last executing test programs:

776.633479ms ago: executing program 2 (id=997):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000200)={@val={0xa}, @void, @eth={@multicast, @local, @val={@val={0x88a8, 0x0, 0x1}, {0x8100, 0x1, 0x0, 0x1}}, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \x00', 0xc, 0x11, 0xff, @empty, @empty, {[], {0x4e23, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x1, 0x3, 0x4, 0x0, @void}}}}}}}}}, 0x4e)

655.786627ms ago: executing program 2 (id=1003):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41000}, 0x94)

578.607709ms ago: executing program 2 (id=1004):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500001b95"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x8, &(0x7f00000005c0)=ANY=[@ANYBLOB="180800000000000000000000000000008510000003000000180000000000000000000000000000009500000000000000ddaa"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

577.982814ms ago: executing program 2 (id=1006):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x18, 0x24, 0x301, 0x70bd29, 0x25dfdbf7, {0x5}, [@typed={0x4, 0x11a, 0x0, 0x0, @binary}]}, 0x18}}, 0x0)

508.61265ms ago: executing program 2 (id=1009):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0xa, [@struct={0x8, 0x1, 0x0, 0xf, 0x0, 0x10005, [{0x2, 0x5, 0xa}]}, @var={0x4, 0x0, 0x0, 0xe, 0x2}]}, {0x0, [0x30, 0x0, 0x0, 0xcf, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f00000001c0)=""/257, 0x4a, 0x101, 0x6}, 0x28)

508.34235ms ago: executing program 2 (id=1010):
syz_80211_inject_frame(&(0x7f0000001f80)=@broadcast, &(0x7f0000001fc0)=@ctrl_frame=@ba={{}, {0xf}, @device_b, @device_a, @basic={{0x1, 0x0, 0x0, 0x0, 0x6}, {0x6, 0x1}, "89b3630fd2bead961be2761f5a56762f3e77cd8cac6fdc963ab4cd268ff65c42950fa7580a36581d0536609be6cdd5b5848eefc43a9b307032fa8480546ad2c157ca3940d9586bf5d49d6ce6f5404f6f10ed55359ff61e4b653a4541ec0d5563606e4536196bdd84661efd3905d57c7b6e2a4afa9dbc7a9efb358e7dea9711d4"}}, 0x94)

275.620572ms ago: executing program 1 (id=1020):
r0 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x2, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)

200.007555ms ago: executing program 1 (id=1021):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, 0x0, &(0x7f0000000040))
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[], 0x30}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
select(0x40, &(0x7f00000001c0)={0x3, 0x2, 0x5, 0x1, 0x1, 0x9, 0x2210, 0xcd}, &(0x7f00000003c0)={0x7, 0x90, 0x9, 0x40000000000, 0x5, 0x6, 0x9, 0x8}, &(0x7f0000000480)={0x2, 0xffff, 0xffffffffffffff00, 0x517, 0x8000, 0xfffffffffffffffb, 0x1, 0x3}, &(0x7f00000004c0)={0x0, 0xea60})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x14}}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='veth1_to_batadv\x00', 0x10)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_freezer_state(r4, &(0x7f00000000c0), 0x2, 0x0)
r6 = openat$cgroup_procs(r4, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000180), 0x12)
write$cgroup_freezer_state(r5, &(0x7f0000000200)='THAWED\x00', 0x7)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0x1002, @loopback, 0xffdfffff}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000300)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r9, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000000c0000400000000002000000000000000000000d000000000000"], 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="0d736a6d07bfcdd0566a98680b2cb4f9db771b52c8f4d75d53a64178a317eedd137b7964638a57858c661bce7176"], &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x41000, 0x13, '\x00', 0x0, 0x0, r10, 0x3f, &(0x7f0000000080)={0x2, 0x1}, 0x8}, 0x94)

199.530228ms ago: executing program 0 (id=1022):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, 0x0, &(0x7f0000000780))

147.399225ms ago: executing program 0 (id=1023):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000200000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000008000000850000000e00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="37d11f3449c5a3f2c93993b1766e", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

147.181049ms ago: executing program 0 (id=1024):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000045c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000080)=[{&(0x7f00000015c0)='5', 0x1}, {&(0x7f00000000c0)="57a015", 0x3}], 0x2, 0x7)
splice(r2, 0x0, r1, 0x0, 0x8000, 0x9)

140.35915ms ago: executing program 1 (id=1025):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xc, @broadcast}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0)

57.659187ms ago: executing program 1 (id=1026):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
accept4$bt_l2cap(r0, 0x0, 0x0, 0x800)

57.317806ms ago: executing program 0 (id=1027):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x200, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xd}, {0x0, 0xffea}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0x1c8, 0x2, [@TCA_ROUTE4_ACT={0x1c4, 0x6, [@m_vlan={0x88, 0x6, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1b6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x49, 0x6, "657c8f856bb2bb5d377d3e798375b1d28aa9ff79c5750c001846426a94e358dab26224b357e0bd9c9b84cfee21ec99f48cf585ab10ae01a9ffc67e6ad19b4103524e4f4a3b"}, {0xc}, {0xc}}}, @m_bpf={0x138, 0xa, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0xc, 0x4, [{0x3, 0x0, 0x1, 0x9}]}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0x3, 0x3, 0x5, 0x7f}, {0x4, 0x0, 0xe7}, {0x3373, 0x7, 0x5, 0xe786f6ae}, {0x2, 0x1c, 0xb0, 0x20000000}]}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x8}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x7, 0x3, 0x9, 0x8}]}]}, {0xba, 0x6, "8eb55930760aaf0b59772c5971036fba8994239acc2d66a896c98c740ca7d203000000000000002a326cef7c8ba136d0bce7d5be2f44c0f7df2af8b58cd15301925bdef87ac2e982db6d48439b06b9d7e9e88cb4d0262a5d0900461c33b2f76470602416519436d7f6f3d3dec1bf02a5ce6e83f8664d689fd77f1519cfac04b8ebd7ea20e82977ee8d8e46d44e8f8c8485af903929b1f3288322548d9e6a92389a03899eaaba97faeef8863180bc96804713e41b3d6d"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x200}, 0x1, 0x0, 0x0, 0x4004}, 0x20008885)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

57.041998ms ago: executing program 0 (id=1028):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newlink={0x38, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0x8}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_ROLE={0x8, 0x4, 0x2}]}}}]}, 0x38}, 0x1, 0xba01, 0x0, 0x801}, 0x0)

56.820386ms ago: executing program 1 (id=1029):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x1e, 0x21, 0x8, 0x25dfdbfc, {0x7}}, 0x14}}, 0x0)

248.467µs ago: executing program 1 (id=1030):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x3}}}]}, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xe, 0x7}, {0x1, 0xfff1}, {0xa}}}, 0x24}}, 0x20004804)

