last executing test programs:

4.710982803s ago: executing program 0 (id=1):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x608a00, 0x0)
io_setup(0x20, &(0x7f0000001140))
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000006fc0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, &(0x7f00000071c0)={0x0, 0x0, &(0x7f0000007180)={0x0}}, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40043d14, &(0x7f0000000180))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r5, &(0x7f00000006c0)={0x50d, 0x7d, 0x0, {{0x500, 0x1f7, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x10f, '\x04nodZ=\xbfd`\xd2\xc2\x97D,\x027\xfcb%\xff\xff\xff\x80\x05\x00\x00\x00\x00\x00\x00\xff\x03\xff\x92\xe9\x16\x00\x05\x00\x00\x00,\x93\xcb=\xb6\xc21\xd1\x19\xaa\xa1ou\xc5\x8f\xa6\x88\x9f\xf3\xc8\xf7\xab\xc6\x1bY\xa1\xd2o\fJ\xf8\xe2\x93\xd3\xf8l\xcd\xc6o\xf5{\xe9\x00\x00\x00\x00\x00\x00\x00\x03\xd5\x89-\x8e\xfe\xbb\x9e\x05\xac\nk\xc5)`z\xc6\x8a8\x13\xaf\xe7\x9e\x85cj\xfdl]\x15\xb2\xae\xbb\xb7\xee;\x1e\xae\x8a\x7f\xbe.\x85\x88s\x14\xcb\xec\xf0\xa1\xa5\x124z\x8c\x15\xb3 \xd1\xe1\xc0\x10Uz\xaaw\x16^Q`208^|\'\x01\x00\xacB3\x00D\xa9\b=\xe5\xbe\xd8\xe0\xbd(h\"\x94\xf68\xc3\x8e%uj\xb0\xb0\x7fe\xdb\xd6$\xee\x95_}\xa7\x8e\xe1\x96I7?0\xe3\xf7\xb9d\xf0\xa2f\xc3\xac\x9ePwS\xa3\xc4\x03\xc8{\xf1Jv\x87%\x91h\xb4[\xbdz\x1f\xd8`\x0e\xa1.\x00\xdb\xfeL\x1a\xfe\xea\xaf\x9d{\xb4\xa7Z\x1c\x82\x18\x93\xf7\xf4|<Pq\x8c\xc3', 0x2b, 'p\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x35, '\xcf`7-a\xcc\xea\xb8\xc8\x86A\xeb\x93\xb4\xcc\xf6\x00*\xb8{\xfc\x01\'\x96\t?h0\\M\" \x83~\x01\b\xe2\xe7HP\x1cQHK\xa0/\x10\x9c\xaa\xf9\x15\t\xa2', 0x55, '\xf8\xf6i\xfbqk\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xdb\x80\xe8\xd4\a\x00\x00\x007\x00'}, 0x301, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\fA\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaau\xf8$k\xccB\xea\xa8\xc61\xc0\xc5\x00\x95\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xc0\xfbNL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12.a\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xc2\x00\x00\x000\xe4\xee+\xfc\x7f\x80P\x85\x11C\xe5\x16\x1a\xcdG\x15\n\xcb\xaft8\"\xdf\xe2\x03\xb1\b\xd3~\x91M\xc1\xe5>#LP\x9e\xcaA\a\xa1q,\xaa\x9d\xa5=\x05\x1c6\x88Ly\x18&a\xf3\xca6\xbc\xdb\xfb\xbd&q\t\xf81\x9d\x8d\xd5\xc0p\x99\xeb\x1b\x11\x03\x06U\xf5biOat=\x19B\x1bJ\x19\xef\x8b\x8bL\xe9\xc9\x93\xc7\xd6\xcb0\fNezNP\xa3[\\\xc1k\x8c\x16\x1a\x8e=\xf9\x03k\xbc\xf2\x8a\xdc\xd1\x9alL)\x17\t\xae\xe5\xab>[\xc5\xae)\xf4u\xe4\xd2D\b\xb5\x16}\x0f\xaf_\xc1Vkp\\\x8b`\xaf\xa8\xac\xa4/~\x04i\x18\x8a\x0e\xf0b\xca\x18\xe3\x8f\x9e\xe1\n\xc7}+~\xb9\xd6\x0e\xa7\x9f\xdbUd\x11H[\x1b\x13\xdb\xb8\xa2\xa6b.\xbc\xf8Lio\xa4\xda!\xba\xd22\r\rh\xe9\xbfCF\xf0ha\x19\xa3\x9e@\x03\x95\xc8\xf2\x82^\xa0i\xae\x0e\x14;\xd1\xa4Ay\xedlTp,^\x9a\x19\xcc\x7f\xfaP\x0f\xa4\x1bl\x80I\xbd\xe4X\'\xd5N\xc9\x01\xd2z\xd1%\x05h\x89\xb33k?\x06\x83\x8c[fz\xe2.\xfe;\xc1[\x82_\x7f\xbc\xe4\x80\'(\x1c\xf9\xfe\x8f\xc2\x1f\xc7|$=\xe2g\x051\x0e\xb8\x1c\xf7M\xe0)1\x92\xa1?j\xd0W\xdea\xfd\x8a\xba\x8e\xf4C\x9b\xc0jE\xb2\xb01bQZ#C:\xfe\xb5*\xed\xb5\xabo3FS8\x05\x15\xf7y\xf3]\xc8\xa7\x8c7w$\x92\xa2(L!\xd2\x13V\xd4s\xf0\x0f\x85\x13|{\xf0cou}5(\x86\x9b?\x00w5\xcf\xf8\\\x9d\x97\x8b\xf5]\xcc&\xd6-%\xe3\b\xf0\x88\'\xa9\x1f\xf4{\xec\x92\xf8\xe9\x1ey\bfT\x00\xaaN9\xb3Y\x86#\x9d\\{\x94\x92\xc5\xbb&\xbcU\xb5[I\xedpHnn}\xa3\x8c \x84P\xf9\xf7\x9e\x1bA\x00'/769, 0xffffffffffffffff, 0xee01}}, 0x50d)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xf, 0x4010, 0xffffffffffffffff, 0x527e9000)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
setns(r7, 0x24020000)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x37, 0x301, 0x270bd24, 0x25dfdbf9, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r8)

