/0xb0 [ 96.367363][ C0] p9_client_create+0xcf/0x11b0 [ 96.369912][ C0] v9fs_session_init+0x1f8/0x1a80 [ 96.372254][ C0] v9fs_mount+0xc6/0xa50 [ 96.374564][ C0] legacy_get_tree+0x109/0x220 [ 96.377221][ C0] vfs_get_tree+0x8f/0x380 [ 96.379218][ C0] path_mount+0x6e1/0x1f10 [ 96.381294][ C0] __ia32_sys_mount+0x292/0x310 [ 96.383620][ C0] __do_fast_syscall_32+0x73/0x120 [ 96.386103][ C0] do_fast_syscall_32+0x32/0x80 [ 96.388732][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.392660][ C0] [ 96.394501][ C0] Freed by task 7803: [ 96.396338][ C0] kasan_save_stack+0x33/0x60 [ 96.398444][ C0] kasan_save_track+0x14/0x30 [ 96.400552][ C0] kasan_save_free_info+0x3b/0x60 [ 96.402813][ C0] poison_slab_object+0xf7/0x160 [ 96.405026][ C0] __kasan_slab_free+0x32/0x50 [ 96.407568][ C0] kfree+0x12a/0x3b0 [ 96.409716][ C0] p9_client_create+0x9ca/0x11b0 [ 96.412160][ C0] v9fs_session_init+0x1f8/0x1a80 [ 96.414520][ C0] v9fs_mount+0xc6/0xa50 [ 96.416601][ C0] legacy_get_tree+0x109/0x220 [ 96.418892][ C0] vfs_get_tree+0x8f/0x380 [ 96.421399][ C0] path_mount+0x6e1/0x1f10 [ 96.424247][ C0] __ia32_sys_mount+0x292/0x310 [ 96.427307][ C0] __do_fast_syscall_32+0x73/0x120 [ 96.430276][ C0] do_fast_syscall_32+0x32/0x80 [ 96.433436][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.437474][ C0] [ 96.438964][ C0] The buggy address belongs to the object at ffff888011cae400 [ 96.438964][ C0] which belongs to the cache kmalloc-512 of size 512 [ 96.446267][ C0] The buggy address is located 24 bytes inside of [ 96.446267][ C0] freed 512-byte region [ffff888011cae400, ffff888011cae600) [ 96.453499][ C0] [ 96.454566][ C0] The buggy address belongs to the physical page: [ 96.457420][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cac [ 96.460981][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 96.464754][ C0] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 96.468107][ C0] page_type: 0xfdffffff(slab) [ 96.470303][ C0] raw: 00fff00000000040 ffff88801ac42c80 ffffea0000a40700 dead000000000002 [ 96.474590][ C0] raw: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000 [ 96.478329][ C0] head: 00fff00000000040 ffff88801ac42c80 ffffea0000a40700 dead000000000002 [ 96.482332][ C0] head: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000 [ 96.486108][ C0] head: 00fff00000000002 ffffea0000472b01 ffffffffffffffff 0000000000000000 [ 96.489928][ C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 96.493878][ C0] page dumped because: kasan: bad access detected [ 96.496717][ C0] page_owner tracks the page as allocated [ 96.499149][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5425, tgid 5425 (syz-executor), ts 61510928376, free_ts 61468892430 [ 96.508842][ C0] post_alloc_hook+0x2d1/0x350 [ 96.510987][ C0] get_page_from_freelist+0x1351/0x2e50 [ 96.513287][ C0] __alloc_pages_noprof+0x22b/0x2460 [ 96.516119][ C0] alloc_slab_page+0x4e/0xf0 [ 96.518972][ C0] new_slab+0x84/0x260 [ 96.521512][ C0] ___slab_alloc+0xdac/0x1870 [ 96.524421][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 96.527752][ C0] __kmalloc_cache_noprof+0x2c5/0x310 [ 96.532975][ C0] __ipv6_dev_mc_inc+0x2b7/0xc10 [ 96.535128][ C0] ipv6_add_dev+0xa93/0x1400 [ 96.537203][ C0] addrconf_notify+0x546/0x19d0 [ 96.539524][ C0] notifier_call_chain+0xb9/0x410 [ 96.541856][ C0] call_netdevice_notifiers_info+0xbe/0x140 [ 96.544721][ C0] register_netdevice+0x1728/0x1e20 [ 96.547074][ C0] veth_newlink+0x366/0x9e0 [ 96.549174][ C0] __rtnl_newlink+0x119c/0x1920 [ 96.551347][ C0] page last free pid 5424 tgid 5424 stack trace: [ 96.554627][ C0] free_unref_page+0x64a/0xe40 [ 96.557048][ C0] qlist_free_all+0x4e/0x140 [ 96.559142][ C0] kasan_quarantine_reduce+0x192/0x1e0 [ 96.561315][ C0] __kasan_slab_alloc+0x69/0x90 [ 96.563383][ C0] __kmalloc_cache_noprof+0x11e/0x310 [ 96.565798][ C0] ref_tracker_alloc+0x17c/0x5b0 [ 96.568368][ C0] netdev_queue_update_kobjects+0x281/0x640 [ 96.571398][ C0] netdev_register_kobject+0x290/0x3f0 [ 96.574982][ C0] register_netdevice+0x1473/0x1e20 [ 96.578101][ C0] veth_newlink+0x4fb/0x9e0 [ 96.580832][ C0] __rtnl_newlink+0x119c/0x1920 [ 96.583187][ C0] rtnl_newlink+0x67/0xa0 [ 96.585213][ C0] rtnetlink_rcv_msg+0x3c7/0xea0 [ 96.587423][ C0] netlink_rcv_skb+0x165/0x410 [ 96.589692][ C0] netlink_unicast+0x53c/0x7f0 [ 96.591871][ C0] netlink_sendmsg+0x8b8/0xd70 [ 96.594266][ C0] [ 96.595552][ C0] Memory state around the buggy address: [ 96.598595][ C0] ffff888011cae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 96.602676][ C0] ffff888011cae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 96.606072][ C0] >ffff888011cae400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.609206][ C0] ^ [ 96.611123][ C0] ffff888011cae480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.616594][ C0] ffff888011cae500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.623333][ C0] ================================================================== [ 96.627045][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 96.630319][ C0] CPU: 0 UID: 0 PID: 5437 Comm: kworker/0:3 Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 96.638021][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.642794][ C0] Workqueue: events purge_vmap_node [ 96.645370][ C0] Call Trace: [ 96.646862][ C0] [ 96.648114][ C0] dump_stack_lvl+0x3d/0x1f0 [ 96.650176][ C0] panic+0x6dc/0x7c0 [ 96.651999][ C0] ? __pfx_panic+0x10/0x10 [ 96.654163][ C0] ? rcu_is_watching+0x12/0xc0 [ 96.656635][ C0] ? __pfx_lock_release+0x10/0x10 [ 96.659158][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 96.661758][ C0] check_panic_on_warn+0xab/0xb0 [ 96.664587][ C0] end_report+0x117/0x180 [ 96.667158][ C0] kasan_report+0xe9/0x110 [ 96.669600][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 96.671879][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 96.674148][ C0] __lock_acquire+0x2de0/0x3cb0 [ 96.676355][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 96.679280][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 96.681701][ C0] lock_acquire+0x1b1/0x560 [ 96.684167][ C0] ? p9_req_put+0xaf/0x250 [ 96.686314][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 96.688875][ C0] ? __pfx_lock_release+0x10/0x10 [ 96.691192][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 96.693649][ C0] ? p9_req_put+0xaf/0x250 [ 96.695746][ C0] p9_req_put+0xaf/0x250 [ 96.697749][ C0] req_done+0x1e7/0x2f0 [ 96.699652][ C0] ? __pfx_req_done+0x10/0x10 [ 96.701851][ C0] ? __pfx_req_done+0x10/0x10 [ 96.703941][ C0] vring_interrupt+0x31b/0x400 [ 96.706201][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 96.708564][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 96.710857][ C0] handle_irq_event+0xab/0x1e0 [ 96.712728][ C0] handle_edge_irq+0x263/0xd10 [ 96.714901][ C0] __common_interrupt+0xdf/0x250 [ 96.717305][ C0] common_interrupt+0xab/0xd0 [ 96.719473][ C0] [ 96.721133][ C0] [ 96.722675][ C0] asm_common_interrupt+0x26/0x40 [ 96.725083][ C0] RIP: 0010:free_unref_page+0x8f/0xe40 [ 96.727323][ C0] Code: 0f 85 4e 0b 00 00 48 8b 03 a8 40 0f 85 0f 04 00 00 4c 8d 73 08 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 80 3c 02 00 <0f> 85 c0 0b 00 00 4c 8b 6b 08 41 83 e5 01 48 b8 00 00 00 00 00 fc [ 96.735229][ C0] RSP: 0018:ffffc9000401fa30 