last executing test programs:

33m1.176660568s ago: executing program 32 (id=10):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f909, 0x0, '\x00', @p_u32=0x0}})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000)

31m35.584907139s ago: executing program 33 (id=564):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000004000000080000040"]) (async)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r3, 0x7dfff000)

30m5.515850254s ago: executing program 34 (id=1190):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xdddd1000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0x10000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x4, 0x0, 0xff, 0x0, 0x6, 0x3, 0x4}, {0xeeee8000, 0x2000, 0x9, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x3000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x26}, {0x80a0000}, {0xdddd1000}, 0xddf8ffcb, 0x0, 0xf0ffffffffffff, 0x40361, 0x0, 0xd01, 0x0, [0x0, 0x0, 0x1]})
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x264802, 0x0)
read(r4, &(0x7f0000000080)=""/170, 0xaa)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r6, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r5, 0x3b89, &(0x7f0000000180)={0x28, 0x0, r7, r6, <r8=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r5, 0x3b89, &(0x7f0000000200)={0x28, 0x0, r7, r8, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
ioctl$IOMMU_HWPT_INVALIDATE$TEST(0xffffffffffffffff, 0x3b8d, &(0x7f0000000280)={0x20, r8, &(0x7f0000000240)=[{0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x3}, {0x0, 0x1}], 0xdeadbeef, 0x8, 0x6})

20m51.004682166s ago: executing program 35 (id=5659):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x20902, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000340), 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff6)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0x4004743d, 0x110e22fff6) (async)
ioctl$TUNSETOFFLOAD(r5, 0x4004743d, 0x110e22fff6)
close(r5)
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000000)=0x3bc8)
preadv2(r1, &(0x7f0000001600)=[{&(0x7f00000001c0)=""/108, 0x6c}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/11, 0xb}, {&(0x7f0000000240)=""/218, 0xda}, {&(0x7f0000001440)=""/48, 0x30}, {&(0x7f0000001480)=""/90, 0x5a}, {&(0x7f0000001500)=""/218, 0xda}], 0x7, 0x830, 0x2, 0x1c)
syz_open_dev$video4linux(&(0x7f0000000040), 0x5, 0x0) (async)
r6 = syz_open_dev$video4linux(&(0x7f0000000040), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r6, 0xc0205649, &(0x7f0000000000)) (async)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r6, 0xc0205649, &(0x7f0000000000))
write$ppp(r5, &(0x7f00000016c0)="75c8da30ee", 0x5) (async)
write$ppp(r5, &(0x7f00000016c0)="75c8da30ee", 0x5)
write$sequencer(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="81050018a066e9008106"], 0x10)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000380)={0x40, 0x280, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, {0x0, 0x0, 0x100000}, {0x40, 0x0, 0x1}, {0xfffffffc}, {0x10000}, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x8, 0x0, 0x0, 0x5})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f0000001680)={0x6, 0x103, 0x2, {0x6, 0x1, 0x200, 0x9}}) (async)
ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f0000001680)={0x6, 0x103, 0x2, {0x6, 0x1, 0x200, 0x9}})
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)

19m1.912181775s ago: executing program 36 (id=6271):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x800, 0x0) (async)
r1 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0xc8400, 0x0)
ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, 0x0)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
write$dsp(r2, &(0x7f0000002000)='`', 0x88020)
ioctl$AUTOFS_IOC_READY(r1, 0x9360, 0x7) (async)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_async', 0x1c1442, 0x1a7b76cf8118a6b9)
syz_open_dev$sg(&(0x7f0000000100), 0x4, 0x103000) (async)
write$6lowpan_enable(r3, &(0x7f0000000040)='1', 0x1) (async)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x800) (async)
read(r3, 0x0, 0x28) (async)
read(r0, &(0x7f00000001c0)=""/148, 0x94)

16m51.400500948s ago: executing program 7 (id=7431):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000001, 0x10010, r1, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

16m51.302613734s ago: executing program 7 (id=7433):
r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cgroup.max.descendants\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x56ec0000000, 0x12)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8a000, 0x0)
r1 = syz_open_dev$video(&(0x7f00000000c0), 0xfffffffffffffff9, 0x200)
ioctl$VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x8, 0x5, 0x3, 0x0, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000140)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4, 0x426c3, 0x36bf12})
preadv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/102, 0x66}, {&(0x7f0000000240)=""/131, 0x83}, {&(0x7f0000000300)=""/37, 0x25}, {&(0x7f0000000340)=""/222, 0xde}, {&(0x7f0000000440)=""/14, 0xe}, {&(0x7f0000000480)=""/180, 0xb4}, {&(0x7f0000000540)=""/23, 0x17}, {&(0x7f0000000580)=""/154, 0x9a}], 0x8, 0xa, 0x52)
close(r0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x8, 0x110, r1, 0x40a6f000)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f00000006c0), 0x802, 0x0)
write$UHID_CREATE(r2, &(0x7f0000001700)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000700)=""/4096, 0x1000, 0x0, 0x401, 0xff, 0x1, 0x40}}, 0x120)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000001840)={0x6, 0x8, 0x1, {0x6, @pix_mp={0x9, 0x9, 0x2036315a, 0x5, 0xd, [{0x13b3, 0x7a7}, {0x80000001, 0x7ff}, {0x8}, {0x4, 0x4}, {0xc, 0xfffffffa}, {0x8}, {0x2, 0x1}, {0xff, 0x401}], 0x9, 0x9c, 0x1, 0x1, 0x5}}, 0x101})
ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000001940)={0x4, @output={0x1000, 0x0, {0x5, 0x8}, 0x6, 0x1}})
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000001a40), 0x40000, 0x0)
ioctl$FBIOGETCMAP(r3, 0x4604, &(0x7f0000001b80)={0x600000, 0x7, &(0x7f0000001a80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001ac0)=[0x0], &(0x7f0000001b00)=[0x0], &(0x7f0000001b40)=[0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000001bc0)={0x0, <r4=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000001c00)={r4})
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000001c40), 0x40, 0x0)
ioctl$FBIOPUTCMAP(r5, 0x4605, &(0x7f0000001d80)={0xd, 0x3, &(0x7f0000001c80)=[0x3ff, 0x1, 0x0], &(0x7f0000001cc0)=[0x5], &(0x7f0000001d00)=[0x9, 0x5, 0xcc, 0x3, 0x7, 0x8], &(0x7f0000001d40)=[0x1, 0x2, 0xc40, 0x4c8, 0x204a, 0x61fa, 0x2f69]})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000001ec0)={&(0x7f0000001dc0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000001e00)=[<r6=>0x0, 0x0], &(0x7f0000001e40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x2, 0x8, 0x6})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000001fc0)={r6, 0x1, &(0x7f0000001f00)=[0x1], &(0x7f0000001f40)=[0x3, 0x0, 0x6, 0xe, 0x7, 0x8, 0x5, 0x6], &(0x7f0000001f80)=[0x200, 0x66a]})
r7 = dup(r1)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f00000020c0)={0x1, 0x0, 0x1000, 0x1d, &(0x7f0000002000)="2fcdcbb5122498d09f39887de9a69691698bae6996c39f18c102e926c6", 0x79, 0x0, &(0x7f0000002040)="39b35b804dee2881c12575a0cd0fee111a033fd91a20a70eb0b5adef281856c2bbb11c634a6feaa7aea9f03a4a8a3db2bf396cae5e7bc77b2976503f668cf2684eae8e5ca713f2f8cd599a8eaaa4c7891d86d5af8bcea18dd058d21fd1e61199797b1e2546781ca79875bce4ccba666cf1fab442fc58e58295"})
openat$kvm(0xffffffffffffff9c, &(0x7f0000002140), 0x800, 0x0)
ioctl$UI_DEV_SETUP(r7, 0x405c5503, &(0x7f0000002180)={{0xff, 0xbbf, 0x101, 0x4}, 'syz1\x00', 0x12})
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000002200), 0x1, 0x0)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000002240)={'\x00', 0x9, 0xac, 0x6, 0x800, 0x0, <r9=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_CLIENT(r8, 0xc0286405, &(0x7f00000022c0)={0xc, 0x40, {0xffffffffffffffff}, {<r10=>0x0}, 0x2, 0xc5})
ioctl$DRM_IOCTL_GET_CLIENT(r7, 0xc0286405, &(0x7f0000002300)={0x0, 0x400, {r9}, {r10}, 0x81, 0x2})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000002340)={0x2710, 0x0, 0x4000, 0x1000, &(0x7f0000ffb000/0x1000)=nil})

16m47.19619066s ago: executing program 2 (id=7467):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r0, 0x5111)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x480000, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r4, 0x4038ae7a, &(0x7f0000000000)={0x2, 0x413, 0x0, 0x0, 0x10})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000000)={0x43, 0x0, <r6=>0x0})
ioctl$IOMMU_DESTROY$ioas(r2, 0x3b80, &(0x7f0000000540)={0x8, r6})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r5, 0x0, 0x0, 0x0, <r7=>0x0})
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000200)={0x8001, 0x2, 0x3, 0x0, 0x2})
ioctl$RTC_UIE_ON(r8, 0x7003)
ioctl$SNDCTL_SEQ_PANIC(r1, 0x5111)
ioctl$RTC_SET_TIME(r8, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x17, 0x9, 0x4f})
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, &(0x7f00000003c0)={0x28, 0x2, r7, r6, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000380)})
syz_open_dev$usbmon(&(0x7f0000000140), 0x4, 0x0)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$RTC_ALM_SET(r8, 0x40247007, &(0x7f00000001c0)={0x37, 0x27, 0x7, 0x9, 0x4, 0xfff, 0x5, 0x76, 0x1})
ioctl$VHOST_GET_VRING_BASE(r9, 0xc008af12, &(0x7f00000000c0))
r10 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000002c0), 0x1b9080, 0x0)
r11 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x3834c3, 0x0)
ioctl$SNDCTL_TMR_STOP(r11, 0x5403)
r12 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000180), 0x48000)
mmap$qrtrtun(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x0, 0x12, r12, 0x148)
r13 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0xad82, 0x0)
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000280)=&(0x7f0000000240))
write$sndseq(r13, &(0x7f00000005c0)=[{0x6, 0x0, 0x1, 0x10, @tick, {0x4}, {}, @addr={0xff, 0x7}}, {0x0, 0x0, 0x0, 0x0, @tick=0xad, {0x0, 0xa}, {0x1}, @queue}, {0x0, 0x0, 0x1, 0x0, @time={0x3, 0x400000}, {0x0, 0x9}, {}, @control={0x1, 0x5a}}, {0x0, 0x0, 0x0, 0x0, @tick=0x2, {0x7a}, {}, @raw8={"6f89cc669f3dfdb54a20e13f"}}], 0x70)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1e984a12, 0x202812, r10, 0x7dffd000)

