last executing test programs:

1.985752211s ago: executing program 1 (id=1784):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xb, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000000000000000000008540000022000000850000008b00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.916313408s ago: executing program 1 (id=1786):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x54, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x7ff, @private2, 0xeb2}, @in6={0xa, 0x4e21, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, @in6={0xa, 0x4e21, 0x9, @loopback, 0x7ab}]}, &(0x7f0000000180)=0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1)

1.016077123s ago: executing program 1 (id=1819):
unshare(0x8000400)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r1, 0x0, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r2, &(0x7f0000000180)='cpu.weight\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="2d63707520ebe8103de4f914e70854e34b77db86c0927133e12db180be11b2ebc929622e0c5b67f94b56254e6b0db105c8f04b25cdaf814b2de09cfa00b320bc8c4fb6b15e9e8e2bdbd2c5e059f223e8ae67c2e7ad90265d1310746acde5b79a0f862b5a47dd69cb355ebe80"], 0x5)
socket$nl_rdma(0x10, 0x3, 0x14)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x2, 0x80, 0x1, 0x9}, 0x0, &(0x7f00000002c0)={0x3ff, 0xfffffffffffffffe, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.015184374s ago: executing program 1 (id=1821):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r6], 0x1c}}, 0x0)

474.598756ms ago: executing program 0 (id=1834):
syz_emit_ethernet(0x32, &(0x7f0000000040)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x88, 0x0, @empty}, {0x0, 0x0, 0x8, 0x0, @gue={{0x2}}}}}}}, 0x0)

396.818642ms ago: executing program 0 (id=1836):
syz_emit_ethernet(0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd60f7d8ff003c3c00fe8000000000000000000000000000aaff0200000000000000000000000000010004000000000000c91000000000000000000000001b"], 0x0)

396.521872ms ago: executing program 0 (id=1837):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x8000000, 0xfffffffd, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x54, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x12, 0x3, 0xffffffffffffffff, 0x1, 0x7c2}, 0x40000002}}]}, {0x4, 0x6, "156c58e6140000000000000047d3289b"}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x240400c0)

345.728434ms ago: executing program 0 (id=1839):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @broadcast}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000000)={0x1d, r4}, 0x10)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="b09f32024d8c42a49c0400"/31, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f3fd65bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e208000000729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e7095d6744756e17ece06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58}, 0x10)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x98}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x9, 0x2, 0x0, r6}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000200)=[{0x20, 0x0, 0x3, 0xfffff000}, {0xfffb, 0x0, 0x0, 0xffffffed}, {0x4, 0x2, 0x3, 0x4}]}, 0x10)
bind$can_raw(r3, &(0x7f0000000080), 0x10)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x34, r2, 0x201, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0201}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

297.067516ms ago: executing program 2 (id=1840):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x7c}, 0x1, 0x0, 0x0, 0x4048805}, 0x0)

296.841404ms ago: executing program 2 (id=1841):
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000700)={'sit0\x00', 0x0})

207.242371ms ago: executing program 2 (id=1842):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0xd1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

206.958262ms ago: executing program 2 (id=1843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x5, 0x5, 0x2, 0x4}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0x12, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x14, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001bc6500850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

108.74721ms ago: executing program 2 (id=1844):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000b00), 0x2, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000009440)=<r2=>0x0)
bind$nfc_llcp(r1, &(0x7f0000009480)={0x27, r2, 0xffffffffffffffff, 0x5, 0x1, 0x6, "be8e19b6a865e7ab561f559d74a73485c8abd6554271850320b9571ca0d8f47c1e1a12c085d196fd2eb6853571e830e500", 0x30}, 0x60)

105.599449ms ago: executing program 1 (id=1845):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c00000002060104db406e3e0004000200000000100003006269746d61703a706f72740005000400000000000900020073797a32000000000500050000006c00050001000600000024000780080008400000137906000440fffff000060005401c02000008000640"], 0x6c}}, 0x0)

83.17436ms ago: executing program 0 (id=1846):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={0x2, 0x3, 0x0, 0x2, 0x11, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "a3"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_nat_t_type={0x1}]}, 0x88}, 0x1, 0x7}, 0x0)

525.347µs ago: executing program 2 (id=1847):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000015c0)=[@in6={0xa, 0x4e21, 0x6, @empty, 0x3}, @in6={0xa, 0x4e21, 0x1, @empty, 0x4}], 0x38)

224.096µs ago: executing program 1 (id=1848):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000140)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, 0x0, 0xfcb8)

