last executing test programs:

4.259474836s ago: executing program 0 (id=6059):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kfree\x00', r3}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000040000000400000008"], 0x48)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000240), 0x0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r5, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000440)={@random="871000bb00", @multicast, @val={@void, {0x8100, 0x0, 0x1, 0x4}}, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x2, 0x7, 0x24, 0x65, 0x0, 0x9, 0x21, 0x0, @broadcast, @local}, {{0x4e22, 0x4e20, 0x4, 0x1, 0xb, 0x0, 0x0, 0x6, 0x1, "196b36", 0x2, "3571a4"}}}}}}, 0x0)

3.74689173s ago: executing program 0 (id=6065):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) (fail_nth: 50)

3.678561297s ago: executing program 0 (id=6068):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000006b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10) (async)
write$binfmt_misc(r1, &(0x7f0000000340), 0x2000011a) (async)
poll(&(0x7f0000000040)=[{r1, 0x2008}], 0x1, 0x13) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.678187283s ago: executing program 0 (id=6070):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @multicast2}, 0x2, 0x0, 0x4}}, 0x2e)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2b82)
memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\x03\x00l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\xea\xe8\x015\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz\xc213\x9b\x87\xd5\x99\r\xa2P\x03\x1cl\x0f\xcb)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af', 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r4, 0x7ff)
socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="28000000f3ff0500000000000000000228"], 0x28}}, 0x4004804)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000005c0)={r6, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598904004ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dac00000000000000000000002000", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r7 = syz_open_dev$loop(&(0x7f0000000000), 0x1, 0x8000)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f00000001c0)={r6, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x6, 0x0, 0x0, 0x3, 0x14, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd0d9683dda1af1ea80040000000000000000000deff0000000000000000000000000100000800", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x800]}})
ioctl$LOOP_CHANGE_FD(r7, 0x4c06, r3)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000a40), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000fcdbdf25120000001800018014000200766574683000000000000000080000000800090000000100080007"], 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x2004c0a0)
ioctl$LOOP_SET_DIRECT_IO(r7, 0x4c08, 0xffffffffffffffff)
r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_pid(r11, &(0x7f0000000000), 0x12)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
close(r0)
sendmsg$L2TP_CMD_SESSION_DELETE(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x40, r10, 0x1, 0x1070bd0c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x79}]}, 0x40}, 0x1, 0x0, 0x0, 0x40811}, 0x20)
r13 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r13, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}, 0x2}}, 0x26)

3.402352659s ago: executing program 0 (id=6074):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x8, 0x12, 0xffffffffffffffff, 0xfffff000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$igmp(0x2, 0x3, 0x2)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000001f00))
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x15, @remote, 'bond0\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000200)=0x1)
sendmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000440)=[{0x0}], 0x1, 0x4, 0x80000000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000003400), 0x101001, 0x0)
write$cgroup_int(r4, &(0x7f0000003880)=0x100000000, 0x12)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000480)=@newae={0x314, 0x1e, 0x4, 0x70bd28, 0x25dfdbfc, {{@in=@local, 0x4d3, 0x2, 0x6c}, @in=@multicast2, 0x0, 0x3507}, [@algo_crypt={0x62, 0x2, {{'adiantum(xchacha20-simd,khazad-generic,sha224-arm64)\x00'}, 0xd0, "a396af202c6aac85a686dacfa1483406d89713cca69defb2d17b"}}, @proto={0x5, 0x19, 0x32}, @XFRMA_SET_MARK={0x8, 0x1d, 0x5}, @migrate={0x9c, 0x11, [{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x19}, @in6=@mcast1, @in=@loopback, 0x33, 0x0, 0x0, 0x3503, 0x0, 0x2}, {@in6=@private1, @in=@broadcast, @in6=@dev={0xfe, 0x80, '\x00', 0x1}, @in=@multicast1, 0x33, 0x3, 0x0, 0x3505, 0x2, 0x2}]}, @algo_auth_trunc={0x9e, 0x14, {{'blake2s-160-x86\x00'}, 0x290, 0x100, "20a7ae403277ae0ed12989180a1716c72b9eb33fd95ab94e339135441c0dc44062641bc24805c3770e54a78eecbeffe95fc9ceec421beee210de9f5fdcec126bdae92a29a06095de42533a8016af2afd2421"}}, @algo_auth={0xf5, 0x1, {{'tgr160-generic\x00'}, 0x568, "1a05e17226cdaf17569ecda6c5e52211e3bed42912ab6a4aa59f89aae8b2517c50cb4a5d41b6ae76a6ecb9159ddbbeaff985001594efb0e401241eaae51a910eda0c9df3ee6146a510c60d2ebed3a14c611ceb2b5f7ec7bbbf330ed77ceccc8a5303330c9a52ac0dfab7d2b881865553f72ae2820e0bd4aef041c791dc05e00a304a1ddca9f0914e0f3789d42e57cb8ece6118ad6cf728044ef5e8869ad81b383d2f4e565cc7756dfe866c6950"}}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd27, 0x70bd28, 0x70bd29, 0x70bd26, 0x0, [0x8001, 0x3, 0xfffffc01, 0xfffffff0]}}]}, 0x314}, 0x1, 0x0, 0x0, 0xc000}, 0x20008090)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x200000e, 0x6c033, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000000000/0x800000)=nil, 0x800000}, 0x5})
mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)
ptrace$poke(0x5, r5, &(0x7f0000000080), 0x0)

3.031865608s ago: executing program 0 (id=6078):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x80)
syz_80211_inject_frame(&(0x7f0000000180)=@broadcast, &(0x7f00000001c0)=@data_frame={@a_msdu=@type00={{0x0, 0x2, 0xf, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1}, {}, @device_b, @broadcast, @random="14f3b05f5b3a", {0x1, 0x3}, "", @value={0x4, 0x0, 0x2, 0x1, 0xd}, @value=@ver_80211n={0x0, 0x2e08, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}}, @a_msdu=[{@device_b, @device_a, 0x6b, "3c42b0583a40f0c0ada3e78f6db8f5bcc39cddaa8518353cec615910cdbed5280c1b3290371aac66c7a2908aafd5e030580c394e8d9b0e555cc9956cb47dac152491379abdae353eccc028d20c9f39ca7639a3ed5b35066b1f68615e2a9bb5334cc2cb55c13d6bc9ddf3a5"}, {@device_b, @device_b, 0x63, "902bbfd439fa46f159b2022bdd84c91e9d2bf0600256ccf17fb043830f3bfb2cd83df59bbcbd7515d3b6ba1b2beba751d9811b25d1f1bdc94df46d1346aa2594eae308b0de02cbd1fe4f91fd83aba0de9ae9632eaa8706f1b2c29289b29c690eaacd76"}, {@device_a, @broadcast, 0x95, "096d9edc1c10f1b45e40509fc93a74b488b0ef247a684a9ae2cba18e4a83f14a32f33a8bba871de9cb58adfceaa904a8a469f38b10c3ccc4b2d1b188401c2885ff86b3d7e15edd8207b5b616af755a43b775dd1b62c1281ff5bf51c53702920af6c7d8675ef36b3d19e67392732fc1454d29fdd6d2107f6efb08fb50745a2560ae86cbc76124cd6137354ab594837e8a5fe7c888ab"}, {@broadcast, @broadcast, 0xd4, "96f0951e89ba185a19bfc4e4d9f997d27923d31943c01ef18774c19d45871c02ac807ba9feaa1f0dbd59b4b00b6f4a5d3e776f0f5bb6aa31ac78a66133052edfcc7be891e9793b5beb6ff99b9a428b3f3e6d51b07aab45b2d083c42edb99aa9107db0a61adb9ff72b508197b5dc6b9b1782f2c66ee0ef9268d6a5f9ea830dfbd0fae14ce5467f7cdda7327655cb8d02252d75c500a16280a0a98c383bb7c400a1037f9c1bf59daece51b13e1e41bc1e8a11f9cfdfa9b88992ae9a12ad56d4c18a0aea46fe3dcb4bbe23da183eba3951d5d2cc217"}, {@device_a, @device_b, 0x23, "127b4c3116f86240fb6de437f50bafaa6f20240cebaa3eb8548bb54ae50d516d5a3519"}, {@device_b, @device_b, 0xd3, "13f43aadb9bb77c141d9566a85d2d33fa465ce0a4284515ca9e5c894a5153106d12106bfe26f9f89b45e3cf16db36a19539c692fb0e8cb6b48dfcaf8ed7a81a9ee4b9aac767b7b1f0b90d7135c947fc7fa358eb9545ac76de07fb9fe5d2cc502607938b443092dae7090544ce3cc068a0a945ea7fce05efc8281f00345549bbc546d35a54239a5c914527912b1782a4b048e016cde1b49d50a138499bb5040c1800055a32e4e59a7258db539a11da5e06fb4983eea7481eb639f8184228cb29144c52d8e3207673a64b63bdb558915bdece2db"}]}, 0x3ae)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, r1, 0x300, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x80}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40040}, 0x2400c844) (async)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, r1, 0x300, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x80}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40040}, 0x2400c844)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000006c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r0) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r0)
sendmsg$NL80211_CMD_DISASSOCIATE(r3, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x74, r4, 0x8, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @random="30e5b64ce455"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_IE={0x37, 0x2a, [@prep={0x83, 0x25, {{0x0, 0x1}, 0x80, 0x3, @device_a, 0xeeb, @value, 0x9, 0x6, @device_a, 0xf}}, @dsss={0x3, 0x1, 0xb6}, @perr={0x84, 0x2, {0x7}}, @channel_switch={0x25, 0x3, {0x0, 0x9, 0x5}}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3}]}, 0x74}, 0x1, 0x0, 0x0, 0x44000}, 0x40000)
syz_80211_inject_frame(&(0x7f0000000880), &(0x7f00000008c0)=@mgmt_frame=@reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0x6}, @device_a, @broadcast, @random="44957853c07c", {0x8, 0x10}}, 0x40, 0x7, @device_b, {0x0, 0x6, @default_ibss_ssid}, @void, @val={0x2d, 0x1a, {0x1000, 0x1, 0x7, 0x0, {0x9, 0x1d5d, 0x0, 0xc, 0x0, 0x1, 0x0, 0x1}, 0x800, 0xd7cd, 0x8}}, [{0xdd, 0xaf, "ac2e4ed50fdab2d119eb66daf1a18496c56a2a74c875151137bb27ed456efec65a3a57bcc0cf0b99ff2282a2808521733516634facc95ec5704dd5d88a07b96f7e674577b4641d0f1bff3f6e933964676e6d2ba8ba8be05fd92bab7b5e3e625be286282e20f904047448b97dab41e6d0c687218d0a457ebe2f24e08306a7b0adf6d90a4a47605a33ed61eb2d36296064ed059c304b1f5f0846f24f1d2e48cb5abd1113adb02923c0c0a6a7cf79d775"}, {0xdd, 0xcd, "09547ddb603f4dd769174fc110917bc0478a9999366abde9eebe88a09a24fd5edb4f9763dbb65bd1ab337db4f075a067ae851a2eb0f981a1da1b277df9b7e9edd8605e2e1b675673804d1a16dca5b5a52bf2bdcb138e4340629ac87e02317cf6ed48c1b34ea57285a463bbdae7e8a0395cbdf10a76a3da07d10171cbd6d193f531003581be6c414c80328875bcfa0c31da9577d03be1c5eaeef22d3d453325158baca89a1a69f370cf543f97b9086454039955915ee54ceb1c906367abbad77bed01a6ee1ff13b8e8dd8e7d952"}, {0xdd, 0x20, "26a173dad4eef96f78ebcdd0c7ed4efc01920857419e406e0c66d441d1d41fe2"}, {0xdd, 0x94, "e9cf3bfaaeb56d3fae408e1a57419c815fc1c8debfc86d22269820d30980168612477c479c0c53cb581fa54afe03774c312611e72fbfae638624d7ca9e1a9b4008762401e0a5ce4e0c137eba36e0024697479f60cf41308becfb9af69028a44d7cf4538ccfebea9a1416189fee47c1010853172a1037974be445d6fcc3e7aa220b54431a05f4a2b4388083bae053918a14158b85"}, {0xdd, 0xc4, "541e9c433261fd07c5f816b7e06e339832ad2b73d3f9d0cd14f99cd3f17a9e322d27d0f16174ea9b865a6c3454594bc1f5c42d7f738fc9cb0f6ba396a174d962fe622d06f42f38add0b2871e13bd310e5d084c88acb647d36ad19f443bcf4803f3874046549473b6f725665c9e7fdc9f9f38a83f424a8a3d6a8449a967a62913aba10a23154285629586633510973c73ae08f65fa8f5978a5c04d077a0281f13fa7b06157e55484bd8a7651473d35cf5d7c4ea12dc67ce66ba9f11bc1750fdd4171a67d1"}, {0xdd, 0x3c, "902c69570846089ebb070006d82600e4a680aebb412af6e73bacaba691d8e679e15a3772110019cfbf38e6084234d8137f0efdc1b015c5387257a5ae"}, {0xdd, 0x1a, "656dc03b0d972d5f3710164dd685310bc25c35e1606c2b60bb4e"}, {0xdd, 0x91, "e118feeb8e982887e014531566b02f584de84fbcab4ed400debaf8bd069cddaccdb8cf4dbbd6850f7d9d73764a2dd533c1fb262f6d2f8f1fc96b94efb984190258b9874cbfa4a6b2642e2ac2754039bb655ce0401c50128e5acd6ed31c3759410c9445e4dfcfc86a969583368d7b575ce29e02432c50b4779fc49e70234d019e4a57cf960a6430f2cae61914ede3c26855"}, {0xdd, 0xf7, "51a31945a58380393136a89909f46045734f8ada0b6bccbe3d8358a98128d16a65f0ee3236c70f75c1e1a021dae1a6176ab8c72a02dd3649b294cb50f190dc5ec51381485940bfc732465cbed3e14f7353878422c391ba94867e6a236857cb6bab0407da6e676f8fc2fd11e8cc155aaf0fd82a34ec3c174b5562c427f2cf60bfec96ec3fb2f04beb614af5065510d0f9dfb7a3181ae3af9b723e1d6066ad0b61d7cfec119499860cca69c9196622f92df5664547ff379f2c2267af8cd5528a5461b94079a4dfcc5cef9d112a1cda467bc676bc46e3b4182fc9e065d8b59b5e11f44b725e0c0a6ee534efa95d5011d6b014dfd8d38b5cf6"}, {0xdd, 0x72, "9a894a019fa301dc04752e9a2f1c07742409bde98636df760a75e4255f1fd96adee8db547e9eaff8993342b194e069de8d7bbec4ad33ffeb542442ce038324cad8ffcacf7931736e893fcb2afd49442d9be1cf46d827376d7895bc2c9cb59ff7306f9b3aafb52ef2984139148e8faca1e63b"}]}, 0x59e) (async)
syz_80211_inject_frame(&(0x7f0000000880), &(0x7f00000008c0)=@mgmt_frame=@reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0x6}, @device_a, @broadcast, @random="44957853c07c", {0x8, 0x10}}, 0x40, 0x7, @device_b, {0x0, 0x6, @default_ibss_ssid}, @void, @val={0x2d, 0x1a, {0x1000, 0x1, 0x7, 0x0, {0x9, 0x1d5d, 0x0, 0xc, 0x0, 0x1, 0x0, 0x1}, 0x800, 0xd7cd, 0x8}}, [{0xdd, 0xaf, "ac2e4ed50fdab2d119eb66daf1a18496c56a2a74c875151137bb27ed456efec65a3a57bcc0cf0b99ff2282a2808521733516634facc95ec5704dd5d88a07b96f7e674577b4641d0f1bff3f6e933964676e6d2ba8ba8be05fd92bab7b5e3e625be286282e20f904047448b97dab41e6d0c687218d0a457ebe2f24e08306a7b0adf6d90a4a47605a33ed61eb2d36296064ed059c304b1f5f0846f24f1d2e48cb5abd1113adb02923c0c0a6a7cf79d775"}, {0xdd, 0xcd, "09547ddb603f4dd769174fc110917bc0478a9999366abde9eebe88a09a24fd5edb4f9763dbb65bd1ab337db4f075a067ae851a2eb0f981a1da1b277df9b7e9edd8605e2e1b675673804d1a16dca5b5a52bf2bdcb138e4340629ac87e02317cf6ed48c1b34ea57285a463bbdae7e8a0395cbdf10a76a3da07d10171cbd6d193f531003581be6c414c80328875bcfa0c31da9577d03be1c5eaeef22d3d453325158baca89a1a69f370cf543f97b9086454039955915ee54ceb1c906367abbad77bed01a6ee1ff13b8e8dd8e7d952"}, {0xdd, 0x20, "26a173dad4eef96f78ebcdd0c7ed4efc01920857419e406e0c66d441d1d41fe2"}, {0xdd, 0x94, "e9cf3bfaaeb56d3fae408e1a57419c815fc1c8debfc86d22269820d30980168612477c479c0c53cb581fa54afe03774c312611e72fbfae638624d7ca9e1a9b4008762401e0a5ce4e0c137eba36e0024697479f60cf41308becfb9af69028a44d7cf4538ccfebea9a1416189fee47c1010853172a1037974be445d6fcc3e7aa220b54431a05f4a2b4388083bae053918a14158b85"}, {0xdd, 0xc4, "541e9c433261fd07c5f816b7e06e339832ad2b73d3f9d0cd14f99cd3f17a9e322d27d0f16174ea9b865a6c3454594bc1f5c42d7f738fc9cb0f6ba396a174d962fe622d06f42f38add0b2871e13bd310e5d084c88acb647d36ad19f443bcf4803f3874046549473b6f725665c9e7fdc9f9f38a83f424a8a3d6a8449a967a62913aba10a23154285629586633510973c73ae08f65fa8f5978a5c04d077a0281f13fa7b06157e55484bd8a7651473d35cf5d7c4ea12dc67ce66ba9f11bc1750fdd4171a67d1"}, {0xdd, 0x3c, "902c69570846089ebb070006d82600e4a680aebb412af6e73bacaba691d8e679e15a3772110019cfbf38e6084234d8137f0efdc1b015c5387257a5ae"}, {0xdd, 0x1a, "656dc03b0d972d5f3710164dd685310bc25c35e1606c2b60bb4e"}, {0xdd, 0x91, "e118feeb8e982887e014531566b02f584de84fbcab4ed400debaf8bd069cddaccdb8cf4dbbd6850f7d9d73764a2dd533c1fb262f6d2f8f1fc96b94efb984190258b9874cbfa4a6b2642e2ac2754039bb655ce0401c50128e5acd6ed31c3759410c9445e4dfcfc86a969583368d7b575ce29e02432c50b4779fc49e70234d019e4a57cf960a6430f2cae61914ede3c26855"}, {0xdd, 0xf7, "51a31945a58380393136a89909f46045734f8ada0b6bccbe3d8358a98128d16a65f0ee3236c70f75c1e1a021dae1a6176ab8c72a02dd3649b294cb50f190dc5ec51381485940bfc732465cbed3e14f7353878422c391ba94867e6a236857cb6bab0407da6e676f8fc2fd11e8cc155aaf0fd82a34ec3c174b5562c427f2cf60bfec96ec3fb2f04beb614af5065510d0f9dfb7a3181ae3af9b723e1d6066ad0b61d7cfec119499860cca69c9196622f92df5664547ff379f2c2267af8cd5528a5461b94079a4dfcc5cef9d112a1cda467bc676bc46e3b4182fc9e065d8b59b5e11f44b725e0c0a6ee534efa95d5011d6b014dfd8d38b5cf6"}, {0xdd, 0x72, "9a894a019fa301dc04752e9a2f1c07742409bde98636df760a75e4255f1fd96adee8db547e9eaff8993342b194e069de8d7bbec4ad33ffeb542442ce038324cad8ffcacf7931736e893fcb2afd49442d9be1cf46d827376d7895bc2c9cb59ff7306f9b3aafb52ef2984139148e8faca1e63b"}]}, 0x59e)
syz_80211_inject_frame(&(0x7f0000000e80)=@broadcast, &(0x7f0000000ec0)=@ctrl_frame=@cf_end_cf_ack={{}, {0x2}, @device_b, @device_b}, 0x10)
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f40)={0x60, r1, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x19}, @void, @val={0xc, 0x99, {0xb7, 0x3e}}}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x8800)
sendmsg$NL80211_CMD_GET_SURVEY(r3, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)={0x20, r4, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xe537, 0x7e}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x20004810}, 0x4000060)
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x40, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x3a}}}}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x81}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}]}, 0x40}}, 0x24000014) (async)
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x40, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x3a}}}}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x81}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}]}, 0x40}}, 0x24000014)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001280), r3)
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000001380)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001340)={&(0x7f00000012c0)={0x54, r5, 0x20, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x618}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4094}, 0x808) (async)
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000001380)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001340)={&(0x7f00000012c0)={0x54, r5, 0x20, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x618}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4094}, 0x808)
fcntl$notify(r3, 0x402, 0x13) (async)
fcntl$notify(r3, 0x402, 0x13)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001480)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x30, r1, 0x400, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x0, 0x4d}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x1068}]}, 0x30}, 0x1, 0x0, 0x0, 0x804}, 0x40000) (async)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001480)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x30, r1, 0x400, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x0, 0x4d}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x1068}]}, 0x30}, 0x1, 0x0, 0x0, 0x804}, 0x40000)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x80200}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x2c, r4, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x1}, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8814) (async)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x80200}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x2c, r4, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x1}, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8814)
syz_open_dev$vim2m(&(0x7f00000015c0), 0xfffffffffffffff8, 0x2)
sendmsg$DEVLINK_CMD_GET(r3, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0xc54b71bdfb1e9a08}, 0xc, &(0x7f00000016c0)={&(0x7f0000001640)={0x50, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000040}, 0x880)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000001780), r3)
sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000001880)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001840)={&(0x7f00000017c0)={0x50, r6, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x1}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x4}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x3ff}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @mcast1}]}, 0x50}, 0x1, 0x0, 0x0, 0x8051}, 0xc000)
pipe2$watch_queue(&(0x7f00000018c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000001900)={'batadv_slave_0\x00', <r8=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000001a80)={'syztnl1\x00', &(0x7f0000001940)={'syztnl0\x00', r8, 0x8, 0x8000, 0x9, 0x5, {{0x3c, 0x4, 0x0, 0x9, 0xf0, 0x68, 0x0, 0x93, 0x4, 0x0, @loopback, @rand_addr=0x64010101, {[@noop, @timestamp={0x44, 0xc, 0x60, 0x0, 0x4, [0x80000001, 0xda]}, @rr={0x7, 0xf, 0xb6, [@rand_addr=0x64010101, @loopback, @multicast1]}, @timestamp_addr={0x44, 0x3c, 0x1c, 0x1, 0xd, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, {@rand_addr=0x64010100, 0x6}, {@rand_addr=0x64010102, 0x3}, {@multicast2, 0x4}, {@rand_addr=0x64010101, 0x2}, {@multicast1, 0x7}, {@local, 0x5}]}, @noop, @timestamp_addr={0x44, 0x24, 0x52, 0x1, 0x9, [{@local, 0x1}, {@broadcast, 0x3}, {@broadcast, 0x6f}, {@local, 0x8}]}, @ra={0x94, 0x4}, @generic={0x82, 0xc, "958dc46d122493fcbca6"}, @noop, @timestamp_addr={0x44, 0x4c, 0x89, 0x1, 0x2, [{@multicast1, 0x7}, {@local, 0x9}, {@multicast2, 0xfffffffd}, {@broadcast, 0x62d6}, {@multicast1, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x76}, {@dev={0xac, 0x14, 0x14, 0x38}, 0xfffffffe}, {@private=0xa010101, 0x1000000}, {@multicast1, 0x80}]}]}}}}})
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r7, &(0x7f0000001b80)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001b40)={&(0x7f0000001b00)={0x30, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x81, @bearer=@l2={'ib', 0x3a, 'veth0\x00'}}}}, [""]}, 0x30}}, 0x4000)
sendmsg$NFT_BATCH(r7, &(0x7f0000001cc0)={&(0x7f0000001bc0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001c80)={&(0x7f0000001c00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWOBJ={0x54, 0x12, 0xa, 0x0, 0x0, 0x0, {0x5, 0x0, 0x8}, @NFT_OBJECT_CT_HELPER=@NFTA_OBJ_DATA={0x40, 0x4, 0x0, 0x1, [@NFTA_CT_HELPER_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x18}, @NFTA_CT_HELPER_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x1a}, @NFTA_CT_HELPER_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x1c}, @NFTA_CT_HELPER_NAME={0xf, 0x1, 'netbios-ns\x00'}, @NFTA_CT_HELPER_L4PROTO={0x5, 0x3, 0x84}, @NFTA_CT_HELPER_NAME={0x9, 0x1, 'syz0\x00'}]}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x7c}, 0x1, 0x0, 0x0, 0x8800}, 0x1084)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000001d00)) (async)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000001d00))