4.698806602s ago: executing program 1 (id=2):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x2, 0x74, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000020000082505a1a44000010203010902"], 0x0)
ioctl$EVIOCRMFF(r0, 0x83c0550b, &(0x7f0000000500))

3.610537723s ago: executing program 0 (id=7):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000340)=[@text32={0x20, 0x0}], 0x1, 0x20, 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000740)={0x1, 0x0, @ioapic={0x0, 0x296a, 0xf7c, 0x3, 0x0, [{0x98, 0x27, 0x81, '\x00', 0x7f}, {0x1, 0xc, 0x81, '\x00', 0xf5}, {0xe9, 0x4, 0x9, '\x00', 0xe}, {0x6, 0x8, 0x3, '\x00', 0x8f}, {0xff, 0x7c, 0xb1, '\x00', 0x7}, {0xf, 0x2, 0x8, '\x00', 0xaa}, {0x7f, 0x8, 0x1, '\x00', 0x8}, {0x1, 0x3, 0x2, '\x00', 0x67}, {0x2, 0x7, 0x91, '\x00', 0x8}, {0x8, 0x3, 0x43, '\x00', 0x80}, {0xfc, 0x8, 0x4, '\x00', 0x3}, {0x2, 0x3, 0x3, '\x00', 0x8}, {0x6, 0x6, 0x8, '\x00', 0xa6}, {0x8, 0x0, 0x8, '\x00', 0x9}, {0x4, 0x4e, 0x9}, {0x6, 0x5e, 0x4, '\x00', 0x3}, {0x5, 0x5, 0x7, '\x00', 0x5}, {0x0, 0x3, 0x3, '\x00', 0xff}, {0x5, 0x0, 0xf, '\x00', 0x3}, {0x4, 0x6, 0xb, '\x00', 0x3}, {0x7f, 0x5, 0x7, '\x00', 0x4}, {0x7, 0x40, 0x9, '\x00', 0x10}, {0x2, 0x8, 0x1, '\x00', 0x7}, {0x2, 0xc, 0x92, '\x00', 0x8}]}})

3.503529263s ago: executing program 0 (id=10):
openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

3.38216944s ago: executing program 0 (id=12):
read$hiddev(0xffffffffffffffff, &(0x7f0000000140)=""/231, 0xe7)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000001340))
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc9, 0x7f}}}, 0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xd, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setresgid(0x0, 0xffffffffffffffff, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
creat(0x0, 0x0)
close(0xffffffffffffffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0xa1ff, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)

3.260587925s ago: executing program 1 (id=13):
r0 = memfd_create(0x0, 0x1)
write$binfmt_script(r0, 0x0, 0x0)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x4000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x44, 0x30, 0x1, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000000), 0x20001, 0x0)
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffff9c, &(0x7f00000001c0), 0x8001, 0x0)
unshare(0x68060200)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x14, 0x0, @val=@kprobe_multi=@syms={0x1, 0x9, &(0x7f0000000680)=[&(0x7f0000000300)='ct\x00', &(0x7f0000000340)='ife\x00', &(0x7f0000000380)='filter\x00', &(0x7f0000000480)='\x00', &(0x7f0000000540)='\x00', &(0x7f0000000580)='/dev/snapshot\x00', &(0x7f00000005c0)='.\x00', &(0x7f0000000600)='!+*\x00', &(0x7f0000000640)='\x00'], 0x0, 0x401}}, 0x30)
prctl$PR_SCHED_CORE(0x3e, 0x3, r1, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x5e9d252172e48d3a, @fd_index})
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0xff39)

2.500789222s ago: executing program 3 (id=18):
r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$CEC_DQEVENT(r0, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r0, 0xc0506107, 0x0)

2.249179851s ago: executing program 2 (id=19):
socket(0x10, 0x3, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x80800)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, 0x0)
mknod(0x0, 0x8001420, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000780)='syscall\x00')
pread64(r3, &(0x7f0000000180)=""/116, 0x74, 0x3)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x300048c1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r4, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

2.234246041s ago: executing program 1 (id=20):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780), 0x28ce80, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000002f000000350000000000000085000000080000009500000000000000f4670880271e3503200ffa95a2c81f000000000000006287066c5197fabd5f9810e81ae0b737126ea677dcaeed8d38e65cb6e22ff5dde54704d25c79949c23e2eb15d75da2350ea7c09cc28d7673294f42a5f0a8320e13822c45c0f8612c10b100000000b0d3712c7e93363af3166a32d95433bb755a2dd576090c4867a7b6393e36856386d5ec15beb59686ca7034ff9cd41c03727209d031f40f3012e9576e51a7f550afc852003b2f7846c744ae6af3e4195cc037100324d85cec074c6949e129890152213c8b2759a07e6d067a97f5fe47fe5f17fdab80ef4104dbaba46aa43a815b1e5c6d1d224264be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c110ef25253d110ce282ab76f593d928cf957d6be6277c04b8c5324812696a623cd8a4f8dc8dcba00b3b2d27478207993202b7bdbcbf8496b9a951667d5127f5a555c7b88b5c0ba0e37b56c0ebfb19a34268335648e1f844b6518a6ef7297f7b2744419af53e5309ec91d83cf4fbd775d9c07d8d591a4dac60ff0084190000b78863e629c6b2000088b8695eea0000000000000000000000000000000000449c810d3174c87ee545860972ae0c8006ac13f469a171e2cc6001e911eb513029dd293a58832e6a0ef2ccd58fc7974f8eda1e2e48d56c88c8698af62ec4580831f87aafc8428d3c2a4d1398115b9fcca23f5417e7202520b7f00e512890ab043123000000000000000000000000000003bf7a2282b3935270d6293e35079cd03d0986bdae57a687242525b644d5cd9ee5cffe82e347c1b3a889eaba769f72040168327e7b95b8934d0ec15526375a08ddd1ef53fe075e4fe42beb0eef41f9b23b1d06effb7812265d56e59ed8408bd7396da441416d1f2f99731232882194105d"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0xfffffffffffffef6, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000340)=r2)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1e040600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