0s ago: executing program 0 (id=1849):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0xfffffffc, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000400)="cd", 0x1, 0x8010, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffe}, 0x1c)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x8}, &(0x7f0000000140)=0x8)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:47899' (ED25519) to the list of known hosts.
syzkaller login: [   56.839027][ T5783] cgroup: Unknown subsys name 'net'
[   56.965377][ T5783] cgroup: Unknown subsys name 'cpuset'
[   56.975206][ T5783] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.692423][ T5783] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   66.111173][ T5861] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.115987][ T5861] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.119631][ T5861] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.119889][ T5863] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.128117][ T5863] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.128176][ T5861] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.134802][ T5863] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.135256][ T5861] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.144702][ T5861] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.148213][ T5861] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   66.196148][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   66.201075][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   66.214341][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   66.218743][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   66.222899][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   66.546686][ T5857] chnl_net:caif_netlink_parms(): no params data found
[   66.678532][ T5858] chnl_net:caif_netlink_parms(): no params data found
[   66.749230][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.752295][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.755743][ T5857] bridge_slave_0: entered allmulticast mode
[   66.759519][ T5857] bridge_slave_0: entered promiscuous mode
[   66.765502][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.768210][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.770917][ T5857] bridge_slave_1: entered allmulticast mode
[   66.774952][ T5857] bridge_slave_1: entered promiscuous mode
[   66.778543][ T5867] chnl_net:caif_netlink_parms(): no params data found
[   66.826849][ T5857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.832596][ T5857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.918157][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.921014][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.924579][ T5858] bridge_slave_0: entered allmulticast mode
[   66.928723][ T5858] bridge_slave_0: entered promiscuous mode
[   66.940128][ T5857] team0: Port device team_slave_0 added
[   66.943383][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.946810][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.949613][ T5858] bridge_slave_1: entered allmulticast mode
[   66.953364][ T5858] bridge_slave_1: entered promiscuous mode
[   66.970411][ T5857] team0: Port device team_slave_1 added
[   67.041515][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.045485][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.048668][ T5867] bridge_slave_0: entered allmulticast mode
[   67.052549][ T5867] bridge_slave_0: entered promiscuous mode
[   67.075387][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.079494][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.082477][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.086045][ T5867] bridge_slave_1: entered allmulticast mode
[   67.089792][ T5867] bridge_slave_1: entered promiscuous mode
[   67.097149][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.100399][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.114459][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.123292][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.168263][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.173303][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.184041][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.190655][ T5858] team0: Port device team_slave_0 added
[   67.196354][ T5858] team0: Port device team_slave_1 added
[   67.237591][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.241785][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.244982][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.255100][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.262304][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.277514][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.280846][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.291243][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.340434][ T5867] team0: Port device team_slave_0 added
[   67.349760][ T5857] hsr_slave_0: entered promiscuous mode
[   67.353156][ T5857] hsr_slave_1: entered promiscuous mode
[   67.359391][ T5867] team0: Port device team_slave_1 added
[   67.428402][ T5858] hsr_slave_0: entered promiscuous mode
[   67.431452][ T5858] hsr_slave_1: entered promiscuous mode
[   67.434848][ T5858] debugfs: 'hsr0' already exists in 'hsr'
[   67.437211][ T5858] Cannot create hsr debugfs directory
[   67.453501][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.456607][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.470155][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.476315][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.480747][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.491606][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.662950][ T5867] hsr_slave_0: entered promiscuous mode
[   67.666490][ T5867] hsr_slave_1: entered promiscuous mode
[   67.669723][ T5867] debugfs: 'hsr0' already exists in 'hsr'
[   67.672029][ T5867] Cannot create hsr debugfs directory
[   67.854469][ T5858] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   67.864976][ T5858] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   67.878940][ T5858] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   67.903028][ T5858] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   67.966635][ T5857] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   67.972963][ T5857] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   67.992381][ T5857] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   68.009501][ T5857] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   68.037053][ T5867] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   68.043854][ T5867] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   68.059215][ T5867] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   68.071253][ T5867] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   68.139850][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.168216][ T5858] 8021q: adding VLAN 0 to HW filter on device team0
[   68.193823][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.196849][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.214591][   T55] Bluetooth: hci1: command tx timeout
[   68.214602][ T5237] Bluetooth: hci0: command tx timeout
[   68.221848][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.224981][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.291070][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.304570][   T55] Bluetooth: hci2: command tx timeout
[   68.338128][ T5857] 8021q: adding VLAN 0 to HW filter on device team0
[   68.350042][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.365742][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.368717][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.383281][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.386196][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.399375][ T5867] 8021q: adding VLAN 0 to HW filter on device team0
[   68.409627][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.412399][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.446242][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.448995][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.541644][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.620533][ T5858] veth0_vlan: entered promiscuous mode
[   68.645185][ T5858] veth1_vlan: entered promiscuous mode
[   68.659935][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.700272][ T5858] veth0_macvtap: entered promiscuous mode
[   68.731742][ T5858] veth1_macvtap: entered promiscuous mode
[   68.741617][ T5857] veth0_vlan: entered promiscuous mode
[   68.747267][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.756397][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.762818][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.778126][ T5857] veth1_vlan: entered promiscuous mode
[   68.788787][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.795760][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.817302][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.820433][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.879257][ T5867] veth0_vlan: entered promiscuous mode
[   68.891914][ T5857] veth0_macvtap: entered promiscuous mode
[   68.908381][ T5857] veth1_macvtap: entered promiscuous mode
[   68.929680][ T5867] veth1_vlan: entered promiscuous mode
[   68.949121][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.952308][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.962419][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.971225][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.004335][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.012376][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.026466][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.030545][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.031505][ T5867] veth0_macvtap: entered promiscuous mode
[   69.038745][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.046239][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.066214][ T5867] veth1_macvtap: entered promiscuous mode