1.790231816s ago: executing program 3 (id=6082):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = syz_open_dev$dri(&(0x7f0000002580), 0x200, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000026c0)={0x0, &(0x7f0000002600)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = socket$inet6(0x10, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000240)={0x2, &(0x7f0000000000)=[{0x40, 0x0, 0x7, 0x10}, {0x16, 0x0, 0xfd}]}, 0x10)
sendto$inet6(r4, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "427f4d05618664ecb7f952ed7667675bc32afc7ebbfea1deee1e2e520cc38c6a"}})
syz_emit_ethernet(0x2e, &(0x7f0000000040)=ANY=[@ANYBLOB="73fce876dc1ddb780500000000e4ffff0700450f001c00670000fc019078ac1414aaac1414bb080090780006000c"], 0x0)

1.624280009s ago: executing program 3 (id=6084):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)={0xa0000004}) (fail_nth: 51)

1.483784552s ago: executing program 3 (id=6086):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) (fail_nth: 48)

1.48350364s ago: executing program 1 (id=6087):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) (fail_nth: 52)

1.482396869s ago: executing program 1 (id=6088):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kfree\x00', r3}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000040000000400000008"], 0x48)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000240), 0x0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r5, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000440)={@random="871000bb00", @multicast, @val={@void, {0x8100, 0x0, 0x1, 0x4}}, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x2, 0x7, 0x24, 0x65, 0x0, 0x9, 0x21, 0x0, @broadcast, @local}, {{0x4e22, 0x4e20, 0x4, 0x1, 0xb, 0x0, 0x0, 0x6, 0x1, "196b36", 0x2, "3571a4"}}}}}}, 0x0)

1.220299605s ago: executing program 3 (id=6089):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x100480, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0x8000000000000001, 0x8, 0x0, 0x8, 0x10001, 0x80000000000006, 0x1000000006, 0x10007ffffe]})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000080)="470f23fc6541fc48b8e7320000000000000f23d80f21f80f23e1f8f30f1edd0f2221c74c24022063800000002c24f30f556797c483fd005b02ea6426470f01cf65666466430f3833af00580000", 0x4d}], 0x1, 0x3e, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 47)

939.178252ms ago: executing program 3 (id=6090):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
msgctl$IPC_STAT(0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@debug={'debug', 0x3d, 0x5}}]}})

938.425043ms ago: executing program 2 (id=6091):
r0 = socket$netlink(0x10, 0x3, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x1c}]}}}]}, 0x44}}, 0x20048010)

850.348054ms ago: executing program 2 (id=6092):
r0 = getpid() (async)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
kcmp(r0, r0, 0x5, 0xffffffffffffffff, r1)

850.146705ms ago: executing program 3 (id=6093):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000080)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067fbc45ff620500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000ffd9dd00000010000100030808004149004006040800", 0x58}], 0x1)
mbind(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000080)=0x3, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@ipv4_newnexthop={0x17, 0x68, 0x1, 0x70bd27, 0x25dfdbfb, {0x2, 0x0, 0x2}, [@NHA_FDB={0x4}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
fchdir(r4)
mount$9p_unix(&(0x7f0000000780)='./mnt\x00', &(0x7f0000000040)='./mnt\x00', 0x0, 0x291095, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000}, 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x90)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2200}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0xe}]}}}]}, 0x38}}, 0x0)
r7 = socket(0x22, 0x2, 0x2)
setsockopt$WPAN_SECURITY(r7, 0x0, 0x1, &(0x7f0000000040), 0x4)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000020017000000090006"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001880)=ANY=[@ANYBLOB="18004d16d79b9d8e91ffa8cc62fe0000047c000004004280"], 0x18}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x0)
r10 = socket$caif_stream(0x25, 0x1, 0x5)
setsockopt$CAIFSO_LINK_SELECT(r10, 0x116, 0x7f, &(0x7f0000000040)=0x7fff, 0x4)
ioctl$TIOCSRS485(r0, 0x5437, 0x0)

779.598194ms ago: executing program 2 (id=6094):
write(0xffffffffffffffff, &(0x7f0000000080)="51bb754cc1e98b71f007176ac9d0c91412cb662cd655e8cd08c5cb73e0f6c14dd39ffba003c22b0d63256121006725f135347487c94a1c29d1adebee1651c291ea3228f5e1412c6758ff640ec4c942617dc88ea3bd212d9eab309f7adbd3492a7790e5cc6cc9edf0fbd0c79a63f1bdf07269e17d0764a1cf39a19ca9d6a1cd460022a23fa183fdf1734e3fa92310870739db508418784c54caef0da4a5610697d4818359e4647f378e2cb0c69d70395cacc4b8124731e9100c9ce69f3e1f4992e4f0e17159ef955309c4682547f71811428e0897729ee267982cff7c5b991f550c352303704276a48b19ead3ab059c12e194e531330306a8276b87aa2948a2", 0xff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x6, 0x2)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x9fb1740429b960cb)

546.623266ms ago: executing program 2 (id=6095):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_DESC={0x14, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}]}]}]}], {0x14, 0x10}}, 0x98}, 0x1, 0x0, 0xf00000000000000}, 0x0)

546.19614ms ago: executing program 1 (id=6096):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) (fail_nth: 53)

470.477723ms ago: executing program 1 (id=6097):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) (fail_nth: 49)

470.259886ms ago: executing program 2 (id=6098):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x1)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, r2, 0x701, 0x70bd2b, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0) (async, rerun: 64)
r3 = semget$private(0x0, 0x0, 0x0) (rerun: 64)
semctl$SEM_INFO(r3, 0x4, 0x13, &(0x7f00000000c0)=""/138) (async)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8) (async)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r4, 0x4b45, 0x4) (async, rerun: 32)
r5 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
r6 = dup2(r5, r5)
faccessat2(r6, &(0x7f0000000880)='\x00', 0x1, 0x1100) (async)
r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000400)=ANY=[@ANYRES8=r7, @ANYBLOB="051f34ab1c4f71d204a5b18df92dfe3b8365bd684357f3576bd29e7c46ca2da9a149fc05d4f64a7878e115b823435a8cf0339b4f21482908eed8aeed63002d7b58d59089cf25f870ed6a42c048c4b4cae8c79dbfeb4a24eee9", @ANYBLOB="310cb665e248396d005930ab42cab53fd74c89b6b981635f9f397f4d4d8b7e7b75d57acfe41d650ef9c81f3062ffdacc898dfccf79d0abd1f699713cd6047764dfc0102e9956d9c6f6897f40a5d4395bdff28024c00ab7549e906b9e39795231a108bf87bb071f27a277c3e400bba5b84f8ebda36236c06857ec56577122ce1389320d704209409e2945f6c34c8c80e0e83eff7f654f58efd5500adbc348e5f8a8af825943c3efcc0c6ef8b7b61b460a202c79a58f341b513a90cc517e0e08083a01", @ANYRES16=r0])

388.836208ms ago: executing program 1 (id=6099):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x100480, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0x8000000000000001, 0x8, 0x0, 0x8, 0x10001, 0x80000000000006, 0x1000000006, 0x10007ffffe]})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000080)="470f23fc6541fc48b8e7320000000000000f23d80f21f80f23e1f8f30f1edd0f2221c74c24022063800000002c24f30f556797c483fd005b02ea6426470f01cf65666466430f3833af00580000", 0x4d}], 0x1, 0x3e, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 48)

159.319189ms ago: executing program 2 (id=6100):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000083c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0x1000001, 0x5069f481, 0x8, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef10542a2201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42731b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c32768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e179100a0000000000000021e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90a14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9edb6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc83cccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc0046686, &(0x7f0000000700)={{0x1, 0x1, 0x18, r0, {r2, r3}}, './file0\x00'})

0s ago: executing program 1 (id=6101):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) (async)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) (async)
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
r1 = syz_io_uring_setup(0x64b7, &(0x7f0000002600)={0x0, 0xffffff7c, 0x13580, 0x3, 0x35c}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x6000, @fd_index=0x1, 0xffffffffffffffff, 0xfffffffffffffab2, 0x7, 0x5, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000780)=[{&(0x7f0000003340)=""/4096, 0x1000}], 0x1) (async)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000780)=[{&(0x7f0000003340)=""/4096, 0x1000}], 0x1)
io_uring_enter(r1, 0x54, 0x0, 0x0, 0x0, 0x0) (async)
io_uring_enter(r1, 0x54, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x18, 0x8, 0x40, 0x42, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r4}, 0x38) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r4}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r4, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@deltaction={0x28, 0x30, 0x9, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x28}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000005c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xac, 0xac, 0x2, [@var, @struct={0x2, 0x8, 0x0, 0x4, 0x1, 0x9, [{0xc, 0x0, 0x8}, {0x4, 0x4, 0xff}, {0x0, 0x3, 0x6}, {0xd, 0x1, 0x5}, {0xe, 0x1, 0x101}, {0xa, 0x0, 0xd00}, {0x9, 0x4, 0xb43}, {0x2, 0x3, 0x7}]}, @func={0x0, 0x0, 0x0, 0xc, 0x20}, @volatile={0x3}, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0xc6, 0x0, 0x0, 0x4}, 0x28)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="bc000000210001000000000000000000fc0200000000000000000000ef5bd30700001000000000000a00e000000000ef", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="02000000000000005000110000000000000000000000ffff7f000001200100000000000000000000000000006c0101020000000000000000000000007f0000010000000000000000000000003c00000000000000080002001c000400feff4e244e200000e000000200"/116], 0xbc}}, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r10, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x1, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r13=>0x0})
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r13}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x7}]}}}]}, 0x3c}}, 0x0) (async)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r13}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x7}]}}}]}, 0x3c}}, 0x0)
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="03000800ec0619000c0061"], 0xfdef) (async)
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="03000800ec0619000c0061"], 0xfdef)

kernel console output (not intermixed with test programs):