0s ago: executing program 0 (id=1031):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0xb8, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TIMEOUT={0x8}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_NAT_DST={0x24, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @private0}]}]}, 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:31145' (ED25519) to the list of known hosts.
syzkaller login: [   56.317507][ T5819] cgroup: Unknown subsys name 'net'
[   56.438555][ T5819] cgroup: Unknown subsys name 'cpuset'
[   56.442544][ T5819] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   58.189929][ T5819] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   68.943840][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   68.955606][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   68.958687][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   68.967801][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   68.975068][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.146488][ T5874] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   69.156814][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.159311][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.306858][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.310142][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.808535][ T5234] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   70.812778][ T5234] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   70.816839][ T5234] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   70.820722][ T5234] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   70.824522][ T5234] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   70.915831][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   70.926664][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   70.929929][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   70.933838][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   70.937531][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   70.984080][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   70.988040][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   70.991455][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   70.994850][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   70.998176][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.249063][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[   71.251385][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[   71.301919][ T5900] chnl_net:caif_netlink_parms(): no params data found
[   71.406826][ T5903] chnl_net:caif_netlink_parms(): no params data found
[   71.464381][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.467868][ T5900] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.470810][ T5900] bridge_slave_0: entered allmulticast mode
[   71.474606][ T5900] bridge_slave_0: entered promiscuous mode
[   71.483299][ T5905] chnl_net:caif_netlink_parms(): no params data found
[   71.505293][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.508232][ T5900] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.511122][ T5900] bridge_slave_1: entered allmulticast mode
[   71.514196][ T5900] bridge_slave_1: entered promiscuous mode
[   71.594859][ T5900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.622474][ T5900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.690550][ T5905] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.693317][ T5905] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.697183][ T5905] bridge_slave_0: entered allmulticast mode
[   71.700955][ T5905] bridge_slave_0: entered promiscuous mode
[   71.720845][ T5900] team0: Port device team_slave_0 added
[   71.723523][ T5903] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.726645][ T5903] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.729456][ T5903] bridge_slave_0: entered allmulticast mode
[   71.733173][ T5903] bridge_slave_0: entered promiscuous mode
[   71.738555][ T5905] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.741206][ T5905] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.743836][ T5905] bridge_slave_1: entered allmulticast mode
[   71.749620][ T5905] bridge_slave_1: entered promiscuous mode
[   71.766168][ T5900] team0: Port device team_slave_1 added
[   71.768632][ T5903] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.770788][ T5903] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.773302][ T5903] bridge_slave_1: entered allmulticast mode
[   71.777167][ T5903] bridge_slave_1: entered promiscuous mode
[   71.829265][ T5905] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.846918][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.849101][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.859010][ T5900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.866943][ T5905] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.872075][ T5903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.876411][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.878966][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.887797][ T5900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.901788][ T5903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.947699][ T5905] team0: Port device team_slave_0 added
[   71.973018][ T5905] team0: Port device team_slave_1 added
[   71.980365][ T5900] hsr_slave_0: entered promiscuous mode
[   71.982744][ T5900] hsr_slave_1: entered promiscuous mode
[   71.987222][ T5903] team0: Port device team_slave_0 added
[   72.000405][ T5903] team0: Port device team_slave_1 added
[   72.036040][ T5905] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.038659][ T5905] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.049117][ T5905] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.086682][ T5905] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.089379][ T5905] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.099525][ T5905] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.104293][ T5903] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.107342][ T5903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.116623][ T5903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.121154][ T5903] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.123369][ T5903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.132343][ T5903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.226728][ T5905] hsr_slave_0: entered promiscuous mode
[   72.229655][ T5905] hsr_slave_1: entered promiscuous mode
[   72.232366][ T5905] debugfs: 'hsr0' already exists in 'hsr'
[   72.234597][ T5905] Cannot create hsr debugfs directory
[   72.262007][ T5903] hsr_slave_0: entered promiscuous mode
[   72.265522][ T5903] hsr_slave_1: entered promiscuous mode
[   72.268459][ T5903] debugfs: 'hsr0' already exists in 'hsr'
[   72.270613][ T5903] Cannot create hsr debugfs directory
[   72.513797][ T5900] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.528432][ T5900] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.537366][ T5900] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.560976][ T5900] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.621751][ T5905] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   72.628968][ T5905] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   72.648518][ T5905] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   72.652908][ T5905] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   72.700529][ T5903] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   72.708076][ T5903] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   72.713453][ T5903] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   72.722366][ T5903] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   72.798172][ T5900] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.844007][ T5900] 8021q: adding VLAN 0 to HW filter on device team0