[   69.125591][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.150206][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.162254][ T5858] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   69.178302][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.181395][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.198104][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.201694][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.234348][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.239159][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.272535][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.276271][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.444302][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.447431][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.535155][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.538214][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.668633][ T5941] dummy0: entered promiscuous mode
[   69.672729][ T5941] dummy0: entered allmulticast mode
[   69.852304][ T5951] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12'.
[   70.068770][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.072858][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.294200][   T55] Bluetooth: hci0: command tx timeout
[   70.304383][   T55] Bluetooth: hci1: command tx timeout
[   70.433745][   T55] Bluetooth: hci2: command tx timeout
[   70.478240][ T5956] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.484247][ T5956] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.561809][ T5888] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.571698][ T5888] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.583342][ T5888] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.591852][ T5888] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.126302][ T5992] Zero length message leads to an empty skb
[   71.160426][ T5992] netlink: 'syz.0.26': attribute type 12 has an invalid length.
[   71.286611][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.289270][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   71.933111][ T6009] tipc: Started in network mode
[   71.935394][ T6009] tipc: Node identity 4673a3c90b53, cluster identity 4711
[   71.938089][ T6009] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   71.941527][ T6009] syzkaller0: entered promiscuous mode
[   71.944352][ T6009] syzkaller0: entered allmulticast mode
[   71.949995][ T6011] Bluetooth: MGMT ver 1.23
[   71.960852][ T6011] netlink: 64 bytes leftover after parsing attributes in process `syz.0.36'.
[   71.964388][ T6009] tipc: Resetting bearer <eth:syzkaller0>
[   71.973494][ T6008] tipc: Resetting bearer <eth:syzkaller0>
[   71.993567][ T6008] tipc: Disabling bearer <eth:syzkaller0>
[   72.000770][ T6011] netlink: 'syz.0.36': attribute type 2 has an invalid length.
[   72.362090][ T6027] syz.1.44 uses obsolete (PF_INET,SOCK_PACKET)
[   72.365295][ T6027] syzkaller1: entered promiscuous mode
[   72.367007][ T6027] syzkaller1: entered allmulticast mode
[   72.373843][   T55] Bluetooth: hci1: command tx timeout
[   72.375576][   T55] Bluetooth: hci0: command tx timeout
[   72.390624][ T6027] block nbd1: NBD_DISCONNECT
[   72.454431][ T5237] Bluetooth: hci2: command tx timeout
[   73.318473][ T6054] netlink: 284 bytes leftover after parsing attributes in process `syz.1.55'.
[   73.373478][ T6060] netlink: 'syz.1.58': attribute type 5 has an invalid length.
[   73.753388][ T6094] netlink: 'syz.1.72': attribute type 3 has an invalid length.
[   73.758038][ T6094] netlink: 12 bytes leftover after parsing attributes in process `syz.1.72'.
[   73.909442][ T6102] Bluetooth: MGMT ver 1.23
[   74.126189][ T6112] netlink: 224 bytes leftover after parsing attributes in process `syz.0.79'.
[   74.129810][ T6112] netlink: 16 bytes leftover after parsing attributes in process `syz.0.79'.
[   74.133061][ T6112] tipc: Started in network mode
[   74.135299][ T6112] tipc: Node identity fffffe01, cluster identity 64
[   74.137819][ T6112] tipc: Node number set to 4294966785
[   74.141877][ T6112] tipc: Cannot configure node identity twice
[   74.196285][ T6114] netlink: 4 bytes leftover after parsing attributes in process `syz.0.80'.
[   74.273018][ T6118] pimreg3: entered allmulticast mode
[   74.455260][   T55] Bluetooth: hci1: command tx timeout
[   74.457117][ T5237] Bluetooth: hci0: command tx timeout
[   74.542660][ T5237] Bluetooth: hci2: command tx timeout
[   75.222170][   T57] block nbd0: Receive control failed (result -104)
[   76.200700][ T6222] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   76.844231][ T6249] netlink: 'syz.1.137': attribute type 1 has an invalid length.
[   76.847517][ T6249] netlink: 248 bytes leftover after parsing attributes in process `syz.1.137'.
[   77.215218][ T6266] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.376429][ T6277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.150'.
[   77.379864][ T6277] team1 (uninitialized): Failed to send options change via netlink (err -105)
[   77.396071][ T6277] team1: entered promiscuous mode
[   77.398074][ T6277] team1: entered allmulticast mode
[   77.583034][ T6283] netlink: 28 bytes leftover after parsing attributes in process `syz.2.153'.
[   78.968708][ T6317] netlink: 16 bytes leftover after parsing attributes in process `syz.1.169'.
[   79.049451][ T6327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.174'.
[   79.157131][ T6337] netlink: 4436 bytes leftover after parsing attributes in process `syz.0.179'.
[   79.161021][ T6337] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[   79.181695][ T6339] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   79.341308][ T6347] syzkaller1: entered promiscuous mode
[   79.347448][ T6347] syzkaller1: entered allmulticast mode
[   79.797885][ T6371] netlink: 8 bytes leftover after parsing attributes in process `syz.0.192'.
[   79.946073][ T6377] netlink: 'syz.0.195': attribute type 64 has an invalid length.
[   80.024919][ T6381] netlink: 36 bytes leftover after parsing attributes in process `syz.0.197'.
[   80.432433][ T6409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.208'.
[   80.646087][ T6428] Driver unsupported XDP return value 0 on prog  (id 40) dev N/A, expect packet loss!
[   81.576046][   T55] Bluetooth: hci2: command 0x0405 tx timeout
[   81.890017][ T6488] tipc: Started in network mode
[   81.892017][ T6488] tipc: Node identity ce8cbb5ea2eb, cluster identity 4711
[   81.896442][ T6488] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   81.900163][ T6488] syzkaller0: entered promiscuous mode
[   81.901977][ T6488] syzkaller0: entered allmulticast mode
[   81.927317][ T6488] tipc: Resetting bearer <eth:syzkaller0>
[   81.931717][ T6487] tipc: Resetting bearer <eth:syzkaller0>
[   81.939920][ T6487] tipc: Disabling bearer <eth:syzkaller0>
[   82.067029][ T6499] pim6reg: entered allmulticast mode
[   82.083273][ T6499] pim6reg: left allmulticast mode
[   82.535307][ T6518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.249'.
[   82.543503][ T6518] geneve2: entered promiscuous mode
[   82.545596][ T6518] geneve2: entered allmulticast mode
[   82.550520][ T5871] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.553405][ T5871] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.558392][ T5871] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.561825][ T5871] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.670988][ T6524] netlink: 24 bytes leftover after parsing attributes in process `syz.1.252'.
[   83.041295][ T6539] netlink: 277 bytes leftover after parsing attributes in process `syz.0.258'.
[   83.085861][ T6541] netlink: 'syz.1.260': attribute type 29 has an invalid length.
[   83.093270][ T6541] netlink: 'syz.1.260': attribute type 29 has an invalid length.
[   83.116153][ T6541] netlink: 500 bytes leftover after parsing attributes in process `syz.1.260'.
[   83.119916][ T6541] unsupported nla_type 58
[   83.250833][ T6552] syzkaller0: entered promiscuous mode
[   83.253180][ T6552] syzkaller0: entered allmulticast mode
[   83.259890][ T6552] PF_CAN: dropped non conform CAN FD skbuff: dev type 280, len 65487
[   83.474264][ T6572] tc_dump_action: action bad kind
[   84.042158][ T6604] netlink: 'syz.2.284': attribute type 4 has an invalid length.
[   84.072182][ T6604] netlink: 'syz.2.284': attribute type 4 has an invalid length.
[   84.729036][ T6638] netlink: 8 bytes leftover after parsing attributes in process `syz.2.296'.
[   84.965492][ T6659] Unknown options in mask b7f2
[   85.364473][ T6684] netlink: 'syz.2.310': attribute type 1 has an invalid length.
[   85.494940][ T6689] netlink: 56 bytes leftover after parsing attributes in process `syz.2.311'.
[   86.625819][    T9] cfg80211: failed to load regulatory.db
[   86.903531][ T6739] netlink: 4 bytes leftover after parsing attributes in process `syz.2.332'.
[   86.976694][ T6741] syzkaller1: entered promiscuous mode
[   86.994160][ T6741] syzkaller1: entered allmulticast mode
[   87.220515][ T6758] netlink: 28 bytes leftover after parsing attributes in process `syz.0.340'.
[   87.227312][ T6758] netlink: 28 bytes leftover after parsing attributes in process `syz.0.340'.
[   87.259838][ T6760] trusted_key: syz.0.341 sent an empty control message without MSG_MORE.
[   87.596093][ T6780] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.350'.
[   87.927145][ T6783] netlink: 188 bytes leftover after parsing attributes in process `syz.2.351'.
[   88.646212][ T6815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.366'.
[   89.011589][ T6838] netlink: 136 bytes leftover after parsing attributes in process `syz.0.373'.
[   89.232480][ T6847] netlink: 20 bytes leftover after parsing attributes in process `syz.1.379'.
[   89.391546][ T6853] ieee802154 phy0 wpan0: encryption failed: -90
[   90.280869][ T6872] ipvlan2: entered promiscuous mode
[   90.296228][ T6872] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   91.815026][ T6982] tun0: tun_chr_ioctl cmd 1074025675
[   91.817037][ T6982] tun0: persist enabled
[   91.821037][ T6982] tun0: tun_chr_ioctl cmd 1074025675
[   91.822879][ T6982] tun0: persist disabled
[   91.858509][ T6986] netlink: 8 bytes leftover after parsing attributes in process `syz.2.414'.
[   92.169092][ T7007] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[   92.499968][ T7026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.432'.