1.620388191s ago: executing program 3 (id=21):
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000040)={0x2})
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r0, &(0x7f0000001240)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1, 0x0, 0x0)

1.620208184s ago: executing program 3 (id=22):
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$can_j1939(r2, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f00000000c0)={0x1d, r4}, 0x18)
connect$can_j1939(r3, &(0x7f0000000140)={0x1d, r4, 0x0, {}, 0xfe}, 0x18)
sendmmsg(r3, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x1, 0x0)

1.436948819s ago: executing program 0 (id=23):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB='<\x00\x00', @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
r5 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@newtfilter={0x30, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xc}, {0xfff2}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.42755014s ago: executing program 2 (id=24):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)

960.635313ms ago: executing program 0 (id=25):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x22, 0x1, {[@global=@item_012={0x0, 0x1, 0xa}]}}, 0x0}, &(0x7f0000000500)={0x2c, 0x0, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0x2}, 0x0, &(0x7f0000000440)={0x20, 0x1, 0x6a, "c00a6226f5cb7c5602b8d4629b50180104335dcb7a5f58f0dc5485bd6c84130d5347798b9467c6e940baa7bd040e4ed8939f544f546816a806e275b9ecd85f9665662f074c307ec7f33c55f28e902f256697261929c67e8bf8e7ade301306c89100b89db1f8637051a4f"}, 0x0})
syz_usb_ep_write(r0, 0x81, 0xffffff75, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd5531d459dffff03000000000091ff000000e8f5b3371da3635b8b4fa637135800001f65e4b436aa9e50bc0f19b7d3372ff9ebcede1fb5e9428f54d5d1f0cc752cf246a5d2da34a5aa97dc14a469c3dd3e26b41c356484e46fd66e3f2c7807e8773eed7b94fa099ab84feadec2ea95f65bba452eae5b0900f98a979a88c517a2dc360a00237723e2f467af706ea17226296b3a10a351cb47aba2c6b836c90679b4dd859ddc9e4800448aab0000000000000d75f34bb50d8d7084")

960.462229ms ago: executing program 1 (id=26):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a010400000000000000000200000044000480400001800e000100627974656f726465720000002c0002800800014000a2001208000240000000000800044000000000080003400000000008000540000000080900010073797a30000000000900020073797a32"], 0x98}}, 0x0)

900.670871ms ago: executing program 1 (id=27):
syz_open_dev$sndctrl(&(0x7f0000000000), 0x100, 0x400000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000600)={0x9, 0x0, 0x10000})
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x20002)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002100)={&(0x7f0000001f40)=ANY=[@ANYBLOB="9feb01001800000000000000100000001000000006000000"], 0x0, 0x2e, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14)

500.677314ms ago: executing program 2 (id=28):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002bbd7000fddbdf253b00000008000300", @ANYRES32=r1, @ANYBLOB="4400330010b00000ffffffff01ff08021100000050505050505042001000860000951400120001002d1a0040080900000000000000"], 0x60}, 0x1, 0x0, 0x0, 0x90}, 0x48880)

500.539281ms ago: executing program 2 (id=29):
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x2, 0x2, 0x547b31180522e04c}, {0x0, 0x4, 0x0, 0x0, 0x9}, {0x0, 0x1ff}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@broadcast}, 0x0, @in6=@private1, 0x3503}}, 0xe8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000018c0)=ANY=[@ANYBLOB="1800000024000103000000002cab00000100"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r3, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000540)=""/4096, 0x1000}], 0x1}, 0xacd2}], 0x1, 0x10000, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b0000000800", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

450.607823ms ago: executing program 2 (id=30):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac36f8859c7d5444c12bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d4768540c540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a535f8ac496793001c1a4b26216d1cd382c1e6a15697ef0a9b26474e1dbfa422e952b0f742ef52388584673f6333299042099aa073c152e1b61851a4519fe67e47f1446bb7b80b804b1b4503df784c8604bf26578b1fa7dce5313ecdf297cc63bf2b472f8f56bebeec16dc5fa22ee9c3c304d6629db7215eebfbd480"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000880), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r2, 0xe0, &(0x7f0000000480)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000d00)={r3}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0xffe4, 0xfffffffffffffda0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x0)

340.781073ms ago: executing program 3 (id=31):
open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
unlink(0x0)

340.583436ms ago: executing program 3 (id=32):
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x2}, @hci_ev_le_ext_adv_report}}, 0x5)

280.360318ms ago: executing program 3 (id=33):
gettid()
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r0, &(0x7f0000000200)=""/202, 0xca)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000140)={{0x8, 0x9}, 'port0\x00', 0x8, 0x20020, 0x6, 0x3, 0x64, 0x0, 0x80, 0x0, 0x4, 0x66})