__pfx_device_add+0x10/0x10
[  538.119470][T22217]  ? lockdep_init_map_type+0x5c/0x280
[  538.119500][T22217]  ? __init_waitqueue_head+0xca/0x150
[  538.119528][T22217]  wakeup_source_device_create+0x214/0x2a0
[  538.119552][T22217]  wakeup_source_sysfs_add+0x1c/0x90
[  538.119573][T22217]  wakeup_source_register+0x154/0x3e0
[  538.119603][T22217]  ep_create_wakeup_source+0x139/0x2e0
[  538.119626][T22217]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  538.119655][T22217]  ? do_epoll_ctl+0x1565/0x3790
[  538.119684][T22217]  do_epoll_ctl+0x1f60/0x3790
[  538.119719][T22217]  ? __pfx_do_epoll_ctl+0x10/0x10
[  538.119740][T22217]  ? find_held_lock+0x2b/0x80
[  538.119763][T22217]  ? __might_fault+0xe3/0x190
[  538.119783][T22217]  ? __might_fault+0xe3/0x190
[  538.119814][T22217]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  538.119835][T22217]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  538.119859][T22217]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  538.119890][T22217]  do_syscall_64+0xcd/0x4c0
[  538.119918][T22217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.119938][T22217] RIP: 0033:0x7f81bd38eb69
[  538.119954][T22217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.119972][T22217] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  538.119992][T22217] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  538.120005][T22217] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  538.120017][T22217] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  538.120028][T22217] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  538.120041][T22217] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  538.120065][T22217]  </TASK>
[  538.230342][    C0] vkms_vblank_simulate: vblank timer overrun
[  538.267766][T22220] FAULT_INJECTION: forcing a failure.
[  538.267766][T22220] name failslab, interval 1, probability 0, space 0, times 0
[  538.274008][T22220] CPU: 1 UID: 0 PID: 22220 Comm: syz.1.5984 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  538.274025][T22220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  538.274033][T22220] Call Trace:
[  538.274038][T22220]  <TASK>
[  538.274042][T22220]  dump_stack_lvl+0x16c/0x1f0
[  538.274065][T22220]  should_fail_ex+0x512/0x640
[  538.274084][T22220]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  538.274099][T22220]  should_failslab+0xc2/0x120
[  538.274113][T22220]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  538.274125][T22220]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  538.274144][T22220]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  538.274161][T22220]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  538.274183][T22220]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  538.274206][T22220]  mmu_topup_memory_caches+0x25/0x170
[  538.274220][T22220]  kvm_mmu_load+0xd6/0x23c0
[  538.274232][T22220]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  538.274245][T22220]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  538.274259][T22220]  ? kvm_deliver_exception_payload+0x47/0x200
[  538.274274][T22220]  ? __pfx_kvm_mmu_load+0x10/0x10
[  538.274286][T22220]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  538.274305][T22220]  ? kvm_check_and_inject_events+0x71c/0x1310
[  538.274325][T22220]  vcpu_run+0x358c/0x5580
[  538.274343][T22220]  ? __lock_acquire+0xb97/0x1ce0
[  538.274366][T22220]  ? __pfx_vcpu_run+0x10/0x10
[  538.274385][T22220]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  538.274401][T22220]  ? __local_bh_enable_ip+0xa4/0x120
[  538.274420][T22220]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  538.274437][T22220]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  538.274458][T22220]  kvm_vcpu_ioctl+0x5eb/0x1690
[  538.274475][T22220]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  538.274491][T22220]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  538.274506][T22220]  ? do_vfs_ioctl+0x128/0x14f0
[  538.274524][T22220]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  538.274542][T22220]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  538.274564][T22220]  ? hook_file_ioctl_common+0x145/0x410
[  538.274586][T22220]  ? selinux_file_ioctl+0x180/0x270
[  538.274599][T22220]  ? selinux_file_ioctl+0xb4/0x270
[  538.274615][T22220]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  538.274631][T22220]  __x64_sys_ioctl+0x18b/0x210
[  538.274650][T22220]  do_syscall_64+0xcd/0x4c0
[  538.274669][T22220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.274681][T22220] RIP: 0033:0x7f81bd38eb69
[  538.274691][T22220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.274702][T22220] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  538.274714][T22220] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  538.274722][T22220] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  538.274729][T22220] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  538.274736][T22220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  538.274742][T22220] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  538.274757][T22220]  </TASK>
[  538.380101][    C1] hpet: Lost 5 RTC interrupts
[  538.504219][T22231] FAULT_INJECTION: forcing a failure.
[  538.504219][T22231] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  538.509411][T22231] CPU: 0 UID: 0 PID: 22231 Comm: syz.1.5987 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  538.509431][T22231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  538.509438][T22231] Call Trace:
[  538.509442][T22231]  <TASK>
[  538.509447][T22231]  dump_stack_lvl+0x16c/0x1f0
[  538.509467][T22231]  should_fail_ex+0x512/0x640
[  538.509488][T22231]  should_fail_alloc_page+0xe7/0x130
[  538.509502][T22231]  prepare_alloc_pages+0x3c2/0x610
[  538.509517][T22231]  ? rcu_is_watching+0x12/0xc0
[  538.509534][T22231]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  538.509548][T22231]  ? rcu_is_watching+0x12/0xc0
[  538.509562][T22231]  ? trace_mm_page_alloc+0x11f/0x1a0
[  538.509578][T22231]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  538.509589][T22231]  ? stack_trace_save+0x8e/0xc0
[  538.509606][T22231]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  538.509622][T22231]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  538.509634][T22231]  ? __get_vm_area_node+0x1ca/0x330
[  538.509648][T22231]  ? __vmalloc_node_noprof+0xad/0xf0
[  538.509663][T22231]  ? __snd_dma_alloc_pages+0x53/0x90
[  538.509678][T22231]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  538.509691][T22231]  ? do_alloc_pages+0x136/0x2d0
[  538.509703][T22231]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  538.509716][T22231]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  538.509729][T22231]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  538.509744][T22231]  ? do_syscall_64+0xcd/0x4c0
[  538.509760][T22231]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.509775][T22231]  alloc_pages_bulk_noprof+0x71c/0x1410
[  538.509787][T22231]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  538.509801][T22231]  ? policy_nodemask+0xea/0x4e0
[  538.509816][T22231]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  538.509828][T22231]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  538.509847][T22231]  kasan_populate_vmalloc+0xf1/0x1f0
[  538.509869][T22231]  alloc_vmap_area+0x959/0x29c0
[  538.509889][T22231]  ? __pfx_alloc_vmap_area+0x10/0x10
[  538.509907][T22231]  __get_vm_area_node+0x1ca/0x330
[  538.509925][T22231]  __vmalloc_node_range_noprof+0x271/0x14b0
[  538.509942][T22231]  ? __snd_dma_alloc_pages+0x53/0x90
[  538.509958][T22231]  ? __pfx___mutex_trylock_common+0x10/0x10
[  538.509978][T22231]  ? __snd_dma_alloc_pages+0x53/0x90
[  538.509992][T22231]  ? rcu_is_watching+0x12/0xc0
[  538.510005][T22231]  ? trace_contention_end+0xdd/0x130
[  538.510022][T22231]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  538.510040][T22231]  ? __mutex_unlock_slowpath+0x163/0x800
[  538.510060][T22231]  ? __snd_dma_alloc_pages+0x53/0x90
[  538.510074][T22231]  __vmalloc_node_noprof+0xad/0xf0
[  538.510090][T22231]  ? __snd_dma_alloc_pages+0x53/0x90
[  538.510103][T22231]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  538.510119][T22231]  __snd_dma_alloc_pages+0x53/0x90
[  538.510134][T22231]  snd_dma_alloc_dir_pages+0x151/0x240
[  538.510149][T22231]  do_alloc_pages+0x136/0x2d0
[  538.510165][T22231]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  538.510181][T22231]  snd_pcm_hw_params+0x1656/0x1ba0
[  538.510197][T22231]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  538.510212][T22231]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  538.510227][T22231]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  538.510240][T22231]  ? __asan_memset+0x23/0x50
[  538.510258][T22231]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  538.510274][T22231]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  538.510293][T22231]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  538.510313][T22231]  ? find_held_lock+0x2b/0x80
[  538.510330][T22231]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  538.510343][T22231]  snd_pcm_oss_write+0x4c3/0xa10
[  538.510356][T22231]  ? bpf_lsm_file_permission+0x9/0x10
[  538.510371][T22231]  ? security_file_permission+0x71/0x210
[  538.510389][T22231]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  538.510401][T22231]  vfs_write+0x29d/0x1150
[  538.510416][T22231]  ? __pfx_vfs_write+0x10/0x10
[  538.510426][T22231]  ? find_held_lock+0x2b/0x80
[  538.510440][T22231]  ? __fget_files+0x204/0x3c0
[  538.510454][T22231]  ? __fget_files+0x20e/0x3c0
[  538.510470][T22231]  ksys_write+0x12a/0x250
[  538.510482][T22231]  ? __pfx_ksys_write+0x10/0x10
[  538.510497][T22231]  do_syscall_64+0xcd/0x4c0
[  538.510515][T22231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.510526][T22231] RIP: 0033:0x7f81bd38eb69
[  538.510535][T22231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.510546][T22231] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  538.510557][T22231] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  538.510565][T22231] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  538.510571][T22231] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  538.510578][T22231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  538.510584][T22231] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  538.510598][T22231]  </TASK>
[  538.678880][    C0] vkms_vblank_simulate: vblank timer overrun
[  538.833888][T22241] FAULT_INJECTION: forcing a failure.
[  538.833888][T22241] name failslab, interval 1, probability 0, space 0, times 0
[  538.838477][T22241] CPU: 0 UID: 0 PID: 22241 Comm: syz.1.5992 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  538.838494][T22241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  538.838502][T22241] Call Trace:
[  538.838506][T22241]  <TASK>
[  538.838511][T22241]  dump_stack_lvl+0x16c/0x1f0
[  538.838532][T22241]  should_fail_ex+0x512/0x640
[  538.838550][T22241]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  538.838565][T22241]  should_failslab+0xc2/0x120
[  538.838579][T22241]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  538.838591][T22241]  ? __kernfs_new_node+0xd2/0x8e0
[  538.838610][T22241]  __kernfs_new_node+0xd2/0x8e0
[  538.838627][T22241]  ? __pfx___kernfs_new_node+0x10/0x10
[  538.838647][T22241]  ? find_held_lock+0x2b/0x80
[  538.838662][T22241]  ? kernfs_root+0xee/0x2a0
[  538.838681][T22241]  kernfs_new_node+0x13c/0x1e0
[  538.838702][T22241]  __kernfs_create_file+0x53/0x350
[  538.838716][T22241]  sysfs_add_file_mode_ns+0x207/0x3c0
[  538.838735][T22241]  internal_create_group+0x578/0xf30
[  538.838755][T22241]  ? __pfx_internal_create_group+0x10/0x10
[  538.838775][T22241]  ? kernfs_create_link+0x1bd/0x240
[  538.838789][T22241]  internal_create_groups+0x9d/0x150
[  538.838807][T22241]  device_add+0xf30/0x1aa0
[  538.838822][T22241]  ? __pfx_device_add+0x10/0x10
[  538.838835][T22241]  ? lockdep_init_map_type+0x5c/0x280
[  538.838854][T22241]  ? __init_waitqueue_head+0xca/0x150
[  538.838871][T22241]  wakeup_source_device_create+0x214/0x2a0
[  538.838886][T22241]  wakeup_source_sysfs_add+0x1c/0x90
[  538.838899][T22241]  wakeup_source_register+0x154/0x3e0
[  538.838918][T22241]  ep_create_wakeup_source+0x139/0x2e0
[  538.838933][T22241]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  538.838949][T22241]  ? do_epoll_ctl+0x1565/0x3790
[  538.838965][T22241]  do_epoll_ctl+0x1f60/0x3790
[  538.838984][T22241]  ? __pfx_do_epoll_ctl+0x10/0x10
[  538.839003][T22241]  ? find_held_lock+0x2b/0x80
[  538.839016][T22241]  ? __might_fault+0xe3/0x190
[  538.839027][T22241]  ? __might_fault+0xe3/0x190
[  538.839044][T22241]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  538.839057][T22241]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  538.839071][T22241]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  538.839089][T22241]  do_syscall_64+0xcd/0x4c0
[  538.839109][T22241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.839121][T22241] RIP: 0033:0x7f81bd38eb69
[  538.839131][T22241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.839143][T22241] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  538.839154][T22241] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  538.839162][T22241] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  538.839169][T22241] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  538.839176][T22241] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  538.839183][T22241] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  538.839198][T22241]  </TASK>
[  538.944193][    C0] vkms_vblank_simulate: vblank timer overrun
[  539.197395][T22254] FAULT_INJECTION: forcing a failure.
[  539.197395][T22254] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  539.202395][T22254] CPU: 0 UID: 0 PID: 22254 Comm: syz.2.5997 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  539.202413][T22254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  539.202422][T22254] Call Trace:
[  539.202427][T22254]  <TASK>
[  539.202433][T22254]  dump_stack_lvl+0x16c/0x1f0
[  539.202457][T22254]  should_fail_ex+0x512/0x640
[  539.202479][T22254]  should_fail_alloc_page+0xe7/0x130
[  539.202496][T22254]  prepare_alloc_pages+0x3c2/0x610
[  539.202512][T22254]  ? rcu_is_watching+0x12/0xc0
[  539.202529][T22254]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  539.202544][T22254]  ? rcu_is_watching+0x12/0xc0
[  539.202557][T22254]  ? trace_mm_page_alloc+0x11f/0x1a0
[  539.202573][T22254]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  539.202585][T22254]  ? stack_trace_save+0x8e/0xc0
[  539.202602][T22254]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  539.202619][T22254]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  539.202631][T22254]  ? __get_vm_area_node+0x1ca/0x330
[  539.202646][T22254]  ? __vmalloc_node_noprof+0xad/0xf0
[  539.202661][T22254]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.202676][T22254]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  539.202689][T22254]  ? do_alloc_pages+0x136/0x2d0
[  539.202701][T22254]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  539.202714][T22254]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  539.202728][T22254]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  539.202743][T22254]  ? do_syscall_64+0xcd/0x4c0
[  539.202760][T22254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.202775][T22254]  alloc_pages_bulk_noprof+0x71c/0x1410
[  539.202786][T22254]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  539.202801][T22254]  ? policy_nodemask+0xea/0x4e0
[  539.202867][T22254]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  539.202881][T22254]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  539.202900][T22254]  kasan_populate_vmalloc+0xf1/0x1f0
[  539.202930][T22254]  alloc_vmap_area+0x959/0x29c0
[  539.202951][T22254]  ? __pfx_alloc_vmap_area+0x10/0x10
[  539.202969][T22254]  __get_vm_area_node+0x1ca/0x330
[  539.202987][T22254]  __vmalloc_node_range_noprof+0x271/0x14b0
[  539.203004][T22254]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.203022][T22254]  ? __pfx___mutex_trylock_common+0x10/0x10
[  539.203042][T22254]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.203057][T22254]  ? rcu_is_watching+0x12/0xc0
[  539.203072][T22254]  ? trace_contention_end+0xdd/0x130
[  539.203083][T22254]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  539.203102][T22254]  ? __mutex_unlock_slowpath+0x163/0x800
[  539.203122][T22254]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.203136][T22254]  __vmalloc_node_noprof+0xad/0xf0
[  539.203152][T22254]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.203167][T22254]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  539.203184][T22254]  __snd_dma_alloc_pages+0x53/0x90
[  539.203200][T22254]  snd_dma_alloc_dir_pages+0x151/0x240
[  539.203217][T22254]  do_alloc_pages+0x136/0x2d0
[  539.203233][T22254]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  539.203250][T22254]  snd_pcm_hw_params+0x1656/0x1ba0
[  539.203267][T22254]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  539.203281][T22254]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  539.203296][T22254]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  539.203309][T22254]  ? __asan_memset+0x23/0x50
[  539.203327][T22254]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  539.203341][T22254]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  539.203361][T22254]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  539.203381][T22254]  ? find_held_lock+0x2b/0x80
[  539.203397][T22254]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  539.203439][T22254]  snd_pcm_oss_write+0x4c3/0xa10
[  539.203453][T22254]  ? bpf_lsm_file_permission+0x9/0x10
[  539.203468][T22254]  ? security_file_permission+0x71/0x210
[  539.203486][T22254]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  539.203499][T22254]  vfs_write+0x29d/0x1150
[  539.203513][T22254]  ? __pfx_vfs_write+0x10/0x10
[  539.203523][T22254]  ? find_held_lock+0x2b/0x80
[  539.203537][T22254]  ? __fget_files+0x204/0x3c0
[  539.203551][T22254]  ? __fget_files+0x20e/0x3c0
[  539.203567][T22254]  ksys_write+0x12a/0x250
[  539.203578][T22254]  ? __pfx_ksys_write+0x10/0x10
[  539.203594][T22254]  do_syscall_64+0xcd/0x4c0
[  539.203612][T22254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.203625][T22254] RIP: 0033:0x7f20ffb8eb69
[  539.203635][T22254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.203646][T22254] RSP: 002b:00007f21009a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  539.203657][T22254] RAX: ffffffffffffffda RBX: 00007f20ffdb5fa0 RCX: 00007f20ffb8eb69
[  539.203664][T22254] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  539.203671][T22254] RBP: 00007f21009a4090 R08: 0000000000000000 R09: 0000000000000000
[  539.203678][T22254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  539.203684][T22254] R13: 0000000000000000 R14: 00007f20ffdb5fa0 R15: 00007ffcfb1a2938
[  539.203699][T22254]  </TASK>
[  539.365549][    C0] vkms_vblank_simulate: vblank timer overrun
[  539.610652][T22273] bond_slave_0: left promiscuous mode
[  539.613201][T22273] bond_slave_1: left promiscuous mode
[  539.618762][T22273] bond0: entered promiscuous mode
[  539.620389][T22273] bond_slave_0: entered promiscuous mode
[  539.622360][T22273] bond_slave_1: entered promiscuous mode
[  539.648761][T22274] FAULT_INJECTION: forcing a failure.
[  539.648761][T22274] name failslab, interval 1, probability 0, space 0, times 0
[  539.652849][T22274] CPU: 1 UID: 0 PID: 22274 Comm: syz.1.6004 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  539.652866][T22274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  539.652874][T22274] Call Trace:
[  539.652879][T22274]  <TASK>
[  539.652884][T22274]  dump_stack_lvl+0x16c/0x1f0
[  539.652906][T22274]  should_fail_ex+0x512/0x640
[  539.652927][T22274]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  539.652942][T22274]  should_failslab+0xc2/0x120
[  539.652957][T22274]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  539.652969][T22274]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  539.652989][T22274]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  539.653006][T22274]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  539.653037][T22274]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  539.653062][T22274]  mmu_topup_memory_caches+0x25/0x170
[  539.653076][T22274]  kvm_mmu_load+0xd6/0x23c0
[  539.653089][T22274]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  539.653103][T22274]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  539.653117][T22274]  ? kvm_deliver_exception_payload+0x47/0x200
[  539.653132][T22274]  ? __pfx_kvm_mmu_load+0x10/0x10
[  539.653144][T22274]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  539.653164][T22274]  ? kvm_check_and_inject_events+0x71c/0x1310
[  539.653184][T22274]  vcpu_run+0x358c/0x5580
[  539.653203][T22274]  ? __lock_acquire+0xb97/0x1ce0
[  539.653227][T22274]  ? __pfx_vcpu_run+0x10/0x10
[  539.653246][T22274]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  539.653263][T22274]  ? __local_bh_enable_ip+0xa4/0x120
[  539.653282][T22274]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  539.653300][T22274]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  539.653322][T22274]  kvm_vcpu_ioctl+0x5eb/0x1690
[  539.653341][T22274]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  539.653358][T22274]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  539.653374][T22274]  ? do_vfs_ioctl+0x128/0x14f0
[  539.653394][T22274]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  539.653413][T22274]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  539.653436][T22274]  ? hook_file_ioctl_common+0x145/0x410
[  539.653460][T22274]  ? selinux_file_ioctl+0x180/0x270
[  539.653475][T22274]  ? selinux_file_ioctl+0xb4/0x270
[  539.653491][T22274]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  539.653508][T22274]  __x64_sys_ioctl+0x18b/0x210
[  539.653528][T22274]  do_syscall_64+0xcd/0x4c0
[  539.653548][T22274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.653562][T22274] RIP: 0033:0x7f81bd38eb69
[  539.653572][T22274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.653585][T22274] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  539.653597][T22274] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  539.653605][T22274] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  539.653613][T22274] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  539.653620][T22274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  539.653628][T22274] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  539.653643][T22274]  </TASK>
[  539.657084][T22278] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6008'.
[  539.730818][T22283] FAULT_INJECTION: forcing a failure.