[   92.565193][ T7028] warning: `syz.2.433' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   92.650956][ T7032] netlink: 'syz.1.434': attribute type 21 has an invalid length.
[   92.664801][ T7032] netlink: 128 bytes leftover after parsing attributes in process `syz.1.434'.
[   92.706463][ T7032] netlink: 'syz.1.434': attribute type 5 has an invalid length.
[   92.709292][ T7032] netlink: 3 bytes leftover after parsing attributes in process `syz.1.434'.
[   92.712558][ T7034] netlink: 20 bytes leftover after parsing attributes in process `syz.0.436'.
[   92.882219][ T7047] lo speed is unknown, defaulting to 1000
[   92.907842][ T7047] lo speed is unknown, defaulting to 1000
[   92.913248][ T7047] lo speed is unknown, defaulting to 1000
[   92.929051][ T7047] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   92.947472][ T7047] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   92.982748][ T7047] lo speed is unknown, defaulting to 1000
[   92.987462][ T7047] lo speed is unknown, defaulting to 1000
[   92.990904][ T7047] lo speed is unknown, defaulting to 1000
[   93.016470][ T7048] netlink: 'syz.0.442': attribute type 4 has an invalid length.
[   93.066592][ T7055] netlink: 20 bytes leftover after parsing attributes in process `syz.1.445'.
[   93.235791][ T7069] syzkaller1: entered promiscuous mode
[   93.238135][ T7069] syzkaller1: entered allmulticast mode
[   94.056691][ T7089] bridge0: port 3(erspan0) entered blocking state
[   94.059204][ T7089] bridge0: port 3(erspan0) entered disabled state
[   94.061584][ T7089] erspan0: entered allmulticast mode
[   94.067315][ T7089] erspan0: entered promiscuous mode
[   94.069988][ T7089] bridge0: port 3(erspan0) entered blocking state
[   94.072185][ T7089] bridge0: port 3(erspan0) entered forwarding state
[   94.076398][ T7089] erspan0: left allmulticast mode
[   94.078039][ T7089] erspan0: left promiscuous mode
[   94.080706][ T7089] bridge0: port 3(erspan0) entered disabled state
[   94.121583][ T7091] netlink: 76 bytes leftover after parsing attributes in process `syz.0.460'.
[   94.125618][ T7091] netlink: 76 bytes leftover after parsing attributes in process `syz.0.460'.
[   94.271217][ T7100] netlink: 240 bytes leftover after parsing attributes in process `syz.0.465'.
[   94.656333][ T7138] netlink: 48 bytes leftover after parsing attributes in process `syz.0.482'.
[   94.736652][ T7138] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   94.739079][ T5432] IPVS: starting estimator thread 0...
[   94.834332][ T7145] IPVS: using max 58 ests per chain, 139200 per kthread
[   94.907911][ T7153] netlink: 28 bytes leftover after parsing attributes in process `syz.0.487'.
[   94.913883][ T7153] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.917936][ T7153] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.086130][ T7170] netlink: 'syz.1.496': attribute type 1 has an invalid length.
[   95.133465][ T7170] 8021q: adding VLAN 0 to HW filter on device bond1
[   95.162662][ T7175] 8021q: adding VLAN 0 to HW filter on device bond1
[   95.168088][ T7175] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   95.176947][ T7175] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   95.227021][ T7170] veth3: entered promiscuous mode
[   95.240170][ T7170] bond1: (slave veth3): Enslaving as an active interface with a down link
[   95.257099][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.260282][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.361548][ T7181] ipvlan2: entered promiscuous mode
[   95.553021][ T7186] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   95.575662][ T7186] syzkaller0: entered promiscuous mode
[   95.577773][ T7186] syzkaller0: entered allmulticast mode
[   95.613068][ T7186] tipc: Resetting bearer <eth:syzkaller0>
[   95.626144][ T7184] tipc: Resetting bearer <eth:syzkaller0>
[   95.637289][ T7184] tipc: Disabling bearer <eth:syzkaller0>
[   95.782869][ T7193] hsr0: entered promiscuous mode
[   95.791599][ T7193] macsec1: entered promiscuous mode
[   95.916961][ T7193] syz.2.506 (7193) used greatest stack depth: 19520 bytes left
[   95.958485][ T7196] : renamed from wg2
[   96.048761][ T7204] netlink: 'syz.2.511': attribute type 21 has an invalid length.
[   96.051442][ T7204] netlink: 132 bytes leftover after parsing attributes in process `syz.2.511'.
[   96.344907][ T7234] tipc: New replicast peer: 255.255.255.255
[   96.347939][ T7234] tipc: Enabled bearer <udp:syz2>, priority 10
[   97.466828][ T5432] tipc: Node number set to 1818737502
[   97.926500][ T7261] netlink: 'syz.1.538': attribute type 4 has an invalid length.
[   98.505733][ T7296] __nla_validate_parse: 2 callbacks suppressed
[   98.505749][ T7296] netlink: 24 bytes leftover after parsing attributes in process `syz.0.551'.
[   98.578491][ T7299] netlink: 64 bytes leftover after parsing attributes in process `syz.0.552'.
[   98.584645][ T7299] block nbd0: reconnected socket
[   98.586706][ T7299] nbd: socks must be embedded in a SOCK_ITEM attr
[   98.589958][ T7299] netlink: 36 bytes leftover after parsing attributes in process `syz.0.552'.
[   98.595267][   T57] block nbd0: Receive control failed (result -32)
[   98.891488][ T7315] xt_l2tp: missing protocol rule (udp|l2tpip)
[   98.942923][ T7317] netlink: 'syz.0.559': attribute type 9 has an invalid length.
[  100.190375][ T7344] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  100.771486][ T7368] lo speed is unknown, defaulting to 1000
[  100.902840][ T7373] openvswitch: netlink: Flow key attr not present in new flow.
[  101.384735][ T7411] netlink: 'syz.2.601': attribute type 13 has an invalid length.
[  101.388454][ T7411] netlink: 'syz.2.601': attribute type 17 has an invalid length.
[  101.441860][ T7411] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  101.783363][ T7448] netlink: 12 bytes leftover after parsing attributes in process `syz.0.615'.
[  102.030744][ T7471] syzkaller0: entered promiscuous mode
[  102.032917][ T7471] syzkaller0: entered allmulticast mode
[  102.114992][ T7474] nbd2: detected capacity change from 0 to 63
[  102.123032][ T7476] block nbd2: NBD_DISCONNECT
[  102.126218][ T7476] block nbd2: Disconnected due to user request.
[  102.129476][ T7476] block nbd2: shutting down sockets
[  103.242956][ T7487] netlink: 'syz.2.630': attribute type 64 has an invalid length.
[  103.292747][ T7491] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  103.300976][ T7491] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  103.312144][    T9] lo speed is unknown, defaulting to 1000
[  103.552508][ T7507] netlink: 44 bytes leftover after parsing attributes in process `syz.1.640'.
[  103.612464][ T7515] netlink: 'syz.1.644': attribute type 1 has an invalid length.
[  103.765306][ T7528] netlink: 4 bytes leftover after parsing attributes in process `syz.2.650'.
[  103.768888][ T7528] netlink: 4 bytes leftover after parsing attributes in process `syz.2.650'.
[  103.878917][ T7535] netlink: 7 bytes leftover after parsing attributes in process `syz.2.654'.
[  103.896184][ T7535] erspan0: entered promiscuous mode
[  103.898565][ T7539] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  104.028453][ T7547] netlink: 28 bytes leftover after parsing attributes in process `syz.0.659'.
[  104.033756][ T7547] netlink: 28 bytes leftover after parsing attributes in process `syz.0.659'.
[  104.038541][ T7547] netlink: 'syz.0.659': attribute type 6 has an invalid length.
[  104.123081][ T7554] lo speed is unknown, defaulting to 1000
[  104.230430][ T7566] (unnamed net_device) (uninitialized): up delay (1024) is not a multiple of miimon (100), value rounded to 1000 ms
[  104.241750][ T7566] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (100), value rounded to 0 ms
[  104.418433][ T7575] lo speed is unknown, defaulting to 1000
[  105.200530][ T7609] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  105.203920][ T7609] syzkaller0: entered promiscuous mode
[  105.205744][ T7609] syzkaller0: entered allmulticast mode
[  105.242393][ T7609] tipc: Resetting bearer <eth:syzkaller0>
[  105.263300][ T7608] tipc: Resetting bearer <eth:syzkaller0>
[  105.279915][ T7608] tipc: Disabling bearer <eth:syzkaller0>
[  105.317159][ T7613] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  105.320870][ T7613] syzkaller0: entered promiscuous mode
[  105.323075][ T7613] syzkaller0: entered allmulticast mode
[  105.355360][ T7613] tipc: Resetting bearer <eth:syzkaller0>
[  105.362953][ T7612] tipc: Resetting bearer <eth:syzkaller0>
[  105.395875][ T7612] tipc: Disabling bearer <eth:syzkaller0>
[  105.595387][ T7628] syz_tun: entered allmulticast mode
[  105.616332][ T7628] dvmrp1: entered allmulticast mode
[  105.663434][ T7627] syz_tun: left allmulticast mode
[  105.835096][ T7639] netlink: 44 bytes leftover after parsing attributes in process `syz.0.685'.
[  105.917995][ T7644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.687'.
[  106.096344][ T7655] netlink: 'syz.2.692': attribute type 1 has an invalid length.
[  106.099081][ T7655] netlink: 92 bytes leftover after parsing attributes in process `syz.2.692'.
[  106.203492][ T7660] netlink: 'syz.2.693': attribute type 13 has an invalid length.
[  106.251582][ T7660] lo speed is unknown, defaulting to 1000
[  106.377295][ T7657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  106.439679][ T7669] lo speed is unknown, defaulting to 1000
[  106.709433][ T7684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.700'.
[  106.787350][ T7690] Bluetooth: MGMT ver 1.23
[  107.028968][ T7696] af_packet: tpacket_rcv: packet too big, clamped from 595 to 4294967272. macoff=96
[  107.280227][ T7712] lo speed is unknown, defaulting to 1000
[  107.914969][ T7756] lo speed is unknown, defaulting to 1000
[  108.140203][ T7778] syzkaller0: entered promiscuous mode
[  108.142202][ T7778] syzkaller0: entered allmulticast mode
[  108.853752][ T5237] Bluetooth: hci0: command 0x0c1a tx timeout
[  108.854061][   T55] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  108.918673][ T7822] netlink: 'syz.1.762': attribute type 4 has an invalid length.
[  108.929756][ T7822] netlink: 'syz.1.762': attribute type 4 has an invalid length.
[  109.259846][ T7852] __nla_validate_parse: 5 callbacks suppressed
[  109.259862][ T7852] netlink: 16 bytes leftover after parsing attributes in process `syz.2.777'.