16m46.744639052s ago: executing program 2 (id=7470):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x0, 0x0})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x836da000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

16m46.72144172s ago: executing program 7 (id=7471):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x20280, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'batadv_slave_0\x00', 0x1})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x1)
r3 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x101700)
ioctl$SG_GET_VERSION_NUM(r3, 0x2284, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r4, 0xc0046209, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045542, &(0x7f0000000240)=0x9888)
mmap(&(0x7f0000b16000/0x3000)=nil, 0x3000, 0x8, 0x10010, r1, 0xae8c000)

16m46.481088071s ago: executing program 7 (id=7472):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0105702, &(0x7f0000000440)={0x2, "418a814ada2b7b5ddf6df93463b735c8394113315b0708dddb36a3de0f0aa92a"})
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000001340), 0x5, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f0000000000)={0x1, @pix_mp={0x0, 0x0, 0x38414762, 0x8, 0x0, [{0x0, 0x8}]}})
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r3, 0x7dfff000)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (async)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) (async)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0105702, &(0x7f0000000440)={0x2, "418a814ada2b7b5ddf6df93463b735c8394113315b0708dddb36a3de0f0aa92a"}) (async)
dup(r0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0) (async)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
syz_open_dev$vim2m(&(0x7f0000001340), 0x5, 0x2) (async)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f0000000000)={0x1, @pix_mp={0x0, 0x0, 0x38414762, 0x8, 0x0, [{0x0, 0x8}]}}) (async)
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r3, 0x7dfff000) (async)

16m46.38351249s ago: executing program 2 (id=7474):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r2 = dup2(r0, r1)
read(0xffffffffffffffff, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0), 0x802, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) (async)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000240)={'wg1\x00', 0x200})
ioctl$TUNSETSNDBUF(r4, 0x400454d4, &(0x7f0000000040)=0x7) (async)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00'}) (async)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x12) (async)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff}, './file0\x00'})
ioctl$UI_SET_SNDBIT(r5, 0x4004556a, 0x4200000004) (async)
ioctl$UI_DEV_CREATE(r2, 0x5501) (async)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDMKTONE(r6, 0x4b30, 0x8000000000000001) (async)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
r8 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RNDADDENTROPY(r8, 0x40085203, &(0x7f0000000180)={0xffffff58}) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r7, 0x0)
mmap(&(0x7f00005d9000/0x3000)=nil, 0x3000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

16m46.292783571s ago: executing program 7 (id=7475):
r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0xb, @vbi={0x38305343, 0x0, 0x7, 0x47425247, [], [0x3]}}) (async)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0585609, &(0x7f0000000180)={0xfffffffe, 0x2})
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x8042, 0x0) (async)
r3 = syz_open_dev$vim2m(&(0x7f0000000480), 0x800, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000080)={0x15, 0x2, 0x1, "b427ec0600000000fd000900005200ffff09400000000000000000b0d8156b00", 0x47504a4d}) (async)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r4, 0x3b88, &(0x7f0000000200)={0xc, r5}) (async)
ioctl$IOMMU_DESTROY$ioas(r4, 0x3b80, &(0x7f0000000380)={0x8, r5}) (async)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000040)=0x8) (async)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f0000000040))
r7 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r7, 0x4112, 0x0) (async)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000340)=0xfffffffe) (async)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84002, 0x0) (async)
r9 = syz_open_dev$loop(&(0x7f0000000080), 0xc3, 0x8513c27d7bee296a) (async)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/rcu_normal', 0x84102, 0x68)
lseek(r10, 0x100000002, 0x1) (async)
ioctl$SNDCTL_DSP_GETOPTR(r10, 0x800c5012, &(0x7f00000001c0))
close(r0) (async)
r11 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r11, 0x5423, &(0x7f0000000400)=0xf) (async)
read(r11, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r9, 0x4c0a, &(0x7f0000001ac0)={r8, 0x0, {0x0, 0x0, 0x0, 0x1, 0x9, 0x0, 0x9, 0x17, 0x0, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7372fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r12 = dup(r9)
write$UHID_INPUT(r12, &(0x7f00000003c0)={0x8, {"a456ac27f3c7b53a811e4d5240c7102a1b6a779f3793a654cd887800e9b53ef232dec3939ac78fbc41fcc91febd39ad1bf6f892eadbc96e3a830c487f548c9c0e39c380ddea4ae8b12e1c51e335d186977819158fe3e47da9f4b32f6df3d31455b35ab3f4c0936c8863dbd2725fcddaa83728e1912ce13d0b9933edda6348f035d7bf1a9cb905a609f79745d732ec963559681789696584851f7b2ef2f8b858a7a4c6fb4556f985c4407ae2a3a3b19f513a0a10bfc751b6688f05406219657ca898e69a56694b795f59dc4b5e64dbea1970a5ab477ead2180b3780c33aa1d691232ac28580c76288e8ec504a35238e27793c2da55569cb8a778b2361128309350309c9b8ee691e2ffbb52c7a3a2ca62ffe231ea9c29672e52333b79dd6c2bddb806faba898f94ec552d7b572e681b50e687003a22d533940cbd4f5b72981d2ff11595951327954893a9f8aeb56254469768f004d13d7a42960d3302408e82055369f5396e8fb59af05f8979dda7feb6a7662b35e87a062698633f45f8f3c12bb8c9dbab808e1f6e021fbade5e201943918e1d9531f57b1189a7b4177c35c2f405a39846ceee79bd9ca444fb61c2d388053f0215ecdd7c21d691722c9bcdb43c63f55ddc3a5bfb264e2bd105f6d76602c0e7cb1cadc450ffdc3003e13f7dd7f4f2451388d0e4bf2bd3e7d5a83596093e967419ef6d3714bd19e7758bca6bba713d20f73097fe45119a0147b1a187b2273453a8d11f78f828919b73130b4d1abc56ce19c6b9f0557d5c8c1d932919f779165c22b824a3107712a9b84fab3f80a1330730d3b7590d2bdae6694aec36c4197cf7fac20597e67e5fa6553dc2efe7fe8bf22b6f415c8112647ad2570ec18123cbfae3e8a2a8e5026387df8805219711d4839f64d26175ca4655053e0332a0dd12b15cb67749fc49f11e582a22dacc177d551efb8f7cde3c4f95f9974d5dbc5a7c2ec9282ab35c13b25fc3a2ff34e7294b6fe306d67039f495b273f48c69a86c638cd6ff091b8906cf8209bb694fc79bda8ff257d5b36a6af76375db242c040d4e5a5c9ce23679443b5f16d890edfeb0d35d7f6f4666bcd8fd94ca292f8bfb1bab4741b707e9a4ada09f41a9db06f45ab02aedff4a5ae247827de6c187d737242cfc6951355711d630d488514d467319abb2747ab49acbaef5e7ae6b91d421f84505d1862a4411b4949d1c8a732cca145a199379b8978ad639a26e08d09d52d7d0cddcc788b88ad3459fe4afc33a9f493ab6b56d7847954a2feeef0de010727d98e4bdc23a05f5728795b077c62052a1f2b8466fee1c829fe3f9bd1d8c872153806d69e028f9cf643972984a15cf630fc4716837a7d04e5c633bc9915aedfb8e8f6695cb80eca6d267d5087cf84d8551263f28577d18899b167a5067eb72835929e825245d40d4e402ab7af200e72019b0e6911b8b6bf405e8805a78ab7475f3efd5635c3cb288937a7fb165e6e3b86f0109238c03031ff2c971a548813119c5328b379bb39b5abe87865f264f6fcc296930853a45f472f5ce068ccde75675198dc5a1e1b1d947e5867b6368c75c455f294c3679846f55abb5ec4ece022543fe77f2eaa2e2b0c02c71acc56945fb59a9a5fa8486b7de35d76f63331dc9caa3a5955d7eda1088bea7e3d82e8a3d70c1b584d9b8752b4721d068e0d09cae8a39df99ed8a4c07c48ae2364927800d7475bd55bbdcab4caa0c23ef0bc9a70ba6f32f0aa86a0ad09cd2b1d442b3cec2f20fc0122ecb783cf6a6fd276d030bbf991a981272f5afa179628ab97e948342a789f0be38e3a4a13b7d148a0c32c85fcd319c487a1ecbcee77fa655bc3349ad92adb163d2ec49dc76a72e45ee643dcf8f401bfbd7f82c979c09ef74d32d0e8848dce45534e30d5f2df642120d617342436d1a73b5dd7770bf38be44d4df2dabd60748670d24e8486ea2457a409482e4c267f0a67af33e63391cf64b079629d50670041965f2250dc4f8529a586e4d408d1f76a60f4bc9ddd9b466abf7b470544cd45f6819d82364dc37a48f8243c06e5f7906bb666fe2b93cfbc66d857b53b978ae83e93d5732e3929ac484a452082d505c567b32735553c78d51c3d3ab9cd19ae03de5b005d24265d70290b350a3ef357fa8b4dfe1058e22793e82d7e4c92c024b0d5058e2e3cc34095674768c210a640b1a6e28290c9e70afa68722465897b2cd061da0a1c6ac1d33e2d22f5d9e3799212d1809ae6d2683491ef35e6b5c8b44e0765b143f754521371069d53b08711ba1f6dc7a69405e240208ed9d0f726a625d2e0114d168d364b5213e9f4d8a9221d9f72dda69519ad0f21cb53ba67b66ad217909c9f70631833bd677e040176aeecbb29f5101a5c068838fd8e97ebdad1ca688b72b4991ce50cf826d28b59bd6d956621509fb89fcbcb1be2fe2fb1b1ca3bea242e1dfe4521ee8b1a2bc437d790d671686c3e049e3b3bf1c614a1da7f37709f2410fc93b33899efcb4f6e175578540858b548a166b010dbadacf4d8e24a0eaf4727d451c5cbff2d22f6374935365e1e4fadaa4faa857164faf9c069995801160c63ac365b6aaa48ea250c9520f9ad1c7ae77ab82538ecf182595ee10803769335be371db53dd70707bf66a1af595ecf2e940c3d0feb7abe09f0e588db00b1c503fb01f1a7bcb389c0510655f3fac0ea5a81fe09040430b1add61d8fb1d3fd33dca0a1435d841ff480b2979760ab6b91d5101f69ea23b62a0b9a4fed85037d310f7726e50d3c6aaa59d4a6cc0f11a272a3e94a2ba41070f04574c466161de21bd6f49e243f8aef23c0eb475dfdd84a4551d4620332d6f1523b948d62883f901807c78f8ee0eec064964df975e2502fdaff19cd9a704f7e04ae4697745b22be4b89f6387fef292a59d4d2e8fabed9db7a66ad2500e49587660679ab72e0bf1f9cb12421d988d431b9ae3f19423e9e1d69c933990273d440c68525dedaafcefc8c787b459fde83a816fdb8639dd560fd01e033cf8fffdcd0bf34860cf962d30a34d5bdc349004f80e10572b2f52e1cb157a8868ccbd8b1b61cfbe4b78fd01fca21c4659d68cbd8425ed3a2af010843e6cfb4768774ab91150e2a66685f4cafb2d043190873bbfd95bcc75f4ad7fe4023eaf9b50b2bc74e5cf88329cbcd7335e48283f1ffd762f06283d93a4c6e8833bd55f87d8ab8d14facbb767b53fec8d0f0dae2f144c51c659459d13f95031074fbba0e17e2ec956927bef32e38d346acb9bb4db4b2ea7f7c47a5d639a054e1f189e09b29afd84abb440d58038399c4fac3ffa884ac6b22d220a291cab18303b7308709ef28bf14c3c6f7cd4f1a997aae3d427ac5c64d3b0cc30c16f33c335303d75541c11dab4fef5f56c2f19146e8e3104528b585945aff0af2b56ccf412fc0f159e17f0d6ece72b37adbc5db4c4e3032bebb54bde73582f9a1420779d7887e3c45093f1dc3a0b7c9c5b73284b7047ed71b8eeb933cb182981dce900717b8ab7ee1655057175f35bb9eacade726d7af0627e6faa7b3e87bd71d4a897ebec7331f3e0482fa04dc93a11059f7c9fe41856799f59ac0e73df0442d6d0d12b3a93362c5ea015a2ee9d2909ff3202c1a078ea60a3135fdef29ff1380929afa48e5e91f5da597e056faf06d8d1a9b9fb672c40c5fd43a4dee623ade05f89f6180720f4015d30b88df4114255c361e2d39c294cf384f997e09aed5285c45c6c5fceaaa893d5b4760379dba107152ad689856114f604b7a400cd57a493328abeb4f1fc35d76f34eb66a2ae265106c61deaf014f5da27e02589643ff2b62baf40819ea6c9afbf1555730bb75497ec720e229a6850ab4c04edefb4749cdc67d1bcf59180280b84f5d7b93198242cda3db8969ebc3df539f29995766df17c1105fa216428906aead72c67f649f97d20202194fde9255e4a3a2eac5dc1ef174b309f8d14228551b107c0e6c7952ff6e93d56d5e625b04a5def275162c7e8f58fe3ef72b5b2b789fc03d61c43d86f897a95d676d7dc96ba34ea46e42465d7346c8670928ea2f1905dd5ef31e3e0ff555804b9e295162e9220618d1a444d66df69bcb223dadbe4ede5031861372d6931b8b7e9a0ca9a365d6f20d31dfb3e55fe7abf2014a89dff1ea8afb528bc71987a136ab45b04ae3c206fa9fb9d83d4a85f7db1de4e26732d76792a7c26d5a09f7f9b2d58e83c828ae14c1b8a2923c7f815f720454352c7dda4c76ddfa2eeba69f90b80e61b73d2847a96dd4f2d6932375f739721db92adc1dc0d3ac9768c91a5af287ebabf1467447c2036b59fb025e41dad97bd9a2ce1ad75e23c0668b7da6e4a8a737c1fd501943e307a3b9c0ef126fcdfe9bed260ae13d6af63609d44be71d3b05e664cfda61525f9a67f0494014a34321281c2ea19d08702549a84ad6e76ecd3e91654bad52c90f9f9d46300f823c636392ff475db328d3246147ba76d5756116c8e629cc54c880134d21af12855626b686c680f5c9000a6dd2632ccf20727a834ba9740e963fc625d7e9b5c6a61f8041982cb7bf8bf89611827efbed62a6bc160856a676366b260010b0714382653dc077d2782d5266095c21ef3f4c4df1d40cdb9dab477cde26c7b6e9cfa934d9c83ba35e807b9b9e3af8233e1cb9f933e15818221e08877f9bc32c42da68f57d15e79005955de17039175a9b15714bdd08fabca48027d8cf97ad02bcadd44b6c62c47691d900d1d193418337d24231e012a98805d8e9e935dc93908d70b463a92d9aa8fca659e10f00d160e755e8d8e7a5453a78fac0f781ab120f0f8569c85c21d63763a774036dd98cae0abf820ef0d039d0f162a3625807c699777339062d749f0ef3425545f389be74125f360b1c00841df34449616c4eafdc15aa8943673ae18d7394a3289c1c2419f628c5bcfc9fccdfc17d19a9aeffafe327c3d15a59428738460465c415bb5887232347d79ef1bb5a837c1c922858168e01a324ac359cc70e25268a396668211a42b1e930d510738054a9643da199dab1fc7c673ef00ffe3cfa8950dfee1242859a9ce35fee2fea7513cebe0bf632f2b9ecd894f3aa4f0c4ff2d1fd02254574a730a75373db2470252ece01487a3e673359caf6b8281a85c64130b506a908882bf8578b0e5530194599431ba0a3126b2b5ce9b32ab2c1211fdd46159755a56c789a8c2b4d7003599735b4c0b7e6757c456ef9d2f2dcef6c26f6fb44e0cc4f3dd06ec25b5641325a03ddcea3a7a48ef0afbe5274da4e3e29a04c95e152d191975727eb92f710a5cc47d921e66d373cba6a4905aa021f6032cb261e30427dd260f69d9e9847bb700b6e6212582d442809793636a99efd547781db79451c9d962a7abbd1c39726b8e8718234bdc9ff8c400bd0095808b116a8a03713345cd4b31c59ace9de0efa061754e371c0bb06ef22f3f6dd1f499caea7bcee402025155253e1f9392686c8b72baafa394ddc28edfc5e76dadb2c3b16c8cfa6a969a0837362a65013c32a998132a7e44ab735a26d34cb05604d08243cc01fdbf7248bdaba6d0741ce359032ad7dc69f041fe42f03a728256fd798af347aeb713585924a27f8b418b12ab204857771ffe0e579bc60dfcb4022250584dcda56aa36afb3a876eed704a72b5b809378a19a0d8c63fde3a1a6dd90b3ee19e7dd2fee4d245446c3eac42acc139bd25831242eca808949436cd76ad6a4c5bb5a7effb0b7574cb7029d1cd86d41c69f81716bc524dab16a4c723f2545142bd208455b05265c59e623a5363395c555a77df6691e51bde25c8396", 0x1000}}, 0x1006) (async)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, 0xffffffffffffffff, 0x7dfff000)