195.717076ms ago: executing program 2 (id=34):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000340)={{0x80, 0xfc}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000180)={{0x80, 0x80}, 'port0\x00', 0x172, 0x0, 0x8000, 0x2, 0x0, 0x0, 0x80000003, 0x0, 0x5})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, 0x0, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000600)={0x57, 0x0, 0x8, {0x5, 0x6}, {0x800, 0x87}, @ramp={0x0, 0xfff, {0x5, 0xbe54, 0xad1, 0xa42}}})
syz_usb_connect$printer(0x1, 0x0, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x2a, 0xfffffffffffffffc)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x30dd3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000a7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x17, 0x18, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@printk={@p, {}, {0x5}, {0x7, 0x0, 0x9}, {}, {}, {0x15}}, @ldst={0x1, 0x0, 0x3}], {{}, {0x5}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close_range(r1, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=35):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000082038851000000600000018000000", @ANYRES32, @ANYBLOB="00000000010300006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:51723' (ED25519) to the list of known hosts.
[   41.231699][ T5944] cgroup: Unknown subsys name 'net'
[   41.371162][ T5944] cgroup: Unknown subsys name 'cpuset'
[   41.374124][ T5944] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.205253][ T5944] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.124293][ T5964] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.127243][ T5964] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   45.130816][ T5964] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.132880][ T5964] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   45.135601][ T5964] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.136105][ T5970] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.136168][ T5967] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.136567][ T5967] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   45.137428][ T5967] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.137882][ T5967] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.138732][ T5964] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   45.138873][ T5964] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.139539][ T5964] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   45.139707][ T5971] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   45.141197][ T5970] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   45.141227][ T5971] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.141729][ T5971] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.142048][ T5971] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.142380][ T5967] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   45.142645][ T5971] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.142851][ T5971] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   45.142954][ T5971] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.152054][ T5964] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   45.154026][ T5310] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   45.307962][ T5962] chnl_net:caif_netlink_parms(): no params data found
[   45.326967][ T5956] chnl_net:caif_netlink_parms(): no params data found
[   45.335104][ T5965] chnl_net:caif_netlink_parms(): no params data found
[   45.393749][ T5955] chnl_net:caif_netlink_parms(): no params data found
[   45.503471][ T5965] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.505542][ T5965] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.507804][ T5965] bridge_slave_0: entered allmulticast mode
[   45.511388][ T5965] bridge_slave_0: entered promiscuous mode
[   45.537199][ T5965] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.539415][ T5965] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.541509][ T5965] bridge_slave_1: entered allmulticast mode
[   45.543663][ T5965] bridge_slave_1: entered promiscuous mode
[   45.555635][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.557759][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.560458][ T5956] bridge_slave_0: entered allmulticast mode
[   45.562551][ T5956] bridge_slave_0: entered promiscuous mode
[   45.564848][ T5962] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.566886][ T5962] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.569018][ T5962] bridge_slave_0: entered allmulticast mode
[   45.571091][ T5962] bridge_slave_0: entered promiscuous mode
[   45.606573][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.609047][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.611095][ T5955] bridge_slave_0: entered allmulticast mode
[   45.613306][ T5955] bridge_slave_0: entered promiscuous mode
[   45.615617][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.617710][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.619962][ T5956] bridge_slave_1: entered allmulticast mode
[   45.622415][ T5956] bridge_slave_1: entered promiscuous mode
[   45.633618][ T5962] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.635737][ T5962] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.637818][ T5962] bridge_slave_1: entered allmulticast mode
[   45.640066][ T5962] bridge_slave_1: entered promiscuous mode
[   45.658660][ T5965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.662605][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.665400][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.667996][ T5955] bridge_slave_1: entered allmulticast mode
[   45.670695][ T5955] bridge_slave_1: entered promiscuous mode
[   45.691389][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.704340][ T5965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.741213][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.747310][ T5962] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.751154][ T5962] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.767579][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.798713][ T5965] team0: Port device team_slave_0 added
[   45.803271][ T5965] team0: Port device team_slave_1 added
[   45.806598][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.866730][ T5956] team0: Port device team_slave_0 added
[   45.871513][ T5962] team0: Port device team_slave_0 added
[   45.888067][ T5955] team0: Port device team_slave_0 added
[   45.891029][ T5956] team0: Port device team_slave_1 added
[   45.894296][ T5962] team0: Port device team_slave_1 added
[   45.897468][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.899574][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.909150][ T5965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.915282][ T5955] team0: Port device team_slave_1 added
[   45.937284][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.939347][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.946819][ T5965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.983893][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.986032][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.994216][ T5962] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.998233][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.000473][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.008017][ T5962] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.021195][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.023353][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.031067][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.035131][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.037221][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.045604][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.053790][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.055926][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.063543][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.083934][ T5965] hsr_slave_0: entered promiscuous mode
[   46.085999][ T5965] hsr_slave_1: entered promiscuous mode
[   46.089166][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.091168][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.098530][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.166662][ T5962] hsr_slave_0: entered promiscuous mode
[   46.168680][ T5962] hsr_slave_1: entered promiscuous mode
[   46.171078][ T5962] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.173905][ T5962] Cannot create hsr debugfs directory
[   46.177993][ T5956] hsr_slave_0: entered promiscuous mode
[   46.180938][ T5956] hsr_slave_1: entered promiscuous mode
[   46.183359][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.186131][ T5956] Cannot create hsr debugfs directory
[   46.197341][ T5955] hsr_slave_0: entered promiscuous mode
[   46.200006][ T5955] hsr_slave_1: entered promiscuous mode
[   46.201945][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.204078][ T5955] Cannot create hsr debugfs directory
[   46.377315][ T5965] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   46.383417][ T5965] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   46.386561][ T5965] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   46.389984][ T5965] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   46.416594][ T5955] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   46.425080][ T5955] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   46.428222][ T5955] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   46.433612][ T5955] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   46.447863][ T5956] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   46.452855][ T5956] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   46.459431][ T5956] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   46.462460][ T5956] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   46.489602][ T5962] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   46.492971][ T5962] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   46.496195][ T5962] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   46.499483][ T5962] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   46.525936][ T5965] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.544365][ T5965] 8021q: adding VLAN 0 to HW filter on device team0
[   46.559030][ T1223] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.561167][ T1223] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.564626][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.566666][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.585097][ T5962] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.590813][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.606685][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.610011][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[   46.618175][ T5962] 8021q: adding VLAN 0 to HW filter on device team0
[   46.621375][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.623440][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.631349][ T5956] 8021q: adding VLAN 0 to HW filter on device team0