[  539.730818][T22283] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  539.797057][T22283] CPU: 1 UID: 0 PID: 22283 Comm: syz.3.6009 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  539.797074][T22283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  539.797081][T22283] Call Trace:
[  539.797085][T22283]  <TASK>
[  539.797091][T22283]  dump_stack_lvl+0x16c/0x1f0
[  539.797111][T22283]  should_fail_ex+0x512/0x640
[  539.797131][T22283]  should_fail_alloc_page+0xe7/0x130
[  539.797146][T22283]  prepare_alloc_pages+0x3c2/0x610
[  539.797161][T22283]  ? rcu_is_watching+0x12/0xc0
[  539.797177][T22283]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  539.797192][T22283]  ? rcu_is_watching+0x12/0xc0
[  539.797205][T22283]  ? trace_mm_page_alloc+0x11f/0x1a0
[  539.797221][T22283]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  539.797233][T22283]  ? stack_trace_save+0x8e/0xc0
[  539.797250][T22283]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  539.797272][T22283]  ? __kasan_slab_free+0x51/0x70
[  539.797286][T22283]  ? alloc_vmap_area+0x1f04/0x29c0
[  539.797300][T22283]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  539.797315][T22283]  ? __vmalloc_node_noprof+0xad/0xf0
[  539.797330][T22283]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.797344][T22283]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  539.797358][T22283]  ? do_alloc_pages+0x136/0x2d0
[  539.797369][T22283]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  539.797382][T22283]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  539.797398][T22283]  ? ksys_write+0x12a/0x250
[  539.797408][T22283]  ? do_syscall_64+0xcd/0x4c0
[  539.797424][T22283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.797438][T22283]  alloc_pages_bulk_noprof+0x71c/0x1410
[  539.797450][T22283]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  539.797465][T22283]  ? policy_nodemask+0xea/0x4e0
[  539.797479][T22283]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  539.797492][T22283]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  539.797511][T22283]  kasan_populate_vmalloc+0xf1/0x1f0
[  539.797532][T22283]  alloc_vmap_area+0x959/0x29c0
[  539.797552][T22283]  ? __pfx_alloc_vmap_area+0x10/0x10
[  539.797570][T22283]  __get_vm_area_node+0x1ca/0x330
[  539.797588][T22283]  __vmalloc_node_range_noprof+0x271/0x14b0
[  539.797605][T22283]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.797621][T22283]  ? __pfx___mutex_trylock_common+0x10/0x10
[  539.797641][T22283]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.797656][T22283]  ? rcu_is_watching+0x12/0xc0
[  539.797669][T22283]  ? trace_contention_end+0xdd/0x130
[  539.797681][T22283]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  539.797700][T22283]  ? __mutex_unlock_slowpath+0x163/0x800
[  539.797719][T22283]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.797733][T22283]  __vmalloc_node_noprof+0xad/0xf0
[  539.797749][T22283]  ? __snd_dma_alloc_pages+0x53/0x90
[  539.797762][T22283]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  539.797779][T22283]  __snd_dma_alloc_pages+0x53/0x90
[  539.797793][T22283]  snd_dma_alloc_dir_pages+0x151/0x240
[  539.797809][T22283]  do_alloc_pages+0x136/0x2d0
[  539.797825][T22283]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  539.797841][T22283]  snd_pcm_hw_params+0x1656/0x1ba0
[  539.797858][T22283]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  539.797872][T22283]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  539.797888][T22283]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  539.797900][T22283]  ? __asan_memset+0x23/0x50
[  539.797918][T22283]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  539.797933][T22283]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  539.797953][T22283]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  539.797973][T22283]  ? find_held_lock+0x2b/0x80
[  539.797989][T22283]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  539.798002][T22283]  snd_pcm_oss_write+0x4c3/0xa10
[  539.798016][T22283]  ? bpf_lsm_file_permission+0x9/0x10
[  539.798030][T22283]  ? security_file_permission+0x71/0x210
[  539.798048][T22283]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  539.798073][T22283]  vfs_write+0x29d/0x1150
[  539.798087][T22283]  ? __pfx_vfs_write+0x10/0x10
[  539.798097][T22283]  ? find_held_lock+0x2b/0x80
[  539.798111][T22283]  ? __fget_files+0x204/0x3c0
[  539.798125][T22283]  ? __fget_files+0x20e/0x3c0
[  539.798141][T22283]  ksys_write+0x12a/0x250
[  539.798151][T22283]  ? __pfx_ksys_write+0x10/0x10
[  539.798162][T22283]  ? fput+0x9b/0xd0
[  539.798179][T22283]  do_syscall_64+0xcd/0x4c0
[  539.798196][T22283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.798207][T22283] RIP: 0033:0x7fb157d8eb69
[  539.798217][T22283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.798228][T22283] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  539.798239][T22283] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  539.798246][T22283] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  539.798252][T22283] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  539.798259][T22283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  539.798269][T22283] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  539.798283][T22283]  </TASK>
[  540.029171][T22287] mac80211_hwsim hwsim26 `ëÿÿ: renamed from wlan1 (while UP)
[  540.064673][T22289] netlink: 'syz.1.6012': attribute type 83 has an invalid length.
[  540.067914][T22289] netlink: 'syz.1.6012': attribute type 83 has an invalid length.
[  540.070650][T22289] netlink: 'syz.1.6012': attribute type 83 has an invalid length.
[  540.104068][T22296] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22296 comm=syz.1.6014
[  540.114997][T22296] netlink: 'syz.1.6014': attribute type 1 has an invalid length.
[  540.130019][T22296] 8021q: adding VLAN 0 to HW filter on device bond1
[  540.136094][T22296] program syz.1.6014 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  540.305517][T22309] FAULT_INJECTION: forcing a failure.
[  540.305517][T22309] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  540.310474][T22309] CPU: 0 UID: 0 PID: 22309 Comm: syz.3.6018 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  540.310491][T22309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  540.310498][T22309] Call Trace:
[  540.310502][T22309]  <TASK>
[  540.310507][T22309]  dump_stack_lvl+0x16c/0x1f0
[  540.310528][T22309]  should_fail_ex+0x512/0x640
[  540.310551][T22309]  should_fail_alloc_page+0xe7/0x130
[  540.310566][T22309]  prepare_alloc_pages+0x3c2/0x610
[  540.310583][T22309]  ? rcu_is_watching+0x12/0xc0
[  540.310600][T22309]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  540.310615][T22309]  ? rcu_is_watching+0x12/0xc0
[  540.310630][T22309]  ? trace_mm_page_alloc+0x11f/0x1a0
[  540.310647][T22309]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  540.310659][T22309]  ? stack_trace_save+0x8e/0xc0
[  540.310677][T22309]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  540.310695][T22309]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  540.310707][T22309]  ? __get_vm_area_node+0x1ca/0x330
[  540.310723][T22309]  ? __vmalloc_node_noprof+0xad/0xf0
[  540.310739][T22309]  ? __snd_dma_alloc_pages+0x53/0x90
[  540.310755][T22309]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  540.310770][T22309]  ? do_alloc_pages+0x136/0x2d0
[  540.310783][T22309]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  540.310797][T22309]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  540.310812][T22309]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  540.310828][T22309]  ? do_syscall_64+0xcd/0x4c0
[  540.310846][T22309]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.310862][T22309]  alloc_pages_bulk_noprof+0x71c/0x1410
[  540.310875][T22309]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  540.310890][T22309]  ? policy_nodemask+0xea/0x4e0
[  540.310906][T22309]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  540.310920][T22309]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  540.310941][T22309]  kasan_populate_vmalloc+0xf1/0x1f0
[  540.310964][T22309]  alloc_vmap_area+0x959/0x29c0
[  540.310991][T22309]  ? __pfx_alloc_vmap_area+0x10/0x10
[  540.311011][T22309]  __get_vm_area_node+0x1ca/0x330
[  540.311030][T22309]  __vmalloc_node_range_noprof+0x271/0x14b0
[  540.311048][T22309]  ? __snd_dma_alloc_pages+0x53/0x90
[  540.311066][T22309]  ? __pfx___mutex_trylock_common+0x10/0x10
[  540.311088][T22309]  ? __snd_dma_alloc_pages+0x53/0x90
[  540.311103][T22309]  ? rcu_is_watching+0x12/0xc0
[  540.311118][T22309]  ? trace_contention_end+0xdd/0x130
[  540.311131][T22309]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  540.311153][T22309]  ? __mutex_unlock_slowpath+0x163/0x800
[  540.311174][T22309]  ? __snd_dma_alloc_pages+0x53/0x90
[  540.311189][T22309]  __vmalloc_node_noprof+0xad/0xf0
[  540.311207][T22309]  ? __snd_dma_alloc_pages+0x53/0x90
[  540.311222][T22309]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  540.311239][T22309]  __snd_dma_alloc_pages+0x53/0x90
[  540.311255][T22309]  snd_dma_alloc_dir_pages+0x151/0x240
[  540.311273][T22309]  do_alloc_pages+0x136/0x2d0
[  540.311290][T22309]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  540.311308][T22309]  snd_pcm_hw_params+0x1656/0x1ba0
[  540.311326][T22309]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  540.311342][T22309]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  540.311358][T22309]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  540.311372][T22309]  ? __asan_memset+0x23/0x50
[  540.311391][T22309]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  540.311407][T22309]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  540.311427][T22309]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  540.311448][T22309]  ? find_held_lock+0x2b/0x80
[  540.311465][T22309]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  540.311479][T22309]  snd_pcm_oss_write+0x4c3/0xa10
[  540.311493][T22309]  ? bpf_lsm_file_permission+0x9/0x10
[  540.311508][T22309]  ? security_file_permission+0x71/0x210
[  540.311527][T22309]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  540.311540][T22309]  vfs_write+0x29d/0x1150
[  540.311555][T22309]  ? __pfx_vfs_write+0x10/0x10
[  540.311565][T22309]  ? find_held_lock+0x2b/0x80
[  540.311580][T22309]  ? __fget_files+0x204/0x3c0
[  540.311595][T22309]  ? __fget_files+0x20e/0x3c0
[  540.311612][T22309]  ksys_write+0x12a/0x250
[  540.311624][T22309]  ? __pfx_ksys_write+0x10/0x10
[  540.311640][T22309]  do_syscall_64+0xcd/0x4c0
[  540.311658][T22309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.311670][T22309] RIP: 0033:0x7fb157d8eb69
[  540.311680][T22309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.311692][T22309] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  540.311703][T22309] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  540.311711][T22309] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  540.311718][T22309] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  540.311724][T22309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  540.311731][T22309] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  540.311746][T22309]  </TASK>
[  540.483531][    C0] vkms_vblank_simulate: vblank timer overrun
[  540.552821][T22313] FAULT_INJECTION: forcing a failure.
[  540.552821][T22313] name failslab, interval 1, probability 0, space 0, times 0
[  540.557156][T22313] CPU: 0 UID: 0 PID: 22313 Comm: syz.1.6020 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  540.557172][T22313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  540.557180][T22313] Call Trace:
[  540.557184][T22313]  <TASK>
[  540.557189][T22313]  dump_stack_lvl+0x16c/0x1f0
[  540.557209][T22313]  should_fail_ex+0x512/0x640
[  540.557228][T22313]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  540.557241][T22313]  should_failslab+0xc2/0x120
[  540.557254][T22313]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  540.557265][T22313]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  540.557286][T22313]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  540.557303][T22313]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  540.557322][T22313]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  540.557343][T22313]  mmu_topup_memory_caches+0x25/0x170
[  540.557357][T22313]  kvm_mmu_load+0xd6/0x23c0
[  540.557368][T22313]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  540.557381][T22313]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  540.557394][T22313]  ? kvm_deliver_exception_payload+0x47/0x200
[  540.557407][T22313]  ? __pfx_kvm_mmu_load+0x10/0x10
[  540.557418][T22313]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  540.557436][T22313]  ? kvm_check_and_inject_events+0x71c/0x1310
[  540.557456][T22313]  vcpu_run+0x358c/0x5580
[  540.557471][T22313]  ? __lock_acquire+0xb97/0x1ce0
[  540.557493][T22313]  ? __pfx_vcpu_run+0x10/0x10
[  540.557510][T22313]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  540.557525][T22313]  ? __local_bh_enable_ip+0xa4/0x120
[  540.557542][T22313]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  540.557558][T22313]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  540.557577][T22313]  kvm_vcpu_ioctl+0x5eb/0x1690
[  540.557594][T22313]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  540.557609][T22313]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  540.557623][T22313]  ? do_vfs_ioctl+0x128/0x14f0
[  540.557641][T22313]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  540.557657][T22313]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  540.557677][T22313]  ? hook_file_ioctl_common+0x145/0x410
[  540.557698][T22313]  ? selinux_file_ioctl+0x180/0x270
[  540.557710][T22313]  ? selinux_file_ioctl+0xb4/0x270
[  540.557725][T22313]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  540.557744][T22313]  __x64_sys_ioctl+0x18b/0x210
[  540.557770][T22313]  do_syscall_64+0xcd/0x4c0
[  540.557799][T22313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.557818][T22313] RIP: 0033:0x7f81bd38eb69
[  540.557834][T22313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.557850][T22313] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  540.557862][T22313] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  540.557869][T22313] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  540.557875][T22313] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  540.557882][T22313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  540.557888][T22313] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  540.557902][T22313]  </TASK>
[  540.670389][    C0] vkms_vblank_simulate: vblank timer overrun
[  540.794973][T22326] FAULT_INJECTION: forcing a failure.
[  540.794973][T22326] name failslab, interval 1, probability 0, space 0, times 0
[  540.799718][T22326] CPU: 0 UID: 0 PID: 22326 Comm: syz.3.6024 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  540.799736][T22326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  540.799743][T22326] Call Trace:
[  540.799748][T22326]  <TASK>
[  540.799752][T22326]  dump_stack_lvl+0x16c/0x1f0
[  540.799774][T22326]  should_fail_ex+0x512/0x640
[  540.799794][T22326]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  540.799809][T22326]  should_failslab+0xc2/0x120
[  540.799823][T22326]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  540.799852][T22326]  ? __kernfs_new_node+0xd2/0x8e0
[  540.799873][T22326]  __kernfs_new_node+0xd2/0x8e0
[  540.799891][T22326]  ? __pfx___kernfs_new_node+0x10/0x10
[  540.799911][T22326]  ? find_held_lock+0x2b/0x80
[  540.799927][T22326]  ? kernfs_root+0xee/0x2a0
[  540.799946][T22326]  kernfs_new_node+0x13c/0x1e0
[  540.799968][T22326]  __kernfs_create_file+0x53/0x350
[  540.799988][T22326]  sysfs_add_file_mode_ns+0x207/0x3c0
[  540.800008][T22326]  internal_create_group+0x578/0xf30
[  540.800030][T22326]  ? __pfx_internal_create_group+0x10/0x10
[  540.800049][T22326]  ? kernfs_create_link+0x1bd/0x240
[  540.800065][T22326]  internal_create_groups+0x9d/0x150
[  540.800083][T22326]  device_add+0xf30/0x1aa0
[  540.800098][T22326]  ? __pfx_device_add+0x10/0x10
[  540.800111][T22326]  ? lockdep_init_map_type+0x5c/0x280
[  540.800132][T22326]  ? __init_waitqueue_head+0xca/0x150
[  540.800150][T22326]  wakeup_source_device_create+0x214/0x2a0
[  540.800165][T22326]  wakeup_source_sysfs_add+0x1c/0x90
[  540.800178][T22326]  wakeup_source_register+0x154/0x3e0
[  540.800198][T22326]  ep_create_wakeup_source+0x139/0x2e0
[  540.800212][T22326]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  540.800230][T22326]  ? do_epoll_ctl+0x1565/0x3790
[  540.800247][T22326]  do_epoll_ctl+0x1f60/0x3790
[  540.800267][T22326]  ? __pfx_do_epoll_ctl+0x10/0x10
[  540.800280][T22326]  ? find_held_lock+0x2b/0x80
[  540.800293][T22326]  ? __might_fault+0xe3/0x190
[  540.800305][T22326]  ? __might_fault+0xe3/0x190
[  540.800322][T22326]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  540.800335][T22326]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  540.800350][T22326]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  540.800369][T22326]  do_syscall_64+0xcd/0x4c0
[  540.800389][T22326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.800402][T22326] RIP: 0033:0x7fb157d8eb69
[  540.800412][T22326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.800424][T22326] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  540.800436][T22326] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  540.800444][T22326] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  540.800451][T22326] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  540.800458][T22326] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  540.800466][T22326] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  540.800497][T22326]  </TASK>
[  540.822013][T22328] FAULT_INJECTION: forcing a failure.
[  540.822013][T22328] name failslab, interval 1, probability 0, space 0, times 0
[  540.913492][T22328] CPU: 0 UID: 0 PID: 22328 Comm: syz.1.6025 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  540.913510][T22328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  540.913519][T22328] Call Trace:
[  540.913523][T22328]  <TASK>
[  540.913528][T22328]  dump_stack_lvl+0x16c/0x1f0
[  540.913550][T22328]  should_fail_ex+0x512/0x640
[  540.913568][T22328]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  540.913584][T22328]  should_failslab+0xc2/0x120
[  540.913597][T22328]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  540.913611][T22328]  ? kstrdup_const+0x63/0x80
[  540.913625][T22328]  kstrdup+0x53/0x100
[  540.913637][T22328]  kstrdup_const+0x63/0x80
[  540.913649][T22328]  alloc_vfsmnt+0xea/0x6b0
[  540.913666][T22328]  clone_mnt+0x6d/0xbf0
[  540.913676][T22328]  ? is_subdir+0x1a8/0x3e0
[  540.913693][T22328]  clone_private_mount+0x3fe/0x530
[  540.913706][T22328]  ovl_fill_super+0x84b/0x6820
[  540.913726][T22328]  ? __pfx___might_resched+0x10/0x10
[  540.913742][T22328]  ? rcu_is_watching+0x12/0xc0
[  540.913758][T22328]  ? find_held_lock+0x2b/0x80
[  540.913793][T22328]  ? __pfx_ovl_fill_super+0x10/0x10
[  540.913815][T22328]  ? lockdep_init_map_type+0x5c/0x280
[  540.913835][T22328]  ? lockdep_init_map_type+0x5c/0x280
[  540.913854][T22328]  ? __init_swait_queue_head+0xca/0x150
[  540.913869][T22328]  ? shrinker_register+0x1a8/0x260
[  540.913883][T22328]  ? sget_fc+0x808/0xc20
[  540.913896][T22328]  ? __pfx_ovl_fill_super+0x10/0x10
[  540.913914][T22328]  ? get_tree_nodev+0xdd/0x190
[  540.913926][T22328]  get_tree_nodev+0xdd/0x190
[  540.913939][T22328]  vfs_get_tree+0x8b/0x340
[  540.913956][T22328]  path_mount+0x1482/0x1fd0
[  540.913978][T22328]  ? __pfx_path_mount+0x10/0x10
[  540.913994][T22328]  ? kmem_cache_free+0x2d1/0x4d0
[  540.914005][T22328]  ? putname+0x154/0x1a0
[  540.914021][T22328]  ? putname+0x154/0x1a0
[  540.914038][T22328]  ? __x64_sys_mount+0x28d/0x310
[  540.914052][T22328]  __x64_sys_mount+0x28d/0x310
[  540.914067][T22328]  ? __pfx___x64_sys_mount+0x10/0x10
[  540.914087][T22328]  do_syscall_64+0xcd/0x4c0
[  540.914106][T22328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.914119][T22328] RIP: 0033:0x7f81bd38eb69
[  540.914129][T22328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.914140][T22328] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  540.914152][T22328] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  540.914160][T22328] RDX: 0000200000000b80 RSI: 0000200000000100 RDI: 0000000000000000
[  540.914167][T22328] RBP: 00007f81bb1f6090 R08: 0000200000000200 R09: 0000000000000000
[  540.914174][T22328] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[  540.914181][T22328] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  540.914196][T22328]  </TASK>
[  540.918361][T22328] overlayfs: failed to clone upperpath
[  541.074201][T22337] FAULT_INJECTION: forcing a failure.
[  541.074201][T22337] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  541.078412][T22337] CPU: 1 UID: 0 PID: 22337 Comm: syz.1.6028 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  541.078428][T22337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  541.078436][T22337] Call Trace:
[  541.078440][T22337]  <TASK>
[  541.078445][T22337]  dump_stack_lvl+0x16c/0x1f0
[  541.078465][T22337]  should_fail_ex+0x512/0x640
[  541.078486][T22337]  should_fail_alloc_page+0xe7/0x130
[  541.078500][T22337]  prepare_alloc_pages+0x3c2/0x610
[  541.078516][T22337]  ? rcu_is_watching+0x12/0xc0
[  541.078531][T22337]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  541.078546][T22337]  ? rcu_is_watching+0x12/0xc0
[  541.078559][T22337]  ? trace_mm_page_alloc+0x11f/0x1a0
[  541.078575][T22337]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  541.078586][T22337]  ? stack_trace_save+0x8e/0xc0
[  541.078602][T22337]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  541.078618][T22337]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  541.078630][T22337]  ? __get_vm_area_node+0x1ca/0x330
[  541.078644][T22337]  ? __vmalloc_node_noprof+0xad/0xf0
[  541.078659][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.078673][T22337]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  541.078687][T22337]  ? do_alloc_pages+0x136/0x2d0
[  541.078699][T22337]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  541.078712][T22337]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  541.078725][T22337]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  541.078740][T22337]  ? do_syscall_64+0xcd/0x4c0
[  541.078756][T22337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.078771][T22337]  alloc_pages_bulk_noprof+0x71c/0x1410
[  541.078782][T22337]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  541.078797][T22337]  ? policy_nodemask+0xea/0x4e0
[  541.078811][T22337]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  541.078824][T22337]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  541.078843][T22337]  kasan_populate_vmalloc+0xf1/0x1f0
[  541.078864][T22337]  alloc_vmap_area+0x959/0x29c0
