last executing test programs:

1.409815117s ago: executing program 1 (id=2):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000240)=@overlay={0x3, 0x1, 0x4, 0x4000, 0x5, {0x0, 0xea60}, {0x1, 0x8, 0x7, 0x2, 0x2, 0x0, "3f75d610"}, 0x101, 0x3, {}, 0x10001})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002c80)=@newtaction={0x14, 0x12, 0xbf68af9d17701211, 0x0, 0x0, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x45855}, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="240000001a00010000000000000000000a0000000000000002000000080019"], 0x24}}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$nl_generic(0x11, 0x3, 0x10)
r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
preadv(r8, &(0x7f0000000280)=[{&(0x7f0000000480)=""/66, 0x42}], 0x1, 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0)
io_setup(0x1, &(0x7f00000004c0))
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x8100)

1.345339344s ago: executing program 2 (id=3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x8914, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000014d564b0000"])

1.294130423s ago: executing program 3 (id=4):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000240)=@overlay={0x3, 0x1, 0x4, 0x4000, 0x5, {0x0, 0xea60}, {0x1, 0x8, 0x7, 0x2, 0x2, 0x0, "3f75d610"}, 0x101, 0x3, {}, 0x10001})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002c80)=@newtaction={0x14, 0x12, 0xbf68af9d17701211, 0x0, 0x0, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x45855}, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="240000001a00010000000000000000000a0000000000000002000000080019"], 0x24}}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$nl_generic(0x11, 0x3, 0x10)
r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
preadv(r8, &(0x7f0000000280)=[{&(0x7f0000000480)=""/66, 0x42}], 0x1, 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r9=>0x0)
io_submit(r9, 0x3, &(0x7f00000003c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x200000001800}, 0x0, 0x0])

1.25895614s ago: executing program 0 (id=1):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r0, @ANYRES32, @ANYRES32=r0], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x5, 0x5, 0x3, 0x9}], 0x10, 0x36, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_setup(0x1e1e, 0x0, 0x0, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4000000004002, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x38011, r4, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendfile(r5, r4, 0x0, 0x7ffff000)

1.147162797s ago: executing program 2 (id=5):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x0, 0xfffffffd})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1, 0x4, &(0x7f00000001c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x2f, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004a00003c00000000000690780a0101026401010244140a02e000000100000000e00000010000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000090780000a82d713669566e76de9803687105afe52b"], 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc01cf509, 0x0)
mount(&(0x7f0000000040)=@sr0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0x2, r3)
r4 = socket(0xb, 0x3, 0x4)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x9}, 0x18)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x109000)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x3c, &(0x7f0000311ffc)=0x7, 0x4)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000200)={0x8})
setsockopt$sock_int(r7, 0x1, 0x29, &(0x7f0000000000)=0x202, 0x4)
setsockopt$inet6_buf(r7, 0x29, 0x0, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r7, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd5", 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x0, @mcast2}, 0x1c)
recvmmsg(r7, &(0x7f0000001340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, 0x0, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000440)={r8, 0x0, 0x4, 0x1, 0x1, [<r9=>0x0], [0xff, 0x0, 0x4291], [], [0x100000004, 0x402]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000280)={0x88, 0x88000000, 0xb7})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000080)={r9})

