last executing test programs: 1.01315965s ago: executing program 0 (id=958): syz_usb_connect(0x4, 0x24, &(0x7f0000000800)={{0x12, 0x1, 0x201, 0xd1, 0x93, 0x1d, 0x8, 0xc45, 0x6251, 0x4880, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xba, 0x6, 0x20, 0x2, [{{0x9, 0x4, 0x45, 0x8, 0x0, 0x51, 0x1f, 0x15, 0xfa}}]}}]}}, 0x0) 484.286399ms ago: executing program 2 (id=979): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x36}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) 429.00401ms ago: executing program 0 (id=982): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 428.796187ms ago: executing program 2 (id=984): move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000000000/0x1000)=nil], 0x0, 0x0, 0x0) 370.041771ms ago: executing program 3 (id=985): lsm_list_modules(&(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000000)=0x7b, 0x0) 369.877527ms ago: executing program 1 (id=986): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000791220000000000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x6e, '\x00', 0x0, 0x24}, 0x90) 369.711895ms ago: executing program 0 (id=987): syz_emit_ethernet(0x46, &(0x7f0000000500)={@random="85a2fa90e207", @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x71}}}}}}, 0x0) 369.188759ms ago: executing program 3 (id=988): syz_emit_ethernet(0x1a, &(0x7f0000000340)={@broadcast, @link_local, @val={@void}, {@llc={0x4, {@snap={0x0, 0x0, "e3", "a8a884"}}}}}, 0x0) 364.200135ms ago: executing program 2 (id=989): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x3, 0x3, 0x9, 0x102, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) 273.096539ms ago: executing program 1 (id=990): syz_emit_ethernet(0x86, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa1a18ccacd4b98100000086dd60100000004c2f0000000000000000000000ffff7f000001ff02000000000000000000000000000100000800fcff"], 0x0) 272.840888ms ago: executing program 1 (id=991): syz_emit_ethernet(0x1de, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a601a80000fc020000000000000000000000000000fe8000000000000000000000000000aa223405"], 0x0) 272.735574ms ago: executing program 3 (id=992): clock_getres(0xeaffffff, 0x0) 243.433714ms ago: executing program 0 (id=993): syz_emit_ethernet(0x46, &(0x7f0000000000)={@multicast, @random="777de85bf4dd", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x88}}}}}}, 0x0) 243.303846ms ago: executing program 2 (id=994): syz_emit_ethernet(0x6a, &(0x7f0000000240)={@random="a5050f0014b5", @random="0000009000", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @local, @local, {[@timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@private}, {@multicast1}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@remote}, {}]}]}}}}}}}, 0x0) 142.777796ms ago: executing program 0 (id=995): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x61, 0x10, 0x54}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2}, 0x48) 142.675854ms ago: executing program 3 (id=996): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x5, 0x101, 0x40}, 0x48) 142.617017ms ago: executing program 1 (id=997): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f0000000180)=@framed={{}, [@generic={0x67, 0x0, 0x0, 0x0, 0xb005}]}, &(0x7f0000000040)='GPL\x00', 0x5}, 0x90) 142.499742ms ago: executing program 2 (id=998): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x2, 0xf, 0x10}, [@ldst={0x3, 0x0, 0x3}], {0x95, 0x0, 0x5}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x22) 72.403048ms ago: executing program 1 (id=999): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x3, 0x4, 0x4, 0xfffffff7}, 0x48) 69.969328ms ago: executing program 2 (id=1000): bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x2828}, 0x48) 69.834697ms ago: executing program 3 (id=1001): futex(0x0, 0xb, 0x1, 0x0, 0x0, 0x1) 69.700161ms ago: executing program 0 (id=1002): syz_emit_ethernet(0x9a, &(0x7f0000000040)={@link_local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x64, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0x0, 0xffffffffffffff93, 0x0, @wg=@response={0x2, 0x0, 0x0, "eaf12af8010d489432cc01f9f39c6526ece5d2603725b9cabfc2c9f4513d3dfb", "201f3a70a41ff6c2fca06a9bd768d5f1", {"77c14a5cd359c721417b883ecdcaba15", "9514b06796dbf2ea9e520f1475c8f65b"}}}}}}}}, 0x0) 39.509655ms ago: executing program 1 (id=1003): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x6d}, @exit], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90) 0s ago: executing program 3 (id=1004): mount$9p_virtio(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x0, &(0x7f0000000740)={'trans=virtio,', {[{@noextend}]}}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:43437' (ED25519) to the list of known hosts. [ 50.449051][ T5325] cgroup: Unknown subsys name 'net' [ 50.585298][ T5325] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 51.653406][ T5325] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.113183][ T67] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.123525][ T67] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.127450][ T67] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.132541][ T67] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.136332][ T67] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 58.139736][ T67] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.179636][ T5343] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.195187][ T5343] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.198784][ T5343] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.210933][ T5339] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.216365][ T5339] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.220439][ T5339] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.222535][ T5343] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.226682][ T5343] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 58.227674][ T5337] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.230020][ T5343] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.233514][ T5337] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 58.236085][ T5343] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.239371][ T5337] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.242001][ T5343] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.284778][ T5343] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.296355][ T5343] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.300322][ T5343] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 58.309302][ T5343] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 58.430586][ T5334] chnl_net:caif_netlink_parms(): no params data found [ 58.615796][ T5334] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.620138][ T5334] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.623764][ T5334] bridge_slave_0: entered allmulticast mode [ 58.627194][ T5334] bridge_slave_0: entered promiscuous mode [ 58.635644][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.639143][ T5334] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.642493][ T5334] bridge_slave_1: entered allmulticast mode [ 58.646505][ T5334] bridge_slave_1: entered promiscuous mode [ 58.758588][ T5334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.762813][ T5338] chnl_net:caif_netlink_parms(): no params data found [ 58.778265][ T5334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.877857][ T5341] chnl_net:caif_netlink_parms(): no params data found [ 58.908411][ T5334] team0: Port device team_slave_0 added [ 58.913557][ T5334] team0: Port device team_slave_1 added [ 59.055594][ T5334] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.058187][ T5334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.067996][ T5334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.075140][ T5334] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.078098][ T5334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.091399][ T5334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.103848][ T5338] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.112551][ T5338] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.124160][ T5338] bridge_slave_0: entered allmulticast mode [ 59.128362][ T5338] bridge_slave_0: entered promiscuous mode [ 59.133451][ T5338] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.136537][ T5338] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.139477][ T5338] bridge_slave_1: entered allmulticast mode [ 59.143327][ T5338] bridge_slave_1: entered promiscuous mode [ 59.190618][ T5346] chnl_net:caif_netlink_parms(): no params data found [ 59.325379][ T5338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.332361][ T5334] hsr_slave_0: entered promiscuous mode [ 59.335092][ T5334] hsr_slave_1: entered promiscuous mode [ 59.338598][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.341628][ T5341] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.344389][ T5341] bridge_slave_0: entered allmulticast mode [ 59.347463][ T5341] bridge_slave_0: entered promiscuous mode [ 59.362781][ T5338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.374076][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.376533][ T5341] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.379470][ T5341] bridge_slave_1: entered allmulticast mode [ 59.385356][ T5341] bridge_slave_1: entered promiscuous mode [ 59.524756][ T5338] team0: Port device team_slave_0 added [ 59.533718][ T5338] team0: Port device team_slave_1 added [ 59.594463][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.666471][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.669573][ T5346] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.672713][ T5346] bridge_slave_0: entered allmulticast mode [ 59.676418][ T5346] bridge_slave_0: entered promiscuous mode [ 59.681582][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.726286][ T5338] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.729151][ T5338] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.739178][ T5338] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.743649][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.746226][ T5346] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.749183][ T5346] bridge_slave_1: entered allmulticast mode [ 59.752793][ T5346] bridge_slave_1: entered promiscuous mode [ 59.825350][ T5338] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.828373][ T5338] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.839163][ T5338] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.878606][ T5341] team0: Port device team_slave_0 added [ 59.893215][ T5346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.898168][ T5341] team0: Port device team_slave_1 added [ 59.947761][ T5346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.971135][ T5338] hsr_slave_0: entered promiscuous mode [ 59.974563][ T5338] hsr_slave_1: entered promiscuous mode [ 59.977553][ T5338] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.980703][ T5338] Cannot create hsr debugfs directory [ 60.028544][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.031426][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.042280][ T5341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.051178][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.054009][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.062850][ T5341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.122951][ T5346] team0: Port device team_slave_0 added [ 60.128274][ T5346] team0: Port device team_slave_1 added [ 60.193265][ T5339] Bluetooth: hci0: command tx timeout [ 60.266991][ T5341] hsr_slave_0: entered promiscuous mode [ 60.269612][ T5341] hsr_slave_1: entered promiscuous mode [ 60.272712][ T5339] Bluetooth: hci1: command tx timeout [ 60.272742][ T5343] Bluetooth: hci2: command tx timeout [ 60.272849][ T5341] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.272897][ T5341] Cannot create hsr debugfs directory [ 60.291888][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.295861][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.305515][ T5346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.312746][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.315621][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.326783][ T5346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.363035][ T5343] Bluetooth: hci3: command tx timeout [ 60.529638][ T5346] hsr_slave_0: entered promiscuous mode [ 60.533370][ T5346] hsr_slave_1: entered promiscuous mode [ 60.536252][ T5346] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.538886][ T5346] Cannot create hsr debugfs directory [ 60.549792][ T5334] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 60.587749][ T5334] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 60.594764][ T5334] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 60.668774][ T5334] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 60.776453][ T5338] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 60.786998][ T5338] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 60.792943][ T5338] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 60.798723][ T5338] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.864313][ T5341] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 60.868904][ T5341] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 60.874151][ T5341] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 60.879903][ T5341] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 60.970572][ T5346] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 60.976620][ T5346] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 60.983564][ T5346] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 60.988081][ T5346] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 61.027643][ T5334] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.065475][ T5338] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.081118][ T5334] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.090787][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.094241][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.119695][ T1114] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.123412][ T1114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.142020][ T5338] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.166779][ T937] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.170707][ T937] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.188730][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.191819][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.215606][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.250085][ T5341] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.274329][ T5346] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.292168][ T1103] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.295319][ T1103] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.315863][ T5346] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.331376][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.334386][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.347332][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.350422][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.373193][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.375814][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.451484][ T5334] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.486006][ T5338] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.515873][ T5334] veth0_vlan: entered promiscuous mode [ 61.544414][ T5334] veth1_vlan: entered promiscuous mode [ 61.566108][ T5338] veth0_vlan: entered promiscuous mode [ 61.572264][ T5338] veth1_vlan: entered promiscuous mode [ 61.583524][ T5341] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.634356][ T5334] veth0_macvtap: entered promiscuous mode [ 61.649315][ T5346] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.656879][ T5334] veth1_macvtap: entered promiscuous mode [ 61.660723][ T5338] veth0_macvtap: entered promiscuous mode [ 61.678154][ T5338] veth1_macvtap: entered promiscuous mode [ 61.708953][ T5341] veth0_vlan: entered promiscuous mode [ 61.713919][ T5338] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.730690][ T5338] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.735402][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.739918][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.745697][ T5334] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.753103][ T5341] veth1_vlan: entered promiscuous mode [ 61.766261][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.769750][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.775406][ T5334] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.778717][ T5338] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.781814][ T5338] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.785579][ T5338] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.788578][ T5338] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.805804][ T5334] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.809535][ T5334] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.816926][ T5334] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.820817][ T5334] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.853208][ T5346] veth0_vlan: entered promiscuous mode [ 61.888405][ T5346] veth1_vlan: entered promiscuous mode [ 61.902799][ T5341] veth0_macvtap: entered promiscuous mode [ 61.940261][ T5341] veth1_macvtap: entered promiscuous mode [ 61.985138][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.988779][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.016483][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.020696][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.025170][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.029554][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.036710][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.043898][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.047329][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.058230][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.061853][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.066341][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.070587][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.076519][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.105594][ T5341] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.109364][ T5341] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.114358][ T5341] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.117900][ T5341] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.131665][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.134859][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.142258][ T5346] veth0_macvtap: entered promiscuous mode [ 62.152799][ T5346] veth1_macvtap: entered promiscuous mode [ 62.161641][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.165499][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.190814][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.195597][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.199591][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.203393][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.212083][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.216458][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.224050][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.239730][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.244772][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.254570][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.258591][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.262386][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.267648][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.273206][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.279089][ T5346] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.282466][ T5343] Bluetooth: hci0: command tx timeout [ 62.286520][ T5346] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.290037][ T5346] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.294562][ T5346] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.353411][ T5343] Bluetooth: hci2: command tx timeout [ 62.363476][ T5343] Bluetooth: hci1: command tx timeout [ 62.390649][ T937] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.399353][ T937] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.418774][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.422060][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.434240][ T5343] Bluetooth: hci3: command tx timeout [ 62.456953][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.460448][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.463658][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.463700][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.235150][ C3] Adjusting tsc more than 11% (5229272 vs 7162503) [ 64.461528][ T5343] Bluetooth: hci0: command tx timeout [ 64.565563][ T5343] Bluetooth: hci1: command tx timeout [ 64.565589][ T5339] Bluetooth: hci2: command tx timeout [ 64.666055][ T5339] Bluetooth: hci3: command tx timeout [ 64.755110][ T39] audit: type=1326 audit(1724676585.406:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5590 comm="syz.3.97" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x0 [ 65.461836][ T5648] dccp_v6_rcv: dropped packet with invalid checksum [ 65.899404][ T5690] binder: Binderfs stats mode cannot be changed during a remount [ 66.200986][ T5699] could not allocate digest TFM handle rmd128-generic [ 66.680180][ T5755] futex_wake_op: syz.1.175 tries to shift op by -1; fix this program [ 66.947185][ T5339] Bluetooth: hci0: command tx timeout [ 67.040372][ T5343] Bluetooth: hci2: command tx timeout [ 67.043974][ T5339] Bluetooth: hci1: command tx timeout [ 67.143753][ T5339] Bluetooth: hci3: command tx timeout [ 67.874701][ T5858] tmpfs: Unknown parameter 'smackfshat' [ 68.276098][ T5888] tmpfs: Unknown parameter 'smackfshat' [ 68.708123][ T5919] futex_wake_op: syz.3.258 tries to shift op by -1; fix this program [ 69.096516][ T5948] tmpfs: Unknown parameter 'smackfshat' [ 69.154257][ T5951] dccp_invalid_packet: invalid packet type [ 69.728544][ T6002] tmpfs: Unknown