last executing test programs: 1.893464672s ago: executing program 3 (id=229): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000200)="18", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c) sendmsg$inet6(r0, &(0x7f0000000580)={&(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000080)=' ', 0x1}], 0x1}, 0x0) shutdown(r0, 0x1) setsockopt(r0, 0x84, 0x7f, &(0x7f00000001c0)="020000000980ffff", 0x8) 1.640547705s ago: executing program 2 (id=237): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f0000003bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) close(r0) 878.610215ms ago: executing program 3 (id=244): r0 = memfd_create(&(0x7f0000000740)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xef\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8b\xe1\xe6\xc1\x91\x15\xf0=\x94l\xc4\x81\xa4\xce,s\xb0\x85E\xce;p\a\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:\xb3\xa4s\x0f\x94n\xf4\xac\xa8E\x02\xc7\xdaIR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe1Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xade]\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3\xa1>4\xb5\xfb\xa2\x870\xc8\xf6\x15\xb3\x1cY\\l\xd6\xe9cC\xc0\x12\xfa\xc6\xef\xe6=\xa4\x05\xcdsK\x03\xff\xd8\x0e\xc2\n#\xb8\xa4\x84\x199N\x9b\x85\x14\x00X\x89\\(kj\xc0\xa0\'\x00\xa0\xec\x04\xbd\t\xdeo\x1d5H\x90\xd4\xfa\xde\xc4\xdeatN\x1fQW\xbf\x9f\r\"\xb6', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 738.286319ms ago: executing program 2 (id=246): bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x13, &(0x7f0000000140)=@ringbuf={{}, {}, {}, [@jmp, @kfunc, @map_idx_val], {{}, {}, {0x85, 0x0, 0x0, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f00000001c0)=0x8, 0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008800800030001"], 0x48}}, 0x0) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 655.550041ms ago: executing program 1 (id=247): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x7c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x38, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0xe, 0xf, [@gcr_ga={0xbd, 0x6, @device_b}, @supported_rates]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x7c}}, 0x80) 654.951467ms ago: executing program 2 (id=248): r0 = socket$unix(0x1, 0x1, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x9) bind$netlink(r2, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc) 533.996248ms ago: executing program 2 (id=250): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a00060000000000000500e50000070000001ffeff0001000003f1dc7f7c6e870200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) sendmsg$key(r0, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x9, 0x2}, 0x10}}, 0x0) 533.183229ms ago: executing program 0 (id=251): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000140)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f0000000100)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x9c) 484.263433ms ago: executing program 3 (id=252): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="515d4fc21406fda935b40000000000000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c) setsockopt$inet_mreqsrc(r0, 0x0, 0x26, &(0x7f0000000100)={@multicast2, @loopback, @empty}, 0xc) 472.634747ms ago: executing program 2 (id=253): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket(0x1e, 0x1, 0x0) connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x1c, r1, 0x1}, 0x1c}}, 0x0) 457.631908ms ago: executing program 0 (id=254): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@private2, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000002180)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @dev, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0) 431.616892ms ago: executing program 1 (id=255): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000180)={{@hyper}, @hyper, 0x0, 0x8000}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f00000000c0)={{@hyper}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000ff6, 0xffffbffffffff801}) 334.301211ms ago: executing program 0 (id=256): r0 = landlock_create_ruleset(&(0x7f0000000240)={0x2100, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r1 = socket$inet(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) 329.548125ms ago: executing program 1 (id=257): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x11a, 0x4, 0x0, 0x0) 314.236793ms ago: executing program 3 (id=258): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 305.838004ms ago: executing program 2 (id=259): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0) 244.871798ms ago: executing program 0 (id=260): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 244.448336ms ago: executing program 1 (id=261): r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'}) 174.031897ms ago: executing program 3 (id=262): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x40) 154.875876ms ago: executing program 1 (id=263): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x3, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000009b00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e86c0d85ff9782762f0800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 142.202191ms ago: executing program 0 (id=264): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x3}]}, 0x3c}}, 0x0) 60.142208ms ago: executing program 3 (id=265): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000ebffff024d564b"]) 