EFLAGS: 00000246 [ 96.737621][ C0] RAX: dffffc0000000000 RBX: ffffea000179f440 RCX: ffffffff81dd1f80 [ 96.741187][ C0] RDX: 1ffffd40002f3e89 RSI: 0000000000000008 RDI: ffffea000179f440 [ 96.744676][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff940002f3e88 [ 96.748585][ C0] R10: ffffea000179f447 R11: 0000000000000000 R12: 0000000000000000 [ 96.752034][ C0] R13: fffff52005d70000 R14: ffffea000179f448 R15: 800000005e7d1103 [ 96.756163][ C0] ? free_unref_page+0x50/0xe40 [ 96.759134][ C0] kasan_depopulate_vmalloc_pte+0x63/0x80 [ 96.761659][ C0] ? __pfx_kasan_depopulate_vmalloc_pte+0x10/0x10 [ 96.764101][ C0] __apply_to_page_range+0x795/0xdd0 [ 96.765726][ C0] ? __pfx___apply_to_page_range+0x10/0x10 [ 96.767433][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 96.769989][ C0] kasan_release_vmalloc+0xac/0xc0 [ 96.772331][ C0] purge_vmap_node+0x3ec/0x920 [ 96.774580][ C0] ? __pfx_purge_vmap_node+0x10/0x10 [ 96.776915][ C0] process_one_work+0x958/0x1ad0 [ 96.779103][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 96.781285][ C0] ? __pfx_process_one_work+0x10/0x10 [ 96.783537][ C0] ? assign_work+0x1a0/0x250 [ 96.785153][ C0] worker_thread+0x6c8/0xed0 [ 96.787009][ C0] ? __kthread_parkme+0x148/0x220 [ 96.789010][ C0] ? __pfx_worker_thread+0x10/0x10 [ 96.791154][ C0] kthread+0x2c1/0x3a0 [ 96.793394][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 96.796682][ C0] ? __pfx_kthread+0x10/0x10 [ 96.799486][ C0] ret_from_fork+0x45/0x80 [ 96.801645][ C0] ? __pfx_kthread+0x10/0x10 [ 96.804178][ C0] ret_from_fork_asm+0x1a/0x30 [ 96.806929][ C0] [ 96.809674][ C0] Kernel Offset: disabled [ 96.811801][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:14:30 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fc1765 RDI=ffffffff9a516600 RBP=ffffffff9a5165c0 RSP=ffffc90000007610 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3130383838666666 R12=0000000000000000 R13=0000000000000064 R14=ffffffff84fc1700 R15=0000000000000000 RIP=ffffffff84fc178f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7426108 CR3=0000000000ecc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000000b RBX=1ffff920006a5ec8 RCX=ffffc90023ab2000 RDX=0000000000002800 RSI=000000000000000b RDI=ffffc9000352f660 RBP=ffff888064b9c880 RSP=ffffc9000352f638 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffc9000352f660 R13=0000000000002800 R14=dffffc0000000000 R15=0000000000000000 RIP=ffffffff84b14c74 RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020001000 CR3=0000000061e2a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f745fff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffc900072a0000 RBX=ffff8880257d8000 RCX=ffffffff86384842 RDX=00000000ffffffff RSI=ffffffff8638484f RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc90000540eb8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=ffff8880257d9570 R14=ffff8880257d9188 R15=0000000000000000 RIP=ffffffff8638487c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b800000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7fc55b8 CR3=000000004676a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000080000302 RBX=ffffc900005c6ed8 RCX=ffffffff813c941d RDX=ffff88801bfe4880 RSI=0000000000000001 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900005c6df8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000002 R11=0000000000000000 R12=ffffffff90a0b4f2 R13=ffffffff90a0b4f7 R14=0000000000000002 R15=ffffc900005c6f0d RIP=ffffffff818b1ab8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f255b8 CR3=0000000049e86000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000