[  109.432346][ T7861] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  109.484372][ T7869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.784'.
[  109.488207][ T7869] netlink: 4 bytes leftover after parsing attributes in process `syz.2.784'.
[  109.491863][ T7869] netlink: 'syz.2.784': attribute type 18 has an invalid length.
[  109.619056][ T7883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.791'.
[  109.902919][ T7905] lo speed is unknown, defaulting to 1000
[  109.946499][ T7912] delete_channel: no stack
[  110.070692][ T7922] netlink: 'syz.2.809': attribute type 1 has an invalid length.
[  110.074301][ T7922] netlink: 208 bytes leftover after parsing attributes in process `syz.2.809'.
[  110.077218][ T7922] netlink: 'syz.2.809': attribute type 1 has an invalid length.
[  110.080160][ T7922] netlink: 12 bytes leftover after parsing attributes in process `syz.2.809'.
[  110.263937][ T7935] netlink: 32 bytes leftover after parsing attributes in process `syz.2.814'.
[  110.266921][ T7935] netlink: 32 bytes leftover after parsing attributes in process `syz.2.814'.
[  110.781185][ T7949] netlink: 36 bytes leftover after parsing attributes in process `syz.1.820'.
[  111.591335][ T8011] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input4
[  111.700275][ T8025] netlink: 'syz.1.856': attribute type 1 has an invalid length.
[  111.915997][ T8042] netlink: 'syz.1.864': attribute type 3 has an invalid length.
[  111.973764][   T55] Bluetooth: hci2: command 0x0405 tx timeout
[  112.080533][ T8046] netlink: 'syz.1.866': attribute type 10 has an invalid length.
[  113.871761][ T8120] bond2: entered promiscuous mode
[  113.873354][ T8120] bond2: entered allmulticast mode
[  113.875639][ T8120] 8021q: adding VLAN 0 to HW filter on device bond2
[  114.859890][ T8177] __nla_validate_parse: 44 callbacks suppressed
[  114.859907][ T8177] netlink: 64 bytes leftover after parsing attributes in process `syz.1.926'.
[  115.027055][ T8189] netlink: 12 bytes leftover after parsing attributes in process `syz.0.932'.
[  115.060629][ T8189] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.105886][ T8189] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.117341][ T8189] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[  115.122430][ T8189] bond1: (slave wireguard0): Error -95 calling set_mac_address
[  115.360096][ T8218] netlink: 'syz.2.944': attribute type 1 has an invalid length.
[  115.363097][ T8218] netlink: 'syz.2.944': attribute type 4 has an invalid length.
[  115.366742][ T8218] netlink: 15586 bytes leftover after parsing attributes in process `syz.2.944'.
[  115.515377][ T8232] delete_channel: no stack
[  115.690840][ T8250] netlink: 12 bytes leftover after parsing attributes in process `syz.0.960'.
[  115.702733][ T8250] vlan3: entered promiscuous mode
[  115.707378][ T8250] gretap0: entered promiscuous mode
[  115.752520][ T8251] lo speed is unknown, defaulting to 1000
[  116.573816][ T8273] netlink: 48 bytes leftover after parsing attributes in process `syz.1.966'.
[  116.795459][ T8287] netlink: 'syz.1.973': attribute type 5 has an invalid length.
[  116.798485][ T8287] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.973'.
[  116.859981][ T8290] bridge: RTM_NEWNEIGH with invalid ether address
[  116.912037][ T8298] netlink: 28 bytes leftover after parsing attributes in process `syz.1.977'.
[  116.920301][ T8298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.977'.
[  117.022169][ T8305] netlink: 36 bytes leftover after parsing attributes in process `syz.2.981'.
[  117.040540][ T8305] netlink: 36 bytes leftover after parsing attributes in process `syz.2.981'.
[  117.142232][ T8305] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.145630][ T8305] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.189508][ T8315] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan1, syncid = 3, id = 0
[  117.411420][ T8331] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  117.567392][ T8341] gre1: entered allmulticast mode
[  117.640182][ T8346] netlink: 'syz.1.1000': attribute type 5 has an invalid length.
[  118.295218][ T8378] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  118.309221][ T8380] bridge0: entered allmulticast mode
[  118.311773][ T8380] bridge_slave_1: left allmulticast mode
[  118.316275][ T8380] bridge_slave_1: left promiscuous mode
[  118.318509][ T8380] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.322629][ T8380] bridge_slave_0: left allmulticast mode
[  118.325459][ T8380] bridge_slave_0: left promiscuous mode
[  118.328991][ T8380] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.340212][ T8380] bridge0 (unregistering): left allmulticast mode
[  118.402765][ T8382] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  118.407072][ T8382] syzkaller0: entered promiscuous mode
[  118.409543][ T8382] syzkaller0: entered allmulticast mode
[  118.437376][ T8382] tipc: Resetting bearer <eth:syzkaller0>
[  118.441004][ T8381] tipc: Resetting bearer <eth:syzkaller0>
[  118.455114][ T8381] tipc: Disabling bearer <eth:syzkaller0>
[  118.836084][ T8413] syzkaller1: entered promiscuous mode
[  118.838091][ T8413] syzkaller1: entered allmulticast mode
[  119.291973][ T8445] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  119.299778][    T9] lo speed is unknown, defaulting to 1000
[  119.302268][    T9] syz2: Port: 1 Link DOWN
[  120.040977][ T8491] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  120.619391][ T8518] __nla_validate_parse: 34 callbacks suppressed
[  120.619411][ T8518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1080'.
[  120.626765][ T8518] netlink: 'syz.1.1080': attribute type 5 has an invalid length.
[  120.636950][ T8518] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1080'.
[  120.657276][ T8518] geneve3: entered promiscuous mode
[  120.659396][ T8518] geneve3: entered allmulticast mode
[  120.664807][   T13] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  120.668411][   T13] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  120.678346][   T13] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  120.683790][   T13] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  120.867277][ T8537] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1090'.
[  121.211991][ T8564] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1102'.
[  121.217659][ T8564] netlink: 'syz.0.1102': attribute type 1 has an invalid length.
[  121.375740][ T8578] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1109'.
[  121.392992][ T8578] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  121.429066][ T8582] netlink: 'syz.0.1112': attribute type 30 has an invalid length.
[  121.506166][ T8592] netlink: 14679 bytes leftover after parsing attributes in process `syz.1.1115'.
[  121.688955][ T8608] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1124'.
[  121.895488][ T8628] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  121.898947][ T8628] syzkaller0: entered promiscuous mode
[  121.901088][ T8628] syzkaller0: entered allmulticast mode
[  121.917395][ T8628] tipc: Resetting bearer <eth:syzkaller0>
[  121.921859][ T8626] tipc: Resetting bearer <eth:syzkaller0>
[  121.937951][ T8626] tipc: Disabling bearer <eth:syzkaller0>
[  122.456231][ T8667] netlink: 'syz.2.1148': attribute type 3 has an invalid length.
[  122.469275][ T8667] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1148'.
[  122.540197][ T8677] netlink: 'syz.2.1152': attribute type 7 has an invalid length.
[  122.543156][ T8677] netlink: 'syz.2.1152': attribute type 8 has an invalid length.
[  122.546244][ T8677] netlink: 'syz.2.1152': attribute type 4 has an invalid length.
[  122.550284][ T8677] netlink: 204 bytes leftover after parsing attributes in process `syz.2.1152'.
[  122.780942][   T33] audit: type=1800 audit(1758903182.545:2): pid=8691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1160" name="blkio.bfq.time_recursive" dev="tmpfs" ino=2126 res=0 errno=0
[  123.073185][ T8717] lo speed is unknown, defaulting to 1000
[  124.641404][ T8769] netlink: 'syz.2.1195': attribute type 28 has an invalid length.
[  125.040143][ T8789] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1204'.
[  125.426557][ T8799] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.524590][ T8799] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.588018][ T8816] IPVS: set_ctl: invalid protocol: 51 224.0.0.2:20001
[  125.621283][ T8799] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.722169][ T8799] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.754535][ T8823] netlink: 'syz.1.1218': attribute type 21 has an invalid length.
[  125.757434][ T8823] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1218'.
[  125.858110][   T13] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.888709][   T13] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.900983][   T13] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.917458][   T13] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.926853][ T8833] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  125.929480][ T8833] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  125.952884][ T8833] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  126.041960][ T8839] netlink: 'syz.2.1226': attribute type 16 has an invalid length.
[  126.048139][ T8839] netlink: 'syz.2.1226': attribute type 17 has an invalid length.
[  126.177038][ T8839] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.187539][ T8839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.211287][ T8839] hsr0: left promiscuous mode
[  126.334931][ T8846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1226'.
[  126.344134][   T13] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.346939][   T13] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.350233][   T13] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.363208][   T13] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.681624][ T8879] sctp: [Deprecated]: syz.1.1242 (pid 8879) Use of int in max_burst socket option deprecated.
[  126.681624][ T8879] Use struct sctp_assoc_value instead
[  126.700357][ T8881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1240'.
[  126.751461][ T8885] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  126.754515][ T8885] syzkaller0: entered promiscuous mode