16m46.167143979s ago: executing program 2 (id=7477):
read(0xffffffffffffffff, &(0x7f00000001c0)=""/161, 0xa1) (async)
ioctl$BLKOPENZONE(0xffffffffffffffff, 0x40101286, 0x0) (async)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc}) (async)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r2, 0x0, <r3=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000680)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffff, 0x749bc, 0x2}) (async)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x6, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x4, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r4, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) (async)
r8 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) (async)
r10 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r10, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r11=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r10, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r11, 0x0, 0x0, 0x0, <r12=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r10, 0x3b89, &(0x7f00000001c0)={0x28, 0x0, r12, r11, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(r10, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r11, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7}) (async)
ioctl$FIBMAP(r9, 0x1, 0xffffffffffffffff) (async)
ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r8, 0xc00464c9, &(0x7f0000000040)) (async)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0) (async)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x581901, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
r13 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r14 = dup(r13)
write$UHID_INPUT(r14, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d09f90750090987f70906d038e7ff7fc6e5539b0d3d0e8b089b33316d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe59}}, 0xfa)

16m46.155443041s ago: executing program 7 (id=7478):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
write$UHID_INPUT(r0, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d480e8b089b3f350068090890e0878f0e1ac6e7049b336d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d076d0936cd3b78130daa61d8e8040000005802b77f07227227b7fa67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e9871540000000000004ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e4843e2808d4743b95bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c6f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20e8911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab9d6203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edcad74b221cfec48000000000000000d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea50000000000000068987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c10900df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d8008d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c46bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78bb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bf340b17cfcfd9c52c9711937f79abb1a124f121fc65483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4f01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8650000878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95a498b562d71565f924779ca1f731b3346ff177050373d79ff7bc1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f79a598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015a08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b686081b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24ae918423922e4e0167584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f13a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307f561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe40}}, 0x1047)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000002c0)=""/243, 0xf3}], 0x3, 0x0, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f00000001c0))
read(r1, &(0x7f0000000100)=""/159, 0x3930a6ac)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f0000000000), 0x3, 0x22800)
ioctl$MON_IOCH_MFLUSH(r4, 0x9208, 0x9)

16m46.018770047s ago: executing program 2 (id=7480):
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000100)={0x2})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x3}) (async)
r2 = syz_open_dev$loop(&(0x7f0000000540), 0x80, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac00", "90be8b38559265406c09306003d8002000", [0x0, 0x2]}}) (async)
ioctl$LOOP_SET_CAPACITY(r2, 0x4c07)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r4, 0x7dfff000) (async)
mmap(&(0x7f0000787000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r1, 0x22fb0000)

16m45.934729053s ago: executing program 2 (id=7481):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
pwritev(r2, 0x0, 0x0, 0x0, 0x5)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0})
read(r0, &(0x7f0000016980)=""/141, 0x57)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x2, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000400)={0xf0f016, 0x2})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r6, 0x4040ae9e, 0x0)
r7 = syz_open_dev$mouse(&(0x7f00000168c0), 0xf6, 0x200)
ioctl$F2FS_IOC_SET_PIN_FILE(r7, 0x4004f50d, &(0x7f0000016900)=0x1)
ioctl$BTRFS_IOC_SPACE_INFO(r0, 0xc0109414, &(0x7f00000001c0)={0xeee, 0x1, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000016940)={0x8, "e24d09ac4059d5f549f3284d3a96e27e3caa61dd1479e80539324c0c9ac02acd"})
r9 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r9, 0xc0305616, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TCSBRK(r8, 0x5409, 0xfd)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r10 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_FFBIT(r10, 0x4004556b, 0x4e)
r11 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20042, 0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1, 0x82)
pwritev2(r12, &(0x7f0000000140), 0x0, 0x81, 0x0, 0x82)
ioctl$USBDEVFS_CONTROL(r11, 0xc0185500, &(0x7f00000000c0)={0x1, 0xb, 0xe0, 0x0, 0x2, 0x2, &(0x7f0000000000)='\r\n'})