[  541.078884][T22337]  ? __pfx_alloc_vmap_area+0x10/0x10
[  541.078902][T22337]  __get_vm_area_node+0x1ca/0x330
[  541.078920][T22337]  __vmalloc_node_range_noprof+0x271/0x14b0
[  541.078937][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.078953][T22337]  ? __pfx___mutex_trylock_common+0x10/0x10
[  541.078973][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.078987][T22337]  ? rcu_is_watching+0x12/0xc0
[  541.079000][T22337]  ? trace_contention_end+0xdd/0x130
[  541.079012][T22337]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  541.079031][T22337]  ? __mutex_unlock_slowpath+0x163/0x800
[  541.079051][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.079064][T22337]  __vmalloc_node_noprof+0xad/0xf0
[  541.079080][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.079094][T22337]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  541.079110][T22337]  __snd_dma_alloc_pages+0x53/0x90
[  541.079125][T22337]  snd_dma_alloc_dir_pages+0x151/0x240
[  541.079141][T22337]  do_alloc_pages+0x136/0x2d0
[  541.079163][T22337]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  541.079180][T22337]  snd_pcm_hw_params+0x1656/0x1ba0
[  541.079196][T22337]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  541.079211][T22337]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  541.079226][T22337]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  541.079239][T22337]  ? __asan_memset+0x23/0x50
[  541.079257][T22337]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  541.079272][T22337]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  541.079291][T22337]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  541.079311][T22337]  ? find_held_lock+0x2b/0x80
[  541.079327][T22337]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  541.079340][T22337]  snd_pcm_oss_write+0x4c3/0xa10
[  541.079353][T22337]  ? bpf_lsm_file_permission+0x9/0x10
[  541.079368][T22337]  ? security_file_permission+0x71/0x210
[  541.079385][T22337]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  541.079397][T22337]  vfs_write+0x29d/0x1150
[  541.079412][T22337]  ? __pfx_vfs_write+0x10/0x10
[  541.079421][T22337]  ? find_held_lock+0x2b/0x80
[  541.079435][T22337]  ? __fget_files+0x204/0x3c0
[  541.079450][T22337]  ? __fget_files+0x20e/0x3c0
[  541.079467][T22337]  ksys_write+0x12a/0x250
[  541.079478][T22337]  ? __pfx_ksys_write+0x10/0x10
[  541.079490][T22337]  ? fput+0x9b/0xd0
[  541.079508][T22337]  do_syscall_64+0xcd/0x4c0
[  541.079526][T22337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.079538][T22337] RIP: 0033:0x7f81bd38eb69
[  541.079547][T22337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.079559][T22337] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  541.079571][T22337] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  541.079578][T22337] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  541.079585][T22337] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  541.079592][T22337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  541.079599][T22337] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  541.079614][T22337]  </TASK>
[  541.079809][T22337] warn_alloc: 7 callbacks suppressed
[  541.079815][T22337] syz.1.6028: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  541.248805][T22337] CPU: 1 UID: 0 PID: 22337 Comm: syz.1.6028 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  541.248822][T22337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  541.248829][T22337] Call Trace:
[  541.248834][T22337]  <TASK>
[  541.248838][T22337]  dump_stack_lvl+0x16c/0x1f0
[  541.248859][T22337]  warn_alloc+0x248/0x3a0
[  541.248872][T22337]  ? __pfx_warn_alloc+0x10/0x10
[  541.248884][T22337]  ? kfree+0x2b4/0x4d0
[  541.248909][T22337]  ? __get_vm_area_node+0x208/0x330
[  541.248928][T22337]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  541.248946][T22337]  ? __pfx___mutex_trylock_common+0x10/0x10
[  541.248967][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.248982][T22337]  ? rcu_is_watching+0x12/0xc0
[  541.248996][T22337]  ? trace_contention_end+0xdd/0x130
[  541.249008][T22337]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  541.249027][T22337]  ? __mutex_unlock_slowpath+0x163/0x800
[  541.249047][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.249061][T22337]  __vmalloc_node_noprof+0xad/0xf0
[  541.249077][T22337]  ? __snd_dma_alloc_pages+0x53/0x90
[  541.249091][T22337]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  541.249107][T22337]  __snd_dma_alloc_pages+0x53/0x90
[  541.249121][T22337]  snd_dma_alloc_dir_pages+0x151/0x240
[  541.249137][T22337]  do_alloc_pages+0x136/0x2d0
[  541.249153][T22337]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  541.249169][T22337]  snd_pcm_hw_params+0x1656/0x1ba0
[  541.249186][T22337]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  541.249200][T22337]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  541.249215][T22337]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  541.249228][T22337]  ? __asan_memset+0x23/0x50
[  541.249246][T22337]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  541.249262][T22337]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  541.249281][T22337]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  541.249301][T22337]  ? find_held_lock+0x2b/0x80
[  541.249318][T22337]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  541.249331][T22337]  snd_pcm_oss_write+0x4c3/0xa10
[  541.249344][T22337]  ? bpf_lsm_file_permission+0x9/0x10
[  541.249359][T22337]  ? security_file_permission+0x71/0x210
[  541.249377][T22337]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  541.249389][T22337]  vfs_write+0x29d/0x1150
[  541.249404][T22337]  ? __pfx_vfs_write+0x10/0x10
[  541.249414][T22337]  ? find_held_lock+0x2b/0x80
[  541.249428][T22337]  ? __fget_files+0x204/0x3c0
[  541.249443][T22337]  ? __fget_files+0x20e/0x3c0
[  541.249459][T22337]  ksys_write+0x12a/0x250
[  541.249470][T22337]  ? __pfx_ksys_write+0x10/0x10
[  541.249482][T22337]  ? fput+0x9b/0xd0
[  541.249499][T22337]  do_syscall_64+0xcd/0x4c0
[  541.249518][T22337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.249529][T22337] RIP: 0033:0x7f81bd38eb69
[  541.249539][T22337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.249551][T22337] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  541.249562][T22337] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  541.249569][T22337] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  541.249576][T22337] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  541.249583][T22337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  541.249589][T22337] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  541.249604][T22337]  </TASK>
[  541.249608][T22337] Mem-Info:
[  541.366554][T22337] active_anon:8545 inactive_anon:91 isolated_anon:0
[  541.366554][T22337]  active_file:3481 inactive_file:45646 isolated_file:0
[  541.366554][T22337]  unevictable:1768 dirty:63 writeback:0
[  541.366554][T22337]  slab_reclaimable:8105 slab_unreclaimable:83655
[  541.366554][T22337]  mapped:28176 shmem:2397 pagetables:1672
[  541.366554][T22337]  sec_pagetables:317 bounce:0
[  541.366554][T22337]  kernel_misc_reclaimable:0
[  541.366554][T22337]  free:442592 free_pcp:18280 free_cma:0
[  541.384524][T22337] Node 0 active_anon:34160kB inactive_anon:364kB active_file:13844kB inactive_file:182360kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:112624kB dirty:208kB writeback:0kB shmem:6052kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14288kB pagetables:6508kB sec_pagetables:1268kB all_unreclaimable? no Balloon:0kB
[  541.395696][T22337] Node 1 active_anon:20kB inactive_anon:0kB active_file:80kB inactive_file:224kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:44kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:180kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  541.407469][T22337] Node 0 DMA free:15200kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:92kB local_pcp:0kB free_cma:0kB
[  541.417633][T22337] lowmem_reserve[]: 0 1233 1233 1233 1233
[  541.421148][T22337] Node 0 DMA32 free:159296kB boost:59392kB min:86908kB low:93784kB high:100660kB reserved_highatomic:0KB free_highatomic:0KB active_anon:34160kB inactive_anon:364kB active_file:13844kB inactive_file:182360kB unevictable:3536kB writepending:208kB present:2080628kB managed:1263564kB mlocked:0kB bounce:0kB free_pcp:53904kB local_pcp:10236kB free_cma:0kB
[  541.432208][T22337] lowmem_reserve[]: 0 0 0 0 0
[  541.433895][T22337] Node 1 Normal free:1597672kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20kB inactive_anon:0kB active_file:80kB inactive_file:224kB unevictable:3536kB writepending:44kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:17728kB local_pcp:8268kB free_cma:0kB
[  541.444429][T22337] lowmem_reserve[]: 0 0 0 0 0
[  541.446109][T22337] Node 0 DMA: 4*4kB (U) 4*8kB (U) 7*16kB (UM) 4*32kB (UM) 7*64kB (UM) 5*128kB (UM) 4*256kB (UM) 1*512kB (M) 2*1024kB (UM) 3*2048kB (M) 1*4096kB (U) = 15200kB
[  541.451971][T22337] Node 0 DMA32: 728*4kB (UME) 700*8kB (UME) 416*16kB (UME) 335*32kB (UME) 220*64kB (UME) 73*128kB (UME) 57*256kB (UME) 41*512kB (UME) 39*1024kB (UM) 11*2048kB (UM) 3*4096kB (UM) = 159648kB
[  541.458447][T22337] Node 1 Normal: 9*4kB (UME) 29*8kB (UME) 48*16kB (UME) 125*32kB (UME) 53*64kB (UME) 24*128kB (UME) 8*256kB (ME) 10*512kB (ME) 6*1024kB (UM) 4*2048kB (M) 382*4096kB (UM) = 1597676kB
[  541.464753][T22337] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  541.467785][T22337] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  541.471972][T22337] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  541.475419][T22337] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  541.479742][T22337] 51520 total pagecache pages
[  541.481325][T22337] 0 pages in swap cache
[  541.482668][T22337] Free swap  = 124996kB
[  541.483978][T22337] Total swap = 124996kB
[  541.485285][T22337] 1048443 pages RAM
[  541.486448][T22337] 0 pages HighMem/MovableOnly
[  541.487926][T22337] 283223 pages reserved
[  541.491415][T22337] 0 pages cma reserved
[  541.538106][T22350] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25964 sclass=netlink_route_socket pid=22350 comm=syz.3.6033
[  541.817670][T22368] FAULT_INJECTION: forcing a failure.
[  541.817670][T22368] name failslab, interval 1, probability 0, space 0, times 0
[  541.821982][T22368] CPU: 0 UID: 0 PID: 22368 Comm: syz.2.6039 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  541.822003][T22368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  541.822010][T22368] Call Trace:
[  541.822016][T22368]  <TASK>
[  541.822020][T22368]  dump_stack_lvl+0x16c/0x1f0
[  541.822043][T22368]  should_fail_ex+0x512/0x640
[  541.822063][T22368]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  541.822078][T22368]  should_failslab+0xc2/0x120
[  541.822092][T22368]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  541.822104][T22368]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  541.822122][T22368]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  541.822140][T22368]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  541.822161][T22368]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  541.822185][T22368]  mmu_topup_memory_caches+0x25/0x170
[  541.822213][T22368]  kvm_mmu_load+0xd6/0x23c0
[  541.822226][T22368]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  541.822239][T22368]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  541.822253][T22368]  ? kvm_deliver_exception_payload+0x47/0x200
[  541.822268][T22368]  ? __pfx_kvm_mmu_load+0x10/0x10
[  541.822279][T22368]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  541.822298][T22368]  ? kvm_check_and_inject_events+0x71c/0x1310
[  541.822319][T22368]  vcpu_run+0x358c/0x5580
[  541.822336][T22368]  ? __lock_acquire+0xb97/0x1ce0
[  541.822360][T22368]  ? __pfx_vcpu_run+0x10/0x10
[  541.822379][T22368]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  541.822396][T22368]  ? __local_bh_enable_ip+0xa4/0x120
[  541.822415][T22368]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  541.822432][T22368]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  541.822454][T22368]  kvm_vcpu_ioctl+0x5eb/0x1690
[  541.822473][T22368]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  541.822489][T22368]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  541.822505][T22368]  ? do_vfs_ioctl+0x128/0x14f0
[  541.822524][T22368]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  541.822542][T22368]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  541.822565][T22368]  ? hook_file_ioctl_common+0x145/0x410
[  541.822588][T22368]  ? selinux_file_ioctl+0x180/0x270
[  541.822602][T22368]  ? selinux_file_ioctl+0xb4/0x270
[  541.822617][T22368]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  541.822633][T22368]  __x64_sys_ioctl+0x18b/0x210
[  541.822653][T22368]  do_syscall_64+0xcd/0x4c0
[  541.822672][T22368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.822685][T22368] RIP: 0033:0x7f20ffb8eb69
[  541.822695][T22368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.822707][T22368] RSP: 002b:00007f21009a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  541.822719][T22368] RAX: ffffffffffffffda RBX: 00007f20ffdb5fa0 RCX: 00007f20ffb8eb69
[  541.822727][T22368] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  541.822734][T22368] RBP: 00007f21009a4090 R08: 0000000000000000 R09: 0000000000000000
[  541.822741][T22368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  541.822748][T22368] R13: 0000000000000000 R14: 00007f20ffdb5fa0 R15: 00007ffcfb1a2938
[  541.822763][T22368]  </TASK>
[  541.927452][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.336838][T22378] FAULT_INJECTION: forcing a failure.
[  542.336838][T22378] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  542.341042][T22378] CPU: 1 UID: 0 PID: 22378 Comm: syz.3.6043 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  542.341059][T22378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  542.341067][T22378] Call Trace:
[  542.341071][T22378]  <TASK>
[  542.341077][T22378]  dump_stack_lvl+0x16c/0x1f0
[  542.341098][T22378]  should_fail_ex+0x512/0x640
[  542.341119][T22378]  should_fail_alloc_page+0xe7/0x130
[  542.341135][T22378]  prepare_alloc_pages+0x3c2/0x610
[  542.341151][T22378]  ? rcu_is_watching+0x12/0xc0
[  542.341167][T22378]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  542.341182][T22378]  ? rcu_is_watching+0x12/0xc0
[  542.341196][T22378]  ? trace_mm_page_alloc+0x11f/0x1a0
[  542.341212][T22378]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  542.341224][T22378]  ? stack_trace_save+0x8e/0xc0
[  542.341241][T22378]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  542.341258][T22378]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  542.341269][T22378]  ? __get_vm_area_node+0x1ca/0x330
[  542.341284][T22378]  ? __vmalloc_node_noprof+0xad/0xf0
[  542.341300][T22378]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.341314][T22378]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  542.341328][T22378]  ? do_alloc_pages+0x136/0x2d0
[  542.341340][T22378]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  542.341353][T22378]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  542.341367][T22378]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  542.341383][T22378]  ? do_syscall_64+0xcd/0x4c0
[  542.341399][T22378]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.341414][T22378]  alloc_pages_bulk_noprof+0x71c/0x1410
[  542.341426][T22378]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  542.341441][T22378]  ? policy_nodemask+0xea/0x4e0
[  542.341456][T22378]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  542.341468][T22378]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  542.341488][T22378]  kasan_populate_vmalloc+0xf1/0x1f0
[  542.341510][T22378]  alloc_vmap_area+0x959/0x29c0
[  542.341531][T22378]  ? __pfx_alloc_vmap_area+0x10/0x10
[  542.341549][T22378]  __get_vm_area_node+0x1ca/0x330
[  542.341568][T22378]  __vmalloc_node_range_noprof+0x271/0x14b0
[  542.341585][T22378]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.341601][T22378]  ? __pfx___mutex_trylock_common+0x10/0x10
[  542.341622][T22378]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.341637][T22378]  ? rcu_is_watching+0x12/0xc0
[  542.341651][T22378]  ? trace_contention_end+0xdd/0x130
[  542.341664][T22378]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  542.341684][T22378]  ? __mutex_unlock_slowpath+0x163/0x800
[  542.341705][T22378]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.341720][T22378]  __vmalloc_node_noprof+0xad/0xf0
[  542.341736][T22378]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.341751][T22378]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  542.341780][T22378]  __snd_dma_alloc_pages+0x53/0x90
[  542.341796][T22378]  snd_dma_alloc_dir_pages+0x151/0x240
[  542.341813][T22378]  do_alloc_pages+0x136/0x2d0
[  542.341829][T22378]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  542.341846][T22378]  snd_pcm_hw_params+0x1656/0x1ba0
[  542.341864][T22378]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  542.341879][T22378]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  542.341913][T22378]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  542.341926][T22378]  ? __asan_memset+0x23/0x50
[  542.341945][T22378]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  542.341962][T22378]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  542.341983][T22378]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  542.342004][T22378]  ? find_held_lock+0x2b/0x80
[  542.342022][T22378]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  542.342036][T22378]  snd_pcm_oss_write+0x4c3/0xa10
[  542.342050][T22378]  ? bpf_lsm_file_permission+0x9/0x10
[  542.342065][T22378]  ? security_file_permission+0x71/0x210
[  542.342084][T22378]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  542.342097][T22378]  vfs_write+0x29d/0x1150
[  542.342113][T22378]  ? __pfx_vfs_write+0x10/0x10
[  542.342123][T22378]  ? find_held_lock+0x2b/0x80
[  542.342138][T22378]  ? __fget_files+0x204/0x3c0
[  542.342153][T22378]  ? __fget_files+0x20e/0x3c0
[  542.342170][T22378]  ksys_write+0x12a/0x250
[  542.342182][T22378]  ? __pfx_ksys_write+0x10/0x10
[  542.342194][T22378]  ? fput+0x9b/0xd0
[  542.342212][T22378]  do_syscall_64+0xcd/0x4c0
[  542.342231][T22378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.342242][T22378] RIP: 0033:0x7fb157d8eb69
[  542.342253][T22378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.342265][T22378] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  542.342276][T22378] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  542.342284][T22378] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  542.342291][T22378] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  542.342298][T22378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  542.342305][T22378] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  542.342320][T22378]  </TASK>
[  542.503856][    C1] hpet_rtc_timer_reinit: 3 callbacks suppressed
[  542.503884][    C1] hpet: Lost 9 RTC interrupts
[  542.572918][T22381] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6042'.
[  542.750717][T22396] FAULT_INJECTION: forcing a failure.
[  542.750717][T22396] name failslab, interval 1, probability 0, space 0, times 0
[  542.754902][T22396] CPU: 0 UID: 0 PID: 22396 Comm: syz.3.6050 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  542.754919][T22396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  542.754926][T22396] Call Trace:
[  542.754931][T22396]  <TASK>
[  542.754936][T22396]  dump_stack_lvl+0x16c/0x1f0
[  542.754957][T22396]  should_fail_ex+0x512/0x640
[  542.754981][T22396]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  542.754995][T22396]  should_failslab+0xc2/0x120
[  542.755009][T22396]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  542.755021][T22396]  ? __kernfs_new_node+0xd2/0x8e0
[  542.755040][T22396]  __kernfs_new_node+0xd2/0x8e0
[  542.755057][T22396]  ? __pfx___kernfs_new_node+0x10/0x10
[  542.755076][T22396]  ? find_held_lock+0x2b/0x80
[  542.755092][T22396]  ? kernfs_root+0xee/0x2a0
[  542.755111][T22396]  kernfs_new_node+0x13c/0x1e0
[  542.755132][T22396]  __kernfs_create_file+0x53/0x350
[  542.755147][T22396]  sysfs_add_file_mode_ns+0x207/0x3c0
[  542.755165][T22396]  internal_create_group+0x578/0xf30
[  542.755185][T22396]  ? __pfx_internal_create_group+0x10/0x10
[  542.755204][T22396]  ? kernfs_create_link+0x1bd/0x240
[  542.755219][T22396]  internal_create_groups+0x9d/0x150
[  542.755237][T22396]  device_add+0xf30/0x1aa0
[  542.755252][T22396]  ? __pfx_device_add+0x10/0x10
[  542.755265][T22396]  ? lockdep_init_map_type+0x5c/0x280
[  542.755285][T22396]  ? __init_waitqueue_head+0xca/0x150
[  542.755302][T22396]  wakeup_source_device_create+0x214/0x2a0
[  542.755317][T22396]  wakeup_source_sysfs_add+0x1c/0x90
[  542.755330][T22396]  wakeup_source_register+0x154/0x3e0
[  542.755350][T22396]  ep_create_wakeup_source+0x139/0x2e0
[  542.755364][T22396]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  542.755380][T22396]  ? do_epoll_ctl+0x1565/0x3790
[  542.755396][T22396]  do_epoll_ctl+0x1f60/0x3790
[  542.755416][T22396]  ? __pfx_do_epoll_ctl+0x10/0x10
[  542.755428][T22396]  ? find_held_lock+0x2b/0x80
[  542.755441][T22396]  ? __might_fault+0xe3/0x190
[  542.755452][T22396]  ? __might_fault+0xe3/0x190
[  542.755469][T22396]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  542.755482][T22396]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  542.755495][T22396]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  542.755514][T22396]  do_syscall_64+0xcd/0x4c0
[  542.755533][T22396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.755545][T22396] RIP: 0033:0x7fb157d8eb69
[  542.755556][T22396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.755568][T22396] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  542.755579][T22396] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  542.755586][T22396] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  542.755593][T22396] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  542.755600][T22396] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  542.755607][T22396] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  542.755622][T22396]  </TASK>
[  542.857153][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.891993][T22401] FAULT_INJECTION: forcing a failure.
[  542.891993][T22401] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  542.896156][T22401] CPU: 1 UID: 0 PID: 22401 Comm: syz.0.6052 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  542.896172][T22401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  542.896179][T22401] Call Trace:
[  542.896183][T22401]  <TASK>
[  542.896188][T22401]  dump_stack_lvl+0x16c/0x1f0
[  542.896208][T22401]  should_fail_ex+0x512/0x640
[  542.896228][T22401]  should_fail_alloc_page+0xe7/0x130