[  126.756447][ T8885] syzkaller0: entered allmulticast mode
[  126.773891][ T8885] tipc: Resetting bearer <eth:syzkaller0>
[  126.779715][ T8884] tipc: Resetting bearer <eth:syzkaller0>
[  126.789310][ T8884] tipc: Disabling bearer <eth:syzkaller0>
[  127.538688][ T8893] netlink: 'syz.1.1249': attribute type 16 has an invalid length.
[  127.541818][ T8893] netlink: 'syz.1.1249': attribute type 17 has an invalid length.
[  127.565500][   T13] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.575219][   T13] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  127.578673][   T13] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.583695][   T13] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  127.587255][ T8893] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1249'.
[  127.591443][   T13] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.596955][   T13] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  127.601755][   T13] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.607750][   T13] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  127.745419][ T8903] netlink: 'syz.2.1255': attribute type 1 has an invalid length.
[  128.146228][ T8917] lo speed is unknown, defaulting to 1000
[  128.694123][ T5237] Bluetooth: hci2: command 0x0405 tx timeout
[  129.640115][ T9011] IPVS: Scheduler module ip_vs_sip not found
[  129.855859][ T9029] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  129.859012][ T9029] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  129.917282][ T9034] netlink: 'syz.1.1290': attribute type 1 has an invalid length.
[  130.022061][ T9038] syzkaller0: entered promiscuous mode
[  130.024743][ T9038] syzkaller0: entered allmulticast mode
[  131.233505][ T9069] netlink: 'syz.1.1307': attribute type 1 has an invalid length.
[  131.386552][ T9075] lo speed is unknown, defaulting to 1000
[  131.892694][ T9120] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1330'.
[  131.923966][ T9122] netlink: 'syz.2.1331': attribute type 16 has an invalid length.
[  131.928851][ T9122] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1331'.
[  131.934916][ T9124] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1332'.
[  132.173542][ T9141] netlink: 'syz.0.1340': attribute type 21 has an invalid length.
[  132.176211][ T9141] netlink: 'syz.0.1340': attribute type 22 has an invalid length.
[  132.178826][ T9141] netlink: 'syz.0.1340': attribute type 23 has an invalid length.
[  132.182517][ T9141] netlink: 'syz.0.1340': attribute type 25 has an invalid length.
[  132.186460][ T9141] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1340'.
[  132.305346][ T9149] syz_tun: entered allmulticast mode
[  132.313811][ T9145] lo speed is unknown, defaulting to 1000
[  132.381782][ T9151] syz_tun: left allmulticast mode
[  132.707392][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.710999][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  133.118108][   T33] audit: type=1800 audit(1758903192.885:3): pid=9170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1349" name="memory.events" dev="tmpfs" ino=2418 res=0 errno=0
[  133.481131][ T9199] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  133.486720][ T9199] syzkaller0: entered promiscuous mode
[  133.489497][ T9199] syzkaller0: entered allmulticast mode
[  133.510456][ T9199] tipc: Resetting bearer <eth:syzkaller0>
[  133.516534][ T9197] tipc: Resetting bearer <eth:syzkaller0>
[  133.534354][ T9197] tipc: Disabling bearer <eth:syzkaller0>
[  133.618081][ T9209] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1368'.
[  133.994040][ T9228] netlink: 'syz.2.1377': attribute type 1 has an invalid length.
[  133.997391][ T9228] netlink: 'syz.2.1377': attribute type 1 has an invalid length.
[  133.997854][ T9229] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1378'.
[  134.868188][    C0] vcan0: j1939_tp_rxtimer: 0xffff888022144c00: rx timeout, send abort
[  134.872631][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888022144c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  135.115503][ T9271] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  135.153772][   T33] audit: type=1800 audit(1758903194.915:4): pid=9268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1392" name="memory.events" dev="tmpfs" ino=2183 res=0 errno=0
[  135.250414][ T9277] netlink: 'syz.2.1398': attribute type 1 has an invalid length.
[  135.566817][ T9297] tipc: Enabled bearer <udp:s>, priority 10
[  135.575922][ T9292] lo speed is unknown, defaulting to 1000
[  135.690847][ T9298] lo speed is unknown, defaulting to 1000
[  135.710979][ T9305] netlink: 'syz.2.1410': attribute type 39 has an invalid length.
[  135.924949][ T9317] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  135.928335][ T9317] syzkaller0: entered promiscuous mode
[  135.930443][ T9317] syzkaller0: entered allmulticast mode
[  135.955147][ T9321] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1417'.
[  135.968140][ T9321] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1417'.
[  135.993317][ T9317] tipc: Resetting bearer <eth:syzkaller0>
[  136.000484][ T9314] tipc: Resetting bearer <eth:syzkaller0>
[  136.039357][ T9314] tipc: Disabling bearer <eth:syzkaller0>
[  136.137655][ T9335] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1425'.
[  136.359974][ T9353] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1424'.
[  136.380493][    T9] hid-generic 0005:0007:0008.0001: unknown main item tag 0x0
[  136.390730][    T9] hid-generic 0005:0007:0008.0001: hidraw0: BLUETOOTH HID v0.08 Device [syz0] on aa:aa:aa:aa:aa:aa
[  136.558142][ T9369] lo speed is unknown, defaulting to 1000
[  137.245263][ T9397] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1449'.
[  137.272570][ T9394] lo speed is unknown, defaulting to 1000
[  137.326142][ T9402] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1451'.
[  137.329884][ T9402] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1451'.
[  137.442182][ T9411] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1453'.
[  137.445782][ T9411] block nbd0: reconnected socket
[  137.447343][ T9411] nbd: socks must be embedded in a SOCK_ITEM attr
[  137.450252][   T56] block nbd0: Receive control failed (result -32)
[  137.459241][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1456'.
[  138.741008][ T9477] validate_nla: 1 callbacks suppressed
[  138.741043][ T9477] netlink: 'syz.2.1483': attribute type 1 has an invalid length.
[  138.919099][ T9487] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1488'.
[  138.922792][ T9487] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1488'.
[  139.239979][ T9508] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1498'.
[  139.243529][ T9508] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1498'.
[  139.248965][ T9508] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1498'.
[  139.774394][ T9545] netlink: 'syz.0.1515': attribute type 1 has an invalid length.
[  139.846148][ T9550] netlink: 'syz.1.1517': attribute type 1 has an invalid length.
[  139.958404][ T9558] netlink: 'syz.2.1521': attribute type 1 has an invalid length.
[  140.060908][ T9565] lo speed is unknown, defaulting to 1000
[  140.065683][ T9565] lo speed is unknown, defaulting to 1000
[  140.068766][ T9565] lo speed is unknown, defaulting to 1000
[  140.156319][ T9569] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.169224][ T9569] 8021q: adding VLAN 0 to HW filter on device team0
[  140.196968][ T9569] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  140.279778][ T9565] infiniband syz0: set active
[  140.281664][ T9565] infiniband syz0: added lo
[  140.288294][    T9] lo speed is unknown, defaulting to 1000
[  140.290982][    T9] syz0: Port: 1 Link ACTIVE
[  140.309259][ T9565] RDS/IB: syz0: added
[  140.313066][ T9565] lo speed is unknown, defaulting to 1000
[  140.439582][ T9565] lo speed is unknown, defaulting to 1000
[  140.557388][ T9565] lo speed is unknown, defaulting to 1000
[  140.783294][ T9600] netlink: 'syz.0.1536': attribute type 1 has an invalid length.
[  140.936069][ T9617] netlink: 'syz.2.1543': attribute type 21 has an invalid length.
[  141.015100][ T5237] Bluetooth: hci2: command 0x0405 tx timeout
[  141.625123][ T9682] bridge_slave_0: left allmulticast mode
[  141.627519][ T9682] bridge_slave_0: left promiscuous mode
[  141.630017][ T9682] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.636113][ T9682] bridge_slave_1: left allmulticast mode
[  141.637987][ T9682] bridge_slave_1: left promiscuous mode
[  141.640860][ T9682] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.655840][ T9682] bond0: (slave bond_slave_0): Releasing backup interface
[  142.498560][ T9682] bond0: (slave bond_slave_1): Releasing backup interface
[  142.508468][ T9682] team0: Port device team_slave_0 removed
[  142.525115][ T9682] team0: Port device team_slave_1 removed
[  142.527848][ T9682] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.532187][ T9682] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.541457][ T9682] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  142.548134][ T5432] lo speed is unknown, defaulting to 1000
[  142.656780][ T9706] __nla_validate_parse: 11 callbacks suppressed
[  142.656793][ T9706] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1583'.
[  142.662500][ T9704] syzkaller1: entered promiscuous mode
[  142.665143][ T9704] syzkaller1: entered allmulticast mode
[  142.840845][ T9724] netlink: 'syz.2.1593': attribute type 6 has an invalid length.
[  142.947743][ T9736] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1599'.
[  142.951496][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1600'.
[  142.976755][ T1014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.979393][ T1014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.996928][ T9736] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  143.000175][ T9736] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  143.155478][    T9] IPVS: starting estimator thread 0...
[  143.159588][ T9749] IPVS: wlc: SCTP 172.20.20.187:0 - no destination available
[  143.256114][ T9750] IPVS: using max 63 ests per chain, 151200 per kthread
[  143.986705][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1614'.