[   46.634815][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.636903][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.639866][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.641923][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.650180][   T74] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.652274][   T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.655383][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.657499][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.671252][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.673336][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.693613][ T5955] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   46.696592][ T5955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   46.709677][ T5962] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   46.721881][ T5965] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.737807][ T5965] veth0_vlan: entered promiscuous mode
[   46.744168][ T5965] veth1_vlan: entered promiscuous mode
[   46.754981][ T5965] veth0_macvtap: entered promiscuous mode
[   46.758617][ T5965] veth1_macvtap: entered promiscuous mode
[   46.766155][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.772266][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.779662][ T5965] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.782284][ T5965] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.784790][ T5965] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.787334][ T5965] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.803313][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.811789][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.815243][ T5962] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.833811][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.836176][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.854131][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.857104][ T5955] veth0_vlan: entered promiscuous mode
[   46.858012][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.875298][ T5956] veth0_vlan: entered promiscuous mode
[   46.880196][ T5955] veth1_vlan: entered promiscuous mode
[   46.884428][ T5965] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   46.885169][ T5962] veth0_vlan: entered promiscuous mode
[   46.893518][ T5962] veth1_vlan: entered promiscuous mode
[   46.895942][ T5956] veth1_vlan: entered promiscuous mode
[   46.914841][ T5962] veth0_macvtap: entered promiscuous mode
[   46.919086][ T5962] veth1_macvtap: entered promiscuous mode
[   46.924519][ T5955] veth0_macvtap: entered promiscuous mode
[   46.928459][ T5956] veth0_macvtap: entered promiscuous mode
[   46.934302][ T5955] veth1_macvtap: entered promiscuous mode
[   46.938746][ T5956] veth1_macvtap: entered promiscuous mode
[   46.942099][ T5962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.945204][ T5962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.950698][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.953224][ T6020] syz.2.3 uses obsolete (PF_INET,SOCK_PACKET)
[   46.958721][ T5962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.960550][ T6020] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3'.
[   46.962163][ T5962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.964241][ T6020] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3'.
[   46.967651][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.972593][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.975616][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.978369][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.981421][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.984787][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.990114][ T5962] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.992882][ T5962] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.995510][ T5962] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.998181][ T5962] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.001797][ T6020] netlink: 'syz.2.3': attribute type 10 has an invalid length.
[   47.004027][ T6020] netlink: 'syz.2.3': attribute type 19 has an invalid length.
[   47.006181][ T6020] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3'.
[   47.010273][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.014134][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.017687][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.022149][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.026676][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.030834][ T5955] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.034038][ T5955] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.037242][ T5955] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.041115][ T5955] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.057953][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.062349][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.066165][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.070284][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.074007][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.077913][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.082088][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.086697][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.089793][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.092621][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.095621][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.098578][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.101751][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.105070][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.113688][ T5956] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.116409][ T5956] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.119242][ T5956] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.121794][ T5956] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.150607][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.152870][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.162617][ T5310] Bluetooth: hci3: ISO packet too small
[   47.174873][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.177168][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.182929][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.185188][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.200354][ T5310] Bluetooth: hci2: command tx timeout
[   47.200437][   T66] Bluetooth: hci3: command tx timeout
[   47.202234][ T5310] Bluetooth: hci1: command tx timeout
[   47.204494][   T66] Bluetooth: hci0: command tx timeout
[   47.207482][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.208099][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.208110][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.210406][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.226488][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.229887][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.279167][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.299158][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.302301][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   47.305272][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.738878][ T1455] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[   47.892568][ T1455] usb 6-1: config 0 has no interfaces?
[   47.895747][ T1455] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   47.898416][ T1455] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   47.901772][ T1455] usb 6-1: Product: syz
[   47.903016][ T1455] usb 6-1: Manufacturer: syz
[   47.908919][ T1455] usb 6-1: SerialNumber: syz
[   47.921947][ T1455] usb 6-1: config 0 descriptor??
[   48.143997][   T57] usb 6-1: USB disconnect, device number 2
[   48.218940][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.326898][ T6042] netlink: 'syz.2.6': attribute type 33 has an invalid length.
[   48.333753][ T6042] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.6'.
[   48.384632][   T39] audit: type=1326 audit(1737370308.145:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6044 comm="syz.3.8" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   48.392975][   T39] audit: type=1326 audit(1737370308.145:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6044 comm="syz.3.8" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   48.399672][   T39] audit: type=1326 audit(1737370308.155:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6044 comm="syz.3.8" exe="/syz-executor" sig=0 arch=40000003 syscall=447 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   48.405684][   T39] audit: type=1326 audit(1737370308.155:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6044 comm="syz.3.8" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   48.420580][   T39] audit: type=1326 audit(1737370308.155:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6044 comm="syz.3.8" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   48.642570][ T6056] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   48.794733][ T6060] ubi0: attaching mtd0
[   48.798332][ T6060] ubi0: scanning is finished
[   48.801654][ T6060] ubi0: empty MTD device detected
[   48.904489][ T6060] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   48.906723][ T6060] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   48.908909][ T6060] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   48.910954][ T6060] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   48.913296][ T6060] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   48.915240][ T6060] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   48.917546][ T6060] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3434789562
[   48.920471][ T6060] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   48.924349][ T6063] ubi0: background thread "ubi_bgt0d" started, PID 6063
[   48.924481][ T6061] ubi0: detaching mtd0
[   48.929809][ T6061] ubi0: mtd0 is detached
[   49.049258][ T6067] random: crng reseeded on system resumption
[   49.288944][   T66] Bluetooth: hci1: command tx timeout
[   49.291538][   T66] Bluetooth: hci3: command tx timeout
[   49.293596][   T66] Bluetooth: hci2: command tx timeout
[   49.749138][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.779143][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.803332][ T6083] syzkaller0: entered promiscuous mode
[   49.805211][ T6083] syzkaller0: entered allmulticast mode
[   50.168929][    T0] NOHZ tick-stop error: local softirq work is pending, handler #2c2!!!
[   50.499918][    T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!!
[   50.511993][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   50.566219][ T6092] Zero length message leads to an empty skb
[   50.573649][ T6092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.24'.
[   51.218853][ T6004] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   51.359040][ T5968] Bluetooth: hci3: command tx timeout
[   51.359123][   T66] Bluetooth: hci2: command tx timeout
[   51.359140][ T5310] Bluetooth: hci1: command tx timeout
[   51.390080][ T6004] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.391609][   T25] cfg80211: failed to load regulatory.db
[   51.393222][ T6004] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   51.397853][ T6004] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.403939][ T6004] usb 5-1: config 0 descriptor??
[   51.445811][ T6105] netlink: 4 bytes leftover after parsing attributes in process `syz.2.29'.
[   51.449387][ T6105] netlink: 'syz.2.29': attribute type 72 has an invalid length.
[   51.493110][ T6107] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.552865][ T6107] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.558624][    C3] vcan0: j1939_tp_rxtimer: 0xffff88805d671800: rx timeout, send abort