[  542.896243][T22401]  prepare_alloc_pages+0x3c2/0x610
[  542.896258][T22401]  ? rcu_is_watching+0x12/0xc0
[  542.896274][T22401]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  542.896288][T22401]  ? rcu_is_watching+0x12/0xc0
[  542.896301][T22401]  ? trace_mm_page_alloc+0x11f/0x1a0
[  542.896317][T22401]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  542.896328][T22401]  ? stack_trace_save+0x8e/0xc0
[  542.896345][T22401]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  542.896361][T22401]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  542.896372][T22401]  ? __get_vm_area_node+0x1ca/0x330
[  542.896387][T22401]  ? __vmalloc_node_noprof+0xad/0xf0
[  542.896402][T22401]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.896416][T22401]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  542.896430][T22401]  ? do_alloc_pages+0x136/0x2d0
[  542.896442][T22401]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  542.896455][T22401]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  542.896469][T22401]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  542.896484][T22401]  ? do_syscall_64+0xcd/0x4c0
[  542.896500][T22401]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.896514][T22401]  alloc_pages_bulk_noprof+0x71c/0x1410
[  542.896525][T22401]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  542.896540][T22401]  ? policy_nodemask+0xea/0x4e0
[  542.896555][T22401]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  542.896567][T22401]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  542.896586][T22401]  kasan_populate_vmalloc+0xf1/0x1f0
[  542.896607][T22401]  alloc_vmap_area+0x959/0x29c0
[  542.896627][T22401]  ? __pfx_alloc_vmap_area+0x10/0x10
[  542.896646][T22401]  __get_vm_area_node+0x1ca/0x330
[  542.896663][T22401]  __vmalloc_node_range_noprof+0x271/0x14b0
[  542.896680][T22401]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.896728][T22401]  ? __pfx___mutex_trylock_common+0x10/0x10
[  542.896750][T22401]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.896764][T22401]  ? rcu_is_watching+0x12/0xc0
[  542.896778][T22401]  ? trace_contention_end+0xdd/0x130
[  542.896789][T22401]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  542.896809][T22401]  ? __mutex_unlock_slowpath+0x163/0x800
[  542.896828][T22401]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.896842][T22401]  __vmalloc_node_noprof+0xad/0xf0
[  542.896858][T22401]  ? __snd_dma_alloc_pages+0x53/0x90
[  542.896882][T22401]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  542.896900][T22401]  __snd_dma_alloc_pages+0x53/0x90
[  542.896915][T22401]  snd_dma_alloc_dir_pages+0x151/0x240
[  542.896931][T22401]  do_alloc_pages+0x136/0x2d0
[  542.896946][T22401]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  542.896963][T22401]  snd_pcm_hw_params+0x1656/0x1ba0
[  542.896980][T22401]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  542.896998][T22401]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  542.897013][T22401]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  542.897026][T22401]  ? __asan_memset+0x23/0x50
[  542.897045][T22401]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  542.897060][T22401]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  542.897080][T22401]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  542.897101][T22401]  ? find_held_lock+0x2b/0x80
[  542.897118][T22401]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  542.897132][T22401]  snd_pcm_oss_write+0x4c3/0xa10
[  542.897145][T22401]  ? bpf_lsm_file_permission+0x9/0x10
[  542.897160][T22401]  ? security_file_permission+0x71/0x210
[  542.897178][T22401]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  542.897191][T22401]  vfs_write+0x29d/0x1150
[  542.897206][T22401]  ? __pfx_vfs_write+0x10/0x10
[  542.897216][T22401]  ? find_held_lock+0x2b/0x80
[  542.897229][T22401]  ? __fget_files+0x204/0x3c0
[  542.897244][T22401]  ? __fget_files+0x20e/0x3c0
[  542.897261][T22401]  ksys_write+0x12a/0x250
[  542.897272][T22401]  ? __pfx_ksys_write+0x10/0x10
[  542.897288][T22401]  do_syscall_64+0xcd/0x4c0
[  542.897306][T22401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.897317][T22401] RIP: 0033:0x7f77d678eb69
[  542.897327][T22401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.897339][T22401] RSP: 002b:00007f77d7618038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  542.897350][T22401] RAX: ffffffffffffffda RBX: 00007f77d69b5fa0 RCX: 00007f77d678eb69
[  542.897357][T22401] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  542.897364][T22401] RBP: 00007f77d7618090 R08: 0000000000000000 R09: 0000000000000000
[  542.897371][T22401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  542.897377][T22401] R13: 0000000000000000 R14: 00007f77d69b5fa0 R15: 00007ffd2021de68
[  542.897392][T22401]  </TASK>
[  542.949260][T22403] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.6051'.
[  542.950224][    C1] hpet: Lost 2 RTC interrupts
[  542.951667][T22402] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.6051'.
[  543.159707][T22412] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  543.170479][T22412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=22412 comm=syz.2.6056
[  543.184366][T22415] FAULT_INJECTION: forcing a failure.
[  543.184366][T22415] name failslab, interval 1, probability 0, space 0, times 0
[  543.188725][T22415] CPU: 0 UID: 0 PID: 22415 Comm: syz.1.6048 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  543.188748][T22415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  543.188757][T22415] Call Trace:
[  543.188762][T22415]  <TASK>
[  543.188767][T22415]  dump_stack_lvl+0x16c/0x1f0
[  543.188788][T22415]  should_fail_ex+0x512/0x640
[  543.188805][T22415]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  543.188819][T22415]  should_failslab+0xc2/0x120
[  543.188832][T22415]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  543.188843][T22415]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  543.188861][T22415]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  543.188876][T22415]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  543.188896][T22415]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  543.188916][T22415]  mmu_topup_memory_caches+0x25/0x170
[  543.188929][T22415]  kvm_mmu_load+0xd6/0x23c0
[  543.188940][T22415]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  543.188952][T22415]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  543.188967][T22415]  ? kvm_deliver_exception_payload+0x47/0x200
[  543.188981][T22415]  ? __pfx_kvm_mmu_load+0x10/0x10
[  543.188991][T22415]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  543.189023][T22415]  ? kvm_check_and_inject_events+0x71c/0x1310
[  543.189042][T22415]  vcpu_run+0x358c/0x5580
[  543.189058][T22415]  ? __lock_acquire+0xb97/0x1ce0
[  543.189079][T22415]  ? __pfx_vcpu_run+0x10/0x10
[  543.189096][T22415]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  543.189111][T22415]  ? __local_bh_enable_ip+0xa4/0x120
[  543.189128][T22415]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  543.189143][T22415]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  543.189163][T22415]  kvm_vcpu_ioctl+0x5eb/0x1690
[  543.189180][T22415]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  543.189195][T22415]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  543.189213][T22415]  ? do_vfs_ioctl+0x128/0x14f0
[  543.189231][T22415]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  543.189248][T22415]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  543.189268][T22415]  ? hook_file_ioctl_common+0x145/0x410
[  543.189290][T22415]  ? selinux_file_ioctl+0x180/0x270
[  543.189303][T22415]  ? selinux_file_ioctl+0xb4/0x270
[  543.189317][T22415]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  543.189332][T22415]  __x64_sys_ioctl+0x18b/0x210
[  543.189350][T22415]  do_syscall_64+0xcd/0x4c0
[  543.189368][T22415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.189382][T22415] RIP: 0033:0x7f81bd38eb69
[  543.189395][T22415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.189410][T22415] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  543.189427][T22415] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  543.189440][T22415] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  543.189450][T22415] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  543.189461][T22415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  543.189471][T22415] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  543.189496][T22415]  </TASK>
[  543.308837][    C0] vkms_vblank_simulate: vblank timer overrun
[  543.350564][T22420] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5914 sclass=netlink_route_socket pid=22420 comm=syz.2.6058
[  543.485686][T22429] FAULT_INJECTION: forcing a failure.
[  543.485686][T22429] name failslab, interval 1, probability 0, space 0, times 0
[  543.490609][T22429] CPU: 0 UID: 0 PID: 22429 Comm: syz.1.6063 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  543.490627][T22429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  543.490635][T22429] Call Trace:
[  543.490640][T22429]  <TASK>
[  543.490645][T22429]  dump_stack_lvl+0x16c/0x1f0
[  543.490667][T22429]  should_fail_ex+0x512/0x640
[  543.490687][T22429]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  543.490702][T22429]  should_failslab+0xc2/0x120
[  543.490716][T22429]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  543.490728][T22429]  ? __kernfs_new_node+0xd2/0x8e0
[  543.490748][T22429]  __kernfs_new_node+0xd2/0x8e0
[  543.490765][T22429]  ? __pfx___kernfs_new_node+0x10/0x10
[  543.490786][T22429]  ? find_held_lock+0x2b/0x80
[  543.490802][T22429]  ? kernfs_root+0xee/0x2a0
[  543.490821][T22429]  kernfs_new_node+0x13c/0x1e0
[  543.490843][T22429]  __kernfs_create_file+0x53/0x350
[  543.490858][T22429]  sysfs_add_file_mode_ns+0x207/0x3c0
[  543.490877][T22429]  internal_create_group+0x578/0xf30
[  543.490898][T22429]  ? __pfx_internal_create_group+0x10/0x10
[  543.490934][T22429]  ? kernfs_create_link+0x1bd/0x240
[  543.490949][T22429]  internal_create_groups+0x9d/0x150
[  543.490968][T22429]  device_add+0xf30/0x1aa0
[  543.490984][T22429]  ? __pfx_device_add+0x10/0x10
[  543.490997][T22429]  ? lockdep_init_map_type+0x5c/0x280
[  543.491017][T22429]  ? __init_waitqueue_head+0xca/0x150
[  543.491035][T22429]  wakeup_source_device_create+0x214/0x2a0
[  543.491050][T22429]  wakeup_source_sysfs_add+0x1c/0x90
[  543.491064][T22429]  wakeup_source_register+0x154/0x3e0
[  543.491084][T22429]  ep_create_wakeup_source+0x139/0x2e0
[  543.491098][T22429]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  543.491114][T22429]  ? do_epoll_ctl+0x1565/0x3790
[  543.491135][T22429]  do_epoll_ctl+0x1f60/0x3790
[  543.491155][T22429]  ? __pfx_do_epoll_ctl+0x10/0x10
[  543.491168][T22429]  ? find_held_lock+0x2b/0x80
[  543.491181][T22429]  ? __might_fault+0xe3/0x190
[  543.491193][T22429]  ? __might_fault+0xe3/0x190
[  543.491211][T22429]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  543.491223][T22429]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  543.491243][T22429]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  543.491262][T22429]  do_syscall_64+0xcd/0x4c0
[  543.491282][T22429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.491294][T22429] RIP: 0033:0x7f81bd38eb69
[  543.491305][T22429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.491317][T22429] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  543.491330][T22429] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  543.491338][T22429] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  543.491345][T22429] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  543.491352][T22429] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  543.491359][T22429] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  543.491375][T22429]  </TASK>
[  543.603349][    C0] vkms_vblank_simulate: vblank timer overrun
[  543.629427][T22432] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6064'.
[  543.708894][T22435] FAULT_INJECTION: forcing a failure.
[  543.708894][T22435] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  543.713454][T22435] CPU: 1 UID: 0 PID: 22435 Comm: syz.0.6065 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  543.713469][T22435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  543.713476][T22435] Call Trace:
[  543.713480][T22435]  <TASK>
[  543.713485][T22435]  dump_stack_lvl+0x16c/0x1f0
[  543.713505][T22435]  should_fail_ex+0x512/0x640
[  543.713525][T22435]  should_fail_alloc_page+0xe7/0x130
[  543.713545][T22435]  prepare_alloc_pages+0x3c2/0x610
[  543.713561][T22435]  ? rcu_is_watching+0x12/0xc0
[  543.713577][T22435]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  543.713591][T22435]  ? rcu_is_watching+0x12/0xc0
[  543.713605][T22435]  ? trace_mm_page_alloc+0x11f/0x1a0
[  543.713620][T22435]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  543.713632][T22435]  ? stack_trace_save+0x8e/0xc0
[  543.713648][T22435]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  543.713665][T22435]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  543.713676][T22435]  ? __get_vm_area_node+0x1ca/0x330
[  543.713691][T22435]  ? __vmalloc_node_noprof+0xad/0xf0
[  543.713706][T22435]  ? __snd_dma_alloc_pages+0x53/0x90
[  543.713720][T22435]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  543.713738][T22435]  ? do_alloc_pages+0x136/0x2d0
[  543.713750][T22435]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  543.713763][T22435]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  543.713776][T22435]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  543.713791][T22435]  ? do_syscall_64+0xcd/0x4c0
[  543.713807][T22435]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.713821][T22435]  alloc_pages_bulk_noprof+0x71c/0x1410
[  543.713832][T22435]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  543.713847][T22435]  ? policy_nodemask+0xea/0x4e0
[  543.713862][T22435]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  543.713874][T22435]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  543.713894][T22435]  kasan_populate_vmalloc+0xf1/0x1f0
[  543.713915][T22435]  alloc_vmap_area+0x959/0x29c0
[  543.713935][T22435]  ? __pfx_alloc_vmap_area+0x10/0x10
[  543.713953][T22435]  __get_vm_area_node+0x1ca/0x330
[  543.713971][T22435]  __vmalloc_node_range_noprof+0x271/0x14b0
[  543.713988][T22435]  ? __snd_dma_alloc_pages+0x53/0x90
[  543.714004][T22435]  ? __pfx___mutex_trylock_common+0x10/0x10
[  543.714024][T22435]  ? __snd_dma_alloc_pages+0x53/0x90
[  543.714038][T22435]  ? rcu_is_watching+0x12/0xc0
[  543.714052][T22435]  ? trace_contention_end+0xdd/0x130
[  543.714064][T22435]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  543.714083][T22435]  ? __mutex_unlock_slowpath+0x163/0x800
[  543.714102][T22435]  ? __snd_dma_alloc_pages+0x53/0x90
[  543.714116][T22435]  __vmalloc_node_noprof+0xad/0xf0
[  543.714132][T22435]  ? __snd_dma_alloc_pages+0x53/0x90
[  543.714145][T22435]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  543.714162][T22435]  __snd_dma_alloc_pages+0x53/0x90
[  543.714176][T22435]  snd_dma_alloc_dir_pages+0x151/0x240
[  543.714192][T22435]  do_alloc_pages+0x136/0x2d0
[  543.714208][T22435]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  543.714224][T22435]  snd_pcm_hw_params+0x1656/0x1ba0
[  543.714246][T22435]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  543.714260][T22435]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  543.714275][T22435]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  543.714288][T22435]  ? __asan_memset+0x23/0x50
[  543.714306][T22435]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  543.714321][T22435]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  543.714341][T22435]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  543.714361][T22435]  ? find_held_lock+0x2b/0x80
[  543.714377][T22435]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  543.714391][T22435]  snd_pcm_oss_write+0x4c3/0xa10
[  543.714404][T22435]  ? bpf_lsm_file_permission+0x9/0x10
[  543.714418][T22435]  ? security_file_permission+0x71/0x210
[  543.714436][T22435]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  543.714448][T22435]  vfs_write+0x29d/0x1150
[  543.714463][T22435]  ? __pfx_vfs_write+0x10/0x10
[  543.714473][T22435]  ? find_held_lock+0x2b/0x80
[  543.714486][T22435]  ? __fget_files+0x204/0x3c0
[  543.714501][T22435]  ? __fget_files+0x20e/0x3c0
[  543.714517][T22435]  ksys_write+0x12a/0x250
[  543.714528][T22435]  ? __pfx_ksys_write+0x10/0x10
[  543.714543][T22435]  do_syscall_64+0xcd/0x4c0
[  543.714561][T22435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.714572][T22435] RIP: 0033:0x7f77d678eb69
[  543.714581][T22435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.714592][T22435] RSP: 002b:00007f77d7618038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  543.714603][T22435] RAX: ffffffffffffffda RBX: 00007f77d69b5fa0 RCX: 00007f77d678eb69
[  543.714610][T22435] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  543.714617][T22435] RBP: 00007f77d7618090 R08: 0000000000000000 R09: 0000000000000000
[  543.714623][T22435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  543.714630][T22435] R13: 0000000000000000 R14: 00007f77d69b5fa0 R15: 00007ffd2021de68
[  543.714644][T22435]  </TASK>
[  543.876317][    C1] hpet: Lost 9 RTC interrupts
[  543.954191][T22450] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=65523 sclass=netlink_tcpdiag_socket pid=22450 comm=syz.0.6070
[  544.117343][T22462] FAULT_INJECTION: forcing a failure.
[  544.117343][T22462] name failslab, interval 1, probability 0, space 0, times 0
[  544.121626][T15626] cgroup: fork rejected by pids controller in 
[  544.121685][T22462] CPU: 0 UID: 0 PID: 22462 Comm: syz.1.6073 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  544.121702][T22462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  544.121712][T22462] Call Trace:
[  544.121718][T15626] /syz0
[  544.121717][T22462]  <TASK>
[  544.121726][T22462]  dump_stack_lvl+0x16c/0x1f0
[  544.121765][T22462]  should_fail_ex+0x512/0x640
[  544.121789][T22462]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  544.121803][T22462]  should_failslab+0xc2/0x120
[  544.121816][T22462]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  544.121828][T22462]  ? __kernfs_new_node+0xd2/0x8e0
[  544.121846][T22462]  __kernfs_new_node+0xd2/0x8e0
[  544.121862][T22462]  ? __pfx___kernfs_new_node+0x10/0x10
[  544.121880][T22462]  ? find_held_lock+0x2b/0x80
[  544.121896][T22462]  ? kernfs_root+0xee/0x2a0
[  544.121913][T22462]  kernfs_new_node+0x13c/0x1e0
[  544.121934][T22462]  __kernfs_create_file+0x53/0x350
[  544.121951][T22462]  sysfs_add_file_mode_ns+0x207/0x3c0
[  544.121969][T22462]  internal_create_group+0x578/0xf30
[  544.121988][T22462]  ? __pfx_internal_create_group+0x10/0x10
[  544.122006][T22462]  ? kernfs_create_link+0x1bd/0x240
[  544.122020][T22462]  internal_create_groups+0x9d/0x150
[  544.122037][T22462]  device_add+0xf30/0x1aa0
[  544.122052][T22462]  ? __pfx_device_add+0x10/0x10
[  544.122063][T22462]  ? lockdep_init_map_type+0x5c/0x280
[  544.122082][T22462]  ? __init_waitqueue_head+0xca/0x150
[  544.122098][T22462]  wakeup_source_device_create+0x214/0x2a0
[  544.122112][T22462]  wakeup_source_sysfs_add+0x1c/0x90
[  544.122124][T22462]  wakeup_source_register+0x154/0x3e0
[  544.122142][T22462]  ep_create_wakeup_source+0x139/0x2e0
[  544.122155][T22462]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  544.122170][T22462]  ? do_epoll_ctl+0x1565/0x3790
[  544.122185][T22462]  do_epoll_ctl+0x1f60/0x3790
[  544.122203][T22462]  ? __pfx_do_epoll_ctl+0x10/0x10
[  544.122215][T22462]  ? find_held_lock+0x2b/0x80
[  544.122227][T22462]  ? __might_fault+0xe3/0x190
[  544.122238][T22462]  ? __might_fault+0xe3/0x190
[  544.122254][T22462]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  544.122266][T22462]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  544.122279][T22462]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  544.122296][T22462]  do_syscall_64+0xcd/0x4c0
[  544.122314][T22462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.122325][T22462] RIP: 0033:0x7f81bd38eb69
[  544.122335][T22462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  544.122346][T22462] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  544.122357][T22462] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  544.122364][T22462] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  544.122370][T22462] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  544.122377][T22462] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  544.122384][T22462] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  544.122398][T22462]  </TASK>
[  544.221016][    C1] hpet: Lost 5 RTC interrupts
[  544.225083][T15626] 
[  544.416238][T22471] FAULT_INJECTION: forcing a failure.
[  544.416238][T22471] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  544.420452][T22471] CPU: 0 UID: 0 PID: 22471 Comm: syz.3.6077 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  544.420479][T22471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  544.420487][T22471] Call Trace:
[  544.420492][T22471]  <TASK>
[  544.420497][T22471]  dump_stack_lvl+0x16c/0x1f0
[  544.420517][T22471]  should_fail_ex+0x512/0x640
[  544.420539][T22471]  should_fail_alloc_page+0xe7/0x130
[  544.420554][T22471]  prepare_alloc_pages+0x3c2/0x610
[  544.420570][T22471]  ? rcu_is_watching+0x12/0xc0
[  544.420586][T22471]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  544.420601][T22471]  ? rcu_is_watching+0x12/0xc0
[  544.420615][T22471]  ? trace_mm_page_alloc+0x11f/0x1a0
[  544.420632][T22471]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  544.420644][T22471]  ? stack_trace_save+0x8e/0xc0
[  544.420660][T22471]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  544.420678][T22471]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  544.420690][T22471]  ? __get_vm_area_node+0x1ca/0x330
[  544.420722][T22471]  ? __vmalloc_node_noprof+0xad/0xf0
[  544.420738][T22471]  ? __snd_dma_alloc_pages+0x53/0x90
[  544.420753][T22471]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  544.420767][T22471]  ? do_alloc_pages+0x136/0x2d0
[  544.420779][T22471]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  544.420793][T22471]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  544.420806][T22471]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  544.420822][T22471]  ? do_syscall_64+0xcd/0x4c0
[  544.420839][T22471]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.420854][T22471]  alloc_pages_bulk_noprof+0x71c/0x1410
[  544.420865][T22471]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  544.420880][T22471]  ? policy_nodemask+0xea/0x4e0
[  544.420895][T22471]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  544.420908][T22471]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  544.420928][T22471]  kasan_populate_vmalloc+0xf1/0x1f0