[   72.847980][ T5234] Bluetooth: hci0: command tx timeout
[   72.860914][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.863905][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.884666][ T5905] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.889637][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.892555][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.940554][ T5905] 8021q: adding VLAN 0 to HW filter on device team0
[   72.960128][ T5903] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.965916][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.968959][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.973639][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.976380][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.005213][ T5234] Bluetooth: hci1: command tx timeout
[   73.011197][ T5903] 8021q: adding VLAN 0 to HW filter on device team0
[   73.044718][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.047663][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.052542][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.055693][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.087246][ T5234] Bluetooth: hci2: command tx timeout
[   73.201567][ T5900] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.263448][ T5900] veth0_vlan: entered promiscuous mode
[   73.272519][ T5900] veth1_vlan: entered promiscuous mode
[   73.313771][ T5905] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.318751][ T5900] veth0_macvtap: entered promiscuous mode
[   73.327721][ T5900] veth1_macvtap: entered promiscuous mode
[   73.338274][ T5903] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.359534][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.376362][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.392310][ T5908] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.410720][ T5908] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.425547][ T5908] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.449576][ T5908] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.456423][ T5903] veth0_vlan: entered promiscuous mode
[   73.492668][ T5905] veth0_vlan: entered promiscuous mode
[   73.499923][ T5903] veth1_vlan: entered promiscuous mode
[   73.532627][ T5905] veth1_vlan: entered promiscuous mode
[   73.544071][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.554824][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.589878][ T5903] veth0_macvtap: entered promiscuous mode
[   73.602096][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.602783][ T5903] veth1_macvtap: entered promiscuous mode
[   73.605488][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.638108][ T5905] veth0_macvtap: entered promiscuous mode
[   73.648805][ T5905] veth1_macvtap: entered promiscuous mode
[   73.668224][ T5903] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.693426][ T5903] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.711896][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.716186][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.719564][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.731269][ T5905] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.748621][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.775864][ T5905] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.795802][ T5962] netlink: 12 bytes leftover after parsing attributes in process `syz.0.25'.
[   73.799622][ T5962] netlink: 16 bytes leftover after parsing attributes in process `syz.0.25'.
[   73.799803][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.808811][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.811997][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.815616][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.974494][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.984321][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.993985][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.003068][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.048657][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.052692][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.096289][  T381] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.100297][  T381] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.213396][ T5975] syz.1.23 uses obsolete (PF_INET,SOCK_PACKET)
[   74.637739][ T6001] netlink: 'syz.1.34': attribute type 1 has an invalid length.
[   74.656772][ T6001] netlink: 'syz.1.34': attribute type 3 has an invalid length.
[   74.665065][ T6001] netlink: 'syz.1.34': attribute type 1 has an invalid length.
[   74.668828][ T6001] netlink: 204 bytes leftover after parsing attributes in process `syz.1.34'.
[   74.672639][ T6001] NCSI netlink: No device for ifindex 0
[   74.788868][ T6007] netlink: 12 bytes leftover after parsing attributes in process `syz.0.37'.
[   74.792785][ T6007] netlink: 12 bytes leftover after parsing attributes in process `syz.0.37'.
[   74.925936][ T5234] Bluetooth: hci0: command tx timeout
[   75.085781][ T5234] Bluetooth: hci1: command tx timeout
[   75.165805][ T5234] Bluetooth: hci2: command tx timeout
[   75.344115][ T6038] netlink: 'syz.2.53': attribute type 2 has an invalid length.
[   75.350221][ T6038] netlink: 'syz.2.53': attribute type 5 has an invalid length.
[   75.517589][ T6050] tap0: tun_chr_ioctl cmd 1074025677
[   75.519758][ T6050] tap0: linktype set to 776
[   75.553928][ T6051] netlink: 24 bytes leftover after parsing attributes in process `syz.0.58'.
[   76.013379][ T6072] pim6reg1: entered promiscuous mode
[   76.015961][ T6072] pim6reg1: entered allmulticast mode
[   76.470881][ T6088] netlink: 8 bytes leftover after parsing attributes in process `syz.1.74'.
[   76.485154][ T6087] netlink: 4 bytes leftover after parsing attributes in process `syz.0.75'.
[   76.496171][ T6087] macsec1: entered promiscuous mode
[   76.498489][ T6087] macvlan1: entered promiscuous mode
[   76.503770][ T6087] macvlan1: left promiscuous mode
[   76.711497][ T6096] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   76.775262][ T6098] netlink: 'syz.1.82': attribute type 1 has an invalid length.
[   77.006287][ T5234] Bluetooth: hci0: command tx timeout
[   77.165559][ T5234] Bluetooth: hci1: command tx timeout
[   77.204258][ T6125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.92'.
[   77.245712][ T5234] Bluetooth: hci2: command tx timeout
[   77.306819][ T6128] raw_sendmsg: syz.1.93 forgot to set AF_INET. Fix it!
[   77.548644][ T6140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.99'.
[   77.809133][   T10] IPVS: starting estimator thread 0...
[   77.895403][ T6149] IPVS: using max 50 ests per chain, 120000 per kthread
[   78.243496][ T6169] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma?
[   78.378608][   T12] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   78.384582][   T12] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   78.417736][   T47] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   78.669968][ T6200] netlink: 'syz.0.122': attribute type 1 has an invalid length.
[   78.694444][ T6200] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   78.751919][ T6198] GUP no longer grows the stack in syz.2.121 (6198): 200000006000-20000000a000 (200000005000)
[   78.766612][ T6198] CPU: 0 UID: 0 PID: 6198 Comm: syz.2.121 Not tainted 6.17.0-rc1-syzkaller-00207-g815957293639-dirty #0 PREEMPT(full) 
[   78.766627][ T6198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   78.766633][ T6198] Call Trace:
[   78.766648][ T6198]  <TASK>
[   78.766658][ T6198]  dump_stack_lvl+0x189/0x250
[   78.766678][ T6198]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.766688][ T6198]  ? __pfx__printk+0x10/0x10
[   78.766700][ T6198]  ? find_vma+0xe7/0x160
[   78.766721][ T6198]  __get_user_pages+0x24d0/0x2ce0
[   78.766731][ T6198]  ? __lock_acquire+0xab9/0xd20