16m44.791228571s ago: executing program 8 (id=7484):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000280)={0x10007, 0x2, 0x0, "8eb8a828e53b07f1dd00d87a41bfeae7800400b159fb933948000026098d68d9"}) (async)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0) (async, rerun: 64)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f00000002c0)={0x1, 0x1}) (async, rerun: 64)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x8, 0x7ffffffffffffffc, 0x0, 0x1, 0x1c, 0x8, "f374aaa2f4af11ffffa35d446b8ef9f0732beeb2239ae850dab40884c1b27a779803e2175893261101ba32e857e8b58f6125f9175d01c938ae8800", "958fb6814ef9f09dbad8d6290707422375f850fd0aaf70f8aa755c78425401e200", "34c258af26e2b617d4aa8407f13a0f36bb3c671359e53d1c6c0e03d2f9a13c98", [0x4, 0x400000000002]}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB]) (async)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}) (async)
r8 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r8, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x3, 0xffffffffffffffff, 0x2, 0x6bf, 0x2, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0xfd, 0x1000000, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x2, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
r9 = openat$adsp1(0xffffff9c, &(0x7f0000000380), 0x1, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r9, 0xc0189436, &(0x7f00000003c0))
read$FUSE(r8, 0x0, 0x0) (async)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r11 = dup(r10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r11, 0x0) (async)
ioctl$BLKZEROOUT(r11, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})
ioctl$NS_GET_OWNER_UID(r8, 0xb704, &(0x7f00000001c0))

16m44.396428957s ago: executing program 8 (id=7485):
ioctl$KVM_CAP_HYPERV_SYNIC2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140))
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864b1, &(0x7f0000000340)={0x0, 0x1, 0x0, 0x0, 0x0})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000910000400eca"])
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f00000012c0)={0x140000, 0x0, [0xfffffffffffffff8, 0x1, 0x7, 0x1, 0x100000000000, 0x2, 0x81, 0xf6]})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x25, 0x8000)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r4, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f00000002c0))
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

16m43.823422276s ago: executing program 8 (id=7486):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x80801)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000080)={0x0, 0x0, "27092cfa555702279299fa2716dd2f9323cfe7b40d8b108ce6707549cb26c6c14c886e5bde7477a20e3772522b9b15dd0650e83716c1240aa1d0251a1e4996723eceba0f9af00a979e132db2d3d18da77f695be20bcb5b6cc37b02eae8a78cc781698e7858feda720e1fc83af7557b0f97916ce0ccab55b156620b821b5f9b6d9423fd3979ebac50aa40722562a94171016dceb1b3fff148c736662a8ef9216d75a957b104c49f9ede0b770568b1e23580c1783668eb1e8631f5794bc35acb9a71b9a7238b5d0ba3ec928ba0b5bab037b38429be05e85731f77722d8f3762181dcc4a3895ea0b277e8ce07c7035d9def50e408b65668351d7ae7d9c3f3174a77"})
ioctl$USBDEVFS_CONNECTINFO(r0, 0x8004550f, &(0x7f0000001980)) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000400)={{0x1}}) (async)
ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0) (async)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r2, 0x54a3) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x5422) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) (async)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0) (async, rerun: 32)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000) (rerun: 32)

16m43.735291495s ago: executing program 8 (id=7487):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000000))
r2 = syz_open_dev$dri(&(0x7f0000000400), 0x9, 0x2)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f00000002c0)={<r3=>0x0})
ioctl$DRM_IOCTL_RM_CTX(r1, 0xc0086421, &(0x7f00000003c0)={r3, 0x1})
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r4, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000200)={0x0, <r6=>0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r4, 0xc01864b0, &(0x7f0000000240)={r6, 0x0, 0xd, 0x7})
r7 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

16m43.476340661s ago: executing program 8 (id=7488):
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x111691)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x4, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000000)=0x300)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r3, &(0x7f0000000100)=""/159, 0xfffffe5a)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r4, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

16m43.176692072s ago: executing program 8 (id=7489):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0xffffc000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000340)=0x4, 0x12) (async)
write$UHID_CREATE(r2, &(0x7f00000002c0)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', 0x0, 0x0, 0x0, 0xb, 0x3, 0x4, 0x3}}, 0x120) (async)
r3 = openat$binfmt_register(0xffffff9c, &(0x7f0000000140), 0x1, 0x0)
write(r3, &(0x7f0000000280)="493220ad06fd95cc12d49f", 0xb)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[<r5=>0x0], 0x1}) (async, rerun: 64)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) (rerun: 64)
ioctl$VT_SETMODE(r6, 0x5602, &(0x7f0000000000)={0x8, 0xdc, 0x40, 0x7, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000280)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000000)={&(0x7f00000001c0)="f8195d72721b13142a3b4274d25761cb3730c36f8206f4bb93fc7e1bbca23834291d2b7ce208dddb6fb7e0a3a8f3c01a90d123af088aedee2f2a060e3cb5280daf2242e7a426af1681e3a61935802b5fedcd794c1b2d72acb99a8afb54452cb8529a8d6230b4d60857ee47e53b183e57fd530f240f409de8b594c30b4eb733780187339fad8d75f51b8f2e4cfa5e17d9123c711f9211d2b4e893e1da48a3ac3bd7f777fdb2a62805b29b3b64acc27bad4456d09e38b6902a2dd1ebc25c1169e93d021123a1a27d56980c353d2f4f1913690bdba6ac87cb8d2248d1b398845f846a3f38604a2a6f7f149f", 0xea, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[r5, r7], 0x2, 0x80800})

16m32.092311558s ago: executing program 37 (id=7465):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x40187013, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f360068090890e0878f0e1ac6e7049b3341959b759a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r2, 0xc0045520, &(0x7f0000000000)=0xfffffffa)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x29202, 0x0)
write(r3, &(0x7f0000000380)="fb196dec69a10b2284f761ca101022bcc68752cd2a4ddad8fb4427a23a27b90193ac13a4af86fe765f972d765daff264784bbd7bb9758824e951404b348375ddf05290d0ac0d1193da1090cae4ae32d841f14b4463125af7074084be37266ad8ffda263654000bec6327c11e0e3029907058c64629ad771d9b152fdcc2121b2a355ab2a4754e155e74e1a2618acc20f055d7f69bacaeebdecbcede36c675896677245097c7d87c727afc8890a6acabd6dc660bc389ef8379fb67212653aa766c1d6eca7c7b622835696a5e0ba4c04e7ac7263122337c3dc19d7974310bf43a8251cbc75ff3cffeab3d2e0e9d8e3edbd6bccb93185ab0f08af349c81512f0140643a55eb53a6cae06d378ecc95b7772f3b638d6f34b6ddc61e5014a16be5d7167800e5f992a71983d0698ace86ceb24f3f016bfb640c2833bf3bcba65c329d43e65351c89f9b8a392267438a8c10b0022546cdf39bdd0a57084c8d3a79e97bf75aa5409ff114febd2e48a59d118a4396ff5cee71b8d0b34e63343216281cb47a4a28b329de3104068ec02bd2e849a523c3b92c060dd023c3b9968c3329dd076db9c5f377b94168adc3a766b7f7f941cb4c6b507c77864c839770943f504a7f616b9e7c6b3dc2a81c617c0c6e6f5b0a6d0389ceb0da410e8562bdc5bb88de4a47810a21174488a4d3ef8dcba8a033ecd5f2361c8ba179ed58cf88c335433dfc0f0c1ed5716df27cb1823af02a2ca4f89754f3567b2f51b17f8ef04e8ce3e60e8c1d7773e98a4948f5bf5cee4b0732a78e67ab86a677b0d34cb3f852245e466f05618b844213fe8700cc6fc0b6813ba41a113b524709fb15ad68493da36443f83fc3cc25948dac9f32968e693e3b8c15386fdfd21344cec28e6170b2c94f8d2a6cd1c087297a18c82947e60b97e12742fc0ef6007ec136b3429ba2d4ef1b1fa77428fcc626c6eee96174c2a32a8e0cfa8b7cce8a39a8eef0d921cbf35a2a5ea6c1c8fedeb5bc783502b60392752262e38666f7f2eef6153471ddc469d89f911dadb2aeb40615cba6f5c37cd3ee584aed4f950063dbe223469190cd61281008ca4458373f98f9294115089801dda01deb69d56cdb0e10563a0c78045d6564c41bba6e31ab1e2141d5081624d108c8e8ddaafe7099a7114e2552dd46900f0a5aeaccab141175d377ab872f94d23b083c03cac21abd19ed2307264568e111d5927c08547716b5fdc4db72e4e715c35adb6333a3413b5a4b6b62bd82ab3fc52412929d4945c974ca5e42a2f7ec3f4987f1cc697e4dcbeb25a24c8755038c67da8e6b295f60ce900a5b6fd5a9ef3d50ffcb21ccbae6f05203d135f1bdf20d1d03fa044520cd6e7b5ea79c2f21c76914d47df5961ea77087967fc69836e819ba91d6ed2daf2a21c1100a1bb3320997422234b4d166eeb4c1d6498f508c4fbffdbb6fa8971598782d2d5ad10a38f785592151d406bfa8a3b72f35bcd895acc762182f7f56f851d808c0b872ab787472bcc07f311f442cf2755f3fd737b5ebe059d703306eb51f97de3fc62204d0a8ef4032e720dcf2c7afb2ffc0d07b1fe2da1568f44b0fd9979c2b1c69d4895145931dc6de29c0fbaae24607bf445a73237409b9595780bb173ab5938461120a70f64707cb90fa38dfec31259dab069b4a108d8ff7073de4f28fefe9acb318e725ca1d937e987c54b1b7c88b1ff8d82ee78291a4e80ae588d07b8dfe9303cc80172048992932642502d0a34a1135fd9fe480b891feead766a5d0ea906ea90e7e42800ae1d4c2ec23bf98e307c35ca76606e8b261c9a8ddde2d057bb0cfaaf4233f7a3e0ab5eb2565afc2210c2e33f2d63c51afb7d823acf58e6e602f544872dc3821f9c4fbb5e64eeb30de1df52a406fe25d024dde2cf3ce08230830f6359ab499ca38a4b442d56f28fb8a017657b2c241c10f490d3b7904325098ec40e5d90311b08a23446e107ca4a5ac7146764c9daeaaf7d1e288880296b91387ecb75a8f442c3cf29704460144ce5c03b8d74e689a7ff091e2883c1e4a45cfb8d124caab6d8518c983b1d958921c7d02e0d2f881d8379fa01f76ece37b67a59d6692ddcf34badd6d081bae36b43ab6e961409677bfdc445b3bb67ba9ee779af19cb42de9cf2e18ba6e6859152280f69cecf5fe120aaa5a894d0e125ce24fa33e77a90696a367d88d839663b4ce7f195ce6b158f6204c8e380f0b1be2c41b10d8984d55ba4f51262dbd6e3254660604efe5fc8f6ae5e2b3c0a219650060bc40d839b86c5a07247f36f2bf83d282ca0951b056c1ea748785984d5b686dd74618d4e28090ba47aaf2512d03eb21b7e97fdea9197b75da73d8b9a29b566254bd6654f3f1eec1006b7b671301dcb5051c18435f247d366fae034022f5c965a922fe2225bdb7e757daa2e7c2bf8b03be0d4590895c34bd8582ee1d04939b60e4bd28d6e77a243e14e60e6dc9e07297d5b17f54d1c105f1334e7436c498c6c57179ce4b5a835b076e06e41fec35ef4b962fad389c935f77fa5cae0fb19c4d5b9", 0x701)