[   51.561482][    C3] vcan0: j1939_tp_rxtimer: 0xffff88805d670800: rx timeout, send abort
[   51.563898][    C3] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d671800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[   51.568126][    C3] vcan0: j1939_xtp_rx_abort_one: 0xffff88805d670800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[   51.597711][ T6107] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.655962][ T6107] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.721279][ T6107] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.725872][ T6107] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.732070][ T6107] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.736487][ T6107] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.775978][   T39] audit: type=1326 audit(1737370311.535:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6116 comm="syz.2.34" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa5579 code=0x0
[   51.813750][ T6004] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor
[   51.819266][ T6004] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0926:3333.0002/input/input5
[   51.889333][ T6004] keytouch 0003:0926:3333.0002: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[   52.355622][ T6004] usb 5-1: USB disconnect, device number 2
Stopping sshd: OK
Stopping dhcpcd...
Connection to localhost closed by remote host.
stopped /sbin/dhcpcd (pid 5658)
Stopping network: OK
Stopping iptables: OK
Stopping system message bus: done
Stopping klogd: OK
Stopping acpid: [   53.438992][   T66] Bluetooth: hci2: command tx timeout
[   53.439022][ T5968] Bluetooth: hci1: command tx timeout
[   53.449906][ T5968] Bluetooth: hci3: command tx timeout
OK
Stopping syslogd: OK
umount: can't remount debugfs read-only
umount: sysfs busy - remounted read-only
umount: devtmpfs busy - remounted read-only
umount: can't remount /dev/root read-only
The system is going down NOW!
Sent SIGTERM to all processes
[   55.073067][ T1135] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.229006][ T1135] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.299616][ T1135] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.355560][ T1135] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.462005][ T1135] bridge_slave_1: left allmulticast mode
[   55.464231][ T1135] bridge_slave_1: left promiscuous mode
[   55.467626][ T1135] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.474869][ T1135] bridge_slave_0: left allmulticast mode
[   55.476603][ T1135] bridge_slave_0: left promiscuous mode
[   55.478271][ T1135] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.763951][ T1135] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   55.769522][ T1135] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   55.774251][ T1135] bond0 (unregistering): Released all slaves
Sent SIGKILL to all processes
Requesting system poweroff
[   56.059778][ T1135] hsr_slave_0: left promiscuous mode
[   56.061773][ T1135] hsr_slave_1: left promiscuous mode
[   56.063705][ T1135] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.065904][ T1135] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.068750][ T1135] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.071048][ T1135] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.084177][ T1135] veth1_macvtap: left promiscuous mode
[   56.086001][ T1135] veth0_macvtap: left promiscuous mode
[   56.088068][ T1135] veth1_vlan: left promiscuous mode
[   56.089900][ T1135] veth0_vlan: left promiscuous mode
[   56.510259][ T1135] team0 (unregistering): Port device team_slave_1 removed
[   56.555576][ T1135] team0 (unregistering): Port device team_slave_0 removed
[   56.873671][ T6185] ==================================================================
[   56.876101][ T6185] BUG: KASAN: use-after-free in notifier_call_chain+0x3bf/0x410
[   56.878441][ T6185] Read of size 8 at addr ffff88806acb18d0 by task init/6185
[   56.881976][ T6185] 
[   56.882721][ T6185] CPU: 3 UID: 0 PID: 6185 Comm: init Not tainted 6.13.0-syzkaller #0
[   56.885118][ T6185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   56.888341][ T6185] Call Trace:
[   56.889555][ T6185]  <TASK>
[   56.890470][ T6185]  dump_stack_lvl+0x116/0x1f0
[   56.891908][ T6185]  print_report+0xc3/0x620
[   56.893289][ T6185]  ? __virt_addr_valid+0x5e/0x590
[   56.894774][ T6185]  ? __phys_addr+0xc6/0x150
[   56.896210][ T6185]  kasan_report+0xd9/0x110
[   56.897632][ T6185]  ? notifier_call_chain+0x3bf/0x410
[   56.899194][ T6185]  ? notifier_call_chain+0x3bf/0x410
[   56.900852][ T6185]  notifier_call_chain+0x3bf/0x410
[   56.902366][ T6185]  ? __pfx_bcache_reboot+0x10/0x10
[   56.903877][ T6185]  blocking_notifier_call_chain+0x69/0xa0
[   56.905606][ T6185]  kernel_power_off+0x1c/0xb0
[   56.907047][ T6185]  __do_sys_reboot+0x376/0x3e0
[   56.908464][ T6185]  ? __pfx___do_sys_reboot+0x10/0x10
[   56.910062][ T6185]  ? xfd_validate_state+0x5d/0x180
[   56.911659][ T6185]  do_syscall_64+0xcd/0x250
[   56.913026][ T6185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.914798][ T6185] RIP: 0033:0x7f1b5f2248b4
[   56.916117][ T6185] Code: f0 ff ff 73 01 c3 48 8b 0d 71 55 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 89 fa be 69 19 12 28 bf ad de e1 fe b8 a9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 10 48 8b 15 45 55 0d 00 f7 d8 64 89 02 48 83
[   56.921949][ T6185] RSP: 002b:00007ffd8c0e9298 EFLAGS: 00000246 ORIG_RAX: 00000000000000a9
[   56.924437][ T6185] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f1b5f2248b4
[   56.926781][ T6185] RDX: 000000004321fedc RSI: 0000000028121969 RDI: 00000000fee1dead
[   56.929010][ T6185] RBP: 000000004321fedc R08: 0000000000000000 R09: 0000000000000000
[   56.931352][ T6185] R10: 00007ffd8c0e9270 R11: 0000000000000246 R12: 0000000000000000
[   56.933704][ T6185] R13: 00007ffd8c0e92f8 R14: 0000560a90422169 R15: 00007f1b5f402a80
[   56.936066][ T6185]  </TASK>
[   56.937044][ T6185] 
[   56.937789][ T6185] The buggy address belongs to the physical page:
[   56.939687][ T6185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x8 pfn:0x6acb1
[   56.942227][ T6185] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   56.944313][ T6185] raw: 04fff00000000000 0000000000000000 ffffffffffffffff 0000000000000000
[   56.946773][ T6185] raw: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   56.949276][ T6185] page dumped because: kasan: bad access detected
[   56.951135][ T6185] page_owner tracks the page as freed
[   56.952702][ T6185] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 70, tgid 70 (kworker/u32:3), ts 54199157281, free_ts 54808682086
[   56.958641][ T6185]  post_alloc_hook+0x2d1/0x350
[   56.960080][ T6185]  get_page_from_freelist+0xfce/0x2f80
[   56.961727][ T6185]  __alloc_pages_noprof+0x223/0x25b0
[   56.963311][ T6185]  alloc_pages_mpol_noprof+0x2c8/0x620
[   56.964901][ T6185]  new_slab+0x2c9/0x410
[   56.966169][ T6185]  ___slab_alloc+0xce2/0x1650
[   56.967527][ T6185]  __slab_alloc.constprop.0+0x56/0xb0
[   56.969046][ T6185]  __kmalloc_node_track_caller_noprof+0x2ee/0x520
[   56.970841][ T6185]  kmalloc_reserve+0xef/0x2c0
[   56.972208][ T6185]  __alloc_skb+0x164/0x380
[   56.973490][ T6185]  nsim_dev_trap_report_work+0x2af/0xd20
[   56.975092][ T6185]  process_one_work+0x958/0x1b30
[   56.976513][ T6185]  worker_thread+0x6c8/0xf00
[   56.977875][ T6185]  kthread+0x2c1/0x3a0
[   56.979052][ T6185]  ret_from_fork+0x45/0x80
[   56.980335][ T6185]  ret_from_fork_asm+0x1a/0x30
[   56.981724][ T6185] page last free pid 1 tgid 1 stack trace:
[   56.983394][ T6185]  free_unref_page+0x661/0x1080
[   56.984799][ T6185]  __put_partials+0x14c/0x170
[   56.986165][ T6185]  qlist_free_all+0x4e/0x120
[   56.987490][ T6185]  kasan_quarantine_reduce+0x195/0x1e0
[   56.989047][ T6185]  __kasan_slab_alloc+0x69/0x90
[   56.990455][ T6185]  kmem_cache_alloc_lru_noprof+0x1c8/0x3b0
[   56.992126][ T6185]  sock_alloc_inode+0x25/0x1c0
[   56.993513][ T6185]  alloc_inode+0x5d/0x230
[   56.994762][ T6185]  sock_alloc+0x40/0x280
[   56.995978][ T6185]  __sock_create+0xc1/0x8d0
[   56.997306][ T6185]  __sys_socket+0x14f/0x260
[   56.998616][ T6185]  __x64_sys_socket+0x72/0xb0
[   56.999969][ T6185]  do_syscall_64+0xcd/0x250
[   57.001295][ T6185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.002987][ T6185] 
[   57.003681][ T6185] Memory state around the buggy address:
[   57.005283][ T6185]  ffff88806acb1780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   57.007558][ T6185]  ffff88806acb1800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   57.009830][ T6185] >ffff88806acb1880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   57.012112][ T6185]                                                  ^
[   57.014010][ T6185]  ffff88806acb1900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   57.016285][ T6185]  ffff88806acb1980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   57.018583][ T6185] ==================================================================
[   57.021018][ T6185] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   57.023108][ T6185] CPU: 3 UID: 0 PID: 6185 Comm: init Not tainted 6.13.0-syzkaller #0
[   57.025435][ T6185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.028500][ T6185] Call Trace:
[   57.029490][ T6185]  <TASK>
[   57.030350][ T6185]  dump_stack_lvl+0x3d/0x1f0
[   57.031686][ T6185]  panic+0x71d/0x800
[   57.032836][ T6185]  ? __pfx_panic+0x10/0x10
[   57.034144][ T6185]  ? preempt_schedule_thunk+0x1a/0x30
[   57.035684][ T6185]  ? preempt_schedule_common+0x44/0xc0
[   57.037246][ T6185]  ? check_panic_on_warn+0x1f/0xb0
[   57.038734][ T6185]  check_panic_on_warn+0xab/0xb0
[   57.040165][ T6185]  end_report+0x117/0x180
[   57.041417][ T6185]  kasan_report+0xe9/0x110
[   57.042705][ T6185]  ? notifier_call_chain+0x3bf/0x410
[   57.044231][ T6185]  ? notifier_call_chain+0x3bf/0x410
[   57.045775][ T6185]  notifier_call_chain+0x3bf/0x410
[   57.047247][ T6185]  ? __pfx_bcache_reboot+0x10/0x10
[   57.048717][ T6185]  blocking_notifier_call_chain+0x69/0xa0
[   57.050353][ T6185]  kernel_power_off+0x1c/0xb0
[   57.051709][ T6185]  __do_sys_reboot+0x376/0x3e0
[   57.053097][ T6185]  ? __pfx___do_sys_reboot+0x10/0x10
[   57.054624][ T6185]  ? xfd_validate_state+0x5d/0x180
[   57.056096][ T6185]  do_syscall_64+0xcd/0x250
[   57.057418][ T6185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.059110][ T6185] RIP: 0033:0x7f1b5f2248b4
[   57.060394][ T6185] Code: f0 ff ff 73 01 c3 48 8b 0d 71 55 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 89 fa be 69 19 12 28 bf ad de e1 fe b8 a9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 10 48 8b 15 45 55 0d 00 f7 d8 64 89 02 48 83
[   57.065876][ T6185] RSP: 002b:00007ffd8c0e9298 EFLAGS: 00000246 ORIG_RAX: 00000000000000a9
[   57.068253][ T6185] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f1b5f2248b4
[   57.070511][ T6185] RDX: 000000004321fedc RSI: 0000000028121969 RDI: 00000000fee1dead
[   57.072768][ T6185] RBP: 000000004321fedc R08: 0000000000000000 R09: 0000000000000000
[   57.075022][ T6185] R10: 00007ffd8c0e9270 R11: 0000000000000246 R12: 0000000000000000
[   57.077304][ T6185] R13: 00007ffd8c0e92f8 R14: 0000560a90422169 R15: 00007f1b5f402a80
[   57.079582][ T6185]  </TASK>
[   57.081054][ T6185] Kernel Offset: disabled
[   57.082313][ T6185] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:51:56  Registers:
info registers vcpu 0