[   78.766756][ T6198]  ? __gup_longterm_locked+0xc68/0x1660
[   78.766770][ T6198]  __gup_longterm_locked+0xde9/0x1660
[   78.766783][ T6198]  ? try_grab_folio_fast+0x1be/0x4f0
[   78.766798][ T6198]  ? gup_fast_fallback+0x195f/0x2010
[   78.766810][ T6198]  gup_fast_fallback+0x1e6a/0x2010
[   78.766869][ T6198]  ? __pfx_gup_fast_fallback+0x10/0x10
[   78.766881][ T6198]  ? __mutex_lock+0x335/0x1360
[   78.766896][ T6198]  ? futex_unqueue+0x22/0x240
[   78.766907][ T6198]  ? futex_unqueue+0x22/0x240
[   78.766915][ T6198]  ? futex_unqueue+0x22/0x240
[   78.766924][ T6198]  ? is_valid_gup_args+0x11f/0x200
[   78.766936][ T6198]  ? get_user_pages_fast+0x4d/0xb0
[   78.766947][ T6198]  __iov_iter_get_pages_alloc+0x39a/0xb40
[   78.766961][ T6198]  ? __pfx_pipe_clear_nowait+0x10/0x10
[   78.766975][ T6198]  ? wait_for_space+0x24d/0x2d0
[   78.766989][ T6198]  iov_iter_get_pages2+0x5e/0xa0
[   78.767001][ T6198]  __se_sys_vmsplice+0x548/0x10d0
[   78.767022][ T6198]  ? __pfx___se_sys_vmsplice+0x10/0x10
[   78.767040][ T6198]  ? __pfx_futex_wait+0x10/0x10
[   78.767058][ T6198]  ? __lock_acquire+0xab9/0xd20
[   78.767086][ T6198]  ? do_pipe2+0xf7/0x170
[   78.767101][ T6198]  ? rcu_is_watching+0x15/0xb0
[   78.767113][ T6198]  ? do_syscall_64+0xbe/0x3b0
[   78.767127][ T6198]  do_syscall_64+0xfa/0x3b0
[   78.767137][ T6198]  ? lockdep_hardirqs_on+0x9c/0x150
[   78.767147][ T6198]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.767156][ T6198]  ? exc_page_fault+0x9f/0xf0
[   78.767167][ T6198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.767174][ T6198] RIP: 0033:0x7f996858ebe9
[   78.767184][ T6198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.767190][ T6198] RSP: 002b:00007f9969398038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[   78.767199][ T6198] RAX: ffffffffffffffda RBX: 00007f99687b5fa0 RCX: 00007f996858ebe9
[   78.767205][ T6198] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000f
[   78.767210][ T6198] RBP: 00007f9968611e19 R08: 0000000000000000 R09: 0000000000000000
[   78.767214][ T6198] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[   78.767219][ T6198] R13: 00007f99687b6038 R14: 00007f99687b5fa0 R15: 00007ffee912a0c8
[   78.767233][ T6198]  </TASK>
[   78.905527][ T5875] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   79.087523][ T5234] Bluetooth: hci0: command tx timeout
[   79.245162][ T5234] Bluetooth: hci1: command tx timeout
[   79.281549][ T6232] Driver unsupported XDP return value 0 on prog  (id 18) dev N/A, expect packet loss!
[   79.319755][ T6229] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.325952][ T5234] Bluetooth: hci2: command tx timeout
[   79.328853][   T47] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   79.339123][ T6229] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.489836][ T6244] trusted_key: syz.2.138 sent an empty control message without MSG_MORE.
[   79.549928][ T6245] __nla_validate_parse: 1 callbacks suppressed
[   79.549949][ T6245] netlink: 240 bytes leftover after parsing attributes in process `syz.1.135'.
[   79.766920][ T6259] netlink: 830 bytes leftover after parsing attributes in process `syz.2.146'.
[   80.312028][   T10] IPVS: starting estimator thread 0...
[   80.395197][ T6295] IPVS: using max 63 ests per chain, 151200 per kthread
[   80.507872][ T6314] Zero length message leads to an empty skb
[   80.999920][ T6349] netlink: ct family unspecified
[   81.002025][ T6349] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   81.161020][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.164650][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.168841][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.172305][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.191404][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.203300][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.208114][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.211858][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.185'.
[   81.843022][ T6396] netlink: 'syz.1.203': attribute type 12 has an invalid length.
[   81.846920][ T6396] netlink: 'syz.1.203': attribute type 14 has an invalid length.
[   82.387807][ T6438] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   82.467952][ T6442] nbd: illegal input index 65508
[   82.685138][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   82.989660][ T6468] syzkaller0: entered promiscuous mode
[   82.993432][ T6468] syzkaller0: entered allmulticast mode
[   84.202995][ T6485] bond0: Unable to set down delay as MII monitoring is disabled
[   84.377419][ T6500] netlink: 'syz.1.249': attribute type 1 has an invalid length.
[   84.533004][ T6507] syzkaller0: entered promiscuous mode
[   84.536448][ T6507] syzkaller0: entered allmulticast mode
[   84.570292][ T6499] __nla_validate_parse: 55 callbacks suppressed
[   84.570349][ T6499] netlink: 28 bytes leftover after parsing attributes in process `syz.0.247'.
[   86.610075][  T794] cfg80211: failed to load regulatory.db
[   86.683055][ T6576] Bluetooth: MGMT ver 1.23
[   86.723871][ T6580] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[   86.786621][ T6584] delete_channel: no stack
[   86.851199][ T6593] warning: `syz.0.289' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   87.040706][ T6612] netlink: 212 bytes leftover after parsing attributes in process `syz.1.299'.
[   87.046926][ T6612] netlink: 'syz.1.299': attribute type 1 has an invalid length.
[   87.666846][ T6657] netlink: 'syz.1.321': attribute type 2 has an invalid length.
[   87.670764][ T6657] netlink: 64 bytes leftover after parsing attributes in process `syz.1.321'.
[   87.806981][ T6671] netlink: 87 bytes leftover after parsing attributes in process `syz.0.327'.
[   87.843129][ T6674] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   87.854612][ T6674] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   88.153351][ T6709] vlan0: entered promiscuous mode
[   88.213556][ T6716] netem: change failed
[   88.304348][ T6726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.355'.
[   88.373572][ T6732] netlink: 'syz.0.357': attribute type 21 has an invalid length.
[   88.395663][ T6732] netlink: 'syz.0.357': attribute type 1 has an invalid length.
[   88.398671][ T6732] netlink: 132 bytes leftover after parsing attributes in process `syz.0.357'.
[   88.416864][ T6737] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[   88.435863][ T6737] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[   88.477757][ T6743] netlink: 72 bytes leftover after parsing attributes in process `syz.0.362'.
[   89.326357][ T6743] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   89.329105][ T6743] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[   89.350169][ T6743] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   89.352150][ T6743] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[   89.360722][ T6743] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   89.364227][ T6743] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[   89.397150][ T6800] netlink: 2 bytes leftover after parsing attributes in process `syz.2.376'.
[   89.585976][ T6817] tipc: Started in network mode
[   89.589217][ T6817] tipc: Node identity ac14140f, cluster identity 4711
[   89.593780][ T6817] tipc: New replicast peer: 255.255.255.255
[   89.603112][ T6817] tipc: Enabled bearer <udp:syz2>, priority 10
[   90.006538][ T6844] geneve2: entered allmulticast mode
[   90.011484][   T12] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   90.020431][   T12] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   90.034123][   T12] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   90.042910][   T12] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   90.173623][ T6853] netlink: 28 bytes leftover after parsing attributes in process `syz.2.401'.