289.746627ms ago: executing program 0 (id=6):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000020103000000000000000000dfff0000"], 0x14}}, 0x0)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000011c0)=ANY=[@ANYBLOB="1c0000d30300000000000000000000000400008008af18cc830c0d6d"], 0x1c}], 0x1}, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, {0x0, r5}})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
gettid()
dup(0xffffffffffffffff)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000003c0)=ANY=[@ANYBLOB="70000000000901040000000000000000000000000800054000000073797a31000000003c0002000c0002800500010000717cd66b0001801400030020010000000000fe8000000000000000000000010000aa0c0004803eff0140f38b873d72a820a77bfc6a940c1481e7217eb30b77944551f9d128d3d69ea526622b7cc1e5feb8191742428a1452855453089e8f00c06e3548ec1d5443c00ecd0ec20b79710d4fe95950c41a7526871c7904280768e9ed0393f4042398c3fa0000000000"], 0x70}}, 0x10800)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000700)={'#! ', './file0', [{0x20, 'c\x02\x00\x00\x00\xe9p\xe09\x98\xec'}, {0x20, '@}\x80'}, {0x20, 'r\x1f\x1607\x17\x8a\xa74\x12\xfd\xc4=\x93\a\x8b~\xa3\t\f\x04\xdf\xb0\xba\xc0\xaa6\x8ff\xcfR\xd0\xafV\x7f7\x89\x15\xcc\x15\xf0\"\xfa\x89x\x18h\xafR9\xa2[\xe0ac\xc5\xdb\xd9\xc2K\x89Z\xe3\xe8\x8a\xb0\xe4\x98\xb9\xcevP\x02\xaf\x95\xb0;\x88r]vH\xe4V\n`\x93\xf5\x82\x00'/104}, {0x20, '/dev/snd/midiC#D#\x00'}, {0x20, '$'}]}, 0x99)

234.213806ms ago: executing program 1 (id=7):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)={0x2c, 0x3c, 0x107, 0xfffffffc, 0x0, {0x4, 0x7c}, [@nested={0x18, 0x138, 0x0, 0x1, [@nested={0x14, 0x8, 0x0, 0x1, [@typed={0xe, 0x16, 0x0, 0x0, @str='-&]#\xae**$$\x00'}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r4 = fanotify_init(0x200, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r4, 0x5000943f, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x58, &(0x7f0000000300)}, 0x10)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r5)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000240)="c4", 0x1, 0x20000841, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xa, 0x3, &(0x7f0000000180)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x2, 0x71, 0x10, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x2)

203.771302ms ago: executing program 2 (id=8):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x8, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0x9}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0xf366f9a05a264ac8, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_ecred_reconf_req={{0x19, 0xe, 0x4}, {0xa58}}}}, 0x11)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r1, 0x7aa, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r2)
r4 = eventfd2(0x45, 0x800)
write$eventfd(r4, &(0x7f0000000000)=0xfffffffffffffffe, 0x8)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

0s ago: executing program 3 (id=9):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000020103000000000000000000dfff0000"], 0x14}}, 0x0)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000011c0)=ANY=[@ANYBLOB="1c0000d30300000000000000000000000400008008af18cc830c0d6d"], 0x1c}], 0x1}, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, {0x0, r5}})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
gettid()
dup(0xffffffffffffffff)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000003c0)=ANY=[@ANYBLOB="70000000000901040000000000000000000000000800054000000073797a31000000003c0002000c0002800500010000717cd66b0001801400030020010000000000fe8000000000000000000000010000aa0c0004803eff0140f38b873d72a820a77bfc6a940c1481e7217eb30b77944551f9d128d3d69ea526622b7cc1e5feb8191742428a1452855453089e8f00c06e3548ec1d5443c00ecd0ec20b79710d4fe95950c41a7526871c7904280768e9ed0393f4042398c3fa0000000000"], 0x70}}, 0x10800)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000700)={'#! ', './file0', [{0x20, 'c\x02\x00\x00\x00\xe9p\xe09\x98\xec'}, {0x20, '@}\x80'}, {0x20, 'r\x1f\x1607\x17\x8a\xa74\x12\xfd\xc4=\x93\a\x8b~\xa3\t\f\x04\xdf\xb0\xba\xc0\xaa6\x8ff\xcfR\xd0\xafV\x7f7\x89\x15\xcc\x15\xf0\"\xfa\x89x\x18h\xafR9\xa2[\xe0ac\xc5\xdb\xd9\xc2K\x89Z\xe3\xe8\x8a\xb0\xe4\x98\xb9\xcevP\x02\xaf\x95\xb0;\x88r]vH\xe4V\n`\x93\xf5\x82\x00'/104}, {0x20, '/dev/snd/midiC#D#\x00'}, {0x20, '$'}]}, 0x99)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:39737' (ED25519) to the list of known hosts.