CPU#0
RAX=000000000010bdd1 RBX=0000000000000000 RCX=ffffffff8b1a8899 RDX=0000000000000000
RSI=ffffffff8b4cd260 RDI=ffffffff8bb19ac0 RBP=fffffbfff1b52ef8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed1005686fed R10=ffff88802b437f6b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da977c0 R14=ffffffff901d29d0 R15=0000000000000000
RIP=ffffffff8b1a9c7f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7f76e40 CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001f800000000 0000000900000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000000de45b RBX=0000000000000001 RCX=ffffffff8b1a8899 RDX=0000000000000000
RSI=ffffffff8b4cd260 RDI=ffffffff8bb19ac0 RBP=ffffed10039dc910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901d29d0 R15=0000000000000000
RIP=ffffffff8b1a9c7f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f011fe6c440 CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008420000 Opmask01=0000000000001d1f Opmask02=00000000ff001fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000007000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b9ff588271469a2b a355fe71326366d8
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e657e1d5d48eb56e 63809c517a95626f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f8e33fe4f024a8fd 92c5050ee00a5a7a
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b1c511cb7dc63c4e 7272a2dfe9d8d271
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004f00
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8a060080c473f84b 3e43d31605380c8d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6964b9f58ec11f4e 2be200004e54a347
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0d2198c71e31c292 31b4fb8fd5b64200
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c1c551f100235c82 0bc0f42901000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b0c4cc46256630ec 4cb5ee860d5cdc52
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e03536071d2b4668 6068c9b061605d31
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65776f7000746c61 68004c4c494b0073 65737365636f7270 206c6c61206f7420
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40524a5500514944 4d004c4c494b0056 40565640464a5755 05494944054a5105
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 24bf242d282b232c 22ee222e312feebf 222e312feebf2435 283232282c31242f
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2bdf3228df3822 282b2e2fdf37342d 280b0412bfc92435 283232282c31242f
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 2