[   90.580589][ T6884] netlink: 'syz.1.416': attribute type 1 has an invalid length.
[   90.601074][ T6884] 8021q: adding VLAN 0 to HW filter on device bond1
[   90.642855][ T6884] 8021q: adding VLAN 0 to HW filter on device bond1
[   90.648584][ T6884] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   90.653150][ T6884] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   90.701866][ T6889] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   90.725976][ T5946] tipc: Node number set to 2886997007
[   90.796575][ T6884] veth3: entered promiscuous mode
[   90.814077][ T6889] erspan0: entered allmulticast mode
[   91.014352][ T6918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.430'.
[   91.085226][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[   91.104255][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.435'.
[   91.906296][ T6996] netlink: 188 bytes leftover after parsing attributes in process `syz.0.468'.
[   92.249796][ T7020] netlink: 'syz.0.479': attribute type 13 has an invalid length.
[   92.253365][ T7020] netlink: 'syz.0.479': attribute type 17 has an invalid length.
[   92.368976][ T7020] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   92.375808][ T7046] netlink: 'syz.2.487': attribute type 3 has an invalid length.
[   92.380022][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.487'.
[   92.384357][ T7046] netlink: 'syz.2.487': attribute type 3 has an invalid length.
[   92.404814][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.487'.
[   92.440231][ T7020] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   92.521089][ T7020] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   92.787621][ T7070] netlink: 12 bytes leftover after parsing attributes in process `syz.2.497'.
[   92.791403][ T7070] nbd: couldn't find a device at index 65546
[   92.945369][ T7074] nbd0: detected capacity change from 0 to 127
[   92.950129][   T56] block nbd0: Receive control failed (result -32)
[   92.952969][ T5848] block nbd0: Send control failed (result -32)
[   92.956245][ T5848] block nbd0: Request send failed, requeueing
[   92.961985][   T61] block nbd0: Dead connection, failed to find a fallback
[   92.964859][   T61] block nbd0: shutting down sockets
[   92.967667][   T61] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   92.971254][   T61] Buffer I/O error on dev nbd0, logical block 0, async page read
[   92.971645][ T5848] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   92.980199][ T5848] Buffer I/O error on dev nbd0, logical block 1, async page read
[   92.983329][ T5848] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   92.988129][ T5848] Buffer I/O error on dev nbd0, logical block 2, async page read
[   92.991051][ T5848] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   92.994635][ T5848] Buffer I/O error on dev nbd0, logical block 3, async page read
[   93.001050][ T5848] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.003883][ T5848] Buffer I/O error on dev nbd0, logical block 0, async page read
[   93.009894][ T5848] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.012807][ T5848] Buffer I/O error on dev nbd0, logical block 1, async page read
[   93.016814][ T5848] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.019637][ T5848] Buffer I/O error on dev nbd0, logical block 2, async page read
[   93.022047][ T5848] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.030021][ T5848] Buffer I/O error on dev nbd0, logical block 3, async page read
[   93.033236][ T5848] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.037710][ T5848] Buffer I/O error on dev nbd0, logical block 0, async page read
[   93.040708][ T5848] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   93.043671][ T5848] Buffer I/O error on dev nbd0, logical block 1, async page read
[   93.048928][ T5848] ldm_validate_partition_table(): Disk read failed.
[   93.053517][ T5848] Dev nbd0: unable to read RDB block 0
[   93.057918][ T5848]  nbd0: unable to read partition table
[   93.064384][ T5848] ldm_validate_partition_table(): Disk read failed.
[   93.068194][ T5848] Dev nbd0: unable to read RDB block 0
[   93.071382][ T5848]  nbd0: unable to read partition table
[   93.158967][ T7087] netlink: 'syz.2.505': attribute type 16 has an invalid length.
[   93.161704][ T7087] netlink: 'syz.2.505': attribute type 17 has an invalid length.
[   93.421312][ T7095] netlink: 48 bytes leftover after parsing attributes in process `syz.2.508'.
[   93.841083][ T7122] lo speed is unknown, defaulting to 1000
[   93.843890][ T7122] lo speed is unknown, defaulting to 1000
[   93.852256][ T7122] lo speed is unknown, defaulting to 1000
[   93.860190][ T7122] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   93.878200][ T7122] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   93.932526][ T7122] lo speed is unknown, defaulting to 1000
[   93.937678][ T7122] lo speed is unknown, defaulting to 1000
[   93.941220][ T7122] lo speed is unknown, defaulting to 1000
[   93.956933][ T7122] netlink: 28 bytes leftover after parsing attributes in process `syz.0.522'.
[   94.333325][ T7158] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[   95.419925][ T7222] netlink: 4 bytes leftover after parsing attributes in process `syz.1.564'.
[   95.435195][ T7222] netlink: 4 bytes leftover after parsing attributes in process `syz.1.564'.
[   95.640544][ T7236] netlink: 156 bytes leftover after parsing attributes in process `syz.0.571'.
[   95.644156][ T7236] netlink: 'syz.0.571': attribute type 3 has an invalid length.
[   95.915485][ T7256] tipc: Started in network mode
[   95.917247][ T7256] tipc: Node identity c624b7e6e865, cluster identity 4711
[   95.919676][ T7256] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   95.922966][ T7256] syzkaller0: entered promiscuous mode
[   95.924761][ T7256] syzkaller0: entered allmulticast mode
[   95.941099][ T7256] tipc: Resetting bearer <eth:syzkaller0>
[   95.945512][ T7255] tipc: Resetting bearer <eth:syzkaller0>
[   95.952159][ T7255] tipc: Disabling bearer <eth:syzkaller0>
[   96.066752][ T7265] netlink: 12 bytes leftover after parsing attributes in process `syz.2.585'.
[   96.578619][ T7287] netlink: 'syz.2.595': attribute type 1 has an invalid length.
[   96.581870][ T7287] netlink: 4 bytes leftover after parsing attributes in process `syz.2.595'.
[   96.960817][ T7296] netlink: 24 bytes leftover after parsing attributes in process `syz.1.599'.
[   97.011359][ T7300] openvswitch: netlink: Missing key (keys=44, expected=200000)
[   97.163295][ T7314] netlink: 28 bytes leftover after parsing attributes in process `syz.1.608'.
[   97.522721][ T7337] netlink: 8 bytes leftover after parsing attributes in process `syz.0.619'.
[   97.568576][ T7341] netlink: 'syz.1.620': attribute type 16 has an invalid length.
[   97.578687][ T7341] netlink: 'syz.1.620': attribute type 3 has an invalid length.
[   97.580306][ T7343] netlink: 'syz.0.622': attribute type 1 has an invalid length.
[   97.581780][ T7341] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.620'.
[   97.584471][ T7343] netlink: 224 bytes leftover after parsing attributes in process `syz.0.622'.
[   98.553834][ T7352] bridge_slave_1: left allmulticast mode
[   98.556143][ T7352] bridge_slave_1: left promiscuous mode
[   98.558230][ T7352] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.570358][ T7352] bridge_slave_0: left allmulticast mode
[   98.575431][ T7352] bridge_slave_0: left promiscuous mode
[   98.577361][ T7352] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.748551][ T7366] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   99.279853][ T7420] openvswitch: netlink: IPv4 tunnel dst address is zero
[   99.348279][ T7430] netlink: 'syz.1.661': attribute type 83 has an invalid length.
[   99.593640][ T7457] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   99.896998][ T7476] siw: device registration error -23