parameter 'smackfshat' [ 69.731846][ T6003] syz.3.298 (6003): attempted to duplicate a private mapping with mremap. This is not supported. [ 70.033577][ T6028] tmpfs: Bad value for 'mpol' [ 70.473519][ T6058] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0001 with DS=0x7 [ 71.211627][ T1424] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 71.212870][ T6096] dccp_invalid_packet: P.Data Offset(80) too large [ 71.465309][ T1424] usb 6-1: Using ep0 maxpacket: 32 [ 71.471931][ T1424] usb 6-1: unable to get BOS descriptor or descriptor too short [ 71.476318][ T1424] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 71.504230][ T1424] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 71.508755][ T1424] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 71.513471][ T1424] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 71.539213][ T1424] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 71.547354][ T1424] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 71.576653][ T1424] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.599923][ T1424] usb 6-1: Product: syz [ 71.601596][ T1424] usb 6-1: Manufacturer: syz [ 71.603618][ T1424] usb 6-1: SerialNumber: syz [ 71.887861][ T1424] cdc_ncm 6-1:1.0: bind() failure [ 71.896938][ T1424] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 71.899614][ T1424] cdc_ncm 6-1:1.1: bind() failure [ 71.919096][ T1424] usb 6-1: USB disconnect, device number 2 [ 72.124420][ T6154] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd [ 72.794613][ T6208] futex_wake_op: syz.2.393 tries to shift op by 32; fix this program [ 72.837361][ T6211] IPv6: addrconf: prefix option has invalid lifetime [ 75.539347][ T5339] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 75.543943][ T5339] Bluetooth: hci1: Injecting HCI hardware error event [ 75.550129][ T5343] Bluetooth: hci1: hardware error 0x00 [ 75.610998][ T39] audit: type=1326 audit(1724676595.084:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6475 comm="syz.1.528" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x0 [ 75.983245][ T6502] 9pnet: Unknown protocol version 9p20\++} [ 77.375124][ T5339] Bluetooth: hci1: unexpected event for opcode 0x0c2d [ 77.592651][ T5343] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 77.674852][ T1378] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.678127][ T1378] ieee802154 phy1 wpan1: encryption failed: -22 [ 78.302019][ T6746] bpf: Bad value for 'uid' [ 79.322443][ T6849] dns_resolver: Unsupported server list version (0) [ 79.639384][ T5396] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 79.861956][ T5396] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 79.866993][ T5396] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 79.871764][ T5396] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.878928][ T5396] usb 6-1: config 0 descriptor?? [ 80.075953][ T59] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 80.094026][ T5396] ath6kl: Failed to submit usb control message: -71 [ 80.107361][ T5396] ath6kl: unable to send the bmi data to the device: -71 [ 80.110618][ T5396] ath6kl: Unable to send get target info: -71 [ 80.117421][ T5396] ath6kl: Failed to init ath6kl core: -71 [ 80.126131][ T5396] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 80.136676][ T5396] usb 6-1: USB disconnect, device number 3 [ 80.343412][ T59] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 80.347053][ T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.354248][ T59] usb 5-1: config 0 descriptor?? [ 80.571806][ T5343] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 80.573349][ T59] ath6kl: Failed to submit usb control message: -71 [ 80.577531][ T5343] Bluetooth: hci3: Injecting HCI hardware error event [ 80.587039][ T5343] Bluetooth: hci3: hardware error 0x00 [ 80.590225][ T59] ath6kl: unable to send the bmi data to the device: -71 [ 80.603593][ T59] ath6kl: Unable to send get target info: -71 [ 80.611703][ T59] ath6kl: Failed to init ath6kl core: -71 [ 80.615014][ T59] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 80.628760][ T59] usb 5-1: USB disconnect, device number 2 [ 82.245201][ T7107] PKCS7: Unknown OID: [4] 2.19.0.2.86.14.43(bad) [ 82.254184][ T7107] PKCS7: Only support pkcs7_signedData type [ 82.569982][ T833] cfg80211: failed to load regulatory.db [ 82.661252][ T5343] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 82.889396][ T7135] 9pnet_fd: Insufficient options for proto=fd [ 83.020917][ T39] audit: type=1326 audit(1724677370.785:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.0.865" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 83.783572][ T7233] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 83.783572][ T7233] Ue[%#s' [ 84.046160][ T7259] binder: Bad value for 'max' [ 84.982303][ T5343] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 84.994235][ T5343] Bluetooth: hci0: Injecting HCI hardware error event [ 84.999899][ T5339] Bluetooth: hci0: hardware error 0x00 [ 85.130645][ T5343] Bluetooth: hci0: unexpected event for opcode 0x2036 [ 85.669144][ C0] ================================================================== [ 85.671854][ C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2de0/0x3cb0 [ 85.674432][ C0] Read of size 8 at addr ffff888059cacc18 by task kswapd0/113 [ 85.676897][ C0] [ 85.677727][ C0] CPU: 0 UID: 0 PID: 113 Comm: kswapd0 Not tainted 6.11.0-rc5-syzkaller #0 [ 85.680551][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.684039][ C0] Call Trace: [ 85.685046][ C0] [ 85.685918][ C0] dump_stack_lvl+0x116/0x1f0 [ 85.687356][ C0] print_report+0xc3/0x620 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 85.688929][ C0] ? __virt_addr_valid+0x5e/0x590 [ 85.716181][ C0] ? __phys_addr+0xc6/0x150 [ 85.719250][ C0] kasan_report+0xd9/0x110 [ 85.720989][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 85.722898][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 85.725052][ C0] __lock_acquire+0x2de0/0x3cb0 [ 85.726693][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 85.728368][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 85.729931][ C0] lock_acquire+0x1b1/0x560 [ 85.731400][ C0] ? p9_req_put+0xaf/0x250 [ 85.733723][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 85.736134][ C0] ? __pfx_lock_release+0x10/0x10 [ 85.738549][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 85.740580][ C0] ? p9_req_put+0xaf/0x250 [ 85.742347][ C0] p9_req_put+0xaf/0x250 [ 85.744002][ C0] req_done+0x1e7/0x2f0 [ 85.745528][ C0] ? __pfx_req_done+0x10/0x10 [ 85.747111][ C0] ? __pfx_req_done+0x10/0x10 [ 85.750118][ C0] vring_interrupt+0x31b/0x400 [ 85.752337][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 85.754857][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 85.757439][ C0] handle_irq_event+0xab/0x1e0 [ 85.759449][ C0] handle_edge_irq+0x263/0xd10 [ 85.761425][ C0] __common_interrupt+0xdf/0x250 [ 85.763031][ C0] common_interrupt+0xab/0xd0 [ 85.765144][ C0] [ 85.766678][ C0] [ 85.768231][ C0] asm_common_interrupt+0x26/0x40 [ 85.770837][ C0] RIP: 0010:lock_acquire+0x1f2/0x560 [ 85.772994][ C0] Code: c1 05 7a 34 99 7e 83 f8 01 0f 85 ea 02 00 00 9c 58 f6 c4 02 0f 85 d5 02 00 00 48 85 ed 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24 [ 85.780248][ C0] RSP: 0018:ffffc90000e2f630 EFLAGS: 00000206 [ 85.782850][ C0] RAX: dffffc0000000000 RBX: 1ffff920001c5ec8 RCX: 0000000000000001 [ 85.786213][ C0] RDX: 0000000000000001 RSI: ffffffff8b4cd280 RDI: ffffffff8bb058a0 [ 85.789978][ C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff28b6ae0 [ 85.793345][ C0] R10: ffffffff945b5707 R11: 0000000000000000 R12: 0000000000000000 [ 85.796753][ C0] R13: 0000000000000000 R14: ffffffff8ddb9360 R15: 0000000000000000 [ 85.799899][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 85.801851][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 85.803992][ C0] ? __pfx_mark_lock+0x10/0x10 [ 85.806194][ C0] list_lru_count_one+0x40/0x320 [ 85.808561][ C0] ? list_lru_count_one+0x3a/0x320 [ 85.810671][ C0] super_cache_count+0x175/0x300 [ 85.812618][ C0] do_shrink_slab+0x82/0x11c0 [ 85.814427][ C0] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 85.816732][ C0] shrink_slab+0x330/0x12c0 [ 85.818493][ C0] ? shrink_slab+0x13f/0x12c0 [ 85.820441][ C0] ? __pfx_shrink_slab+0x10/0x10 [ 85.822398][ C0] ? find_held_lock+0x2d/0x110 [ 85.824484][ C0] ? lru_gen_shrink_node+0x685/0x1510 [ 85.826574][ C0] shrink_one+0x47e/0x7b0 [ 85.828281][ C0] ? lru_gen_shrink_node+0x685/0x1510 [ 85.830389][ C0] lru_gen_shrink_node+0x69f/0x1510 [ 85.832601][ C0] ? lru_gen_shrink_node+0x418/0x1510 [ 85.835014][ C0] ? __pfx_lru_gen_shrink_node+0x10/0x10 [ 85.837408][ C0] ? mem_cgroup_iter+0x2f2/0x760 [ 85.839707][ C0] balance_pgdat+0x110f/0x1950 [ 85.841877][ C0] ? __pfx_balance_pgdat+0x10/0x10 [ 85.844628][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x420 [ 85.846895][ C0] ? lock_acquire+0x1b1/0x560 [ 85.848741][ C0] ? __pfx___might_resched+0x10/0x10 [ 85.850375][ C0] kswapd+0x5ea/0xbf0 [ 85.851722][ C0] ? __pfx_kswapd+0x10/0x10 [ 85.853713][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 85.861735][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.864073][ C0] ? __kthread_parkme+0x148/0x220 [ 85.866297][ C0] ? __pfx_kswapd+0x10/0x10 [ 85.868313][ C0] kthread+0x2c1/0x3a0 [ 85.870128][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 85.872658][ C0] ? __pfx_kthread+0x10/0x10 [ 85.874731][ C0] ret_from_fork+0x45/0x80 [ 85.876995][ C0] ? __pfx_kthread+0x10/0x10 [ 85.879926][ C0] ret_from_fork_asm+0x1a/0x30 [ 85.881828][ C0] [ 85.883062][ C0] [ 85.884022][ C0] Allocated by task 7429: [ 85.885642][ C0] kasan_save_stack+0x33/0x60 [ 85.887476][ C0] kasan_save_track+0x14/0x30 [ 85.889179][ C0] __kasan_kmalloc+0xaa/0xb0 [ 85.890960][ C0] p9_client_create+0xcf/0x11b0 [ 85.894754][ C0] v9fs_session_init+0x1f8/0x1a80 [ 85.897423][ C0] v9fs_mount+0xc6/0xa50 [ 85.899290][ C0] legacy_get_tree+0x109/0x220 [ 85.901659][ C0] vfs_get_tree+0x8f/0x380 [ 85.904032][ C0] path_mount+0x6e1/0x1f10 [ 85.906432][ C0] __ia32_sys_mount+0x292/0x310 [ 85.909194][ C0] __do_fast_syscall_32+0x73/0x120 [ 85.911956][ C0] do_fast_syscall_32+0x32/0x80 [ 85.914549][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 85.917895][ C0] [ 85.919170][ C0] Freed by task 7429: [ 85.921315][ C0] kasan_save_stack+0x33/0x60 [ 85.924702][ C0] kasan_save_track+0x14/0x30 [ 85.927111][ C0] kasan_save_free_info+0x3b/0x60 [ 85.929640][ C0] poison_slab_object+0xf7/0x160 [ 85.933462][ C0] __kasan_slab_free+0x32/0x50 [ 85.935629][ C0] kfree+0x12a/0x3b0 [ 85.938268][ C0] p9_client_create+0x9ca/0x11b0 [ 85.942095][ C0] v9fs_session_init+0x1f8/0x1a80 [ 85.944352][ C0] v9fs_mount+0xc6/0xa50 [ 85.946256][ C0] legacy_get_tree+0x109/0x220 [ 85.948380][ C0] vfs_get_tree+0x8f/0x380 [ 85.950346][ C0] path_mount+0x6e1/0x1f10 [ 85.952316][ C0] __ia32_sys_mount+0x292/0x310 [ 85.954430][ C0] __do_fast_syscall_32+0x73/0x120 [ 85.956556][ C0] do_fast_syscall_32+0x32/0x80 [ 85.958620][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 85.961313][ C0] [ 85.962345][ C0] The buggy address belongs to the object at ffff888059cacc00 [ 85.962345][ C0] which