[   40.720983][ T5939] cgroup: Unknown subsys name 'net'
[   40.861638][ T5939] cgroup: Unknown subsys name 'cpuset'
[   40.865062][ T5939] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   41.639117][ T5939] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   43.633890][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   43.636675][ T5955] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   43.644796][ T5960] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   43.647255][ T5957] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   43.648411][ T5960] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   43.650755][ T5957] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   43.653660][ T5960] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   43.656128][ T5957] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   43.659242][ T5960] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   43.662014][ T5957] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   43.662762][ T5962] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   43.663409][ T5962] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   43.663747][ T5962] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   43.664121][ T5962] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   43.665812][ T5962] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   43.667322][ T5957] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   43.669312][ T5962] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   43.669479][ T5960] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   43.669677][ T5962] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   43.669713][ T5960] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   43.672601][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   43.676102][ T5962] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   43.677231][ T5965] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   43.697321][ T5965] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   43.813371][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   43.856644][ T5961] chnl_net:caif_netlink_parms(): no params data found
[   43.905164][ T5951] chnl_net:caif_netlink_parms(): no params data found
[   43.941965][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.944662][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.947013][ T5950] bridge_slave_0: entered allmulticast mode
[   43.949969][ T5950] bridge_slave_0: entered promiscuous mode
[   43.953351][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.955538][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.957709][ T5950] bridge_slave_1: entered allmulticast mode
[   43.962041][ T5950] bridge_slave_1: entered promiscuous mode
[   44.060810][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.064451][ T5961] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.067208][ T5961] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.070452][ T5961] bridge_slave_0: entered allmulticast mode
[   44.072705][ T5961] bridge_slave_0: entered promiscuous mode
[   44.075516][ T5961] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.077653][ T5961] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.079958][ T5961] bridge_slave_1: entered allmulticast mode
[   44.082177][ T5961] bridge_slave_1: entered promiscuous mode
[   44.084828][ T5952] chnl_net:caif_netlink_parms(): no params data found
[   44.103355][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.123999][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.126203][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.128494][ T5951] bridge_slave_0: entered allmulticast mode
[   44.131097][ T5951] bridge_slave_0: entered promiscuous mode
[   44.154716][ T5950] team0: Port device team_slave_0 added
[   44.157873][ T5961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.162013][ T5961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.164846][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.166987][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.170780][ T5951] bridge_slave_1: entered allmulticast mode
[   44.173466][ T5951] bridge_slave_1: entered promiscuous mode
[   44.186191][ T5950] team0: Port device team_slave_1 added
[   44.240645][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.242762][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.251822][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.257556][ T5961] team0: Port device team_slave_0 added
[   44.261461][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.279885][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.282037][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.290735][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.294913][ T5961] team0: Port device team_slave_1 added
[   44.297687][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.313527][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.316396][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.320333][ T5952] bridge_slave_0: entered allmulticast mode
[   44.323373][ T5952] bridge_slave_0: entered promiscuous mode
[   44.328661][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.331483][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.334320][ T5952] bridge_slave_1: entered allmulticast mode
[   44.337402][ T5952] bridge_slave_1: entered promiscuous mode
[   44.368594][ T5951] team0: Port device team_slave_0 added
[   44.401393][ T5961] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.403624][ T5961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.411914][ T5961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.417128][ T5951] team0: Port device team_slave_1 added
[   44.450285][ T5950] hsr_slave_0: entered promiscuous mode
[   44.452730][ T5950] hsr_slave_1: entered promiscuous mode
[   44.456474][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.460750][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.463809][ T5961] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.466064][ T5961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.474206][ T5961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.491582][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.493745][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.502995][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.532430][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.534698][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.543720][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.560221][ T5952] team0: Port device team_slave_0 added
[   44.608255][ T5952] team0: Port device team_slave_1 added
[   44.623048][ T5961] hsr_slave_0: entered promiscuous mode
[   44.625854][ T5961] hsr_slave_1: entered promiscuous mode
[   44.628601][ T5961] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   44.632860][ T5961] Cannot create hsr debugfs directory
[   44.662363][ T5951] hsr_slave_0: entered promiscuous mode
[   44.664670][ T5951] hsr_slave_1: entered promiscuous mode
[   44.666607][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   44.669216][ T5951] Cannot create hsr debugfs directory
[   44.671178][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.673344][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.681024][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.688043][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.690346][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.698462][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.787204][ T5952] hsr_slave_0: entered promiscuous mode
[   44.789438][ T5952] hsr_slave_1: entered promiscuous mode
[   44.791431][ T5952] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   44.793736][ T5952] Cannot create hsr debugfs directory