[  100.200273][ T7499] netlink: 'syz.0.691': attribute type 1 has an invalid length.
[  100.203233][ T7497] netlink: 'syz.2.690': attribute type 13 has an invalid length.
[  100.212492][ T7497] netlink: 'syz.2.690': attribute type 17 has an invalid length.
[  100.284675][ T7497] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.297273][ T7499] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  100.302312][ T7499] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  100.326895][ T7502] gretap1: entered promiscuous mode
[  100.346666][ T7502] bond1: (slave gretap1): making interface the new active one
[  100.351691][ T7502] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  100.372644][ T7497] lo speed is unknown, defaulting to 1000
[  100.636765][ T7519] sctp: [Deprecated]: syz.0.695 (pid 7519) Use of struct sctp_assoc_value in delayed_ack socket option.
[  100.636765][ T7519] Use struct sctp_sack_info instead
[  100.940408][ T7547] syzkaller1: entered promiscuous mode
[  100.942464][ T7547] syzkaller1: entered allmulticast mode
[  101.140987][ T7552] lo speed is unknown, defaulting to 1000
[  101.382679][ T7581] __nla_validate_parse: 6 callbacks suppressed
[  101.382691][ T7581] netlink: 27 bytes leftover after parsing attributes in process `syz.1.722'.
[  101.462189][ T7583] lo speed is unknown, defaulting to 1000
[  101.507322][ T7593] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  101.613660][ T7603] netlink: 'syz.0.732': attribute type 9 has an invalid length.
[  101.618226][ T7603] netlink: 224 bytes leftover after parsing attributes in process `syz.0.732'.
[  101.789987][ T7613] netlink: 'syz.1.737': attribute type 1 has an invalid length.
[  101.832654][ T7613] bond2: entered promiscuous mode
[  101.840105][ T7613] 8021q: adding VLAN 0 to HW filter on device bond2
[  101.852415][ T7618] netlink: 36 bytes leftover after parsing attributes in process `syz.0.739'.
[  101.868409][ T7620] netlink: 'syz.2.740': attribute type 83 has an invalid length.
[  101.898362][ T7613] bond2: (slave bridge2): making interface the new active one
[  101.906631][ T7613] bridge2: entered promiscuous mode
[  101.912177][ T7613] bond2: (slave bridge2): Enslaving as an active interface with an up link
[  101.962283][ T7626] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.743'.
[  102.160751][ T7646] netlink: 4 bytes leftover after parsing attributes in process `syz.0.753'.
[  102.164766][ T7646] netlink: 12 bytes leftover after parsing attributes in process `syz.0.753'.
[  102.218719][ T7646] netlink: 156 bytes leftover after parsing attributes in process `syz.0.753'.
[  102.944355][ T7718] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  102.994140][ T7718] bond3: entered promiscuous mode
[  102.996502][ T7718] bond3: entered allmulticast mode
[  102.999084][ T7718] 8021q: adding VLAN 0 to HW filter on device bond3
[  103.114147][ T7732] sctp: [Deprecated]: syz.0.791 (pid 7732) Use of struct sctp_assoc_value in delayed_ack socket option.
[  103.114147][ T7732] Use struct sctp_sack_info instead
[  104.194411][ T7761] netlink: 4 bytes leftover after parsing attributes in process `syz.0.805'.
[  104.252825][ T7773] netlink: 152 bytes leftover after parsing attributes in process `syz.2.809'.
[  104.335782][ T7773] netlink: 16 bytes leftover after parsing attributes in process `syz.2.809'.
[  104.461965][ T7786] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  104.468108][ T7786] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  104.471674][ T7784] lo speed is unknown, defaulting to 1000
[  105.151936][ T7818] netlink: 'syz.2.826': attribute type 1 has an invalid length.
[  105.155747][ T7818] netlink: 'syz.2.826': attribute type 2 has an invalid length.
[  105.619728][ T7852] batadv_slave_1: entered promiscuous mode
[  105.625355][ T7851] batadv_slave_1: left promiscuous mode
[  106.439420][ T7908] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  106.529357][ T7914] netlink: 'syz.1.869': attribute type 10 has an invalid length.
[  106.612655][ T7920] __nla_validate_parse: 1 callbacks suppressed
[  106.612676][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.872'.
[  106.619771][ T7920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.872'.
[  106.624733][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.872'.
[  106.633065][ T7920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.872'.
[  106.737260][ T7927] netlink: 68 bytes leftover after parsing attributes in process `syz.1.876'.
[  106.740899][ T7927] netlink: 56 bytes leftover after parsing attributes in process `syz.1.876'.
[  106.968806][ T7945] netlink: 'syz.0.884': attribute type 1 has an invalid length.
[  106.971914][ T7945] netlink: 168 bytes leftover after parsing attributes in process `syz.0.884'.
[  106.983886][ T7945] NCSI netlink: No device for ifindex 0
[  107.148018][ T7960] netlink: 24 bytes leftover after parsing attributes in process `syz.0.890'.
[  107.348757][ T7972] lo speed is unknown, defaulting to 1000
[  107.600625][ T7997] netlink: 134788 bytes leftover after parsing attributes in process `syz.0.906'.
[  107.829638][ T8010] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.911'.
[  108.021435][ T8028] netlink: 'syz.2.919': attribute type 1 has an invalid length.
[  108.061471][ T8024] pim6reg: entered allmulticast mode
[  108.066385][ T8024] pim6reg: left allmulticast mode
[  108.098930][ T8032] lo speed is unknown, defaulting to 1000
[  108.365059][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  108.630403][ T8055] bridge_slave_1: left allmulticast mode
[  108.632846][ T8055] bridge_slave_1: left promiscuous mode
[  108.635699][ T8055] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.641312][ T8055] bridge_slave_0: left allmulticast mode
[  108.643256][ T8055] bridge_slave_0: left promiscuous mode
[  108.647171][ T8055] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.980525][ T8061] netlink: 'syz.1.933': attribute type 7 has an invalid length.
[  108.983131][ T8061] netlink: 'syz.1.933': attribute type 8 has an invalid length.
[  109.036023][ T8069] ieee802154 phy0 wpan0: encryption failed: -22
[  109.077103][ T8073] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  109.522671][ T8105] vlan2: entered allmulticast mode
[  109.524832][ T8105] bridge0: entered allmulticast mode
[  109.532912][ T8105] bridge1: port 1(vlan2) entered blocking state
[  109.538353][ T8105] bridge1: port 1(vlan2) entered disabled state
[  109.545425][ T8105] vlan2: entered promiscuous mode
[  109.547520][ T8105] bridge0: entered promiscuous mode
[  109.576702][ T8105] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  109.659627][ T8123] bridge0: port 3(syz_tun) entered blocking state
[  109.662649][ T8123] bridge0: port 3(syz_tun) entered disabled state
[  109.675754][ T8123] syz_tun: entered allmulticast mode
[  109.679641][ T8123] syz_tun: entered promiscuous mode
[  109.685513][ T8123] bridge0: port 3(syz_tun) entered blocking state
[  109.688514][ T8123] bridge0: port 3(syz_tun) entered forwarding state
[  109.996011][ T8143] wireguard0: entered promiscuous mode
[  109.998242][ T8143] wireguard0: entered allmulticast mode
[  111.177535][ T8195] tipc: Started in network mode
[  111.181692][ T8195] tipc: Node identity fe75a1b7312f, cluster identity 4711
[  111.187572][ T8195] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  111.190335][ T8195] syzkaller0: entered promiscuous mode
[  111.192532][ T8195] syzkaller0: entered allmulticast mode
[  111.218170][ T8195] tipc: Resetting bearer <eth:syzkaller0>
[  111.222716][ T8192] tipc: Resetting bearer <eth:syzkaller0>
[  111.237654][ T8192] tipc: Disabling bearer <eth:syzkaller0>
[  111.354061][ T8210] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  111.358121][ T8210] syzkaller0: entered promiscuous mode
[  111.359835][ T8210] syzkaller0: entered allmulticast mode