[  544.420950][T22471]  alloc_vmap_area+0x959/0x29c0
[  544.420975][T22471]  ? __pfx_alloc_vmap_area+0x10/0x10
[  544.420994][T22471]  __get_vm_area_node+0x1ca/0x330
[  544.421013][T22471]  __vmalloc_node_range_noprof+0x271/0x14b0
[  544.421030][T22471]  ? __snd_dma_alloc_pages+0x53/0x90
[  544.421047][T22471]  ? __pfx___mutex_trylock_common+0x10/0x10
[  544.421067][T22471]  ? __snd_dma_alloc_pages+0x53/0x90
[  544.421082][T22471]  ? rcu_is_watching+0x12/0xc0
[  544.421096][T22471]  ? trace_contention_end+0xdd/0x130
[  544.421108][T22471]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  544.421129][T22471]  ? __mutex_unlock_slowpath+0x163/0x800
[  544.421149][T22471]  ? __snd_dma_alloc_pages+0x53/0x90
[  544.421163][T22471]  __vmalloc_node_noprof+0xad/0xf0
[  544.421179][T22471]  ? __snd_dma_alloc_pages+0x53/0x90
[  544.421193][T22471]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  544.421210][T22471]  __snd_dma_alloc_pages+0x53/0x90
[  544.421225][T22471]  snd_dma_alloc_dir_pages+0x151/0x240
[  544.421241][T22471]  do_alloc_pages+0x136/0x2d0
[  544.421257][T22471]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  544.421274][T22471]  snd_pcm_hw_params+0x1656/0x1ba0
[  544.421291][T22471]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  544.421306][T22471]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  544.421321][T22471]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  544.421335][T22471]  ? __asan_memset+0x23/0x50
[  544.421353][T22471]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  544.421368][T22471]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  544.421389][T22471]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  544.421409][T22471]  ? find_held_lock+0x2b/0x80
[  544.421426][T22471]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  544.421440][T22471]  snd_pcm_oss_write+0x4c3/0xa10
[  544.421454][T22471]  ? bpf_lsm_file_permission+0x9/0x10
[  544.421469][T22471]  ? security_file_permission+0x71/0x210
[  544.421487][T22471]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  544.421500][T22471]  vfs_write+0x29d/0x1150
[  544.421515][T22471]  ? __pfx_vfs_write+0x10/0x10
[  544.421525][T22471]  ? find_held_lock+0x2b/0x80
[  544.421539][T22471]  ? __fget_files+0x204/0x3c0
[  544.421554][T22471]  ? __fget_files+0x20e/0x3c0
[  544.421571][T22471]  ksys_write+0x12a/0x250
[  544.421582][T22471]  ? __pfx_ksys_write+0x10/0x10
[  544.421594][T22471]  ? fput+0x9b/0xd0
[  544.421611][T22471]  do_syscall_64+0xcd/0x4c0
[  544.421629][T22471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.421640][T22471] RIP: 0033:0x7fb157d8eb69
[  544.421650][T22471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  544.421661][T22471] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  544.421673][T22471] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  544.421680][T22471] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  544.421687][T22471] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  544.421694][T22471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  544.421700][T22471] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  544.421715][T22471]  </TASK>
[  544.581757][    C0] vkms_vblank_simulate: vblank timer overrun
[  544.683498][T22474] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6079'.
[  544.751167][T19703] gretap1: left promiscuous mode
[  544.752994][T19703] bridge0: port 3(gretap1) entered disabled state
[  544.768657][T19703] bridge_slave_1: left allmulticast mode
[  544.770527][T19703] bridge_slave_1: left promiscuous mode
[  544.772470][T19703] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.793951][T19703] bridge_slave_0: left allmulticast mode
[  544.795822][T19703] bridge_slave_0: left promiscuous mode
[  544.797851][T19703] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.804186][ T5976] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  544.809452][ T5976] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  544.812424][ T5976] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  544.815496][ T5976] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  544.821961][ T5976] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  545.039761][T19703] bond1 (unregistering): (slave geneve2): Releasing active interface
[  545.319450][T19703] bond0 (unregistering): left allmulticast mode
[  545.321566][T19703] bond_slave_0: left allmulticast mode
[  545.329354][T19703] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  545.333301][T19703] bond0 (unregistering): Released all slaves
[  545.469757][T19703] bond1 (unregistering): Released all slaves
[  545.603334][T19703] bond2 (unregistering): (slave veth5): Releasing active interface
[  545.611955][T19703] bond2 (unregistering): Released all slaves
[  545.618875][T19703] bond3 (unregistering): Released all slaves
[  545.625882][T19703] bond4 (unregistering): Released all slaves
[  545.762319][T19703] bond5 (unregistering): Released all slaves
[  545.799868][T22476] vxcan1 speed is unknown, defaulting to 1000
[  545.875480][T19703] : left promiscuous mode
[  545.893114][T22488] FAULT_INJECTION: forcing a failure.
[  545.893114][T22488] name failslab, interval 1, probability 0, space 0, times 0
[  545.897312][T22488] CPU: 0 UID: 0 PID: 22488 Comm: syz.3.6084 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  545.897327][T22488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  545.897334][T22488] Call Trace:
[  545.897338][T22488]  <TASK>
[  545.897342][T22488]  dump_stack_lvl+0x16c/0x1f0
[  545.897362][T22488]  should_fail_ex+0x512/0x640
[  545.897380][T22488]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  545.897393][T22488]  should_failslab+0xc2/0x120
[  545.897406][T22488]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  545.897417][T22488]  ? __kernfs_new_node+0xd2/0x8e0
[  545.897435][T22488]  __kernfs_new_node+0xd2/0x8e0
[  545.897452][T22488]  ? __pfx___kernfs_new_node+0x10/0x10
[  545.897470][T22488]  ? find_held_lock+0x2b/0x80
[  545.897484][T22488]  ? kernfs_root+0xee/0x2a0
[  545.897502][T22488]  kernfs_new_node+0x13c/0x1e0
[  545.897521][T22488]  __kernfs_create_file+0x53/0x350
[  545.897535][T22488]  sysfs_add_file_mode_ns+0x207/0x3c0
[  545.897552][T22488]  internal_create_group+0x578/0xf30
[  545.897571][T22488]  ? __pfx_internal_create_group+0x10/0x10
[  545.897589][T22488]  ? kernfs_create_link+0x1bd/0x240
[  545.897603][T22488]  internal_create_groups+0x9d/0x150
[  545.897619][T22488]  device_add+0xf30/0x1aa0
[  545.897633][T22488]  ? __pfx_device_add+0x10/0x10
[  545.897645][T22488]  ? lockdep_init_map_type+0x5c/0x280
[  545.897663][T22488]  ? __init_waitqueue_head+0xca/0x150
[  545.897679][T22488]  wakeup_source_device_create+0x214/0x2a0
[  545.897693][T22488]  wakeup_source_sysfs_add+0x1c/0x90
[  545.897705][T22488]  wakeup_source_register+0x154/0x3e0
[  545.897724][T22488]  ep_create_wakeup_source+0x139/0x2e0
[  545.897736][T22488]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  545.897751][T22488]  ? do_epoll_ctl+0x1565/0x3790
[  545.897766][T22488]  do_epoll_ctl+0x1f60/0x3790
[  545.897784][T22488]  ? __pfx_do_epoll_ctl+0x10/0x10
[  545.897796][T22488]  ? find_held_lock+0x2b/0x80
[  545.897808][T22488]  ? __might_fault+0xe3/0x190
[  545.897818][T22488]  ? __might_fault+0xe3/0x190
[  545.897834][T22488]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  545.897846][T22488]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  545.897858][T22488]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  545.897875][T22488]  do_syscall_64+0xcd/0x4c0
[  545.897898][T22488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.897909][T22488] RIP: 0033:0x7fb157d8eb69
[  545.897918][T22488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.897930][T22488] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  545.897940][T22488] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  545.897947][T22488] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  545.897953][T22488] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  545.897960][T22488] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  545.897966][T22488] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  545.897980][T22488]  </TASK>
[  546.077996][T22496] FAULT_INJECTION: forcing a failure.
[  546.077996][T22496] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  546.080071][T19703] tipc: Disabling bearer <udp:s>
[  546.084225][T19703] tipc: Left network mode
[  546.084724][T22496] CPU: 1 UID: 0 PID: 22496 Comm: syz.1.6087 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  546.084747][T22496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  546.084758][T22496] Call Trace:
[  546.084764][T22496]  <TASK>
[  546.084768][T22496]  dump_stack_lvl+0x16c/0x1f0
[  546.084788][T22496]  should_fail_ex+0x512/0x640
[  546.084809][T22496]  should_fail_alloc_page+0xe7/0x130
[  546.084823][T22496]  prepare_alloc_pages+0x3c2/0x610
[  546.084839][T22496]  ? rcu_is_watching+0x12/0xc0
[  546.084855][T22496]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  546.084869][T22496]  ? rcu_is_watching+0x12/0xc0
[  546.084888][T22496]  ? trace_mm_page_alloc+0x11f/0x1a0
[  546.084903][T22496]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  546.084915][T22496]  ? stack_trace_save+0x8e/0xc0
[  546.084931][T22496]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  546.084948][T22496]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  546.084960][T22496]  ? __get_vm_area_node+0x1ca/0x330
[  546.084974][T22496]  ? __vmalloc_node_noprof+0xad/0xf0
[  546.084989][T22496]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.085003][T22496]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  546.085017][T22496]  ? do_alloc_pages+0x136/0x2d0
[  546.085029][T22496]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  546.085042][T22496]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  546.085055][T22496]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  546.085070][T22496]  ? do_syscall_64+0xcd/0x4c0
[  546.085087][T22496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.085102][T22496]  alloc_pages_bulk_noprof+0x71c/0x1410
[  546.085114][T22496]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  546.085130][T22496]  ? policy_nodemask+0xea/0x4e0
[  546.085145][T22496]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  546.085157][T22496]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  546.085176][T22496]  kasan_populate_vmalloc+0xf1/0x1f0
[  546.085197][T22496]  alloc_vmap_area+0x959/0x29c0
[  546.085218][T22496]  ? __pfx_alloc_vmap_area+0x10/0x10
[  546.085236][T22496]  __get_vm_area_node+0x1ca/0x330
[  546.085254][T22496]  __vmalloc_node_range_noprof+0x271/0x14b0
[  546.085270][T22496]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.085287][T22496]  ? __pfx___mutex_trylock_common+0x10/0x10
[  546.085314][T22496]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.085332][T22496]  ? rcu_is_watching+0x12/0xc0
[  546.085350][T22496]  ? trace_contention_end+0xdd/0x130
[  546.085365][T22496]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  546.085383][T22496]  ? __mutex_unlock_slowpath+0x163/0x800
[  546.085402][T22496]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.085416][T22496]  __vmalloc_node_noprof+0xad/0xf0
[  546.085432][T22496]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.085446][T22496]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  546.085462][T22496]  __snd_dma_alloc_pages+0x53/0x90
[  546.085477][T22496]  snd_dma_alloc_dir_pages+0x151/0x240
[  546.085493][T22496]  do_alloc_pages+0x136/0x2d0
[  546.085508][T22496]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  546.085525][T22496]  snd_pcm_hw_params+0x1656/0x1ba0
[  546.085541][T22496]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  546.085555][T22496]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  546.085571][T22496]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  546.085584][T22496]  ? __asan_memset+0x23/0x50
[  546.085601][T22496]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  546.085616][T22496]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  546.085635][T22496]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  546.085655][T22496]  ? find_held_lock+0x2b/0x80
[  546.085671][T22496]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  546.085684][T22496]  snd_pcm_oss_write+0x4c3/0xa10
[  546.085698][T22496]  ? bpf_lsm_file_permission+0x9/0x10
[  546.085712][T22496]  ? security_file_permission+0x71/0x210
[  546.085730][T22496]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  546.085741][T22496]  vfs_write+0x29d/0x1150
[  546.085756][T22496]  ? __pfx_vfs_write+0x10/0x10
[  546.085765][T22496]  ? find_held_lock+0x2b/0x80
[  546.085779][T22496]  ? __fget_files+0x204/0x3c0
[  546.085793][T22496]  ? __fget_files+0x20e/0x3c0
[  546.085809][T22496]  ksys_write+0x12a/0x250
[  546.085820][T22496]  ? __pfx_ksys_write+0x10/0x10
[  546.085835][T22496]  do_syscall_64+0xcd/0x4c0
[  546.085852][T22496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.085863][T22496] RIP: 0033:0x7f81bd38eb69
[  546.085877][T22496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.085888][T22496] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  546.085899][T22496] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  546.085906][T22496] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  546.085926][T22496] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  546.085933][T22496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  546.085939][T22496] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  546.085954][T22496]  </TASK>
[  546.090741][T22494] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only
[  546.196716][T22476] chnl_net:caif_netlink_parms(): no params data found
[  546.198605][T22494] FAULT_INJECTION: forcing a failure.
[  546.198605][T22494] name failslab, interval 1, probability 0, space 0, times 0
[  546.262367][T22494] CPU: 1 UID: 0 PID: 22494 Comm: syz.3.6086 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  546.262396][T22494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  546.262406][T22494] Call Trace:
[  546.262410][T22494]  <TASK>
[  546.262416][T22494]  dump_stack_lvl+0x16c/0x1f0
[  546.262439][T22494]  should_fail_ex+0x512/0x640
[  546.262459][T22494]  ? __kmalloc_noprof+0xbf/0x510
[  546.262473][T22494]  ? ovl_fill_super+0x311c/0x6820
[  546.262492][T22494]  should_failslab+0xc2/0x120
[  546.262506][T22494]  __kmalloc_noprof+0xd2/0x510
[  546.262517][T22494]  ? bpf_lsm_capable+0x9/0x10
[  546.262534][T22494]  ? security_capable+0x7e/0x260
[  546.262549][T22494]  ovl_fill_super+0x311c/0x6820
[  546.262569][T22494]  ? __pfx___might_resched+0x10/0x10
[  546.262596][T22494]  ? __pfx_ovl_fill_super+0x10/0x10
[  546.262617][T22494]  ? lockdep_init_map_type+0x5c/0x280
[  546.262637][T22494]  ? lockdep_init_map_type+0x5c/0x280
[  546.262657][T22494]  ? __init_swait_queue_head+0xca/0x150
[  546.262673][T22494]  ? shrinker_register+0x1a8/0x260
[  546.262687][T22494]  ? sget_fc+0x808/0xc20
[  546.262701][T22494]  ? __pfx_ovl_fill_super+0x10/0x10
[  546.262720][T22494]  ? get_tree_nodev+0xdd/0x190
[  546.262732][T22494]  get_tree_nodev+0xdd/0x190
[  546.262745][T22494]  vfs_get_tree+0x8b/0x340
[  546.262763][T22494]  path_mount+0x1482/0x1fd0
[  546.262782][T22494]  ? __pfx_path_mount+0x10/0x10
[  546.262798][T22494]  ? kmem_cache_free+0x2d1/0x4d0
[  546.262809][T22494]  ? putname+0x154/0x1a0
[  546.262827][T22494]  ? putname+0x154/0x1a0
[  546.262844][T22494]  ? __x64_sys_mount+0x28d/0x310
[  546.262860][T22494]  __x64_sys_mount+0x28d/0x310
[  546.262876][T22494]  ? __pfx___x64_sys_mount+0x10/0x10
[  546.262897][T22494]  do_syscall_64+0xcd/0x4c0
[  546.262918][T22494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.262931][T22494] RIP: 0033:0x7fb157d8eb69
[  546.262946][T22494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.262959][T22494] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  546.262971][T22494] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  546.262980][T22494] RDX: 0000200000000b80 RSI: 0000200000000100 RDI: 0000000000000000
[  546.262987][T22494] RBP: 00007fb158cc5090 R08: 0000200000000200 R09: 0000000000000000
[  546.262995][T22494] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[  546.263002][T22494] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  546.263019][T22494]  </TASK>
[  546.353515][    C1] hpet: Lost 5 RTC interrupts
[  546.420534][T22502] FAULT_INJECTION: forcing a failure.
[  546.420534][T22502] name failslab, interval 1, probability 0, space 0, times 0
[  546.424993][T22502] CPU: 0 UID: 0 PID: 22502 Comm: syz.3.6089 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  546.425010][T22502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  546.425018][T22502] Call Trace:
[  546.425026][T22502]  <TASK>
[  546.425033][T22502]  dump_stack_lvl+0x16c/0x1f0
[  546.425056][T22502]  should_fail_ex+0x512/0x640
[  546.425077][T22502]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  546.425091][T22502]  should_failslab+0xc2/0x120
[  546.425105][T22502]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  546.425116][T22502]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  546.425134][T22502]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  546.425151][T22502]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  546.425171][T22502]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  546.425192][T22502]  mmu_topup_memory_caches+0x25/0x170
[  546.425206][T22502]  kvm_mmu_load+0xd6/0x23c0
[  546.425218][T22502]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  546.425231][T22502]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  546.425244][T22502]  ? kvm_deliver_exception_payload+0x47/0x200
[  546.425258][T22502]  ? __pfx_kvm_mmu_load+0x10/0x10
[  546.425268][T22502]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  546.425286][T22502]  ? kvm_check_and_inject_events+0x71c/0x1310
[  546.425306][T22502]  vcpu_run+0x358c/0x5580
[  546.425322][T22502]  ? __lock_acquire+0xb97/0x1ce0
[  546.425344][T22502]  ? __pfx_vcpu_run+0x10/0x10
[  546.425362][T22502]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  546.425377][T22502]  ? __local_bh_enable_ip+0xa4/0x120
[  546.425397][T22502]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  546.425412][T22502]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  546.425432][T22502]  kvm_vcpu_ioctl+0x5eb/0x1690
[  546.425449][T22502]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  546.425464][T22502]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  546.425479][T22502]  ? do_vfs_ioctl+0x128/0x14f0
[  546.425502][T22502]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  546.425519][T22502]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  546.425540][T22502]  ? hook_file_ioctl_common+0x145/0x410
[  546.425562][T22502]  ? selinux_file_ioctl+0x180/0x270
[  546.425575][T22502]  ? selinux_file_ioctl+0xb4/0x270
[  546.425589][T22502]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  546.425605][T22502]  __x64_sys_ioctl+0x18b/0x210
[  546.425623][T22502]  do_syscall_64+0xcd/0x4c0
[  546.425642][T22502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.425654][T22502] RIP: 0033:0x7fb157d8eb69
[  546.425665][T22502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.425676][T22502] RSP: 002b:00007fb158cc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  546.425687][T22502] RAX: ffffffffffffffda RBX: 00007fb157fb5fa0 RCX: 00007fb157d8eb69
[  546.425695][T22502] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  546.425701][T22502] RBP: 00007fb158cc5090 R08: 0000000000000000 R09: 0000000000000000
[  546.425708][T22502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  546.425768][T22502] R13: 0000000000000000 R14: 00007fb157fb5fa0 R15: 00007ffee256f5c8
[  546.425788][T22502]  </TASK>
[  546.710758][   T40] audit: type=1400 audit(1754237868.943:847): avc:  denied  { write } for  pid=22508 comm="syz.2.6091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  546.850552][   T40] audit: type=1400 audit(1754237869.083:848): avc:  denied  { setattr } for  pid=22516 comm="syz.2.6094" path="/dev/video6" dev="devtmpfs" ino=963 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  546.891301][ T5976] Bluetooth: hci0: command tx timeout
[  546.923407][T22522] FAULT_INJECTION: forcing a failure.
[  546.923407][T22522] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  546.927788][T22522] CPU: 0 UID: 0 PID: 22522 Comm: syz.1.6096 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  546.927803][T22522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  546.927810][T22522] Call Trace:
[  546.927815][T22522]  <TASK>
[  546.927819][T22522]  dump_stack_lvl+0x16c/0x1f0
[  546.927840][T22522]  should_fail_ex+0x512/0x640
[  546.927862][T22522]  should_fail_alloc_page+0xe7/0x130
[  546.927877][T22522]  prepare_alloc_pages+0x3c2/0x610
[  546.927892][T22522]  ? rcu_is_watching+0x12/0xc0
[  546.927908][T22522]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  546.927922][T22522]  ? rcu_is_watching+0x12/0xc0
[  546.927936][T22522]  ? trace_mm_page_alloc+0x11f/0x1a0
[  546.927951][T22522]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  546.927963][T22522]  ? stack_trace_save+0x8e/0xc0
[  546.927979][T22522]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  546.927996][T22522]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  546.928007][T22522]  ? __get_vm_area_node+0x1ca/0x330
[  546.928021][T22522]  ? __vmalloc_node_noprof+0xad/0xf0
[  546.928036][T22522]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.928051][T22522]  ? snd_dma_alloc_dir_pages+0x151/0x240
[  546.928064][T22522]  ? do_alloc_pages+0x136/0x2d0
[  546.928076][T22522]  ? snd_pcm_lib_malloc_pages+0x3df/0x980
[  546.928089][T22522]  ? snd_pcm_hw_params+0x1656/0x1ba0
[  546.928103][T22522]  ? snd_pcm_kernel_ioctl+0x147/0x2e0
[  546.928132][T22522]  ? do_syscall_64+0xcd/0x4c0
[  546.928148][T22522]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.928163][T22522]  alloc_pages_bulk_noprof+0x71c/0x1410
[  546.928174][T22522]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  546.928192][T22522]  ? policy_nodemask+0xea/0x4e0
[  546.928206][T22522]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  546.928219][T22522]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  546.928238][T22522]  kasan_populate_vmalloc+0xf1/0x1f0
[  546.928259][T22522]  alloc_vmap_area+0x959/0x29c0
[  546.928280][T22522]  ? __pfx_alloc_vmap_area+0x10/0x10
[  546.928299][T22522]  __get_vm_area_node+0x1ca/0x330
[  546.928317][T22522]  __vmalloc_node_range_noprof+0x271/0x14b0
[  546.928333][T22522]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.928349][T22522]  ? __pfx___mutex_trylock_common+0x10/0x10
[  546.928369][T22522]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.928383][T22522]  ? rcu_is_watching+0x12/0xc0
[  546.928397][T22522]  ? trace_contention_end+0xdd/0x130