2.329842ms ago: executing program 0 (id=266): r0 = io_uring_setup(0x253d, &(0x7f0000000080)) r1 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0xc0a45320, &(0x7f00000001c0)={0x80, 0x0, 'client0\x00', 0x0, "706283c421ca447c", "b437067509007708e18f85bb3d22ac7a6568af9ebb8891fdffa0225452869ac0"}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0x20}, 'port1\x00'}) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=267): r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.swap.current\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) setsockopt$SO_J1939_SEND_PRIO(r0, 0x6b, 0x3, &(0x7f0000000000)=0x6, 0x4) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:60506' (ED25519) to the list of known hosts. [ 57.733212][ T5344] cgroup: Unknown subsys name 'net' [ 57.880459][ T5344] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 59.517996][ T5344] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 65.583679][ T5366] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.589345][ T5376] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 65.596426][ T5369] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 65.602217][ T5369] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 65.608655][ T5369] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 65.608839][ T5376] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 65.613241][ T5369] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 65.615359][ T5371] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 65.619025][ T5376] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 65.619105][ T5371] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 65.619857][ T5371] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 65.621450][ T5369] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 65.623675][ T5376] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 65.627316][ T5369] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 65.630408][ T5376] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 65.633926][ T5369] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.641544][ T5376] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 65.650722][ T5375] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.652704][ T5376] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 65.656545][ T5375] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.661424][ T5376] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 65.664744][ T5369] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 65.683288][ T5369] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 65.687279][ T5369] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.179166][ T5360] chnl_net:caif_netlink_parms(): no params data found [ 66.216245][ T5372] chnl_net:caif_netlink_parms(): no params data found [ 66.509236][ T5360] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.514277][ T5360] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.518287][ T5360] bridge_slave_0: entered allmulticast mode [ 66.525376][ T5360] bridge_slave_0: entered promiscuous mode [ 66.641726][ T5360] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.646141][ T5360] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.649330][ T5360] bridge_slave_1: entered allmulticast mode [ 66.653369][ T5360] bridge_slave_1: entered promiscuous mode [ 66.678588][ T5359] chnl_net:caif_netlink_parms(): no params data found [ 66.705957][ T5372] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.723454][ T5372] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.726700][ T5372] bridge_slave_0: entered allmulticast mode [ 66.733830][ T5372] bridge_slave_0: entered promiscuous mode [ 66.827014][ T5361] chnl_net:caif_netlink_parms(): no params data found [ 66.840784][ T5372] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.845346][ T5372] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.848970][ T5372] bridge_slave_1: entered allmulticast mode [ 66.852268][ T5372] bridge_slave_1: entered promiscuous mode [ 66.926974][ T5360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.955862][ T5360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.035863][ T5372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.136884][ T5360] team0: Port device team_slave_0 added [ 67.143877][ T5372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.239886][ T5360] team0: Port device team_slave_1 added [ 67.339996][ T5359] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.344593][ T5359] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.348850][ T5359] bridge_slave_0: entered allmulticast mode [ 67.352318][ T5359] bridge_slave_0: entered promiscuous mode [ 67.358408][ T5359] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.361789][ T5359] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.365448][ T5359] bridge_slave_1: entered allmulticast mode [ 67.368863][ T5359] bridge_slave_1: entered promiscuous mode [ 67.475509][ T5372] team0: Port device team_slave_0 added [ 67.545733][ T5359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.551291][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.559202][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.574526][ T5360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.582504][ T5372] team0: Port device team_slave_1 added [ 67.586005][ T5361] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.589673][ T5361] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.595509][ T5361] bridge_slave_0: entered allmulticast mode [ 67.598869][ T5361] bridge_slave_0: entered promiscuous mode [ 67.606318][ T5359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.613317][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.617657][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.632350][ T5360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.694458][ T4781] Bluetooth: hci1: command tx timeout [ 67.698760][ T4781] Bluetooth: hci2: command tx timeout [ 67.720802][ T5361] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.726277][ T5361] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.729609][ T5361] bridge_slave_1: entered allmulticast mode [ 67.734197][ T5361] bridge_slave_1: entered promiscuous mode [ 67.773710][ T5376] Bluetooth: hci0: command tx timeout [ 67.773750][ T4781] Bluetooth: hci3: command tx timeout [ 67.806065][ T5359] team0: Port device team_slave_0 added [ 67.810412][ T5372] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.816644][ T5372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.829002][ T5372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.954558][ T5359] team0: Port device team_slave_1 added [ 67.958917][ T5372] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.961782][ T5372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.971770][ T5372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.029995][ T5360] hsr_slave_0: entered promiscuous mode [ 68.040025][ T5360] hsr_slave_1: entered promiscuous mode [ 68.158861][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.162057][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.174763][ T5359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.185020][ T5361] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.200213][ T5361] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.237621][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.241267][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.254369][ T5359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.406790][ T5372] hsr_slave_0: entered promiscuous mode [ 68.411831][ T5372] hsr_slave_1: entered promiscuous mode [ 68.415220][ T5372] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.419147][ T5372] Cannot create hsr debugfs directory [ 68.459672][ T5361] team0: Port device team_slave_0 added [ 68.465319][ T5361] team0: Port device team_slave_1 added [ 68.598820][ T5361] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.604887][ T5361] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.624861][ T5361] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.643277][ T5359] hsr_slave_0: entered promiscuous mode [ 68.648064][ T5359] hsr_slave_1: entered promiscuous mode [ 68.651837][ T5359] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.656993][ T5359] Cannot create hsr debugfs directory [ 68.701461][ T5361] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.704647][ T5361] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.717699][ T5361] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.909684][ T5361] hsr_slave_0: entered promiscuous mode [ 68.914165][ T5361] hsr_slave_1: entered promiscuous mode [ 68.918181][ T5361] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.921413][ T5361] Cannot create hsr debugfs directory [ 69.229972][ T5360] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.264515][ T5360] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.353003][ T5360] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.361605][ T5360] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 69.486653][ T5372] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.499063][ T5372] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.505628][ T5372] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.518581][ T5372] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.585460][ T5361] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 69.596926][ T5361] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 69.609928][ T5361] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 69.624987][ T5361] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 69.725115][ T5359] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 69.731590][ T5359] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 69.740539][ T5359] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 69.762660][ T5359] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 69.783250][ T4781] Bluetooth: hci2: command tx timeout [ 69.785421][ T4781] Bluetooth: hci1: command tx timeout [ 69.838299][ T5360] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.852980][ T4781] Bluetooth: hci0: command tx timeout [ 69.852998][ T5376] Bluetooth: hci3: command tx timeout [ 69.912449][ T5360] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.930149][ T5372] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.961304][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.964891][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.000854][ T5372] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.009378][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.013137][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.043901][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.047057][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.075421][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.078864][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.098840][ T5361] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.159312][ T5359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.181414][ T5361] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.222964][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.226976][ T1158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.261538][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.265143][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.279737][ T5359] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.308603][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.313073][ T1158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.361686][ T5361] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 70.366902][ T5361] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.377682][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.381979][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.499889][ T5360] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.546707][ T5372] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.587036][ T5360] veth0_vlan: entered promiscuous mode [ 70.617149][ T5361] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.625785][ T5360] veth1_vlan: entered promiscuous mode [ 70.669919][ T5372] veth0_vlan: entered promiscuous mode [ 70.684967][ T5372] veth1_vlan: entered promiscuous mode [ 70.710769][ T5359] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.751465][ T5361] veth0_vlan: entered promiscuous mode [ 70.759632][ T5360] veth0_macvtap: entered promiscuous mode [ 70.777852][ T5361] veth1_vlan: entered promiscuous mode [ 70.784357][ T5360] veth1_macvtap: entered promiscuous mode [ 70.811495][ T5372] veth0_macvtap: entered promiscuous mode [ 70.826619][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.833295][ T5372] veth1_macvtap: entered promiscuous mode [ 70.866154][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.886000][ T5360] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.890097][ T5360] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.896302][ T5360] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.900279][ T5360] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.914072][ T5359] veth0_vlan: entered promiscuous mode [ 70.936111][ T5372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.942467][ T5372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.949327][ T5372] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.981895][ T5372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.988870][ T5372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.994715][ T5372] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.998437][ T5359] veth1_vlan: entered promiscuous mode [ 71.004055][ T5361] veth0_macvtap: entered promiscuous mode [ 71.021749][ T5372] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.027351][ T5372] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.031813][ T5372] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.042859][ T5372] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.055725][ T5361] veth1_macvtap: entered promiscuous mode [ 71.121672][ T5361] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.128441][ T5361] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.137389][ T5361] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.142360][ T5361] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.150437][ T5361] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.206516][ T5361] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.211449][ T5361] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.217318][ T5361] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.222311][ T5361] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.228256][ T5361] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.236051][ T5359] veth0_macvtap: entered promiscuous mode [ 71.247420][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.251799][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.276670][ T5361] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.280487][ T5361] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.285172][ T5361] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.289975][ T5361] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.309914][ T5359] veth1_macvtap: entered promiscuous mode [ 71.356883][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.360368][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.378480][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.396351][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.436062][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.440016][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.446072][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.453103][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.458003][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.462945][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.466948][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.471244][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.479317][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.508918][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.520031][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.524946][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.530108][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.535783][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.540184][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.551659][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.568013][ T5359] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.572593][ T5359] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.577869][ T5359] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.582441][ T5359] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.630623][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.640482][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.701365][ T5428] netlink: 'syz.0.1': attribute type 1 has an invalid length. [ 71.711837][ T5428] netlink: 9344 bytes leftover after parsing attributes in process `syz.0.1'. [ 71.714143][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.716936][ T5428] netlink: 'syz.0.1': attribute type 1 has an invalid length. [ 71.720115][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.800923][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.808571][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.864518][ T5376] Bluetooth: hci2: command tx timeout [ 71.865558][ T4781] Bluetooth: hci1: command tx timeout [ 71.889149][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.905586][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.943416][ T4781] Bluetooth: hci3: command tx timeout [ 71.943874][ T5376] Bluetooth: hci0: command tx timeout [ 72.146462][ T5445] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 72.350056][ T5456] netlink: 830 bytes leftover after parsing attributes in process `syz.3.15'. [ 72.355031][ T5456] bond_slave_0: entered promiscuous mode [ 72.358156][ T5456] bond_slave_1: entered promiscuous mode [ 72.393124][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 72.473877][ T5461] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 72.587202][ T5465] netlink: 28 bytes leftover after parsing attributes in process `syz.2.19'. [ 72.592712][ T5465] netlink: 'syz.2.19': attribute type 7 has an invalid length. [ 72.599657][ T5465] netlink: 'syz.2.19': attribute type 8 has an invalid length. [ 72.612419][ T5465] netlink: 4 bytes leftover after parsing attributes in process `syz.2.19'. [ 72.618504][ T8] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 72.622572][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.638257][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 72.658056][ T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 72.662081][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.680713][ T8] usb 5-1: config 0 descriptor?? [ 72.692538][ T5469] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 72.707006][ T5469] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 72.861446][ T5475] netlink: 52 bytes leftover after parsing attributes in process `syz.1.25'. [ 73.175832][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.182854][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.189732][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.197364][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.201668][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.206267][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.209904][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.215235][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.219443][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.222194][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.225172][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.228741][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.234496][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.237755][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.240686][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 73.246228][ T8] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 73.262621][ T8] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 73.310297][ T5490] netlink: 'syz.2.31': attribute type 12 has an invalid length. [ 73.317713][ T5490] netlink: 'syz.2.31': attribute type 11 has an invalid length. [ 73.321688][ T5490] netlink: 'syz.2.31': attribute type 11 has an invalid length. [ 73.325835][ T5490] netlink: 'syz.2.31': attribute type 11 has an invalid length. [ 73.330142][ T5490] netlink: 'syz.2.31': attribute type 11 has an invalid length. [ 73.333756][ T5490] netlink: 'syz.2.31': attribute type 11 has an invalid length. [ 73.337211][ T5490] netlink: 'syz.2.31': attribute type 11 has an invalid length. [ 73.341095][ T5490] netlink: 'syz.2.31': attribute type 4 has an invalid length. [ 73.357609][ T5490] netlink: 'syz.2.31': attribute type 5 has an invalid length. [ 73.362498][ T5490] netlink: 195936 bytes leftover after parsing attributes in process `syz.2.31'. [ 73.473009][ T5395] usb 5-1: USB disconnect, device number 2 [ 73.836318][ T5515] Bluetooth: MGMT ver 1.23 [ 73.889180][ T5519] syz.1.43 uses obsolete (PF_INET,SOCK_PACKET) [ 73.932914][ T5376] Bluetooth: hci2: command tx timeout [ 73.937840][ T5376] Bluetooth: hci1: command tx timeout [ 74.012949][ T5376] Bluetooth: hci0: command tx timeout [ 74.032908][ T5376] Bluetooth: hci3: command tx timeout [ 74.465906][ T5559] warning: `syz.0.55' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 74.674825][ T5573] process 