belongs to the cache kmalloc-512 of size 512 [ 85.968694][ C0] The buggy address is located 24 bytes inside of [ 85.968694][ C0] freed 512-byte region [ffff888059cacc00, ffff888059cace00) [ 85.975176][ C0] [ 85.976961][ C0] The buggy address belongs to the physical page: [ 85.979809][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x59cac [ 85.983826][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 85.987572][ C0] ksm flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 85.991060][ C0] page_type: 0xfdffffff(slab) [ 85.993406][ C0] raw: 04fff00000000040 ffff888015842c80 ffffea000168e000 dead000000000003 [ 85.997145][ C0] raw: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000 [ 86.001001][ C0] head: 04fff00000000040 ffff888015842c80 ffffea000168e000 dead000000000003 [ 86.005501][ C0] head: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000 [ 86.011073][ C0] head: 04fff00000000002 ffffea0001672b01 ffffffffffffffff 0000000000000000 [ 86.014935][ C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 86.018498][ C0] page dumped because: kasan: bad access detected [ 86.021730][ C0] page_owner tracks the page as allocated [ 86.024406][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 11, tgid 11 (kworker/u32:0), ts 61500365133, free_ts 61177781821 [ 86.035450][ C0] post_alloc_hook+0x2d1/0x350 [ 86.037572][ C0] get_page_from_freelist+0x1351/0x2e50 [ 86.040394][ C0] __alloc_pages_noprof+0x22b/0x2460 [ 86.043631][ C0] alloc_slab_page+0x4e/0xf0 [ 86.047759][ C0] new_slab+0x84/0x260 [ 86.050300][ C0] ___slab_alloc+0xdac/0x1870 [ 86.053458][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 86.058244][ C0] __kmalloc_cache_noprof+0x2c5/0x310 [ 86.061318][ C0] __ipv6_dev_mc_inc+0x2b7/0xc10 [ 86.063879][ C0] addrconf_dad_work+0x232/0x14d0 [ 86.066846][ C0] process_one_work+0x958/0x1ad0 [ 86.069620][ C0] worker_thread+0x6c8/0xed0 [ 86.072129][ C0] kthread+0x2c1/0x3a0 [ 86.077826][ C0] ret_from_fork+0x45/0x80 [ 86.080313][ C0] ret_from_fork_asm+0x1a/0x30 [ 86.082811][ C0] page last free pid 937 tgid 937 stack trace: [ 86.085905][ C0] free_unref_page+0x64a/0xe40 [ 86.088475][ C0] __put_partials+0x14c/0x170 [ 86.091005][ C0] qlist_free_all+0x4e/0x140 [ 86.094042][ C0] kasan_quarantine_reduce+0x192/0x1e0 [ 86.096851][ C0] __kasan_slab_alloc+0x69/0x90 [ 86.099343][ C0] __kmalloc_noprof+0x199/0x410 [ 86.101949][ C0] fib6_info_alloc+0x40/0x160 [ 86.104584][ C0] ip6_route_info_create+0x337/0x1aa0 [ 86.107570][ C0] ip6_route_add+0x26/0x1c0 [ 86.111779][ C0] addrconf_add_mroute+0x1de/0x350 [ 86.114904][ C0] addrconf_add_dev+0x14e/0x1c0 [ 86.117870][ C0] addrconf_init_auto_addrs+0x380/0x820 [ 86.121905][ C0] addrconf_notify+0x6ef/0x19d0 [ 86.124573][ C0] notifier_call_chain+0xb9/0x410 [ 86.128598][ C0] call_netdevice_notifiers_info+0xbe/0x140 [ 86.131766][ C0] netdev_state_change+0x115/0x150 [ 86.134552][ C0] [ 86.136040][ C0] Memory state around the buggy address: [ 86.140318][ C0] ffff888059cacb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 86.144525][ C0] ffff888059cacb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 86.149515][ C0] >ffff888059cacc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.154368][ C0] ^ [ 86.157331][ C0] ffff888059cacc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.162186][ C0] ffff888059cacd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.167806][ C0] ================================================================== [ 86.172701][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 86.177211][ C0] CPU: 0 UID: 0 PID: 113 Comm: kswapd0 Not tainted 6.11.0-rc5-syzkaller #0 [ 86.182560][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.192607][ C0] Call Trace: [ 86.194815][ C0] [ 86.196568][ C0] dump_stack_lvl+0x3d/0x1f0 [ 86.198620][ C0] panic+0x6dc/0x7c0 [ 86.200380][ C0] ? __pfx_panic+0x10/0x10 [ 86.202381][ C0] ? rcu_is_watching+0x12/0xc0 [ 86.204586][ C0] ? __pfx_lock_release+0x10/0x10 [ 86.206837][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 86.210812][ C0] check_panic_on_warn+0xab/0xb0 [ 86.213841][ C0] end_report+0x117/0x180 [ 86.217862][ C0] kasan_report+0xe9/0x110 [ 86.220261][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 86.223103][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 86.226253][ C0] __lock_acquire+0x2de0/0x3cb0 [ 86.229287][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 86.232481][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 86.236776][ C0] lock_acquire+0x1b1/0x560 [ 86.238936][ C0] ? p9_req_put+0xaf/0x250 [ 86.241169][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 86.243497][ C0] ? __pfx_lock_release+0x10/0x10 [ 86.245980][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 86.248468][ C0] ? p9_req_put+0xaf/0x250 [ 86.250421][ C0] p9_req_put+0xaf/0x250 [ 86.252267][ C0] req_done+0x1e7/0x2f0 [ 86.254180][ C0] ? __pfx_req_done+0x10/0x10 [ 86.256473][ C0] ? __pfx_req_done+0x10/0x10 [ 86.259365][ C0] vring_interrupt+0x31b/0x400 [ 86.265922][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 86.269181][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 86.272622][ C0] handle_irq_event+0xab/0x1e0 [ 86.275565][ C0] handle_edge_irq+0x263/0xd10 [ 86.278546][ C0] __common_interrupt+0xdf/0x250 [ 86.281501][ C0] common_interrupt+0xab/0xd0 [ 86.284319][ C0] [ 86.286141][ C0] [ 86.288122][ C0] asm_common_interrupt+0x26/0x40 [ 86.293658][ C0] RIP: 0010:lock_acquire+0x1f2/0x560 [ 86.296897][ C0] Code: c1 05 7a 34 99 7e 83 f8 01 0f 85 ea 02 00 00 9c 58 f6 c4 02 0f 85 d5 02 00 00 48 85 ed 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24 [ 