[   44.910330][ T5950] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   44.916081][ T5950] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   44.919774][ T5950] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   44.940700][ T5950] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   44.972658][ T5961] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   44.978421][ T5961] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   44.981993][ T5961] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   44.986542][ T5961] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   45.015379][ T5951] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   45.022264][ T5951] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   45.027496][ T5951] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   45.031284][ T5951] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   45.070603][ T5952] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   45.078124][ T5952] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   45.082164][ T5952] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   45.086562][ T5952] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   45.115171][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.130001][ T5961] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.144659][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   45.159031][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.161404][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.166009][ T5961] 8021q: adding VLAN 0 to HW filter on device team0
[   45.170755][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.180353][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.182957][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.185853][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.187945][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.195284][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.197292][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.205791][ T5951] 8021q: adding VLAN 0 to HW filter on device team0
[   45.213628][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.216331][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.230072][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.232858][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.254684][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.287968][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[   45.302097][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.305134][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.311825][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.314860][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.334504][ T5952] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   45.338649][ T5952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   45.367863][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.373093][ T5961] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.398398][ T5950] veth0_vlan: entered promiscuous mode
[   45.403960][ T5950] veth1_vlan: entered promiscuous mode
[   45.407190][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.414792][ T5961] veth0_vlan: entered promiscuous mode
[   45.422279][ T5961] veth1_vlan: entered promiscuous mode
[   45.428064][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.442066][ T5950] veth0_macvtap: entered promiscuous mode
[   45.448110][ T5950] veth1_macvtap: entered promiscuous mode
[   45.457116][ T5951] veth0_vlan: entered promiscuous mode
[   45.461314][ T5961] veth0_macvtap: entered promiscuous mode
[   45.469817][ T5951] veth1_vlan: entered promiscuous mode
[   45.474242][ T5961] veth1_macvtap: entered promiscuous mode
[   45.480059][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.489114][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.498574][ T5950] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.502779][ T5950] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.505511][ T5950] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.508147][ T5950] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.512228][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.515456][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.519566][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.521876][ T5952] veth0_vlan: entered promiscuous mode
[   45.530887][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.534040][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.537807][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.541546][ T5961] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.544197][ T5961] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.546801][ T5961] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.549758][ T5961] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.556949][ T5952] veth1_vlan: entered promiscuous mode
[   45.559959][ T5951] veth0_macvtap: entered promiscuous mode
[   45.573402][ T5951] veth1_macvtap: entered promiscuous mode
[   45.594594][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.597066][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.604003][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.607502][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.611797][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.615992][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.621047][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.627810][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.631983][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.635805][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.640363][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.645759][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.659587][ T5952] veth0_macvtap: entered promiscuous mode
[   45.663408][ T5951] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.666052][ T5951] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.668641][ T5951] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.671355][ T5951] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.677308][   T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.681439][ T5965] Bluetooth: hci1: command tx timeout
[   45.681850][ T5952] veth1_macvtap: entered promiscuous mode
[   45.683713][   T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.689402][ T5965] Bluetooth: hci3: command tx timeout
[   45.689990][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.693462][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.720237][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.722804][ T5950] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   45.723441][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.723457][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.723463][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.738902][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.743166][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.748447][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.752500][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.755581][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.759628][ T5965] Bluetooth: hci0: command tx timeout
[   45.766952][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.769379][ T5965] Bluetooth: hci2: command tx timeout
[   45.771623][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.777233][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.781599][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.785502][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.789658][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.793428][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.798002][  T105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.798303][ T5952] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.800679][  T105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.803542][ T5952] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.807995][ T5952] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.810714][ T5952] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.825894][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.830666][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.869496][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.871864][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.896670][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.899300][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.041488][ T6014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2'.
[   46.044796][ T6022] capability: warning: `syz.2.5' uses deprecated v2 capabilities in a way that may be insecure
[   46.046851][ T6014] IPVS: Error joining to the multicast group
[   46.339438][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   46.341980][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   46.344504][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   46.346947][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   46.384552][ T6019] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'.
[   46.389260][ T6019] IPVS: Error joining to the multicast group
[   47.106332][ T6034] netlink: 'syz.1.7': attribute type 8 has an invalid length.