16m31.044161232s ago: executing program 38 (id=7478):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
write$UHID_INPUT(r0, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d480e8b089b3f350068090890e0878f0e1ac6e7049b336d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d076d0936cd3b78130daa61d8e8040000005802b77f07227227b7fa67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e9871540000000000004ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e4843e2808d4743b95bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c6f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20e8911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab9d6203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edcad74b221cfec48000000000000000d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea50000000000000068987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c10900df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d8008d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c46bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78bb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bf340b17cfcfd9c52c9711937f79abb1a124f121fc65483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4f01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8650000878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95a498b562d71565f924779ca1f731b3346ff177050373d79ff7bc1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f79a598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015a08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b686081b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24ae918423922e4e0167584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f13a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307f561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe40}}, 0x1047)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000002c0)=""/243, 0xf3}], 0x3, 0x0, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETBLKSIZE(r3, 0xc0045004, &(0x7f00000001c0))
read(r1, &(0x7f0000000100)=""/159, 0x3930a6ac)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f0000000000), 0x3, 0x22800)
ioctl$MON_IOCH_MFLUSH(r4, 0x9208, 0x9)

16m29.877234425s ago: executing program 39 (id=7481):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
pwritev(r2, 0x0, 0x0, 0x0, 0x5)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0})
read(r0, &(0x7f0000016980)=""/141, 0x57)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x2, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000400)={0xf0f016, 0x2})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r6, 0x4040ae9e, 0x0)
r7 = syz_open_dev$mouse(&(0x7f00000168c0), 0xf6, 0x200)
ioctl$F2FS_IOC_SET_PIN_FILE(r7, 0x4004f50d, &(0x7f0000016900)=0x1)
ioctl$BTRFS_IOC_SPACE_INFO(r0, 0xc0109414, &(0x7f00000001c0)={0xeee, 0x1, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000016940)={0x8, "e24d09ac4059d5f549f3284d3a96e27e3caa61dd1479e80539324c0c9ac02acd"})
r9 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r9, 0xc0305616, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TCSBRK(r8, 0x5409, 0xfd)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r10 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_FFBIT(r10, 0x4004556b, 0x4e)
r11 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20042, 0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1, 0x82)
pwritev2(r12, &(0x7f0000000140), 0x0, 0x81, 0x0, 0x82)
ioctl$USBDEVFS_CONTROL(r11, 0xc0185500, &(0x7f00000000c0)={0x1, 0xb, 0xe0, 0x0, 0x2, 0x2, &(0x7f0000000000)='\r\n'})

16m27.783855822s ago: executing program 40 (id=7489):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0xffffc000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000340)=0x4, 0x12) (async)
write$UHID_CREATE(r2, &(0x7f00000002c0)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', 0x0, 0x0, 0x0, 0xb, 0x3, 0x4, 0x3}}, 0x120) (async)
r3 = openat$binfmt_register(0xffffff9c, &(0x7f0000000140), 0x1, 0x0)
write(r3, &(0x7f0000000280)="493220ad06fd95cc12d49f", 0xb)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[<r5=>0x0], 0x1}) (async, rerun: 64)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) (rerun: 64)
ioctl$VT_SETMODE(r6, 0x5602, &(0x7f0000000000)={0x8, 0xdc, 0x40, 0x7, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000280)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000000)={&(0x7f00000001c0)="f8195d72721b13142a3b4274d25761cb3730c36f8206f4bb93fc7e1bbca23834291d2b7ce208dddb6fb7e0a3a8f3c01a90d123af088aedee2f2a060e3cb5280daf2242e7a426af1681e3a61935802b5fedcd794c1b2d72acb99a8afb54452cb8529a8d6230b4d60857ee47e53b183e57fd530f240f409de8b594c30b4eb733780187339fad8d75f51b8f2e4cfa5e17d9123c711f9211d2b4e893e1da48a3ac3bd7f777fdb2a62805b29b3b64acc27bad4456d09e38b6902a2dd1ebc25c1169e93d021123a1a27d56980c353d2f4f1913690bdba6ac87cb8d2248d1b398845f846a3f38604a2a6f7f149f", 0xea, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[r5, r7], 0x2, 0x80800})

13m37.059961362s ago: executing program 3 (id=8373):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/custom1\x00', 0x400, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000700)="ed"})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r2 = mmap$binder(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x1, 0x11, r1, 0x70052eb)
mmap$binder(&(0x7f000078a000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0xfffffffffffffffd)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x58, 0x0, &(0x7f0000000140)=[@exit_looper, @exit_looper, @dead_binder_done, @acquire={0x40046305, 0x1}, @free_buffer={0x40086303, r2}, @acquire_done={0x40106309, 0x3}, @decrefs={0x40046307, 0x2}, @exit_looper, @request_death], 0xa4, 0x0, &(0x7f00000001c0)="ad68e18d935906fd11a140a3df63628cd72e98e17bd9ab8bc2ba4b6caa53c1c30ef2d74555ec7183376dc34ada4a85b5169336eb2762aa309f4ecc546ab15e5ea814cd1577a4abfead6a03f22c691e670109849dfa45396ead7fd6d833f6b6f77ff5d688bd833ce1a0c6788b8dea54cf0885d59b47251f22798dbbfb97e4529c588bd03cacb733191605018b1badf82a31d359fd83adf296822bce16ed701b983f6ccd48"})
lseek(r1, 0x851, 0x0)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r3, 0x4014563c, &(0x7f0000000080)={0x7})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$VIDIOC_G_CTRL(r1, 0xc008561b, &(0x7f0000000280)={0x100, 0x2})
r4 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000680), 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000040)={0x2})
r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCSSOFTCAR(r5, 0x5412, &(0x7f00000001c0)=0x12)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000100)={0x2, 0xe})
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r4, 0x4020565b, &(0x7f00000000c0)={0x2})
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x181000, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x9)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r9, 0x4048aecb, &(0x7f0000000000))
ioctl$KVM_RUN(r9, 0xae80, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r6, 0x7dfff000)

13m36.585254608s ago: executing program 3 (id=8379):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
r2 = openat$drirender128(0xffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
ioctl$VIDIOC_LOG_STATUS(r3, 0x5646, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r2, 0xc01864cb, &(0x7f00000003c0)={0x0, 0x0})
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000400)={{0x8, 0x8000, 0x9}, 'syz1\x00', 0x4a})
ioctl$UI_DEV_CREATE(r0, 0x5501)
syz_open_dev$evdev(&(0x7f0000000080), 0x7ff, 0x262140)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r1, 0x4161, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={&(0x7f00000000c0)=[0x0, 0x0, <r4=>0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x3, 0x2, 0x5, 0x6})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000240)={r4, 0x2, 0x4, 0x8001, 0x3, [], [0x80, 0x1, 0x5, 0x8], [0x29d4, 0x5, 0x4, 0xffff40e4], [0x9, 0x1, 0xfffffffffffffffb, 0x7]})
preadv(r1, &(0x7f00000000c0), 0x0, 0xfffffff7, 0x8)
ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0)

13m35.885389304s ago: executing program 3 (id=8385):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082) (async)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0xfffffff7, 0x7f, 0x0, 0x0, 0x2000003, 0x3495f632, 0x2, 0x2b7, 0x4, 0x104, 0xffff, 0x1, 0xa00, 0xffff, 0x18, 0x30, {0xfffffffb, 0x9}, 0xcb, 0x7}}) (async)
ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r1, 0x80083313, &(0x7f0000000240)) (async)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x9, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0xffffffff, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r1, 0x0, 0x0) (async)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_END_FF_UPLOAD(r3, 0x406855c9, &(0x7f0000000040)={0x10, 0x1, {0x52, 0x8001, 0x7f2, {}, {0x2, 0x5}, @const={0x7, {0x100, 0x959, 0xf3, 0x8}}}, {0x56, 0xbd94, 0x45, {0x4, 0x6}, {0x4, 0x610}, @rumble={0x134, 0xea}}})
write$ppp(r1, &(0x7f00000003c0)="dc103f0d8b4c4ffcce42f92fcfc6f9a88c45fe09900cba4e5d7cb54e52493c6056cb9a88bde814748daa0417a697a22b38710b46377b66334425587bf61eaa843de0426f4bc4cc4988474f0411daeca4c68ff47c3c3fd79601ca32c466b45231add879652cf2aab885dc598aed81", 0x6e)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_CROPCAP(r2, 0xc02c563a, &(0x7f0000000200)={0x8, {0x9, 0xb4, 0x3ff, 0x26e}, {0xffffffff, 0xfffffff2, 0x3, 0xfffffff9}, {0xff, 0x2}}) (async)
r5 = dup(r4) (async)
r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r6, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r5, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1) (async)
r13 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_pid(r13, &(0x7f0000000000), 0x12) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000000009900004000000000000000fa0000000000"]) (async)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)

13m35.408779074s ago: executing program 3 (id=8390):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x0, 0x6492a59ce02008e9, 0x104, 0x7, 0x0, 0xfffffffe, 0x2})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00'}) (async)
close(r0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r1, 0x7dfff000)

13m35.2153313s ago: executing program 3 (id=8392):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {0xe}, @raw32}], 0x1c) (async)
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {0xe}, @raw32}], 0x1c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20)
mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r1, 0x6f000) (async)
mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r1, 0x6f000)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x2010, r2, 0x7dfff000)

13m35.092383593s ago: executing program 3 (id=8394):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

13m19.990193396s ago: executing program 41 (id=8394):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

10m55.928122072s ago: executing program 1 (id=9529):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0xb, 0x0, 0x8})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, <r5=>0xee00}}, './file0\x00'})
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x0, 0x2, 0x2, 0x5, 0x7, 0x1, {0x6, 0x2, 0x100000001, 0x4, 0x8, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, r5, 0x1, 0x3}}, {0x0, 0x5}}}, 0xa0)
r6 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x80040)
ioctl$NBD_DISCONNECT(r6, 0xab1c)
read$FUSE(r4, 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r8, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
ioctl$BLKZEROOUT(r8, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) (async)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0xb, 0x0, 0x8}) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee00}}, './file0\x00'}) (async)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x0, 0x2, 0x2, 0x5, 0x7, 0x1, {0x6, 0x2, 0x100000001, 0x4, 0x8, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, r5, 0x1, 0x3}}, {0x0, 0x5}}}, 0xa0) (async)
syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x80040) (async)
ioctl$NBD_DISCONNECT(r6, 0xab1c) (async)
read$FUSE(r4, 0x0, 0x0) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (async)
dup(r7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r8, 0x0) (async)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0) (async)
ioctl$BLKZEROOUT(r8, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600}) (async)

10m55.446921241s ago: executing program 1 (id=9535):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)