[  144.033476][ T9782] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1616'.
[  144.317666][ T9802] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1626'.
[  144.371295][ T9806] syz_tun: entered allmulticast mode
[  144.376644][ T9805] syz_tun: left allmulticast mode
[  144.474874][ T9814] netlink: 'syz.0.1632': attribute type 2 has an invalid length.
[  144.649896][ T9829] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1639'.
[  144.992239][ T9854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1651'.
[  145.312988][ T9867] lo speed is unknown, defaulting to 1000
[  145.320972][ T9867] lo speed is unknown, defaulting to 1000
[  145.465425][ T9879] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1661'.
[  145.529179][ T9882] netlink: 'syz.1.1662': attribute type 11 has an invalid length.
[  145.796675][ T9900] netlink: 'syz.0.1671': attribute type 1 has an invalid length.
[  145.799451][ T9900] netlink: 'syz.0.1671': attribute type 1 has an invalid length.
[  145.805250][ T9900] netlink: 'syz.0.1671': attribute type 1 has an invalid length.
[  146.722079][ T9971] netlink: 'syz.0.1703': attribute type 3 has an invalid length.
[  146.739801][ T9971] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1703'.
[  147.485916][T10007] netlink: 'syz.1.1712': attribute type 1 has an invalid length.
[  147.587538][T10009] netlink: 'syz.1.1713': attribute type 6 has an invalid length.
[  148.075594][T10037] __nla_validate_parse: 1 callbacks suppressed
[  148.075610][T10037] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1727'.
[  148.088756][T10039] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1726'.
[  148.111020][T10039] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1726'.
[  148.121221][T10039] netlink: 'syz.2.1726': attribute type 5 has an invalid length.
[  148.125061][T10039] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1726'.
[  148.150638][T10037] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1727'.
[  148.455694][T10066] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1738'.
[  148.510958][ T5922] IPVS: starting estimator thread 0...
[  148.534675][T10074] netlink: 'syz.1.1742': attribute type 1 has an invalid length.
[  148.563498][T10074] bond2: (slave gretap1): making interface the new active one
[  148.567433][T10074] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  148.589330][T10078] netlink: 'syz.2.1745': attribute type 5 has an invalid length.
[  148.604641][T10073] IPVS: using max 63 ests per chain, 151200 per kthread
[  148.873021][T10106] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1758'.
[  148.943404][T10109] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1759'.
[  149.673437][   T33] audit: type=1804 audit(1758903209.435:5): pid=10143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1774" name="x000000000000000300000000000000000000003" dev="tmpfs" ino=3223 res=1 errno=0
[  149.683532][   T33] audit: type=1800 audit(1758903209.445:6): pid=10143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1774" name="x000000000000000300000000000000000000003" dev="tmpfs" ino=3223 res=0 errno=0
[  150.585886][T10200] validate_nla: 2 callbacks suppressed
[  150.585904][T10200] netlink: 'syz.0.1802': attribute type 10 has an invalid length.
[  150.598513][T10200] 8021q: adding VLAN 0 to HW filter on device team0
[  150.604188][T10200] bond0: (slave team0): Enslaving as an active interface with an up link
[  150.668459][T10206] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1805'.
[  150.684379][T10208] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1806'.
[  150.780927][T10214] rdma_op ffff88803258f9f0 conn xmit_rdma 0000000000000000
[  151.196963][   T13] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  151.206067][   T13] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  151.214698][   T13] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  151.217995][   T13] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  152.239863][T10310] ==================================================================
[  152.243187][T10310] BUG: KASAN: slab-use-after-free in __xfrm_state_lookup+0x6ad/0x8d0
[  152.246406][T10310] Read of size 2 at addr ffff88811332ca42 by task syz.1.1850/10310
[  152.250914][T10310] 
[  152.251916][T10310] CPU: 0 UID: 0 PID: 10310 Comm: syz.1.1850 Not tainted syzkaller #0 PREEMPT(full) 
[  152.251937][T10310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  152.251948][T10310] Call Trace:
[  152.251966][T10310]  <TASK>
[  152.251974][T10310]  dump_stack_lvl+0x189/0x250
[  152.251997][T10310]  ? __kasan_check_byte+0x12/0x40
[  152.252019][T10310]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.252040][T10310]  ? lock_release+0x4b/0x3e0
[  152.252061][T10310]  ? __virt_addr_valid+0x4a5/0x5c0
[  152.252078][T10310]  print_report+0xca/0x240
[  152.252096][T10310]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  152.252145][T10310]  kasan_report+0x118/0x150
[  152.252165][T10310]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  152.252184][T10310]  __xfrm_state_lookup+0x6ad/0x8d0
[  152.252203][T10310]  ? __pfx___xfrm_state_lookup+0x10/0x10
[  152.252219][T10310]  ? xfrm_state_lookup+0x45/0x1e0
[  152.252237][T10310]  xfrm_state_lookup+0x11e/0x1e0
[  152.252257][T10310]  xfrm_user_state_lookup+0x231/0x370
[  152.252272][T10310]  ? __pfx_xfrm_user_state_lookup+0x10/0x10
[  152.252291][T10310]  xfrm_del_sa+0xf1/0x3e0
[  152.252312][T10310]  ? __pfx_xfrm_del_sa+0x10/0x10
[  152.252330][T10310]  ? apparmor_capable+0x137/0x1b0
[  152.252348][T10310]  ? __nla_parse+0x40/0x60
[  152.252364][T10310]  xfrm_user_rcv_msg+0x7a3/0xab0
[  152.252389][T10310]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  152.252416][T10310]  ? __pfx___mutex_trylock_common+0x10/0x10
[  152.252430][T10310]  ? rcu_is_watching+0x15/0xb0
[  152.252442][T10310]  ? trace_contention_end+0x39/0x120
[  152.252455][T10310]  ? __mutex_lock+0x335/0x1350
[  152.252469][T10310]  netlink_rcv_skb+0x208/0x470
[  152.252486][T10310]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  152.252505][T10310]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  152.252521][T10310]  ? netlink_deliver_tap+0x2e/0x1b0
[  152.252533][T10310]  ? netlink_deliver_tap+0x2e/0x1b0
[  152.252547][T10310]  xfrm_netlink_rcv+0x79/0x90
[  152.252565][T10310]  netlink_unicast+0x82f/0x9e0
[  152.252581][T10310]  ? __pfx_netlink_unicast+0x10/0x10
[  152.252595][T10310]  ? netlink_sendmsg+0x642/0xb30
[  152.252608][T10310]  ? skb_put+0x11b/0x210
[  152.252625][T10310]  netlink_sendmsg+0x805/0xb30
[  152.252644][T10310]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.252660][T10310]  ? aa_sock_msg_perm+0xf1/0x1d0
[  152.252682][T10310]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  152.252696][T10310]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.252711][T10310]  __sock_sendmsg+0x21c/0x270
[  152.252732][T10310]  ____sys_sendmsg+0x505/0x830
[  152.252750][T10310]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.252769][T10310]  ? import_iovec+0x74/0xa0
[  152.252787][T10310]  ___sys_sendmsg+0x21f/0x2a0
[  152.252804][T10310]  ? __pfx____sys_sendmsg+0x10/0x10
[  152.252833][T10310]  ? __fget_files+0x2a/0x420
[  152.252853][T10310]  ? __fget_files+0x3a0/0x420
[  152.252875][T10310]  __x64_sys_sendmsg+0x19b/0x260
[  152.252893][T10310]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  152.252913][T10310]  ? rcu_is_watching+0x15/0xb0
[  152.252927][T10310]  ? do_syscall_64+0xbe/0x3b0
[  152.252943][T10310]  do_syscall_64+0xfa/0x3b0
[  152.252955][T10310]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.252975][T10310]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.252988][T10310]  ? exc_page_fault+0x9f/0xf0
[  152.253008][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.253029][T10310] RIP: 0033:0x7f6d64b8ec29
[  152.253045][T10310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.253058][T10310] RSP: 002b:00007f6d65a47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.253075][T10310] RAX: ffffffffffffffda RBX: 00007f6d64dd5fa0 RCX: 00007f6d64b8ec29
[  152.253086][T10310] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  152.253095][T10310] RBP: 00007f6d64c11e41 R08: 0000000000000000 R09: 0000000000000000
[  152.253137][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.253146][T10310] R13: 00007f6d64dd6038 R14: 00007f6d64dd5fa0 R15: 00007ffec9676f78
[  152.253162][T10310]  </TASK>
[  152.253167][T10310] 
[  152.402548][T10310] Allocated by task 7443:
[  152.404219][T10310]  kasan_save_track+0x3e/0x80
[  152.406011][T10310]  __kasan_slab_alloc+0x6c/0x80
[  152.407890][T10310]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  152.409992][T10310]  xfrm_state_alloc+0x24/0x2f0
[  152.411903][T10310]  __find_acq_core+0x8a7/0x1c00
[  152.413828][T10310]  xfrm_find_acq+0x78/0xa0
[  152.415635][T10310]  xfrm_alloc_userspi+0x6b3/0xc90
[  152.417650][T10310]  xfrm_user_rcv_msg+0x7a3/0xab0
[  152.419601][T10310]  netlink_rcv_skb+0x208/0x470
[  152.421465][T10310]  xfrm_netlink_rcv+0x79/0x90
[  152.423293][T10310]  netlink_unicast+0x82f/0x9e0
[  152.425178][T10310]  netlink_sendmsg+0x805/0xb30
[  152.427056][T10310]  __sock_sendmsg+0x21c/0x270
[  152.428902][T10310]  ____sys_sendmsg+0x505/0x830
[  152.430775][T10310]  ___sys_sendmsg+0x21f/0x2a0
[  152.432589][T10310]  __x64_sys_sendmsg+0x19b/0x260
[  152.434514][T10310]  do_syscall_64+0xfa/0x3b0
[  152.436284][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.438548][T10310] 
[  152.439490][T10310] Freed by task 52:
[  152.440955][T10310]  kasan_save_track+0x3e/0x80
[  152.442796][T10310]  kasan_save_free_info+0x46/0x50
[  152.444758][T10310]  __kasan_slab_free+0x5b/0x80
[  152.446602][T10310]  kmem_cache_free+0x18f/0x400
[  152.448417][T10310]  xfrm_state_gc_task+0x52d/0x6b0
[  152.450351][T10310]  process_scheduled_works+0xae1/0x17b0
[  152.452488][T10310]  worker_thread+0x8a0/0xda0
[  152.454285][T10310]  kthread+0x711/0x8a0
[  152.455829][T10310]  ret_from_fork+0x439/0x7d0
[  152.457639][T10310]  ret_from_fork_asm+0x1a/0x30
[  152.459520][T10310] 
[  152.460464][T10310] The buggy address belongs to the object at ffff88811332c900
[  152.460464][T10310]  which belongs to the cache xfrm_state of size 928
[  152.465707][T10310] The buggy address is located 322 bytes inside of