[   47.196859][    C0] ==================================================================
[   47.199343][    C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2d90/0x3c40
[   47.201688][    C0] Read of size 8 at addr ffff8880277ae018 by task swapper/0/0
[   47.205127][    C0] 
[   47.205845][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[   47.205855][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   47.205860][    C0] Call Trace:
[   47.205863][    C0]  <IRQ>
[   47.205866][    C0]  dump_stack_lvl+0x116/0x1f0
[   47.205878][    C0]  print_report+0xc3/0x620
[   47.205888][    C0]  ? __virt_addr_valid+0x5e/0x590
[   47.205900][    C0]  ? __phys_addr+0xc6/0x150
[   47.205911][    C0]  kasan_report+0xd9/0x110
[   47.205919][    C0]  ? __lock_acquire+0x2d90/0x3c40
[   47.205929][    C0]  ? __lock_acquire+0x2d90/0x3c40
[   47.205938][    C0]  __lock_acquire+0x2d90/0x3c40
[   47.205948][    C0]  ? __pfx___lock_acquire+0x10/0x10
[   47.205956][    C0]  ? __pfx___lock_acquire+0x10/0x10
[   47.205966][    C0]  lock_acquire.part.0+0x11b/0x380
[   47.205974][    C0]  ? p9_req_put+0xaf/0x250
[   47.205989][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   47.205998][    C0]  ? rcu_is_watching+0x12/0xc0
[   47.206009][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[   47.206016][    C0]  ? p9_req_put+0xaf/0x250
[   47.206024][    C0]  ? lock_acquire+0x2f/0xb0
[   47.206032][    C0]  ? p9_req_put+0xaf/0x250
[   47.206040][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[   47.206048][    C0]  ? p9_req_put+0xaf/0x250
[   47.206056][    C0]  p9_req_put+0xaf/0x250
[   47.206065][    C0]  req_done+0x1e7/0x2f0
[   47.206073][    C0]  ? __pfx_req_done+0x10/0x10
[   47.206080][    C0]  ? __pfx_req_done+0x10/0x10
[   47.206087][    C0]  vring_interrupt+0x31b/0x400
[   47.206096][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[   47.206103][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[   47.206116][    C0]  handle_irq_event+0xab/0x1e0
[   47.206127][    C0]  handle_edge_irq+0x263/0xd10
[   47.206138][    C0]  __common_interrupt+0xdf/0x250
[   47.206147][    C0]  common_interrupt+0xba/0xe0
[   47.206159][    C0]  </IRQ>
[   47.206161][    C0]  <TASK>
[   47.206164][    C0]  asm_common_interrupt+0x26/0x40
[   47.206175][    C0] RIP: 0010:default_idle+0xf/0x20
[   47.206187][    C0] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 dc 20 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[   47.206194][    C0] RSP: 0018:ffffffff8de07e20 EFLAGS: 00000206
[   47.206201][    C0] RAX: 000000000009928d RBX: 0000000000000000 RCX: ffffffff8b45b199
[   47.206205][    C0] RDX: 0000000000000000 RSI: ffffffff8b6cd2e0 RDI: ffffffff8bd26ce0
[   47.206210][    C0] RBP: fffffbfff1bd2ef8 R08: 0000000000000001 R09: ffffed1005686f7d
[   47.206215][    C0] R10: ffff88802b437beb R11: 0000000000000000 R12: 0000000000000000
[   47.206219][    C0] R13: ffffffff8de977c0 R14: ffffffff905fe910 R15: 0000000000000000
[   47.206224][    C0]  ? ct_kernel_exit+0x139/0x190
[   47.206234][    C0]  default_idle_call+0x6d/0xb0
[   47.206244][    C0]  do_idle+0x329/0x3f0
[   47.206253][    C0]  ? __pfx_do_idle+0x10/0x10
[   47.206262][    C0]  cpu_startup_entry+0x4f/0x60
[   47.206270][    C0]  rest_init+0x16b/0x2b0
[   47.206280][    C0]  ? acpi_subsystem_init+0x133/0x180
[   47.206291][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[   47.206301][    C0]  start_kernel+0x3e9/0x4d0
[   47.206311][    C0]  x86_64_start_reservations+0x18/0x30
[   47.206320][    C0]  x86_64_start_kernel+0xb2/0xc0
[   47.206328][    C0]  common_startup_64+0x13e/0x148
[   47.206342][    C0]  </TASK>
[   47.206344][    C0] 
[   47.307777][    C0] Allocated by task 6035:
[   47.309126][    C0]  kasan_save_stack+0x33/0x60
[   47.310545][    C0]  kasan_save_track+0x14/0x30
[   47.311961][    C0]  __kasan_kmalloc+0xaa/0xb0
[   47.313398][    C0]  p9_client_create+0xc8/0x11a0
[   47.314863][    C0]  v9fs_session_init+0x1f8/0x1a80
[   47.316404][    C0]  v9fs_mount+0xc6/0xa30
[   47.317691][    C0]  legacy_get_tree+0x109/0x220
[   47.319148][    C0]  vfs_get_tree+0x8b/0x340
[   47.320508][    C0]  path_mount+0x6e1/0x1f00
[   47.321872][    C0]  __ia32_sys_mount+0x28d/0x310
[   47.323332][    C0]  __do_fast_syscall_32+0x73/0x120
[   47.324898][    C0]  do_fast_syscall_32+0x32/0x80
[   47.326370][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   47.328279][    C0] 
[   47.329011][    C0] Freed by task 6035:
[   47.330218][    C0]  kasan_save_stack+0x33/0x60
[   47.331634][    C0]  kasan_save_track+0x14/0x30
[   47.333081][    C0]  kasan_save_free_info+0x3b/0x60
[   47.334605][    C0]  __kasan_slab_free+0x51/0x70
[   47.336089][    C0]  kfree+0x14f/0x4b0
[   47.337369][    C0]  p9_client_create+0x97d/0x11a0
[   47.338918][    C0]  v9fs_session_init+0x1f8/0x1a80
[   47.340475][    C0]  v9fs_mount+0xc6/0xa30
[   47.341771][    C0]  legacy_get_tree+0x109/0x220
[   47.343241][    C0]  vfs_get_tree+0x8b/0x340
[   47.344627][    C0]  path_mount+0x6e1/0x1f00
[   47.345988][    C0]  __ia32_sys_mount+0x28d/0x310
[   47.347467][    C0]  __do_fast_syscall_32+0x73/0x120
[   47.349056][    C0]  do_fast_syscall_32+0x32/0x80
[   47.350541][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   47.352466][    C0] 
[   47.353225][    C0] The buggy address belongs to the object at ffff8880277ae000
[   47.353225][    C0]  which belongs to the cache kmalloc-512 of size 512
[   47.357395][    C0] The buggy address is located 24 bytes inside of
[   47.357395][    C0]  freed 512-byte region [ffff8880277ae000, ffff8880277ae200)
[   47.361494][    C0] 
[   47.362230][    C0] The buggy address belongs to the physical page:
[   47.364173][    C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x277ac
[   47.366811][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   47.369351][    C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   47.371720][    C0] page_type: f5(slab)
[   47.372951][    C0] raw: 00fff00000000040 ffff88801b042c80 0000000000000000 dead000000000001
[   47.375532][    C0] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.378232][    C0] head: 00fff00000000040 ffff88801b042c80 0000000000000000 dead000000000001
[   47.381599][    C0] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   47.384962][    C0] head: 00fff00000000002 ffffea00009deb01 ffffffffffffffff 0000000000000000
[   47.388345][    C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   47.391701][    C0] page dumped because: kasan: bad access detected
[   47.393721][    C0] page_owner tracks the page as allocated
[   47.395419][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6013, tgid 6012 (syz.2.3), ts 45855417383, free_ts 44819906189
[   47.401034][    C0]  post_alloc_hook+0x2d1/0x350
[   47.402474][    C0]  get_page_from_freelist+0xfce/0x2f80
[   47.404106][    C0]  __alloc_pages_noprof+0x6a6/0x2470
[   47.405699][    C0]  new_slab+0xca/0x410
[   47.406929][    C0]  ___slab_alloc+0xbcd/0x1590
[   47.408371][    C0]  __slab_alloc.constprop.0+0x56/0xb0
[   47.409989][    C0]  __kmalloc_node_noprof+0x2f0/0x520
[   47.411559][    C0]  alloc_slab_obj_exts+0x41/0xa0
[   47.413056][    C0]  __memcg_slab_post_alloc_hook+0x2a7/0x9b0
[   47.414824][    C0]  __kmalloc_cache_noprof+0x367/0x420
[   47.416456][    C0]  kvm_dev_ioctl+0x1389/0x1aa0
[   47.417904][    C0]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   47.419510][    C0]  __do_fast_syscall_32+0x73/0x120