86.311145][ C0] RSP: 0018:ffffc90000e2f630 EFLAGS: 00000206 [ 86.313732][ C0] RAX: dffffc0000000000 RBX: 1ffff920001c5ec8 RCX: 0000000000000001 [ 86.316799][ C0] RDX: 0000000000000001 RSI: ffffffff8b4cd280 RDI: ffffffff8bb058a0 [ 86.319880][ C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff28b6ae0 [ 86.322914][ C0] R10: ffffffff945b5707 R11: 0000000000000000 R12: 0000000000000000 [ 86.326823][ C0] R13: 0000000000000000 R14: ffffffff8ddb9360 R15: 0000000000000000 [ 86.332955][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 86.336206][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 86.341419][ C0] ? __pfx_mark_lock+0x10/0x10 [ 86.344456][ C0] list_lru_count_one+0x40/0x320 [ 86.347421][ C0] ? list_lru_count_one+0x3a/0x320 [ 86.349708][ C0] super_cache_count+0x175/0x300 [ 86.351660][ C0] do_shrink_slab+0x82/0x11c0 [ 86.353857][ C0] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 86.356771][ C0] shrink_slab+0x330/0x12c0 [ 86.358842][ C0] ? shrink_slab+0x13f/0x12c0 [ 86.361359][ C0] ? __pfx_shrink_slab+0x10/0x10 [ 86.364015][ C0] ? find_held_lock+0x2d/0x110 [ 86.366465][ C0] ? lru_gen_shrink_node+0x685/0x1510 [ 86.369306][ C0] shrink_one+0x47e/0x7b0 [ 86.371518][ C0] ? lru_gen_shrink_node+0x685/0x1510 [ 86.374809][ C0] lru_gen_shrink_node+0x69f/0x1510 [ 86.378016][ C0] ? lru_gen_shrink_node+0x418/0x1510 [ 86.382692][ C0] ? __pfx_lru_gen_shrink_node+0x10/0x10 [ 86.384881][ C0] ? mem_cgroup_iter+0x2f2/0x760 [ 86.386820][ C0] balance_pgdat+0x110f/0x1950 [ 86.389398][ C0] ? __pfx_balance_pgdat+0x10/0x10 [ 86.391771][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x420 [ 86.394435][ C0] ? lock_acquire+0x1b1/0x560 [ 86.396923][ C0] ? __pfx___might_resched+0x10/0x10 [ 86.400130][ C0] kswapd+0x5ea/0xbf0 [ 86.402895][ C0] ? __pfx_kswapd+0x10/0x10 [ 86.405645][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 86.409355][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 86.412370][ C0] ? __kthread_parkme+0x148/0x220 [ 86.415440][ C0] ? __pfx_kswapd+0x10/0x10 [ 86.418489][ C0] kthread+0x2c1/0x3a0 [ 86.420965][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 86.425225][ C0] ? __pfx_kthread+0x10/0x10 [ 86.428128][ C0] ret_from_fork+0x45/0x80 [ 86.430958][ C0] ? __pfx_kthread+0x10/0x10 [ 86.435327][ C0] ret_from_fork_asm+0x1a/0x30 [ 86.439928][ C0] [ 86.443436][ C0] Kernel Offset: disabled [ 86.446084][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:50:06 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa75e5 RDI=ffffffff9511c240 RBP=ffffffff9511c200 RSP=ffffc90000007508 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=7269765f5f203f20 R12=0000000000000000 R13=0000000000000069 R14=ffffffff84fa7580 R15=0000000000000000 RIP=ffffffff84fa760f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7471230 CR3=0000000046a48000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffffff945b7d80 RBX=0000000000000000 RCX=ffffffff8168607e RDX=fffffbfff28b6ae1 RSI=0000000000000008 RDI=ffffffff945b5700 RBP=0000000000000001 RSP=ffffc90002a9f208 R8 =0000000000000000 R9 =fffffbfff28b6ae0 R10=ffffffff945b5707 R11=0000000000000000 R12=0000000000000002 R13=ffff88801b8f53b0 R14=000000000000002c R15=ffff88801b8f4880 RIP=ffffffff81690883 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7473994 CR3=0000000046a48000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000007 RCX=ffffffff813c94d1 RDX=ffff88801c4a2440 RSI=0000000000000008 RDI=0000000000000001 RBP=ffffffff8b49d0e0 RSP=ffffc9000354f228 R8 =0000000000000001 R9 =0000000000000008 R10=0000000000000005 R11=0000000000000000 R12=0000000000000005 R13=0000000000000001 R14=0000000000000008 R15=ffffc9000354f315 RIP=ffffffff818b1d41 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fea974dad00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fea96c53000 CR3=0000000027292000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=e4c303cbe4c303cb e4c303cbe4c303cb e4c303cbe4c303cb e4c303cbe4c303cb e4c303cbe4c303cb e4c303cbe4c303cb e4c303cbe4c303cb e4c303cbe4c303cb ZMM22=3ac5356c3ac5356c 3ac5356c3ac5356c 3ac5356c3ac5356c 3ac5356c3ac5356c 3ac5356c3ac5356c 3ac5356c3ac5356c 3ac5356c3ac5356c 3ac5356c3ac5356c ZMM23=a08d005fa08d005f a08d005fa08d005f a08d005fa08d005f a08d005fa08d005f a08d005fa08d005f a08d005fa08d005f a08d005fa08d005f a08d005fa08d005f ZMM24=ff0e4b46ff0e4b46 ff0e4b46ff0e4b46 ff0e4b46ff0e4b46 ff0e4b46ff0e4b46 ff0e4b46ff0e4b46 ff0e4b46ff0e4b46 ff0e4b46ff0e4b46 ff0e4b46ff0e4b46 ZMM25=9b2369969b236996 9b2369969b236996 9b2369969b236996 9b2369969b236996 9b2369969b236996 9b2369969b236996 9b2369969b236996 9b2369969b236996 ZMM26=01dda98001dda980 01dda98001dda980 01dda98001dda980 01dda98001dda980 01dda98001dda980 01dda98001dda980 01dda98001dda980 01dda98001dda980 ZMM27=4e28f6244e28f624 4e28f6244e28f624 4e28f6244e28f624 4e28f6244e28f624 4e28f6244e28f624 4e28f6244e28f624 4e28f6244e28f624 4e28f6244e28f624 ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=5d0600005d060000 5d0600005d060000 5d0600005d060000 5d0600005d060000 5d0600005d060000 5d0600005d060000 5d0600005d060000 5d0600005d060000 info registers vcpu 3 CPU#3 RAX=ffff888025798000 RBX=1ffff920005a3ebd RCX=ffffffff81f3d2b0 RDX=ffff888025798000 RSI=ffffffff81f3d317 RDI=0000000000000007 RBP=0000000000058c82 RSP=ffffc90002d1f5e0 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000008 R11=0000000000000000 R12=ffff88803fff9160 R13=0000000000000008 R14=0000000000000001 R15=ffffc90002d1fa98 RIP=ffffffff8b057210 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000057a224ac CR3=000000000db7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000