CPU#2
RAX=000000000006c1db RBX=0000000000000002 RCX=ffffffff8b1a8899 RDX=0000000000000000
RSI=ffffffff8b4cd260 RDI=ffffffff8bb19ac0 RBP=ffffed10039df000 RSP=ffffc9000048fe08
R8 =0000000000000001 R9 =ffffed10056c6fed R10=ffff88802b637f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801cef8000 R14=ffffffff901d29d0 R15=0000000000000000
RIP=ffffffff8b1a9c7f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7f96e40 CR3=000000001e7fe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000009 Opmask01=0000000000001d1f Opmask02=00000000ff001fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000007000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ffff00ff0000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd8c0e92c0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ffff00ff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e6e6e6e6e6e6e6e 6e6e645f0f0a1d41
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 180b0a41531a0101 1c4e5e3d171a1a53
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 454c4f534e4f4300 3120444950207361 206e757220656220 7473756d00712d00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 454c4f534e4f4300 1405444950055644 054b505705404705 5156504800540800
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 24bf242d282b232c 22ee222e312feebf 222e312feebf2435 283232282c31242f
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2bdf3228df3822 282b2e2fdf37342d 280b0412bfc92435 283232282c31242f
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 3

CPU#3
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85145450 RDI=ffffffff9a66e200 RBP=ffffffff9a66e1c0 RSP=ffffc900042df6b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34cdc92 R15=dffffc0000000000
RIP=ffffffff85145477 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f1b5f0cb500 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f06e40 CR3=000000001e7fe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000009 Opmask01=0000000000001d1f Opmask02=00000000ff001fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000007000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ffff00ff0000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd8c0e92c0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ffff00ff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e6e6e6e6e6e6e6e 6e6e645f0f0a1d41
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 180b0a41531a0101 1c4e5e3d171a1a53
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 454c4f534e4f4300 3120444950207361 206e757220656220 7473756d00712d00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 454c4f534e4f4300 1405444950055644 054b505705404705 5156504800540800
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 24bf242d282b232c 22ee222e312feebf 222e312feebf2435 283232282c31242f
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2bdf3228df3822 282b2e2fdf37342d 280b0412bfc92435 283232282c31242f
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020