10m55.249908341s ago: executing program 1 (id=9539):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x453}, {}, {}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x2d, 0x1, 0x0, 0x5})
read$FUSE(r1, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x30803, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x22003, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000001740), 0x3, 0x100400)
ioctl$EVIOCGMASK(r6, 0x80104592, &(0x7f0000001800)={0x1f, 0x2, &(0x7f0000001780)="1878"})
close(r5)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

10m54.58833634s ago: executing program 1 (id=9545):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r1 = syz_open_dev$evdev(&(0x7f0000001640), 0x2, 0x0)
ioctl$EVIOCSREP(r1, 0x40084503, 0x0) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r2, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x40000000e2a02, 0x0) (async)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000001, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000000)={0x980912, 0x3})
r5 = dup(r3)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0xc2040, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x6)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x490, 0x0, 0x4}]}) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r5, 0x0) (async)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600}) (async)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
write$binfmt_format(r9, &(0x7f0000000040)='-1\x00', 0x3) (async)
ioctl$KVM_SET_VAPIC_ADDR(r9, 0x4008ae93, &(0x7f0000000200))

10m54.20109752s ago: executing program 1 (id=9550):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
write$vga_arbiter(r1, &(0x7f0000000040)=@other={'decodes', ' ', 'mem'}, 0xc)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x16d102, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000280)=0x10)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f00000000c0)={@host})
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x7)
ioctl$TCSETA(r4, 0x8910, &(0x7f00000001c0)={0x1, 0x0, 0x0, 0x0, 0x0, "4ff4920600b172e0"})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

10m53.836518426s ago: executing program 1 (id=9555):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0xa)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{0x0, 0xdaa9, 0x0, 0x800}, 'syz0\x00'})
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x2)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x560f, &(0x7f0000000000))
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r2, 0x7dfff000)

10m38.617382579s ago: executing program 42 (id=9555):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0xa)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{0x0, 0xdaa9, 0x0, 0x800}, 'syz0\x00'})
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x2)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x560f, &(0x7f0000000000))
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r2, 0x7dfff000)

5m50.737904841s ago: executing program 9 (id=11424):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x8000, 0x5, 0x7, 0x1, 0x9, 0x3, 0xbf, 0xb8, 0x3, 0xf, 0x5, 0x6}, {0x804, 0x5, 0x1, 0x5, 0x7, 0x2, 0xff, 0x5, 0x9, 0x4, 0xb, 0x4, 0x3}, {0x4, 0x6, 0x38, 0x6, 0x85, 0x7, 0x0, 0x50, 0x2, 0x70, 0x3, 0xa, 0x400000000006}], 0xffffffff})
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r5, 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x800})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x8000, 0x0)
ioctl$TIOCMIWAIT(r6, 0x545c, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000000)={0x28, 0x4, r5, 0x0, &(0x7f00004f9000/0x3000)=nil, 0x3000})
ioctl$IOMMU_IOAS_COPY(r4, 0x3b83, &(0x7f0000000040)={0x28, 0x5, r5, r5, 0x3, 0xfffffffffefffff8, 0x3fff})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r5, 0x0, &(0x7f00004f9000/0x2000)=nil, 0x2000, 0x9})
ioctl$IOMMU_IOAS_MAP(r4, 0x3b85, &(0x7f00000001c0)={0x28, 0x2, r5, 0x0, &(0x7f0000000440)='O', 0x1, 0x6})
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r8 = dup(r7)
r9 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f0000000240)={0xfff, 0xb})
write$rfkill(r9, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r8, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r8, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

5m50.039638555s ago: executing program 9 (id=11427):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x600000a, 0x8032, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x0, 0x400000000002, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
dup(r1)
read$FUSE(r2, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$cgroup_ro(r1, &(0x7f00000001c0)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f00000004c0)={{0xffff0000, 0xeeee8000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x5002, 0x8080000, 0x0, 0x8, 0x0, 0x0, 0x81, 0x0, 0x44, 0xe, 0x0, 0x3}, {0x100000}, {0x11000, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x0, 0x84}, {0xeeee8000, 0x80a0000, 0xf}, {0x6000, 0x0, 0x0, 0x82, 0x40}, {0x6000}, {0x1, 0xfffe}, 0x10d, 0x0, 0x5000, 0x90, 0x0, 0x100, 0x900, [0x0, 0x0, 0x0, 0x4]})
ioctl$TCSETS(r4, 0x89f0, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r10 = dup(r9)
write$UHID_INPUT(r10, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f74f9b36096eff7fc6e5539b9b18098b9b4a1b2552091b080d29428f0e1ac6e7049b3468959b189a242a9b3ff3988f7ef319520100ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00300300000000000000b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df34959eaef6572e1e007fa55a2999f596d0673f586749b25f5a448427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441984cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f236c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799ecb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a10010549820a73c8839475f732ae00398e4bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000204b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff9576abc9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf6c9c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r11 = dup(r8)
r12 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r12, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x20010, r11, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r11, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