[   47.421079][    C0]  do_fast_syscall_32+0x32/0x80
[   47.422563][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   47.424766][    C0] page last free pid 5952 tgid 5952 stack trace:
[   47.426652][    C0]  free_unref_page+0x661/0x1080
[   47.428120][    C0]  qlist_free_all+0x4e/0x120
[   47.429522][    C0]  kasan_quarantine_reduce+0x195/0x1e0
[   47.431147][    C0]  __kasan_slab_alloc+0x69/0x90
[   47.432617][    C0]  kmem_cache_alloc_noprof+0x1c8/0x3b0
[   47.434257][    C0]  __kernfs_new_node+0xd3/0x890
[   47.435722][    C0]  kernfs_new_node+0x186/0x240
[   47.437180][    C0]  kernfs_create_dir_ns+0x4c/0x150
[   47.438709][    C0]  internal_create_group+0x34e/0xf10
[   47.440304][    C0]  netdev_queue_update_kobjects+0x123/0x5b0
[   47.442066][    C0]  netdev_register_kobject+0x28c/0x3a0
[   47.443720][    C0]  register_netdevice+0x147b/0x1e50
[   47.445299][    C0]  virt_wifi_newlink+0x3ed/0x980
[   47.446792][    C0]  rtnl_newlink+0xbae/0x1d70
[   47.448187][    C0]  rtnetlink_rcv_msg+0x95b/0xea0
[   47.449832][    C0]  netlink_rcv_skb+0x165/0x410
[   47.451302][    C0] 
[   47.452044][    C0] Memory state around the buggy address:
[   47.453743][    C0]  ffff8880277adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.456157][    C0]  ffff8880277adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   47.458568][    C0] >ffff8880277ae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   47.460999][    C0]                             ^
[   47.462466][    C0]  ffff8880277ae080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   47.464875][    C0]  ffff8880277ae100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   47.467260][    C0] ==================================================================
[   47.469661][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   47.471881][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[   47.474861][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   47.478064][    C0] Call Trace:
[   47.479093][    C0]  <IRQ>
[   47.479971][    C0]  dump_stack_lvl+0x3d/0x1f0
[   47.481385][    C0]  panic+0x71d/0x800
[   47.482575][    C0]  ? __pfx_panic+0x10/0x10
[   47.483927][    C0]  ? rcu_is_watching+0x12/0xc0
[   47.485387][    C0]  ? __pfx_lock_release+0x10/0x10
[   47.486916][    C0]  ? check_panic_on_warn+0x1f/0xb0
[   47.488464][    C0]  check_panic_on_warn+0xab/0xb0
[   47.489964][    C0]  end_report+0x117/0x180
[   47.491269][    C0]  kasan_report+0xe9/0x110
[   47.492620][    C0]  ? __lock_acquire+0x2d90/0x3c40
[   47.494166][    C0]  ? __lock_acquire+0x2d90/0x3c40
[   47.495689][    C0]  __lock_acquire+0x2d90/0x3c40
[   47.497190][    C0]  ? __pfx___lock_acquire+0x10/0x10
[   47.498771][    C0]  ? __pfx___lock_acquire+0x10/0x10
[   47.500367][    C0]  lock_acquire.part.0+0x11b/0x380
[   47.501904][    C0]  ? p9_req_put+0xaf/0x250
[   47.503256][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   47.504966][    C0]  ? rcu_is_watching+0x12/0xc0
[   47.506414][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[   47.507979][    C0]  ? p9_req_put+0xaf/0x250
[   47.509340][    C0]  ? lock_acquire+0x2f/0xb0
[   47.510706][    C0]  ? p9_req_put+0xaf/0x250
[   47.512067][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[   47.513666][    C0]  ? p9_req_put+0xaf/0x250
[   47.515024][    C0]  p9_req_put+0xaf/0x250
[   47.516324][    C0]  req_done+0x1e7/0x2f0
[   47.517578][    C0]  ? __pfx_req_done+0x10/0x10
[   47.518999][    C0]  ? __pfx_req_done+0x10/0x10
[   47.520448][    C0]  vring_interrupt+0x31b/0x400
[   47.521903][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[   47.523504][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[   47.525227][    C0]  handle_irq_event+0xab/0x1e0