[  111.382841][ T8210] tipc: Resetting bearer <eth:syzkaller0>
[  111.389504][ T8208] tipc: Resetting bearer <eth:syzkaller0>
[  111.398473][ T8208] tipc: Disabling bearer <eth:syzkaller0>
[  111.453932][ T8219] netlink: 'syz.2.1006': attribute type 282 has an invalid length.
[  111.548914][ T8229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  111.694530][ T8243] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  111.705967][ T8243] syzkaller0: entered promiscuous mode
[  111.708010][ T8243] syzkaller0: entered allmulticast mode
[  111.722277][ T8243] tipc: Resetting bearer <eth:syzkaller0>
[  111.737091][ T8241] tipc: Resetting bearer <eth:syzkaller0>
[  111.752673][ T8241] tipc: Disabling bearer <eth:syzkaller0>
[  111.856908][ T8250] __nla_validate_parse: 6 callbacks suppressed
[  111.856922][ T8250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1021'.
[  111.906618][ T8259] netlink: 'syz.1.1025': attribute type 12 has an invalid length.
[  112.054160][    C0] ==================================================================
[  112.057012][    C0] BUG: KASAN: slab-use-after-free in __xfrm_state_delete+0x696/0xca0
[  112.059433][    C0] Write of size 8 at addr ffff88810e7d0030 by task swapper/0/0
[  112.063409][    C0] 
[  112.064407][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.17.0-rc1-syzkaller-00207-g815957293639-dirty #0 PREEMPT(full) 
[  112.064425][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  112.064434][    C0] Call Trace:
[  112.064440][    C0]  <IRQ>
[  112.064448][    C0]  dump_stack_lvl+0x189/0x250
[  112.064468][    C0]  ? __virt_addr_valid+0x1c8/0x5c0
[  112.064486][    C0]  ? rcu_is_watching+0x15/0xb0
[  112.064499][    C0]  ? __kasan_check_byte+0x12/0x40
[  112.064519][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.064534][    C0]  ? rcu_is_watching+0x15/0xb0
[  112.064547][    C0]  ? lock_release+0x4b/0x3e0
[  112.064569][    C0]  ? __virt_addr_valid+0x1c8/0x5c0
[  112.064586][    C0]  ? __virt_addr_valid+0x4a5/0x5c0
[  112.064603][    C0]  print_report+0xca/0x240
[  112.064617][    C0]  ? __xfrm_state_delete+0x696/0xca0
[  112.064636][    C0]  kasan_report+0x118/0x150
[  112.064655][    C0]  ? __xfrm_state_delete+0x696/0xca0
[  112.064678][    C0]  __xfrm_state_delete+0x696/0xca0
[  112.064702][    C0]  xfrm_timer_handler+0x18f/0xa00
[  112.064724][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  112.064743][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  112.064761][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.064779][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  112.064821][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.064839][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  112.064858][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  112.064877][    C0]  __hrtimer_run_queues+0x52c/0xc60
[  112.064899][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  112.064912][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  112.064929][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  112.064944][    C0]  handle_softirqs+0x286/0x870
[  112.064966][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  112.064981][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  112.064996][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  112.065014][    C0]  __irq_exit_rcu+0xca/0x1f0
[  112.065027][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  112.065044][    C0]  irq_exit_rcu+0x9/0x30
[  112.065055][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  112.065073][    C0]  </IRQ>
[  112.065078][    C0]  <TASK>
[  112.065084][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  112.065100][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  112.065119][    C0] Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 33 d7 0e 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  112.065130][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 00000282
[  112.065142][    C0] RAX: 04744e201f78d800 RBX: ffffffff81968308 RCX: 04744e201f78d800
[  112.065150][    C0] RDX: 0000000000000001 RSI: ffffffff8d9b6e8f RDI: ffffffff8be33400
[  112.065158][    C0] RBP: ffffffff8de07eb8 R08: ffff88804b032f9b R09: 1ffff110096065f3
[  112.065165][    C0] R10: dffffc0000000000 R11: ffffed10096065f4 R12: ffffffff8fa37e30
[  112.065174][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a20
[  112.065183][    C0]  ? do_idle+0x1e8/0x510
[  112.065198][    C0]  default_idle+0x13/0x20
[  112.065207][    C0]  default_idle_call+0x74/0xb0
[  112.065218][    C0]  do_idle+0x1e8/0x510
[  112.065233][    C0]  ? __pfx_do_idle+0x10/0x10
[  112.065251][    C0]  cpu_startup_entry+0x44/0x60
[  112.065263][    C0]  rest_init+0x2de/0x300
[  112.065275][    C0]  start_kernel+0x3a9/0x410
[  112.065293][    C0]  x86_64_start_reservations+0x24/0x30
[  112.065313][    C0]  x86_64_start_kernel+0x143/0x1c0
[  112.065330][    C0]  common_startup_64+0x13e/0x147
[  112.065355][    C0]  </TASK>
[  112.065360][    C0] 
[  112.197410][    C0] Allocated by task 6142:
[  112.198865][    C0]  kasan_save_track+0x3e/0x80
[  112.200323][    C0]  __kasan_slab_alloc+0x6c/0x80
[  112.202257][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  112.204476][    C0]  xfrm_state_alloc+0x24/0x2f0
[  112.206420][    C0]  __find_acq_core+0x8a7/0x1c00
[  112.208386][    C0]  xfrm_find_acq+0x78/0xa0
[  112.210166][    C0]  xfrm_alloc_userspi+0x6b3/0xc90
[  112.212112][    C0]  xfrm_user_rcv_msg+0x7a3/0xab0
[  112.214050][    C0]  netlink_rcv_skb+0x208/0x470
[  112.215910][    C0]  xfrm_netlink_rcv+0x79/0x90
[  112.217806][    C0]  netlink_unicast+0x82f/0x9e0
[  112.219723][    C0]  netlink_sendmsg+0x805/0xb30
[  112.221679][    C0]  __sock_sendmsg+0x21c/0x270
[  112.223624][    C0]  ____sys_sendmsg+0x505/0x830
[  112.225546][    C0]  ___sys_sendmsg+0x21f/0x2a0
[  112.227395][    C0]  __x64_sys_sendmsg+0x19b/0x260
[  112.229237][    C0]  do_syscall_64+0xfa/0x3b0
[  112.231078][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.233454][    C0] 
[  112.234448][    C0] Freed by task 794:
[  112.236003][    C0]  kasan_save_track+0x3e/0x80
[  112.237915][    C0]  kasan_save_free_info+0x46/0x50
[  112.239997][    C0]  __kasan_slab_free+0x5b/0x80
[  112.241969][    C0]  kmem_cache_free+0x18f/0x400
[  112.243923][    C0]  xfrm_state_gc_task+0x52d/0x6b0
[  112.245968][    C0]  process_scheduled_works+0xae1/0x17b0
[  112.248206][    C0]  worker_thread+0x8a0/0xda0
[  112.249749][    C0]  kthread+0x711/0x8a0
[  112.251171][    C0]  ret_from_fork+0x3fc/0x770
[  112.252620][    C0]  ret_from_fork_asm+0x1a/0x30
[  112.254140][    C0] 
[  112.254904][    C0] The buggy address belongs to the object at ffff88810e7d0000
[  112.254904][    C0]  which belongs to the cache xfrm_state of size 928
[  112.259257][    C0] The buggy address is located 48 bytes inside of
[  112.259257][    C0]  freed 928-byte region [ffff88810e7d0000, ffff88810e7d03a0)
[  112.264332][    C0] 
[  112.265326][    C0] The buggy address belongs to the physical page:
[  112.267823][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88810e7d0480 pfn:0x10e7d0
[  112.271854][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  112.275107][    C0] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  112.278193][    C0] page_type: f5(slab)
[  112.279835][    C0] raw: 057ff00000000040 ffff888104f4d640 dead000000000122 0000000000000000
[  112.283261][    C0] raw: ffff88810e7d0480 00000000800e000b 00000000f5000000 0000000000000000
[  112.286672][    C0] head: 057ff00000000040 ffff888104f4d640 dead000000000122 0000000000000000
[  112.290158][    C0] head: ffff88810e7d0480 00000000800e000b 00000000f5000000 0000000000000000
[  112.293639][    C0] head: 057ff00000000002 ffffea000439f401 00000000ffffffff 00000000ffffffff
[  112.296920][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  112.299728][    C0] page dumped because: kasan: bad access detected