5m48.853173849s ago: executing program 9 (id=11439):
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x14802)
ioctl$KVM_CAP_DISABLE_QUIRKS2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0xd5, 0x0, 0x40})
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f00000000c0)={0x5, 0x0, [{0x40000001, 0x3, 0x0, 0x0, 0x1, 0x5, 0x3c376148}, {0x0, 0x5, 0x1, 0x6, 0x1, 0x3, 0x2}, {0x80000000, 0x59, 0x6, 0x5, 0x7, 0x7f, 0x2}, {0x1, 0x9, 0x0, 0x5, 0x10, 0x9, 0x3}, {0x6, 0x5, 0x6, 0x85, 0xfffffffe, 0x793, 0x80000000}]})
ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f00000001c0)={0x2, 0x32fc, [{0x7, 0x0, 0x2}, {0x750c, 0x0, 0x8}]})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000200)={0x7, 0x8, 0x9, 0xf4c8, 0x9, 0x9a7b})
ioctl$BTRFS_IOC_DEV_REPLACE(r0, 0xca289435, &(0x7f0000000280)={0x0, 0x2, @status={[0x3, 0x5, 0x0, 0xc, 0x52f5, 0x2]}, [0x7, 0x4, 0x7, 0x1, 0x6649, 0x2, 0x8, 0xd, 0x1, 0x0, 0x4, 0x101, 0x8, 0x9e0c, 0x32, 0x6, 0x4, 0x5, 0x8000000000000000, 0x0, 0x1e6, 0x100, 0xd2, 0x0, 0x4, 0x7f, 0xa, 0x3, 0x4, 0x8000, 0x8, 0x6, 0x5ce, 0x7, 0x5, 0x2, 0x1e7e, 0x4, 0x2, 0x8001, 0x554b, 0x7fffffffffffffff, 0x6, 0x712, 0x7, 0x8, 0x3, 0x9, 0x8000000000000000, 0x709c, 0x0, 0xfaca, 0xffffffffffff0001, 0x22, 0x2, 0x2, 0x100000000, 0x4, 0xfffffffffffffff7, 0x80000000, 0x5, 0x7ff, 0x2, 0xb]})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$cgroup_ro(r0, &(0x7f0000000cc0)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000d00)={{0x8000000, 0x5000, 0xa, 0x9, 0x4, 0xf, 0x1, 0x7, 0x2, 0x7, 0x7, 0x40}, {0xeeef0000, 0x10000, 0x10, 0x4, 0x9, 0x9, 0x81, 0x7f, 0x40, 0xc, 0x5, 0x2}, {0x100000, 0x10000, 0xa, 0x6, 0xfb, 0xaa, 0x3, 0x24, 0x7, 0xa2, 0x1, 0x8}, {0x5000, 0x2000, 0x0, 0xde, 0x4, 0x40, 0x10, 0x8, 0xd, 0x8, 0x7, 0xcd}, {0xf000, 0x8000000, 0x10, 0x4, 0x3, 0x9, 0xfd, 0x80, 0x3, 0xd, 0x0, 0x81}, {0x1000, 0xd000, 0xc, 0x5c, 0x3, 0x4, 0x0, 0xda, 0x4, 0x2, 0x6, 0xc3}, {0x5000, 0x8000000, 0x0, 0xc4, 0x3, 0x40, 0x4, 0x0, 0x86, 0x5, 0x0, 0xf0}, {0x8000000, 0x3000, 0xb, 0xb7, 0xff, 0x4, 0x1, 0xef, 0x3, 0x2, 0x3, 0xb3}, {0x3000, 0x2}, {0x6000, 0x4f24}, 0x0, 0x0, 0x8000000, 0x200000, 0x6, 0xc01, 0x1, [0x8, 0x4, 0x0, 0x2]})
r4 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000e40), 0x40000, 0x0)
r5 = dup(r4)
syz_open_dev$dri(&(0x7f0000000e80), 0x1, 0x200200)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000ec0)={0x4, 0x2, 0x2000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000f00)={0x0, 0x0, {0x0, @usage, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}})
ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000001300)={0x91e84be851aa456e, 0x2, @start={r6, 0x1, "43bc73cc8acc274e11a13d69c3195d202c850a32aa48fafbc9a215ed3f7a0a3d0e1ce13d8b4e9b5e128b67f8138dec4e5186a4ecae25be10a16608b007b2866d10aa8e6d4ad64e3655db5042f32f5aebc3391bde41868a339f4de524bb66e4d0fad25e427abb99b1b7e2d96f2fdd740bb0d375679e295a98fe3cde1b8f2768f29e2a402354153c9bc53773b6f641aa8419311b1221180b79724c2cf0f5e9b07483129285f9932df8cb1034ca603d01afcc66384e235be80b3a809bc3042718674fd862660ec18b1908ea0348c98440e91b33a6d65b009d705f3014df97e7520639c0a2505b21327306b1daa59d3917fc3d719567f1deb8aaedcc74913ab0f74c34544785721fd1336b503f7a96c5ae737856663e2195c9bddaadf3a0aa6fdf0ecbe07de344d31885f0bbd15da29e2e3823987e22bbae7629b6f85e35303cb03ef361ace3148729c7e655bb6532fe49e90c04b5dea5d7d9f87326341b0827b296ae2a578158afd4590a84793f7f40b52e98ba1097abd5a8ba69bff578109529401c69cb55af5aa676c5f51e384c32647bddffa43bbd4f14915a36f92fb5ed990657905a5a143590612161698b31c4d0b4f127d6abdc15d9541714bac9ae23a80539ddb863a920a8d0d880f9ec7be91b15ae09a717e3d525276114267eaad216986be2f6f1308917a2e1270a7d6f7e3768f924bd538ffa767f2c4afc9035518193067cfeae2a56e7d23f57095c2b9162251e8904671f2dcb5d38728e0d74b0e4c6d3d0bdf6b32afb9d8247f198c7280d410d691f9a8a5b26a4eed89748f108130a12cbb1aecabe5a13f71c607062dfc13c06647ea7973f3a8dab0b3d44b14b2a8da580d040aacc25ea9ab090f7346648de1cb85c01ca52aa9efc1f71b9b9897ec34a79f89ce64633bb45d0b70806fce47ac6c156797a6e6b48dccda525ebd39f74266c6def110b86696daa79ec5f0fd85d3f736f9ce19f682fae068624f21694ca864f6a516776c79037f083e9a7222f58d9ae44578c03b9a60cb79c8813e4dcba40ee2cfb2d2071ea5ed5ca1dbf55572fc986f4170a3c038aef0e17ff6720f3bb7a8caab6e7bdf2429061145ccd37014ef93fca220a13612152db1b0d8343f8b1fd81ef1228ab47d3483cba5791b49afff97aa618f6519a5bcd962689801a2e4602afba7abcbdce2d56c87d34810905507ca833a38c826948e06cad9b205a2cf6914ee9f1c76972a6deeb86d40960bea2e30cbef2d5748aff978d513b67147413be9a9ba1d5e2d89a59cd7d1457e7c1a15bc99cb44b5c70eab3a405e844b63bd7dc72a56b01a335529d9833d82434bcac79db4a13c6ea04f990a1c6821411a6868796f5c74bb6f972b428460565a7442c8597e716260f31304f2c69937fd0624bc2a404f4b233797e9c2bf0e8ba775fbabae42ae94b42b2cb215704800a595baebf", "4c9a9d25ec599a49c337d4e5e3513787ccc01209564a2bc380763c3a2bb2a37343b2e33aa24bc797f79f59a7baa499d3e84dd2a8e76fba652aa74d05e1ef6bd7a20ef47c82d8149607b782286bbf034a75323cfb775258b386039c0bcd7b575efa7355a99fe9c8d82c827f4b7f95b5091e92c7ab186cf8fa84ed269273a002721dd1110c47892619637455827ddd3426fdfb86c673f1166e1c6af2d46d0d776673a5706806131468c806f2413c5b1a3daa3c31e15edbdce5234ec1622c491bf5e0ecd59faa2098fae85cf0c33ee498bf1af654f59225e1008fe46a8fa67e34cd5c5aca760107346f90634b290d191e7e621e7c564c4150dbbb5aec852728d43cf5d1ab1f769a44648fe3b69b222fc1c3a9b4ca4c2c727e8c5f58025b344da39efd945049fada34d2e6afcf15e970092f77fd58f0f13ed4da7bd35a9995e7a0c6f45a38317eb28c7abb81d6168bd6077513a698e38a99d77bb6fb73fdb41576ea086775cd5c8cae26ea8751964b979d61715b95a784bbf64c1c25347dcc6fa8deb465650fe7d3c489af1eec200c19b8f8c3b82cdfa36d12a63392bb58323858f0e3cb28dc8ef126987722bb6f7da0b104e9dced50d4b4ae34c3f4fd8390264ce1a61de20fcce4b0e645e2f0a46eeb3cf0696aec6d2dfc5bff0f5d70ae5dda866da1f291adc30f3a39e85086c65842337f2acd457e1b07f07926cb3b289cb2852022987019ef7f1a740f78066560723c9a27facb3bc03c1d587536693d3217f60d79a2277e747277e333a48588f31b64c9ae2ec5a075646eb4a349fb92baed65bb63f17cf51be1278e52db8e157dc0d1ec08a6265988833296d31730963b6de0530fb1cb853c25e39bb38be0564feb9d43ab1a71cc17874f2e9d27c27c48ee0be013559537f34c52edeb75ccee226543912c870e4c7ea239ee31fc24ce1077f05b07b734afb7b8041a5eb6ba27183583cd2320c79f2ee7a4ac9b142e88ead4feab783f868d399d8ddbb7433f7c19462f6b746dc8fa7bc4df34d36c756344705d59c17b7733f65315bf7464dfee8c9101836928b8049ed97d57a4db25f3d4d0a9a6249a364c912f70b880190d7783b6ef305c5379cef5cb643ec3d0da33af7c671c87fc99755c593706b566faa822cad71003cd98b9a4567306c89e342b0727e9c02479a5c6a8aad4fe18ef7208abd96cc7d9df48c8376cbce3e83f61b53e52fcc6beb4c69df4cde7c27a89b353c6fc308908d9fdf7f8bab143f3b6e615a4f28a9ad7fc636ca64c5a35de6c3dabed521e82de6c458776c727cec1460e62d5c32c37eb64b88cff0a1df56f0813b0a517ed04019f9bbf498f33bb16d1b46e3d8e208b3598ed242cdd0e8e34edaa792088366f070de70a482fe9a901ebc00cecc124e4d1d97db0cd3f4e8f53c08c817dfc692111ee5a1ba108fa495130bd1226e582e44f"}, [0x100000001, 0x0, 0x9, 0x5, 0x4, 0x1, 0x0, 0x7fffffff, 0xffff, 0x8, 0xce01, 0x0, 0x0, 0x34fd, 0x3ff, 0x80000001, 0xffffffffffff0666, 0x7, 0x81, 0x6, 0x400, 0x2e, 0x4cab, 0x1000, 0x6, 0x800, 0xffffffffffff1c57, 0xffffffffffffffff, 0x9, 0x7fff, 0x4, 0x6, 0x9, 0x1, 0x9, 0x7, 0x20004000000, 0xd8, 0x6, 0x200, 0x4, 0x7, 0x8, 0x3, 0x2dba, 0x9, 0x3, 0xffffffffffffffff, 0x8000000000000001, 0xd, 0x4, 0x7, 0x7, 0x0, 0xc, 0xb95, 0x80000001, 0x6, 0x5, 0x0, 0x7, 0xb9e, 0xc0d, 0x8]})
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_TSC_KHZ(r7, 0xaea2, 0x4)
ioctl$SNDRV_CTL_IOCTL_PVERSION(r4, 0x80045500, &(0x7f0000001d40))
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000001d80)={[{0xffff, 0x291, 0x5, 0x1, 0x3, 0x9, 0x3, 0xf, 0x9, 0x3, 0xed, 0x10, 0x1}, {0x8, 0x7f, 0x4, 0xce, 0x6, 0x0, 0x6, 0x4, 0x8, 0xb, 0x5, 0x80, 0x7fffffff}, {0x7, 0x2, 0x9, 0xc, 0x78, 0x1, 0x9, 0x7, 0x4, 0xa8, 0x6, 0x9, 0x3}], 0xc5c})
ioctl$RFKILL_IOC_MAX_SIZE(r0, 0x2, &(0x7f0000001e00)=0xfff)
syz_open_dev$sndctrl(&(0x7f0000001e40), 0x4e5, 0x200000)
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000001e80)={0x3, 0x0, [{0xc0000001, 0x2, 0x4, 0x7, 0x0, 0xffffffff, 0x8}, {0x40000000, 0x6, 0x3, 0xa, 0x3, 0x0, 0x5}, {0xb77884cc680f51aa, 0x1, 0x7, 0x7, 0x10000, 0x200, 0x4}]})
ioctl$SG_IO(r5, 0x2285, &(0x7f0000002140)={0x0, 0xfffffffffffffffb, 0x7b, 0x40, @buffer={0x0, 0x51, &(0x7f0000001f00)=""/81}, &(0x7f0000001f80)="56a860083e27ee45ba1fe42825354dea13cceea73052b7d46e3633da90a3f7e7d91ce8df9d65a78a3526f7c5d59f946b84716856ebe11a6c15ca581dec0c7d180d4cd9ada5d54011030d94779ebbbaedee8b6dd1d3543d9de439116e9164da322a50b545567db69866f07e7d6d7ebd7844e66fe8ea1b665a35a86b", &(0x7f0000002000)=""/204, 0x7, 0x32, 0xffffffffffffffff, &(0x7f0000002100)})
r8 = openat$nvram(0xffffffffffffff9c, &(0x7f00000021c0), 0x400000, 0x0)
ioctl$PTP_PIN_GETFUNC(r8, 0xc0603d06, &(0x7f0000002200)={'\x00', 0x6, 0x0, 0x6})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000002280)={0x6, 0x0, [{0x347, 0x0, 0xcc34}, {0x3fc, 0x0, 0x2}, {0xbe5, 0x0, 0x10}, {0x20000129, 0x0, 0x8}, {0x867, 0x0, 0x8}, {0xb9b}]})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000002300)={@id={0x2, 0x0, @c}})

5m48.673256883s ago: executing program 9 (id=11440):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000e58704"])
openat$pfkey(0xffffffffffffff9c, 0x0, 0x193881, 0x0)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000180)={0x4})
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x1c800, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r8, 0xc004500a, 0x0)
r10 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r10, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r11, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r11, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})