'syz.0.61' launched './file0' with NULL argv: empty string added [ 74.715796][ T5412] kernel write not supported for file /uinput (pid: 5412 comm: kworker/1:3) [ 75.190461][ T5602] input: syz0 as /devices/virtual/input/input5 [ 75.193809][ T5602] input: failed to attach handler leds to device input5, error: -6 [ 75.366775][ T5614] capability: warning: `syz.2.82' uses deprecated v2 capabilities in a way that may be insecure [ 75.371746][ T5613] netlink: 28 bytes leftover after parsing attributes in process `syz.1.81'. [ 75.380783][ T5613] netlink: 'syz.1.81': attribute type 7 has an invalid length. [ 75.385501][ T5613] netlink: 'syz.1.81': attribute type 8 has an invalid length. [ 75.388473][ T5613] netlink: 4 bytes leftover after parsing attributes in process `syz.1.81'. [ 75.650872][ T5631] netlink: 16 bytes leftover after parsing attributes in process `syz.3.89'. [ 75.655349][ T5631] netlink: 52 bytes leftover after parsing attributes in process `syz.3.89'. [ 75.660080][ T5631] vlan0: entered allmulticast mode [ 75.666719][ T5631] veth0_vlan: entered allmulticast mode [ 75.719389][ T5635] macvlan0: entered promiscuous mode [ 75.721876][ T5635] macvlan0: entered allmulticast mode [ 75.757957][ T5635] veth1_vlan: entered allmulticast mode [ 75.760691][ T5635] macvlan0: left promiscuous mode [ 75.766520][ T5635] macvlan0: left allmulticast mode [ 75.768606][ T5635] veth1_vlan: left allmulticast mode [ 76.901947][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.906987][ T1375] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.977171][ T5681] __nla_validate_parse: 1 callbacks suppressed [ 76.977189][ T5681] netlink: 20 bytes leftover after parsing attributes in process `syz.1.112'. [ 77.157928][ T5692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.116'. [ 77.188774][ T5692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.116'. [ 78.058009][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.062147][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.066817][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.077891][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.219057][ T5738] netlink: 52 bytes leftover after parsing attributes in process `syz.0.134'. [ 78.371233][ T5746] netlink: 'syz.2.138': attribute type 9 has an invalid length. [ 78.375367][ T5746] netlink: 8 bytes leftover after parsing attributes in process `syz.2.138'. [ 80.873016][ T1409] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 80.919169][ T5846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.179'. [ 81.014781][ T5848] trusted_key: syz.3.180 sent an empty control message without MSG_MORE. [ 81.082860][ T1409] usb 5-1: Using ep0 maxpacket: 16 [ 81.090353][ T1409] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.096104][ T1409] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 81.113017][ T1409] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 81.117537][ T1409] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.135215][ T1409] usb 5-1: config 0 descriptor?? [ 81.602961][ T5862] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 81.606721][ T5862] IPv6: NLM_F_CREATE should be set when creating new route [ 81.624853][ T5827] raw-gadget.0 gadget.0: fail, usb_ep_set_wedge returned -11 [ 81.638448][ T1409] usbhid 5-1:0.0: can't add hid device: -71 [ 81.641728][ T1409] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 81.666029][ T1409] usb 5-1: USB disconnect, device number 3 [ 81.734514][ T5868] bond_slave_0: entered promiscuous mode [ 81.737964][ T5868] bond_slave_1: entered promiscuous mode [ 81.748691][ T5868] bond_slave_0: left promiscuous mode [ 81.754702][ T5868] bond_slave_1: left promiscuous mode [ 81.917936][ T39] audit: type=1326 audit(1726057541.331:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 81.949958][ T39] audit: type=1326 audit(1726057541.331:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 81.968125][ T39] audit: type=1326 audit(1726057541.331:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 81.980223][ T39] audit: type=1326 audit(1726057541.341:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 81.997127][ T39] audit: type=1326 audit(1726057541.341:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 82.047123][ T39] audit: type=1326 audit(1726057541.341:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 82.070803][ T39] audit: type=1326 audit(1726057541.361:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 82.091158][ T39] audit: type=1326 audit(1726057541.371:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 82.119877][ T39] audit: type=1326 audit(1726057541.381:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=399 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 82.134830][ T39] audit: type=1326 audit(1726057541.381:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000 [ 82.181127][ T5868] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 82.214958][ T5868] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 82.227788][ T5868] bond0 (unregistering): Released all slaves [ 83.759824][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.156044][ T5925] syzkaller1: entered promiscuous mode [ 84.159555][ T5925] syzkaller1: entered allmulticast mode [ 86.548483][ T6002] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present [ 86.552490][ T6002] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1) [ 