[   47.526675][    C0]  handle_edge_irq+0x263/0xd10
[   47.528124][    C0]  __common_interrupt+0xdf/0x250
[   47.529637][    C0]  common_interrupt+0xba/0xe0
[   47.531067][    C0]  </IRQ>
[   47.531967][    C0]  <TASK>
[   47.532886][    C0]  asm_common_interrupt+0x26/0x40
[   47.534423][    C0] RIP: 0010:default_idle+0xf/0x20
[   47.535958][    C0] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 dc 20 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[   47.541748][    C0] RSP: 0018:ffffffff8de07e20 EFLAGS: 00000206
[   47.543600][    C0] RAX: 000000000009928d RBX: 0000000000000000 RCX: ffffffff8b45b199
[   47.545998][    C0] RDX: 0000000000000000 RSI: ffffffff8b6cd2e0 RDI: ffffffff8bd26ce0
[   47.548392][    C0] RBP: fffffbfff1bd2ef8 R08: 0000000000000001 R09: ffffed1005686f7d
[   47.550787][    C0] R10: ffff88802b437beb R11: 0000000000000000 R12: 0000000000000000
[   47.553187][    C0] R13: ffffffff8de977c0 R14: ffffffff905fe910 R15: 0000000000000000
[   47.555549][    C0]  ? ct_kernel_exit+0x139/0x190
[   47.557108][    C0]  default_idle_call+0x6d/0xb0
[   47.558555][    C0]  do_idle+0x329/0x3f0
[   47.559790][    C0]  ? __pfx_do_idle+0x10/0x10
[   47.561206][    C0]  cpu_startup_entry+0x4f/0x60
[   47.562648][    C0]  rest_init+0x16b/0x2b0
[   47.563952][    C0]  ? acpi_subsystem_init+0x133/0x180
[   47.565558][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[   47.567218][    C0]  start_kernel+0x3e9/0x4d0
[   47.568594][    C0]  x86_64_start_reservations+0x18/0x30
[   47.570238][    C0]  x86_64_start_kernel+0xb2/0xc0
[   47.571715][    C0]  common_startup_64+0x13e/0x148
[   47.573231][    C0]  </TASK>
[   47.574754][    C0] Kernel Offset: disabled
[   47.576051][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:47:51  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853805c5 RDI=ffffffff9aacf4e0 RBP=ffffffff9aacf4a0 RSP=ffffc900000075b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000064 R14=ffffffff85380560 R15=0000000000000000
RIP=ffffffff853805ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000208d7000 CR3=0000000063c7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000003a165 RBX=0000000000000001 RCX=ffffffff8b45b199 RDX=0000000000000000
RSI=ffffffff8b6cd2e0 RDI=ffffffff8bd26ce0 RBP=ffffed1003a5a910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6f7d R10=ffff88802b537beb R11=0000000000000000
R12=0000000000000001 R13=ffff88801d2d4880 R14=ffffffff905fe910 R15=0000000000000000
RIP=ffffffff8b45c57f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000201e4000 CR3=000000006b582000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000004806b RBX=0000000000000002 RCX=ffffffff8b45b199 RDX=0000000000000000
RSI=ffffffff8b6cd2e0 RDI=ffffffff8bd26ce0 RBP=ffffed1003ad5000 RSP=ffffc9000048fe08
R8 =0000000000000001 R9 =ffffed10056c6f7d R10=ffff88802b637beb R11=0000000000000000
R12=0000000000000002 R13=ffff88801d6a8000 R14=ffffffff905fe910 R15=0000000000000000
RIP=ffffffff8b45c57f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020956000 CR3=0000000069ac6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000500000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffffffff91998b16 RBX=ffffffff90e086c4 RCX=dffffc0000000000 RDX=1ffffffff21c10d8
RSI=0000000000000000 RDI=ffffffff90e086c4 RBP=ffffffff90e086c4 RSP=ffffc900005f85c8
R8 =ffffffff91998b1c R9 =ffffffff917f4040 R10=ffffc900005f8678 R11=000000000009c897
R12=ffffffff90e086c4 R13=ffffffff8ac89792 R14=ffffffff90e086c4 R15=ffffffff90e086c4
RIP=ffffffff8168bf70 RFL=00000a07 [-O---PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020306000 CR3=0000000069450000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000500000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000