[  112.301976][    C0] page_owner tracks the page as allocated
[  112.304271][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6142, tgid 6141 (syz.1.100), ts 77611777747, free_ts 74454332972
[  112.311542][    C0]  post_alloc_hook+0x240/0x2a0
[  112.313355][    C0]  get_page_from_freelist+0x21e4/0x22c0
[  112.315213][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  112.317109][    C0]  alloc_pages_mpol+0x232/0x4a0
[  112.318989][    C0]  allocate_slab+0x8a/0x370
[  112.320806][    C0]  ___slab_alloc+0xbeb/0x1410
[  112.322689][    C0]  kmem_cache_alloc_noprof+0x283/0x3c0
[  112.324871][    C0]  xfrm_state_alloc+0x24/0x2f0
[  112.326816][    C0]  __find_acq_core+0x8a7/0x1c00
[  112.328795][    C0]  xfrm_find_acq+0x78/0xa0
[  112.330602][    C0]  xfrm_alloc_userspi+0x6b3/0xc90
[  112.332667][    C0]  xfrm_user_rcv_msg+0x7a3/0xab0
[  112.334729][    C0]  netlink_rcv_skb+0x208/0x470
[  112.336751][    C0]  xfrm_netlink_rcv+0x79/0x90
[  112.338703][    C0]  netlink_unicast+0x82f/0x9e0
[  112.340290][    C0]  netlink_sendmsg+0x805/0xb30
[  112.341809][    C0] page last free pid 5848 tgid 5848 stack trace:
[  112.343843][    C0]  __free_frozen_pages+0xbc4/0xd30
[  112.345508][    C0]  __slab_free+0x303/0x3c0
[  112.347276][    C0]  qlist_free_all+0x97/0x140
[  112.348885][    C0]  kasan_quarantine_reduce+0x148/0x160
[  112.350627][    C0]  __kasan_slab_alloc+0x22/0x80
[  112.352436][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  112.354184][    C0]  fsnotify_add_mark_locked+0x50d/0xd40
[  112.355947][    C0]  __se_sys_inotify_add_watch+0xa1a/0xf10
[  112.358092][    C0]  do_syscall_64+0xfa/0x3b0
[  112.359896][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.361902][    C0] 
[  112.362740][    C0] Memory state around the buggy address:
[  112.364603][    C0]  ffff88810e7cff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  112.367796][    C0]  ffff88810e7cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  112.370861][    C0] >ffff88810e7d0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  112.373678][    C0]                                      ^
[  112.375634][    C0]  ffff88810e7d0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  112.378720][    C0]  ffff88810e7d0100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  112.381812][    C0] ==================================================================
[  112.385033][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  112.387703][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.17.0-rc1-syzkaller-00207-g815957293639-dirty #0 PREEMPT(full) 
[  112.392504][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  112.396567][    C0] Call Trace:
[  112.398050][    C0]  <IRQ>
[  112.399238][    C0]  dump_stack_lvl+0x99/0x250
[  112.401136][    C0]  ? __asan_memcpy+0x40/0x70
[  112.403147][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.405241][    C0]  ? __pfx__printk+0x10/0x10
[  112.407129][    C0]  vpanic+0x281/0x750
[  112.408891][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  112.411118][    C0]  ? __pfx_vpanic+0x10/0x10
[  112.413020][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  112.415504][    C0]  panic+0xb9/0xc0
[  112.417047][    C0]  ? __pfx_panic+0x10/0x10
[  112.419081][    C0]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  112.421654][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.424275][    C0]  ? __xfrm_state_delete+0x696/0xca0
[  112.426500][    C0]  check_panic_on_warn+0x89/0xb0
[  112.428406][    C0]  ? __xfrm_state_delete+0x696/0xca0
[  112.430471][    C0]  end_report+0x78/0x160
[  112.432282][    C0]  kasan_report+0x129/0x150
[  112.434104][    C0]  ? __xfrm_state_delete+0x696/0xca0
[  112.436242][    C0]  __xfrm_state_delete+0x696/0xca0
[  112.438489][    C0]  xfrm_timer_handler+0x18f/0xa00
[  112.440541][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  112.442950][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  112.444741][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.446429][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  112.448696][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.450728][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  112.452477][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  112.454223][    C0]  __hrtimer_run_queues+0x52c/0xc60
[  112.455867][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  112.457871][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  112.459925][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  112.461720][    C0]  handle_softirqs+0x286/0x870
[  112.463509][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  112.465069][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  112.466670][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  112.468408][    C0]  __irq_exit_rcu+0xca/0x1f0
[  112.469888][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  112.471498][    C0]  irq_exit_rcu+0x9/0x30
[  112.472874][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  112.474941][    C0]  </IRQ>
[  112.475956][    C0]  <TASK>
[  112.476971][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  112.479352][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  112.481422][    C0] Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 33 d7 0e 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  112.489507][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 00000282
[  112.492157][    C0] RAX: 04744e201f78d800 RBX: ffffffff81968308 RCX: 04744e201f78d800
[  112.495402][    C0] RDX: 0000000000000001 RSI: ffffffff8d9b6e8f RDI: ffffffff8be33400
[  112.498779][    C0] RBP: ffffffff8de07eb8 R08: ffff88804b032f9b R09: 1ffff110096065f3
[  112.502300][    C0] R10: dffffc0000000000 R11: ffffed10096065f4 R12: ffffffff8fa37e30
[  112.505471][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a20
[  112.508980][    C0]  ? do_idle+0x1e8/0x510
[  112.510660][    C0]  default_idle+0x13/0x20
[  112.512614][    C0]  default_idle_call+0x74/0xb0
[  112.514623][    C0]  do_idle+0x1e8/0x510
[  112.516332][    C0]  ? __pfx_do_idle+0x10/0x10
[  112.518238][    C0]  cpu_startup_entry+0x44/0x60
[  112.520082][    C0]  rest_init+0x2de/0x300
[  112.521722][    C0]  start_kernel+0x3a9/0x410
[  112.523729][    C0]  x86_64_start_reservations+0x24/0x30
[  112.525953][    C0]  x86_64_start_kernel+0x143/0x1c0
[  112.528181][    C0]  common_startup_64+0x13e/0x147
[  112.530190][    C0]  </TASK>
[  112.532232][    C0] Kernel Offset: disabled
[  112.533934][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:00:13  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000066 RBX=0000000000000066 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900000073b0
R8 =ffff888108918237 R9 =1ffff11021123046 R10=dffffc0000000000 R11=ffffffff854efeb0
R12=dffffc0000000000 R13=ffffffff99af98f3 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854eff2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c30e7eb CR3=00000000267ba000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007f9968612e53
XMM06=0000000000000000 00007f9968612e4d XMM07=0000000000000000 00007f9968612e61
XMM08=0000000000000000 00007f9968612ee7 XMM09=0000000000000000 00007f9968612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=3a7ac92e25544500 RBX=ffffffff81968308 RCX=3a7ac92e25544500 RDX=0000000000000001
RSI=ffffffff8d9b6e8f RDI=ffffffff8be33400 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa37e30 R13=0000000000000001 R14=0000000000000001 R15=1ffff1102001f000
RIP=ffffffff8b7953f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2db1aff8 CR3=000000010e8f2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007f7a82612e53
XMM06=0000000000000000 00007f7a82612e4d XMM07=0000000000000000 00007f7a82612e61
XMM08=0000000000000000 00007f7a82612ee7 XMM09=0000000000000000 00007f7a82612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