[  152.465707][T10310]  freed 928-byte region [ffff88811332c900, ffff88811332cca0)
[  152.470766][T10310] 
[  152.471739][T10310] The buggy address belongs to the physical page:
[  152.474237][T10310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88811332cd80 pfn:0x11332c
[  152.478088][T10310] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  152.481339][T10310] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  152.484259][T10310] page_type: f5(slab)
[  152.485817][T10310] raw: 057ff00000000040 ffff88801c701640 dead000000000122 0000000000000000
[  152.489199][T10310] raw: ffff88811332cd80 00000000800e0009 00000000f5000000 0000000000000000
[  152.492551][T10310] head: 057ff00000000040 ffff88801c701640 dead000000000122 0000000000000000
[  152.495891][T10310] head: ffff88811332cd80 00000000800e0009 00000000f5000000 0000000000000000
[  152.499273][T10310] head: 057ff00000000002 ffffea00044ccb01 00000000ffffffff 00000000ffffffff
[  152.502659][T10310] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  152.505995][T10310] page dumped because: kasan: bad access detected
[  152.508514][T10310] page_owner tracks the page as allocated
[  152.510746][T10310] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6906, tgid 6901 (syz.2.405), ts 91313419503, free_ts 68618436552
[  152.517516][T10310]  post_alloc_hook+0x240/0x2a0
[  152.519072][T10310]  get_page_from_freelist+0x21e4/0x22c0
[  152.520998][T10310]  __alloc_frozen_pages_noprof+0x181/0x370
[  152.523272][T10310]  alloc_pages_mpol+0x232/0x4a0
[  152.524796][T10310]  allocate_slab+0x8a/0x370
[  152.526230][T10310]  ___slab_alloc+0xbeb/0x1420
[  152.527685][T10310]  kmem_cache_alloc_noprof+0x283/0x3c0
[  152.529369][T10310]  xfrm_state_alloc+0x24/0x2f0
[  152.530851][T10310]  xfrm_state_find+0x37d4/0x5400
[  152.532642][T10310]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  152.534841][T10310]  xfrm_lookup_with_ifid+0x2a7/0x1a70
[  152.536528][T10310]  xfrm_lookup_route+0x3c/0x1c0
[  152.538161][T10310]  udp_sendmsg+0x142e/0x2170
[  152.539609][T10310]  __sock_sendmsg+0x19c/0x270
[  152.541156][T10310]  ____sys_sendmsg+0x52d/0x830
[  152.542651][T10310]  ___sys_sendmsg+0x21f/0x2a0
[  152.544189][T10310] page last free pid 5858 tgid 5858 stack trace:
[  152.546394][T10310]  __free_frozen_pages+0xbc4/0xd30
[  152.547984][T10310]  __slab_free+0x303/0x3c0
[  152.549386][T10310]  qlist_free_all+0x97/0x140
[  152.550859][T10310]  kasan_quarantine_reduce+0x148/0x160
[  152.552864][T10310]  __kasan_slab_alloc+0x22/0x80
[  152.554404][T10310]  kmem_cache_alloc_lru_noprof+0x1c6/0x3d0
[  152.556253][T10310]  sock_alloc_inode+0x28/0xc0
[  152.557732][T10310]  alloc_inode+0x6a/0x1b0
[  152.559056][T10310]  __sock_create+0x12d/0x9f0
[  152.560505][T10310]  __sys_socket+0xd7/0x1b0
[  152.561966][T10310]  __x64_sys_socket+0x7a/0x90
[  152.563486][T10310]  do_syscall_64+0xfa/0x3b0
[  152.565264][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.567298][T10310] 
[  152.568051][T10310] Memory state around the buggy address:
[  152.570269][T10310]  ffff88811332c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.572776][T10310]  ffff88811332c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.575232][T10310] >ffff88811332ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.578187][T10310]                                            ^
[  152.580397][T10310]  ffff88811332ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.583556][T10310]  ffff88811332cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  152.586709][T10310] ==================================================================
[  152.596626][T10310] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  152.598961][T10310] CPU: 0 UID: 0 PID: 10310 Comm: syz.1.1850 Not tainted syzkaller #0 PREEMPT(full) 
[  152.602492][T10310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  152.605824][T10310] Call Trace:
[  152.606928][T10310]  <TASK>
[  152.607871][T10310]  dump_stack_lvl+0x99/0x250
[  152.609318][T10310]  ? __asan_memcpy+0x40/0x70
[  152.610854][T10310]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.612597][T10310]  ? __pfx__printk+0x10/0x10
[  152.614132][T10310]  vpanic+0x281/0x750
[  152.615372][T10310]  ? preempt_schedule+0xae/0xc0
[  152.616966][T10310]  ? __pfx_vpanic+0x10/0x10
[  152.618403][T10310]  ? preempt_schedule_common+0x83/0xd0
[  152.620037][T10310]  ? preempt_schedule+0xae/0xc0
[  152.621516][T10310]  ? __pfx_preempt_schedule+0x10/0x10
[  152.623286][T10310]  panic+0xb9/0xc0
[  152.624510][T10310]  ? __pfx_panic+0x10/0x10
[  152.625902][T10310]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  152.627842][T10310]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  152.629577][T10310]  check_panic_on_warn+0x89/0xb0
[  152.631192][T10310]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  152.632920][T10310]  end_report+0x78/0x160
[  152.634404][T10310]  kasan_report+0x129/0x150
[  152.636044][T10310]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  152.637765][T10310]  __xfrm_state_lookup+0x6ad/0x8d0
[  152.639375][T10310]  ? __pfx___xfrm_state_lookup+0x10/0x10
[  152.641153][T10310]  ? xfrm_state_lookup+0x45/0x1e0
[  152.642699][T10310]  xfrm_state_lookup+0x11e/0x1e0
[  152.644247][T10310]  xfrm_user_state_lookup+0x231/0x370
[  152.645933][T10310]  ? __pfx_xfrm_user_state_lookup+0x10/0x10
[  152.648125][T10310]  xfrm_del_sa+0xf1/0x3e0
[  152.649812][T10310]  ? __pfx_xfrm_del_sa+0x10/0x10
[  152.651797][T10310]  ? apparmor_capable+0x137/0x1b0
[  152.653571][T10310]  ? __nla_parse+0x40/0x60
[  152.655336][T10310]  xfrm_user_rcv_msg+0x7a3/0xab0
[  152.657306][T10310]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  152.659152][T10310]  ? __pfx___mutex_trylock_common+0x10/0x10
[  152.660950][T10310]  ? rcu_is_watching+0x15/0xb0
[  152.662538][T10310]  ? trace_contention_end+0x39/0x120
[  152.664574][T10310]  ? __mutex_lock+0x335/0x1350
[  152.666076][T10310]  netlink_rcv_skb+0x208/0x470
[  152.667693][T10310]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  152.669394][T10310]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  152.671426][T10310]  ? netlink_deliver_tap+0x2e/0x1b0
[  152.673060][T10310]  ? netlink_deliver_tap+0x2e/0x1b0
[  152.674723][T10310]  xfrm_netlink_rcv+0x79/0x90
[  152.676413][T10310]  netlink_unicast+0x82f/0x9e0
[  152.677934][T10310]  ? __pfx_netlink_unicast+0x10/0x10
[  152.679583][T10310]  ? netlink_sendmsg+0x642/0xb30
[  152.681315][T10310]  ? skb_put+0x11b/0x210
[  152.682835][T10310]  netlink_sendmsg+0x805/0xb30
[  152.684744][T10310]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.686400][T10310]  ? aa_sock_msg_perm+0xf1/0x1d0
[  152.688027][T10310]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  152.689693][T10310]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.691348][T10310]  __sock_sendmsg+0x21c/0x270
[  152.692863][T10310]  ____sys_sendmsg+0x505/0x830
[  152.694382][T10310]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.696022][T10310]  ? import_iovec+0x74/0xa0
[  152.697697][T10310]  ___sys_sendmsg+0x21f/0x2a0
[  152.699574][T10310]  ? __pfx____sys_sendmsg+0x10/0x10
[  152.701358][T10310]  ? __fget_files+0x2a/0x420
[  152.702952][T10310]  ? __fget_files+0x3a0/0x420
[  152.704507][T10310]  __x64_sys_sendmsg+0x19b/0x260
[  152.706186][T10310]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  152.707856][T10310]  ? rcu_is_watching+0x15/0xb0
[  152.709523][T10310]  ? do_syscall_64+0xbe/0x3b0
[  152.711303][T10310]  do_syscall_64+0xfa/0x3b0
[  152.712972][T10310]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.714763][T10310]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.716797][T10310]  ? exc_page_fault+0x9f/0xf0
[  152.718330][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.720268][T10310] RIP: 0033:0x7f6d64b8ec29
[  152.721711][T10310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.728257][T10310] RSP: 002b:00007f6d65a47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.731051][T10310] RAX: ffffffffffffffda RBX: 00007f6d64dd5fa0 RCX: 00007f6d64b8ec29
[  152.733766][T10310] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  152.736440][T10310] RBP: 00007f6d64c11e41 R08: 0000000000000000 R09: 0000000000000000
[  152.738923][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.741627][T10310] R13: 00007f6d64dd6038 R14: 00007f6d64dd5fa0 R15: 00007ffec9676f78
[  152.744261][T10310]  </TASK>
[  152.745772][T10310] Kernel Offset: disabled
[  152.747132][T10310] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:13:32  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000033 RBX=0000000000000033 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001203 RDI=0000000000001204 RBP=00000000000003f8 RSP=ffffc90009476970
R8 =ffff88801fca0237 R9 =1ffff11003f94046 R10=dffffc0000000000 R11=ffffffff854fac30
R12=dffffc0000000000 R13=ffffffff99ad78f8 R14=ffffffff99dcc480 R15=0000000000000000
RIP=ffffffff854facac RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f6d65a476c0 ffffffff 00c00000
GS =0000 ffff8880b863d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000180 CR3=000000011e656000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f6d64da7498 00007f6d64da7470 XMM03=00007f6d64da74a8 00007f6d64da74a0
XMM04=00007f6d6590d100 00007f6d64da7460 XMM05=00007f6d64da7478 00007f6d64da74c0
XMM06=00007f6d64da74b8 00007f6d64da74b0 XMM07=00007f6d64da74a8 00007f6d64da74a0
XMM08=0000000000000000 00007f6d64c12f0f XMM09=0000000000000000 00007f6d64c12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000001 RCX=0d9954d88b514000 RDX=0000000000000000
RSI=ffffffff8be33ee0 RDI=ffffffff8be33ea0 RBP=ffff88801b654ea0 RSP=ffffc900093f7520
R8 =ffff88801b654e9f R9 =1ffff110036ca9d3 R10=dffffc0000000000 R11=ffffed10036ca9d4
R12=0000000000000000 R13=ffffffff822e5c37 R14=ffffffff8e13a0e0 R15=ffff8880350e0000
RIP=ffffffff819d6f06 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055557ddb4500 ffffffff 00c00000
GS =0000 ffff8881a3c3d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b33221ff8 CR3=00000000275b2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007f6d64c12e7b
XMM06=0000000000000000 00007f6d64c12e75 XMM07=0000000000000000 00007f6d64c12e89
XMM08=0000000000000000 00007f6d64c12f0f XMM09=0000000000000000 00007f6d64c12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