[  546.928409][T22522]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  546.928427][T22522]  ? __mutex_unlock_slowpath+0x163/0x800
[  546.928447][T22522]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.928461][T22522]  __vmalloc_node_noprof+0xad/0xf0
[  546.928477][T22522]  ? __snd_dma_alloc_pages+0x53/0x90
[  546.928490][T22522]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[  546.928506][T22522]  __snd_dma_alloc_pages+0x53/0x90
[  546.928521][T22522]  snd_dma_alloc_dir_pages+0x151/0x240
[  546.928537][T22522]  do_alloc_pages+0x136/0x2d0
[  546.928553][T22522]  snd_pcm_lib_malloc_pages+0x3df/0x980
[  546.928570][T22522]  snd_pcm_hw_params+0x1656/0x1ba0
[  546.928586][T22522]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  546.928601][T22522]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  546.928616][T22522]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  546.928629][T22522]  ? __asan_memset+0x23/0x50
[  546.928647][T22522]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  546.928662][T22522]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  546.928698][T22522]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  546.928720][T22522]  ? find_held_lock+0x2b/0x80
[  546.928737][T22522]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  546.928751][T22522]  snd_pcm_oss_write+0x4c3/0xa10
[  546.928765][T22522]  ? bpf_lsm_file_permission+0x9/0x10
[  546.928780][T22522]  ? security_file_permission+0x71/0x210
[  546.928798][T22522]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  546.928810][T22522]  vfs_write+0x29d/0x1150
[  546.928826][T22522]  ? __pfx_vfs_write+0x10/0x10
[  546.928838][T22522]  ? find_held_lock+0x2b/0x80
[  546.928852][T22522]  ? __fget_files+0x204/0x3c0
[  546.928867][T22522]  ? __fget_files+0x20e/0x3c0
[  546.928884][T22522]  ksys_write+0x12a/0x250
[  546.928895][T22522]  ? __pfx_ksys_write+0x10/0x10
[  546.928911][T22522]  do_syscall_64+0xcd/0x4c0
[  546.928929][T22522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.928941][T22522] RIP: 0033:0x7f81bd38eb69
[  546.928951][T22522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.928962][T22522] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  546.928973][T22522] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  546.928981][T22522] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  546.928987][T22522] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  546.928994][T22522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  546.929001][T22522] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  546.929015][T22522]  </TASK>
[  547.127386][T22527] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only
[  547.130418][T22527] FAULT_INJECTION: forcing a failure.
[  547.130418][T22527] name failslab, interval 1, probability 0, space 0, times 0
[  547.134627][T22527] CPU: 0 UID: 0 PID: 22527 Comm: syz.1.6097 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  547.134643][T22527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  547.134651][T22527] Call Trace:
[  547.134655][T22527]  <TASK>
[  547.134660][T22527]  dump_stack_lvl+0x16c/0x1f0
[  547.134682][T22527]  should_fail_ex+0x512/0x640
[  547.134702][T22527]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  547.134717][T22527]  should_failslab+0xc2/0x120
[  547.134732][T22527]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  547.134745][T22527]  ? ovl_alloc_inode+0x25/0x190
[  547.134766][T22527]  ? __pfx_ovl_inode_set+0x10/0x10
[  547.134784][T22527]  ? __pfx_ovl_alloc_inode+0x10/0x10
[  547.134802][T22527]  ovl_alloc_inode+0x25/0x190
[  547.134820][T22527]  alloc_inode+0x64/0x240
[  547.134838][T22527]  iget5_locked+0x338/0x3d0
[  547.134855][T22527]  ? __pfx_ovl_inode_test+0x10/0x10
[  547.134874][T22527]  ? __pfx_ovl_inode_set+0x10/0x10
[  547.134894][T22527]  ? __pfx_iget5_locked+0x10/0x10
[  547.134910][T22527]  ? __pfx_ida_alloc_range+0x10/0x10
[  547.134930][T22527]  ? rcu_is_watching+0x12/0xc0
[  547.134946][T22527]  ? trace_kmalloc+0x2b/0xd0
[  547.134960][T22527]  ? __kmalloc_noprof+0x242/0x510
[  547.134971][T22527]  ? bpf_lsm_capable+0x9/0x10
[  547.134991][T22527]  ovl_get_trap_inode+0xb2/0x200
[  547.135005][T22527]  ovl_fill_super+0x33bf/0x6820
[  547.135036][T22527]  ? __pfx_ovl_fill_super+0x10/0x10
[  547.135057][T22527]  ? lockdep_init_map_type+0x5c/0x280
[  547.135078][T22527]  ? lockdep_init_map_type+0x5c/0x280
[  547.135098][T22527]  ? __init_swait_queue_head+0xca/0x150
[  547.135114][T22527]  ? shrinker_register+0x1a8/0x260
[  547.135128][T22527]  ? sget_fc+0x808/0xc20
[  547.135141][T22527]  ? __pfx_ovl_fill_super+0x10/0x10
[  547.135161][T22527]  ? get_tree_nodev+0xdd/0x190
[  547.135172][T22527]  get_tree_nodev+0xdd/0x190
[  547.135189][T22527]  vfs_get_tree+0x8b/0x340
[  547.135207][T22527]  path_mount+0x1482/0x1fd0
[  547.135225][T22527]  ? __pfx_path_mount+0x10/0x10
[  547.135242][T22527]  ? kmem_cache_free+0x2d1/0x4d0
[  547.135253][T22527]  ? putname+0x154/0x1a0
[  547.135270][T22527]  ? putname+0x154/0x1a0
[  547.135287][T22527]  ? __x64_sys_mount+0x28d/0x310
[  547.135301][T22527]  __x64_sys_mount+0x28d/0x310
[  547.135317][T22527]  ? __pfx___x64_sys_mount+0x10/0x10
[  547.135337][T22527]  do_syscall_64+0xcd/0x4c0
[  547.135357][T22527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.135369][T22527] RIP: 0033:0x7f81bd38eb69
[  547.135379][T22527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.135391][T22527] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  547.135403][T22527] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  547.135411][T22527] RDX: 0000200000000b80 RSI: 0000200000000100 RDI: 0000000000000000
[  547.135418][T22527] RBP: 00007f81bb1f6090 R08: 0000200000000200 R09: 0000000000000000
[  547.135426][T22527] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[  547.135433][T22527] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  547.135448][T22527]  </TASK>
[  547.265072][T22531] FAULT_INJECTION: forcing a failure.
[  547.265072][T22531] name failslab, interval 1, probability 0, space 0, times 0
[  547.270805][T22476] bridge0: port 1(bridge_slave_0) entered blocking state
[  547.273853][T22476] bridge0: port 1(bridge_slave_0) entered disabled state
[  547.276289][T22476] bridge_slave_0: entered allmulticast mode
[  547.280969][T22476] bridge_slave_0: entered promiscuous mode
[  547.285389][T22476] bridge0: port 2(bridge_slave_1) entered blocking state
[  547.288076][T22476] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.291219][T22476] bridge_slave_1: entered allmulticast mode
[  547.294538][T22476] bridge_slave_1: entered promiscuous mode
[  547.297374][T22531] CPU: 1 UID: 0 PID: 22531 Comm: syz.1.6099 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  547.297391][T22531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  547.297398][T22531] Call Trace:
[  547.297402][T22531]  <TASK>
[  547.297407][T22531]  dump_stack_lvl+0x16c/0x1f0
[  547.297429][T22531]  should_fail_ex+0x512/0x640
[  547.297449][T22531]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  547.297463][T22531]  should_failslab+0xc2/0x120
[  547.297477][T22531]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  547.297488][T22531]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  547.297507][T22531]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  547.297524][T22531]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  547.297545][T22531]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  547.297567][T22531]  mmu_topup_memory_caches+0x25/0x170
[  547.297582][T22531]  kvm_mmu_load+0xd6/0x23c0
[  547.297593][T22531]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  547.297607][T22531]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  547.297621][T22531]  ? kvm_deliver_exception_payload+0x47/0x200
[  547.297635][T22531]  ? __pfx_kvm_mmu_load+0x10/0x10
[  547.297652][T22531]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  547.297671][T22531]  ? kvm_check_and_inject_events+0x71c/0x1310
[  547.297691][T22531]  vcpu_run+0x358c/0x5580
[  547.297729][T22531]  ? __lock_acquire+0xb97/0x1ce0
[  547.297754][T22531]  ? __pfx_vcpu_run+0x10/0x10
[  547.297772][T22531]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  547.297788][T22531]  ? __local_bh_enable_ip+0xa4/0x120
[  547.297807][T22531]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  547.297823][T22531]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  547.297844][T22531]  kvm_vcpu_ioctl+0x5eb/0x1690
[  547.297862][T22531]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  547.297878][T22531]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  547.297893][T22531]  ? do_vfs_ioctl+0x128/0x14f0
[  547.297912][T22531]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  547.297930][T22531]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  547.297956][T22531]  ? hook_file_ioctl_common+0x145/0x410
[  547.297979][T22531]  ? selinux_file_ioctl+0x180/0x270
[  547.297992][T22531]  ? selinux_file_ioctl+0xb4/0x270
[  547.298007][T22531]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  547.298024][T22531]  __x64_sys_ioctl+0x18b/0x210
[  547.298042][T22531]  do_syscall_64+0xcd/0x4c0
[  547.298062][T22531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.298074][T22531] RIP: 0033:0x7f81bd38eb69
[  547.298085][T22531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.298097][T22531] RSP: 002b:00007f81bb1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  547.298109][T22531] RAX: ffffffffffffffda RBX: 00007f81bd5b5fa0 RCX: 00007f81bd38eb69
[  547.298116][T22531] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  547.298123][T22531] RBP: 00007f81bb1f6090 R08: 0000000000000000 R09: 0000000000000000
[  547.298130][T22531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  547.298137][T22531] R13: 0000000000000000 R14: 00007f81bd5b5fa0 R15: 00007ffd4c8200e8
[  547.298152][T22531]  </TASK>
[  547.397495][    C1] hpet: Lost 6 RTC interrupts
[  547.574850][T22476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  547.580209][T22476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  547.654894][T22476] team0: Port device team_slave_0 added
[  547.663930][T22476] team0: Port device team_slave_1 added
[  547.681793][T19703] ------------[ cut here ]------------
[  547.683671][T19703] Have pending ack frames!
[  547.685552][T19703] WARNING: CPU: 3 PID: 19703 at net/mac80211/main.c:1696 ieee80211_free_ack_frame+0x5a/0x60
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  547.692083][T19703] Modules linked in:
[  547.694944][T19703] CPU: 3 UID: 0 PID: 19703 Comm: kworker/u32:13 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  547.702243][T19703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  547.705585][T19703] Workqueue: netns cleanup_net
[  547.707130][T19703] RIP: 0010:ieee80211_free_ack_frame+0x5a/0x60
[  547.712839][T19703] Code: 31 ff e8 b9 52 69 fe 31 c0 5b 5d e9 50 94 97 00 e8 eb b0 bd f6 c6 05 7c 66 95 05 01 90 48 c7 c7 40 3e 08 8d e8 27 57 7c f6 90 <0f> 0b 90 90 eb c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  547.722287][T19703] RSP: 0018:ffffc900035578d0 EFLAGS: 00010282
[  547.724268][T19703] RAX: 0000000000000000 RBX: ffff888061112dc0 RCX: ffffffff817a3068
[  547.726917][T19703] RDX: ffff888024cfa440 RSI: ffffffff817a3075 RDI: 0000000000000001
[  547.733023][T19703] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  547.735499][T19703] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  547.738006][T19703] R13: ffffffff8afdd750 R14: 0000000080000000 R15: 0000000000000000
[  547.744172][T19703] FS:  0000000000000000(0000) GS:ffff8880d69c8000(0000) knlGS:0000000000000000
[  547.746948][T19703] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  547.752623][T19703] CR2: 000055557ca65808 CR3: 000000000e380000 CR4: 0000000000352ef0
[  547.759211][T19703] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  547.761695][T19703] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  547.764163][T19703] Call Trace:
[  547.765235][T19703]  <TASK>
[  547.766251][T19703]  idr_for_each+0x143/0x270
[  547.767773][T19703]  ? __pfx_idr_for_each+0x10/0x10
[  547.772766][T19703]  ? kfree+0x2b4/0x4d0
[  547.774136][T19703]  ? kfree+0x2b4/0x4d0
[  547.775465][T19703]  ? kfree_const+0x55/0x60
[  547.776974][T19703]  ieee80211_free_hw+0x59/0x1d0
[  547.781926][T19703]  ? kobject_put+0x210/0x5a0
[  547.783536][T19703]  hwsim_exit_net+0x3fd/0x7d0
[  547.785094][T19703]  ? __pfx_hwsim_exit_net+0x10/0x10
[  547.786737][T19703]  ? ip_vs_sync_net_cleanup+0x72/0xb0
[  547.791853][T19703]  ? __ip_vs_dev_cleanup_batch+0xb1/0x290
[  547.793857][T19703]  ? __pfx_hwsim_exit_net+0x10/0x10
[  547.795632][T19703]  ops_undo_list+0x2ee/0xab0
[  547.797252][T19703]  ? __pfx_ops_undo_list+0x10/0x10
[  547.802265][T19703]  ? cleanup_net+0x334/0x890
[  547.803837][T19703]  ? idr_destroy+0x62/0x2e0
[  547.805376][T19703]  cleanup_net+0x408/0x890
[  547.806834][T19703]  ? __pfx_cleanup_net+0x10/0x10
[  547.812157][T19703]  ? rcu_is_watching+0x12/0xc0
[  547.813708][T19703]  process_one_work+0x9cc/0x1b70
[  547.815278][T19703]  ? __pfx_process_one_work+0x10/0x10
[  547.817040][T19703]  ? assign_work+0x1a0/0x250
[  547.821981][T19703]  worker_thread+0x6c8/0xf10
[  547.823556][T19703]  ? __pfx_worker_thread+0x10/0x10
[  547.825231][T19703]  kthread+0x3c5/0x780
[  547.829825][T19703]  ? __pfx_kthread+0x10/0x10
[  547.831340][T19703]  ? rcu_is_watching+0x12/0xc0
[  547.832905][T19703]  ? __pfx_kthread+0x10/0x10
[  547.834426][T19703]  ret_from_fork+0x5d7/0x6f0
[  547.835902][T19703]  ? __pfx_kthread+0x10/0x10
[  547.840646][T19703]  ret_from_fork_asm+0x1a/0x30
[  547.842258][T19703]  </TASK>
[  547.846927][T19703] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  547.849222][T19703] CPU: 3 UID: 0 PID: 19703 Comm: kworker/u32:13 Not tainted 6.16.0-syzkaller-11105-ga6923c06a3b2 #0 PREEMPT(full) 
[  547.852979][T19703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  547.856319][T19703] Workqueue: netns cleanup_net
[  547.857848][T19703] Call Trace:
[  547.858940][T19703]  <TASK>
[  547.859939][T19703]  dump_stack_lvl+0x3d/0x1f0
[  547.861500][T19703]  vpanic+0x6a3/0x780
[  547.862832][T19703]  ? __pfx_vpanic+0x10/0x10
[  547.864347][T19703]  ? ieee80211_free_ack_frame+0x5a/0x60
[  547.866118][T19703]  panic+0xca/0xd0
[  547.867325][T19703]  ? __pfx_panic+0x10/0x10
[  547.868796][T19703]  ? check_panic_on_warn+0x1f/0xb0
[  547.870402][T19703]  check_panic_on_warn+0xab/0xb0
[  547.871976][T19703]  __warn+0xf6/0x3c0
[  547.873230][T19703]  ? __pfx_vprintk_emit+0x10/0x10
[  547.874853][T19703]  ? ieee80211_free_ack_frame+0x5a/0x60
[  547.876652][T19703]  report_bug+0x3c3/0x580
[  547.878104][T19703]  ? ieee80211_free_ack_frame+0x5a/0x60
[  547.879954][T19703]  handle_bug+0x184/0x210
[  547.881373][T19703]  exc_invalid_op+0x17/0x50
[  547.882827][T19703]  asm_exc_invalid_op+0x1a/0x20
[  547.884391][T19703] RIP: 0010:ieee80211_free_ack_frame+0x5a/0x60
[  547.886346][T19703] Code: 31 ff e8 b9 52 69 fe 31 c0 5b 5d e9 50 94 97 00 e8 eb b0 bd f6 c6 05 7c 66 95 05 01 90 48 c7 c7 40 3e 08 8d e8 27 57 7c f6 90 <0f> 0b 90 90 eb c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  547.892527][T19703] RSP: 0018:ffffc900035578d0 EFLAGS: 00010282
[  547.894433][T19703] RAX: 0000000000000000 RBX: ffff888061112dc0 RCX: ffffffff817a3068
[  547.896911][T19703] RDX: ffff888024cfa440 RSI: ffffffff817a3075 RDI: 0000000000000001
[  547.899415][T19703] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  547.902032][T19703] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  547.904579][T19703] R13: ffffffff8afdd750 R14: 0000000080000000 R15: 0000000000000000
[  547.907020][T19703]  ? __pfx_ieee80211_free_ack_frame+0x10/0x10
[  547.908927][T19703]  ? __warn_printk+0x198/0x350
[  547.910438][T19703]  ? __warn_printk+0x1a5/0x350
[  547.911950][T19703]  idr_for_each+0x143/0x270
[  547.913426][T19703]  ? __pfx_idr_for_each+0x10/0x10
[  547.915020][T19703]  ? kfree+0x2b4/0x4d0
[  547.916357][T19703]  ? kfree+0x2b4/0x4d0
[  547.917729][T19703]  ? kfree_const+0x55/0x60
[  547.919238][T19703]  ieee80211_free_hw+0x59/0x1d0
[  547.920812][T19703]  ? kobject_put+0x210/0x5a0
[  547.922279][T19703]  hwsim_exit_net+0x3fd/0x7d0
[  547.923769][T19703]  ? __pfx_hwsim_exit_net+0x10/0x10
[  547.925426][T19703]  ? ip_vs_sync_net_cleanup+0x72/0xb0
[  547.927167][T19703]  ? __ip_vs_dev_cleanup_batch+0xb1/0x290
[  547.929074][T19703]  ? __pfx_hwsim_exit_net+0x10/0x10
[  547.930790][T19703]  ops_undo_list+0x2ee/0xab0
[  547.932300][T19703]  ? __pfx_ops_undo_list+0x10/0x10
[  547.933947][T19703]  ? cleanup_net+0x334/0x890
[  547.935414][T19703]  ? idr_destroy+0x62/0x2e0
[  547.936852][T19703]  cleanup_net+0x408/0x890
[  547.938358][T19703]  ? __pfx_cleanup_net+0x10/0x10
[  547.940044][T19703]  ? rcu_is_watching+0x12/0xc0
[  547.941676][T19703]  process_one_work+0x9cc/0x1b70
[  547.943386][T19703]  ? __pfx_process_one_work+0x10/0x10
[  547.945169][T19703]  ? assign_work+0x1a0/0x250
[  547.946632][T19703]  worker_thread+0x6c8/0xf10
[  547.948087][T19703]  ? __pfx_worker_thread+0x10/0x10
[  547.949694][T19703]  kthread+0x3c5/0x780
[  547.951001][T19703]  ? __pfx_kthread+0x10/0x10
[  547.952457][T19703]  ? rcu_is_watching+0x12/0xc0
[  547.954003][T19703]  ? __pfx_kthread+0x10/0x10
[  547.955462][T19703]  ret_from_fork+0x5d7/0x6f0
[  547.957058][T19703]  ? __pfx_kthread+0x10/0x10
[  547.958704][T19703]  ret_from_fork_asm+0x1a/0x30
[  547.960381][T19703]  </TASK>
[  547.962017][T19703] Kernel Offset: disabled
[  547.963379][T19703] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:13:34  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000002 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff8e5c1120 RBP=0000000000000000 RSP=ffffc90003a27658
R8 =0000000000000000 R9 =0000000000000000 R10=00000000ffffffff R11=0000000000000001
R12=000000009ae50801 R13=ffff888026af0000 R14=0000000000000000 R15=ffffffff8e5c1120
RIP=ffffffff8197a250 RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66c8000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f2119ee7d60 CR3=0000000114c85000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160c01b ffffffff8160ba4e
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160ba4e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcfb1a2e46 00007ffcfb1a2e4c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e0a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e17
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e11
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e25
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12eab
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12f89
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160b363 ffffffff8160b31e ffffffff81601ef8 ffffffff81601ef8
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f21008ed100 00007f20ffd87460 00007f2000040008 0000000f0010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffd874b8 00007f20ffd874b0 00007f20ffd874a8 00007f20ffd874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000003 RBX=ffff88806a5332a8 RCX=0000000000000002 RDX=0000000000000000
RSI=ffffffff8c15fb00 RDI=ffffffff8df5ae68 RBP=0000000000000001 RSP=ffffc90005107030
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=000000000000e485
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81a0afc9 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb158cc56c0 ffffffff 00c00000
GS =0000 ffff8880d67c8000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000018000 CR3=0000000038db4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffff8000 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe6e7cd210 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612ddf
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612dd7
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612e0a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612e17
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612e11
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612e25
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612eab
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5cd612f89
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003073250073255f 6f745f3168746576 00315f6576616c73 5f73250073255f6f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 001556000056005f 4a515f144d514053 00145f4053444956 5f56000056005f4a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000046 RBX=ffffffff8e5c1120 RCX=00000000ef9d33e4 RDX=0000000000000000
RSI=ffffffff8de2752d RDI=ffffffff8c15fb80 RBP=0000000000000002 RSP=ffffc9000061fa38
R8 =0ac0d5affe09d4ff R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8197c782 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d68c8000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055557ca78588 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a1af7329f3731280 a1245675b90a63cc
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5b73202133bcfc87 153f0ca4a033ddba
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2afe02efa54283e5 3ab2fc4be3211e7b
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c6b5dba9e2cefa12 2945bc4f56f61e45
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005540
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c79656c4c819b47 1d00000144000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c797965000023e0 4c82bc5600000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c819340ca000001 2200000146000001
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000168000000 4c82b96b68000001
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 157b474b64b37dca 6f50257783aea6fa
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b8d226a694994434 7afce34e6d9e1652
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb157f874a8 00007fb157f874a0 00007fb157f87498 00007fb157f87470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb158aed100 00007fb157f87460 00007fb157f87478 00007fb157f874c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb157f874b8 00007fb157f874b0 00007fb157f874a8 00007fb157f874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000006c RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85634155 RDI=ffffffff9b1120e0 RBP=ffffffff9b1120a0 RSP=ffffc90003557230
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000006c R14=ffffffff9b1120a0 R15=ffffffff856340f0
RIP=ffffffff8563417f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69c8000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055557ca65808 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcfb1a2cc0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcfb1a2e46
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcfb1a2e46 00007ffcfb1a2e4c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e0a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e17
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e11
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12e25
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12eab
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f20ffc12f89
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000