87.148106][ T35] cfg80211: failed to load regulatory.db [ 87.298843][ T6046] ================================================================== [ 87.303419][ T6046] BUG: KASAN: slab-use-after-free in filter_chain+0xf6/0x110 [ 87.308497][ T6046] Read of size 8 at addr ffff888045974b30 by task syz.1.267/6046 [ 87.320683][ T6046] [ 87.321954][ T6046] CPU: 0 UID: 0 PID: 6046 Comm: syz.1.267 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 87.327300][ T6046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.331598][ T6046] Call Trace: [ 87.332931][ T6046] [ 87.334145][ T6046] dump_stack_lvl+0x116/0x1f0 [ 87.336059][ T6046] print_report+0xc3/0x620 [ 87.337972][ T6046] ? __virt_addr_valid+0x5e/0x590 [ 87.340028][ T6046] ? __phys_addr+0xc6/0x150 [ 87.341972][ T6046] kasan_report+0xd9/0x110 [ 87.343926][ T6046] ? filter_chain+0xf6/0x110 [ 87.345949][ T6046] ? filter_chain+0xf6/0x110 [ 87.348039][ T6046] filter_chain+0xf6/0x110 [ 87.349847][ T6046] uprobe_mmap+0x46b/0x1240 [ 87.351719][ T6046] ? __pfx_uprobe_mmap+0x10/0x10 [ 87.353984][ T6046] mmap_region+0x1228/0x2760 [ 87.355846][ T6046] ? __pfx_mmap_region+0x10/0x10 [ 87.358072][ T6046] ? security_mmap_addr+0x8e/0xb0 [ 87.360672][ T6046] ? __get_unmapped_area+0x271/0x3a0 [ 87.363830][ T6046] do_mmap+0xbfb/0xfb0 [ 87.365481][ T6046] ? security_mmap_file+0x192/0x1d0 [ 87.367608][ T6046] vm_mmap_pgoff+0x1ba/0x360 [ 87.369481][ T6046] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 87.371554][ T6046] ksys_mmap_pgoff+0x332/0x5d0 [ 87.373435][ T6046] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 87.375848][ T6046] __do_fast_syscall_32+0x73/0x120 [ 87.378346][ T6046] do_fast_syscall_32+0x32/0x80 [ 87.380761][ T6046] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.384190][ T6046] RIP: 0023:0xf7f86579 [ 87.386136][ T6046] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.393920][ T6046] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 87.397094][ T6046] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000003000 [ 87.400297][ T6046] RDX: 0000000000000001 RSI: 0000000000000012 RDI: 0000000000000004 [ 87.403355][ T6046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.406952][ T6046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 87.410875][ T6046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.414396][ T6046] [ 87.415604][ T6046] [ 87.416449][ T6046] Allocated by task 5359: [ 87.417947][ T6046] kasan_save_stack+0x33/0x60 [ 87.419578][ T6046] kasan_save_track+0x14/0x30 [ 87.421202][ T6046] __kasan_kmalloc+0xaa/0xb0 [ 87.422816][ T6046] __get_vm_area_node+0xe1/0x2d0 [ 87.424627][ T6046] __vmalloc_node_range_noprof+0x270/0x14e0 [ 87.426726][ T6046] vzalloc_noprof+0x6b/0x90 [ 87.428337][ T6046] compat_get_entries+0x3b2/0x850 [ 87.430559][ T6046] do_ip6t_get_ctl+0x596/0xaf0 [ 87.432858][ T6046] nf_getsockopt+0x79/0xe0 [ 87.435007][ T6046] ipv6_getsockopt+0x1fd/0x2c0 [ 87.436708][ T6046] tcp_getsockopt+0x9e/0x100 [ 87.438892][ T6046] do_sock_getsockopt+0x3fe/0x870 [ 87.440861][ T6046] __sys_getsockopt+0x1a1/0x270 [ 87.442782][ T6046] __do_compat_sys_socketcall+0x42b/0x700 [ 87.444993][ T6046] __do_fast_syscall_32+0x73/0x120 [ 87.447099][ T6046] do_fast_syscall_32+0x32/0x80 [ 87.449098][ T6046] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.453681][ T6046] [ 87.454986][ T6046] Freed by task 5359: [ 87.457264][ T6046] kasan_save_stack+0x33/0x60 [ 87.459576][ T6046] kasan_save_track+0x14/0x30 [ 87.461651][ T6046] kasan_save_free_info+0x3b/0x60 [ 87.463679][ T6046] poison_slab_object+0xf7/0x160 [ 87.465681][ T6046] __kasan_slab_free+0x32/0x50 [ 87.467846][ T6046] kfree+0x12a/0x3b0 [ 87.469668][ T6046] vfree+0x25a/0x7a0 [ 87.471378][ T6046] compat_get_entries+0x5d5/0x850 [ 87.473130][ T6046] do_ip6t_get_ctl+0x596/0xaf0 [ 87.474803][ T6046] nf_getsockopt+0x79/0xe0 [ 87.476447][ T6046] ipv6_getsockopt+0x1fd/0x2c0 [ 87.478739][ T6046] tcp_getsockopt+0x9e/0x100 [ 87.481993][ T6046] do_sock_getsockopt+0x3fe/0x870 [ 87.485564][ T6046] __sys_getsockopt+0x1a1/0x270 [ 87.488309][ T6046] __do_compat_sys_socketcall+0x42b/0x700 [ 87.491406][ T6046] __do_fast_syscall_32+0x73/0x120 [ 87.494064][ T6046] do_fast_syscall_32+0x32/0x80 [ 87.497021][ T6046] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.499955][ T6046] [ 87.501120][ T6046] The buggy address belongs to the object at ffff888045974b00 [ 87.501120][ T6046] which belongs to the cache kmalloc-64 of size 64 [ 87.508817][ T6046] The buggy address is located 48 bytes inside of [ 87.508817][ T6046] freed 64-byte region [ffff888045974b00, ffff888045974b40) [ 87.515127][ T6046] [ 87.516381][ T6046] The buggy address belongs to the physical page: [ 87.519838][ T6046] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45974 [ 87.523295][ T6046] anon flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 87.526190][ T6046] page_type: 0xfdffffff(slab) [ 87.527888][ T6046] raw: 04fff00000000000 ffff88801ac428c0 0000000000000000 dead000000000001 [ 87.531277][ T6046] raw: 0000000000000000 0000000000200020 00000001fdffffff 0000000000000000 [ 87.535317][ T6046] page dumped because: kasan: bad access detected [ 87.538002][ T6046] page_owner tracks the page as allocated [ 87.540234][ T6046] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 11, tgid 11 (kworker/u32:0), ts 23697608206, free_ts 0 [ 87.546511][ T6046] post_alloc_hook+0x2d1/0x350 [ 87.548171][ T6046] get_page_from_freelist+0x1351/0x2e50 [ 87.550076][ T6046] __alloc_pages_noprof+0x22b/0x2460 [ 87.551890][ T6046] alloc_slab_page+0x4e/0xf0 [ 87.553511][ T6046] new_slab+0x84/0x260 [ 87.555560][ T6046] ___slab_alloc+0xdac/0x1870 [ 87.558976][ T6046] __slab_alloc.constprop.0+0x56/0xb0 [ 87.562534][ T6046] __kmalloc_noprof+0x379/0x410 [ 87.565024][ T6046] security_task_alloc+0x1e4/0x280 [ 87.567267][ T6046] copy_process+0x2163/0x6f50 [ 87.569409][ T6046] kernel_clone+0xfd/0x960 [ 87.571479][ T6046] user_mode_thread+0xb4/0xf0 [ 87.573455][ T6046] call_usermodehelper_exec_work+0xcb/0x170 [ 87.576196][ T6046] process_one_work+0x958/0x1ad0 [ 87.578183][ T6046] worker_thread+0x6c8/0xed0 [ 87.580085][ T6046] kthread+0x2c1/0x3a0 [ 87.581854][ T6046] page_owner free stack trace missing [ 87.584244][ T6046] [ 87.585206][ T6046] Memory state around the buggy address: [ 87.587387][ T6046] ffff888045974a00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 87.590460][ T6046] ffff888045974a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 87.593863][ T6046] >ffff888045974b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 87.597602][ T6046] ^ [ 87.600177][ T6046] ffff888045974b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 87.605243][ T6046] ffff888045974c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 87.610214][ T6046] ================================================================== [ 87.621178][ T6046] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 87.626849][ T6046] CPU: 0 UID: 0 PID: 6046 Comm: syz.1.267 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 87.633323][ T6046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.639540][ T6046] Call Trace: [ 87.642642][ T6046] [ 87.644307][ T6046] dump_stack_lvl+0x3d/0x1f0 [ 87.646898][ T6046] panic+0x6dc/0x7c0 [ 87.649465][ T6046] ? __pfx_panic+0x10/0x10 [ 87.653232][ T6046] ? preempt_schedule_thunk+0x1a/0x30 [ 87.656123][ T6046] ? preempt_schedule_common+0x44/0xc0 [ 87.658739][ T6046] check_panic_on_warn+0xab/0xb0 [ 87.661464][ T6046] end_report+0x117/0x180 [ 87.663775][ T6046] kasan_report+0xe9/0x110 [ 87.665588][ T6046] ? filter_chain+0xf6/0x110 [ 87.668095][ T6046] ? filter_chain+0xf6/0x110 [ 87.670623][ T6046] filter_chain+0xf6/0x110 [ 87.672968][ T6046] uprobe_mmap+0x46b/0x1240 [ 87.676458][ T6046] ? __pfx_uprobe_mmap+0x10/0x10 [ 87.679668][ T6046] mmap_region+0x1228/0x2760 [ 87.681775][ T6046] ? __pfx_mmap_region+0x10/0x10 [ 87.683994][ T6046] ? security_mmap_addr+0x8e/0xb0 [ 87.685934][ T6046] ? __get_unmapped_area+0x271/0x3a0 [ 87.688259][ T6046] do_mmap+0xbfb/0xfb0 [ 87.690265][ T6046] ? security_mmap_file+0x192/0x1d0 [ 87.692850][ T6046] vm_mmap_pgoff+0x1ba/0x360 [ 87.695126][ T6046] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 87.697847][ T6046] ksys_mmap_pgoff+0x332/0x5d0 [ 87.700273][ T6046] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 87.702203][ T6046] __do_fast_syscall_32+0x73/0x120 [ 87.704240][ T6046] do_fast_syscall_32+0x32/0x80 [ 87.706319][ T6046] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.709037][ T6046] RIP: 0023:0xf7f86579 [ 87.711027][ T6046] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.720124][ T6046] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 87.724760][ T6046] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000003000 [ 87.728075][ T6046] RDX: 0000000000000001 RSI: 0000000000000012 RDI: 0000000000000004 [ 87.730967][ T6046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.734183][ T6046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 87.737947][ T6046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.740992][ T6046] [ 87.743516][ T6046] Kernel Offset: disabled [ 87.745300][ T6046] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:25:47 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fc27c5 RDI=ffffffff9a516680 RBP=ffffffff9a516640 RSP=ffffc9000425f5a8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000039 R14=ffffffff84fc2760 R15=0000000000000000 RIP=ffffffff84fc27ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000058848000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81c45c04 RDX=ffff88801fc34880 RSI=0000000000000000 RDI=0000000000000005 RBP=ffffea0000489f80 RSP=ffffc9000113f218 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000002 R14=ffffea0000489f80 R15=0000000000000000 RIP=ffffffff81c45c04 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020000000 CR3=00000000470d2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 EAX=813c914d EBX=ffffffff ECX=813c914d EDX=ffffffff ESI=f6d4f000 EDI=f6b4f1d8 EBP=f6bf1930 ESP=fff85230 EIP=f7187a9a EFL=00000287 [--S--PC] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 000fffff 00000000 GS =0063 578cc440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 000fffff 00000000 TR =0040 00091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020000000 CR3=0000000061650000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000080000001 RBX=ffffc9002cd57478 RCX=ffffc9000c001000 RDX=ffff888022a1a440 RSI=ffffffff813c8d6b RDI=0000000000000005 RBP=ffffc9002cd57ee8 RSP=ffffc9002cd573a8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffc9002cd57480 R13=ffffc9002cd57488 R14=ffffc9002cd50000 R15=ffffc9002cd58000 RIP=ffffffff818b1a38 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000061650000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000