5m47.812418919s ago: executing program 9 (id=11446):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x402200, 0x0)
syz_open_dev$sndpcmc(&(0x7f00000002c0), 0x5, 0x200000)
ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0x1)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x8411})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000280)=0x10)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f00000001c0)={0x100, 0x0, '\x00', {0x0, @bt={0x22dc, 0x9, 0x0, 0x2, 0x87b, 0x6, 0xc0000000, 0x4, 0xfffffff2, 0x10000000, 0x3, 0x3, 0x4, 0x7f, 0x8, 0x8, {0x7ff, 0x101}, 0x3a, 0x5}}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f00000004c0)={"fd31ed7181b1bb23253542685088c320", <r7=>0x0, 0x0, {0x7}, {0x5, 0x2}, 0x8, [0x200, 0x1, 0x3, 0x3, 0x1, 0x40, 0x4, 0x6, 0x5, 0xa2f, 0x6, 0x1f, 0x0, 0x5, 0x5, 0x3]})
ioctl$BTRFS_IOC_RM_DEV_V2(r3, 0x5000943a, &(0x7f0000001980)={{r2}, r7, 0xc, @inherit={0x58, &(0x7f0000000100)={0x0, 0x2, 0x8, 0x8, {0x20, 0x4, 0xffffffff00000001, 0x7f, 0xd3b}, [0x10, 0x7f]}}, @name="82ca0493fe9a3c6a162fc96ba0820f6b07d52b1ab0d659f8d6c6a41f9b1d36c6040640579547a83848398369e5b54c636b264c6e01d673b2e935f21582b00f01a24cc60cde1c4e77707a9c86ab5e02cd25368b5f00439cb95fd1316ff9ea5cb011671713e0ace90407bbf345a4b46c3c2040783c3c478aea92af618cfa75c1179af8a4b82088fb138ec05f01665b829be7aa7e22b319a39eab6d5fb610619f3bf67afd5584806aef33d618ae8c614a2e2786db6b523f2a25ccdd76b9d00ec64ad3b3b58e9faa4dc93f7b6ad5c6fa55c1d54de38febae6b5d056264a397b287148a44153ed20e9076e96a52888a9a2f92849d85b51ea3f8736b02eaa1e3a1f8c0bf9d23900ad1b1e471134fbdb737ff734eaf97a927679d9c1c095ff3077519005b993580a3573646d3bcd61e51815e2e5eef461c7dcc381a0e95dff89b617984b4d136dfacfcd4e8e9ce775858cab7e60a3d49739d8a35c5f9cd59c8f09907ff0f6dc88606f13098636f665e0b926b6866cd6539cf5a4b1f1f75c5676cfd4ea822c08d2c45481a3564313d15e2a9247548057436b709700c3c35bd90eed7dc34570bd0b3651b6a2b62cce14b1c02f6bea630e76fb67e9c2eed3c5ce1df7063b7e62a9924ede3dab7f72130e5f8a628df8f87bb669bd0839bd07bc17f95e3ca8e8f039a05b9d0ef2ed6ab32b8b3b4c29fb88b2cf962be25e796a3cd5e5ee7dfc7e6ce597171e50663ea732bd5eebd93f8da72560da9a54ca247f7580c7b508b014354ad86777e394e25fadde095931ec22cd808e349ab87224b40e817335ea4955a69da8ce9e42a09db738cc78e11530d38441a9b4423e69458336f5d8d2f763ab10ed0480ed9f44cf5c239f94b00040fd53a88785c5fe9065f088f017c4259706fa624fb8078929459a3dfab1db960b9cf6f2e8e03b9fb046b5646c0c5f2aac6c20f1252520681e186d9bb69eff1a5016ae36ad0f602d5c9fc933cdb3679b30825be44c71ba083a3eae08201964bad84f75e67d56b78ce6c6758ae2b5ababdc3d7333fdcef96e3115b2f7c27db187fb2380d254d1e5c6e9a9c3562431952f0b919b6e1b179ccae59beaf5159bfa915064ec239acb09c0ad341602cfce3b50767ab8f01f5b7f66f8c1eb2cc1e06d011604e27e49935e2dc3fb0899d74931da8a8064116dbf2da22718d9ec873b163f02933df1ff930e257950cc615706886d212ab5bd4256df60858a7a8f026948da3c5e948b8f8afac76115654b6406e640060a80abb2bcf93a6bdc23626e083db71b85fb5c3a2c7b892a029389b7a0c963d158b054fda8bd7a2e5d2e2ae9e8a7dd8b4040c83afdd87cc7aaedfa1ac02f7f0b46f326a70c1269a393962f2476ea2e119d58bf7132267bfa219af48eefee4f4cf44858bad1e86ad339ea56e90d47f3006c84b69f7e560a3204619c06bffb74cd7bd08c08b698888d0677e817f45101196ea0125983016fa9b961a9030ca2361fc31e7e627908a5402f4724625a20c9496ee67f69dc63b913f07df316202d15ea064e82c9d692411b3ebe341512955bc6034323b799917c2b9145afc275a902ad7f78c5090df36464109379b042dfb7fac8501687dcaba994f4fffb56c771f8ee61997cf2f77e8fa9c0b33354bd38d272d38b0ee04d757b6f1fdab4d5a3f2770cb213942ad86f2c26e14b6002a8c5fa47559a5a193fe726bfb18423f3cce00b789c3d5549289d2d3c13ce7d9ecac0706c6eef8abc7d0ab2dfa41c8646f8ac71250c0fa86778cb4fb1946f85a65a75e9ec33f73138e66198a1889e46533827f46f215db9ebbfe664129f90282af5ca4b9b7ba28d8b78d3e528464a359b7f8f91837542fc94139b3b9e57b181b267c77a7595a98bd52a05ff7bc5aa29da1df5fcf6bca2e43e634a94ced6e83060c7a818497ae8a364bf9d7beaee94d265ba3190fd61715e4b4454770806865b4bbd1709779993139002de90988a235337eb934622a3c86f720743946b7021c1ebc3d8980dc0efe3004125328ab26a9a8c8687b362d6f4f8be0dffac84390c61ffebd2f50a3aa4033728fdd88cf342a2668b15e714fd12ecb0e8a06ca12a30969d4c971c6a1d17bcd033effe42916f2284851ad68aed0aa237a5a7768ef3068a9e74afb7f7106839c4e301e552552e17367fce57429c88e4e9f6508fe5dfb3883f0b15b344bfe998a7c43cae0ef099bae84a64d5829ea249999de28788ce756ebc75ad912edc24c43eba9f956d394c4071a0b7047ecdee645dbd84e929561c83372200f6598b734262946d7ca93062fef06c4c658429f6f159fd482a8252c6bcc6c6bb5b0f9d83dae14ca40e2069bf9967fde326cc8618058c98a81ebfefbe85bd68b4dcb51923324bd5c05784d96337e218e9c29e4c53a9b99282407138f67fad21e25dc6a60aac825f8a1b3dc9d8ced798fe7064730fad112a9d61e9107cf2e5364300bf7513aac95c823561a125875e0f35758df38a0ab44ec399cf05d4b3efcd578daa05fbeaefbd21069659b7dc2e80ebac6a1ab48302241f38d6adb520cffc7a05bcecf69224c11d104179f3b7552f069e4f720522b134e178b1dd7e2885a8cad13472195eb6a450b22b9544cc5758f6c2ad3e749c4cfa0a5129cccef29ae79a933875ff274acf563661c7ac7fcb5f267027b7455ef248f8801c49588de4baa7e7e136a7726a2de27060cc98622c46584ec0529a17fe7c784255e1fb72012f7868cc7611ed2f928823d46a0988a3b355bb89580d5195867a9f3e7d19d40f9a31233d86efc859571e7d3f060b5c39dec2dfcf480455e0e6c69211c425247bfea2661a07869fbfefcb35fc1c73b4ee788c75b477d485b20ce0fda58363115b369743466dd69a5be9815e4c2990614a7770ba64af0eb9f8ef59a54f92cbb7c7f175f5e71e2debbc000c9c2c19501bbbd5d39f02cfc9a78ac52dce3a720080f3fc4b70ab673ee5669133341a110ff2ad907f45ce3f2451046e1adfb5322fd330f710fdd30568398f4edf6cb647d3f572594edd3fc16ad91dab5f3c06254feb7ad1126b20014fed233ee70780a60440d859903a76837041105cb56b3ee63b44e7d9e7871af516c8d29e01d57ba2226d12b823e726aada7f9ab47ba179f0fd40bab4b9bf46fc9a7ff6030313cf916c0a305c0fc54d247839b5a17190c005b2d222f539c27d4322e59294f4f70bd16d8d126f156efc220d1328680e8b15aa92311d9355319ed7aa206b726475d708cb552a34f9359f9a17902cde39f28742a93d832cc547607f4b911972fa976f2851a350c671ea68e6cb3f065971f5bc991c4551fed69304167a83041d0a9f6f60096e903961c9643571f3343a2af239eed4efb0052e295bba2a140e2574a1397d0e4e542ca38b1887987a6d9e87a60a6b68a3e1ec6efbba36639faa3acb90b609dca50a817f51ed2533f12204a7a8e4fede89e9a33ac4bc9fe236e5610ee10073b282adee9c94b59f9163b2dcff2b924aa4bd54ad4b6c6d25d2253ee0faed791660b8afd124d1668c5b9cb8ee831f6d282f50c4e833e0fbf4a6e267a811e26d6867ef287b33fa25176b11520ad75ad8f7436ebc8ac7e1d50e0f3cb5b08bd2e52f3345e4634ede99ac294fb6d60192f2e0eccaef5b5836bc7f5270e74b4b690892aed31c460c849f64c53c77d0051c6b944cdd91f32c8be1ff767b2ec18f6e02304dfacdde748b0ae8ac2c9fe50aa012c2716495377cb8374acfcdecb588771bca501f5730cf92c85a7412f357dab433f524d63fda128a993673547a6a3aa3cf5a871479c57b61cb83ddee64d7f90612b68ac09145f21ac92c1aaa925548c1c9e4f17c2a68e8f903d0e0e694f040c4132056e389beec7faa2dd910b29239a56376302716937a7b3dc80effd08e2d0102c8f1eb99b23c44e2b6697edbaff603c56168f7aa5512aa647c35c73f2d0340c898ad5fb910025eef4bd03dbf53e0530cfb645616e071fe9caf7da9f1216205c3d27fedfa9e2295db341c1f42b9f9d1245efb1d26ff10a55b24b9181258ec1b7ebb64c1d8461889d7b24a57c17cd710edc9116f3cb75228bdff12aed32d4ca51894715b9e13101352b509079ef46ad1b8de27ab999e6d0c524eeafc9c16b81fb9b507e34c2c88201213eb8d95edff49dc9598759cb1b48b61547579adec5ff74cdbafd91340587f883606d20b6f6758662c252b0a031f66503b1f4ee4cd5772b0aec4b181589244b33de4ef1c09a17a31216eab102d49f4f7329846bf3a484410dc1a1203858f34b1a157a92a9c2ed30adf6e0c6d0904297a16b78b838358eb0293eb52aad519df3a56a32b284e0e13c47b2b5b4e45a4b7ee70af931aae8f729da1b8b903524cdf146ed4bc9aec0edb1c349b1fbf1f6f991226d0d50dd5d956f953bfbff55ad01caa021720b0243b4973e69a9d3d0c303d9132d3ac6298c7a0082127cdea04993726cd2bc85f5f0021d44bda55ceece1b9bf8bf4bfeda0975dc295a91706f1c5298bb4bfc237e78fb0a26898143958b11784d740636dab0a5ade29632a68c94da68ae7cfa44b3d5a52379ad66db797db6358245296c7060f7a2ae780ba5286bb56b11ff8fbf46d44634d00be2be240eb5a9f2740d846e6cdd57f65f7ae8522b7d33b7a8712a0f9ee17ae97f083d78ee74ab88f9fcc712392319995a00f526f23cd4584c159e0cc4512cff41015cb93de2da02b3d481b691211441b6ea51a2ab54ee5c79152255453e2f8cdd8df4c7ddd8aa7135ea54ac7ed01941e1024c1fb64424f7b95ac7503d99eb8625b6a1518054488dfc9464dc37503e2213653ad3f6b2f89717092f042fbc49b6c873ebe6bf325e6a4672ce9b154c4044429d4f3e172bcedcbab4769d771cbbcbda2c0061797205e34ccc22b13f2fe6c172a606a41e288d9df3f01d034bbf813ef88afe1caf1fba59d86a2c187d262f6a8f67470d7ab2e28612bf19b31e7b85852831a58cf830d959c1c9512bc7d0e2844e40a487a70fd7e8ab4e6c64620aa6b17eb946049be2937b0e4350f00f13ae34e7103d43ffe7f80cf619b2be88bf86dbeb0ba0271d5840864c3a617384ef5b194a5916e5dd8815b950a5951bce35342a2c67ed2542fbc818e0e508c7da864cf12efdc54cbb28f2c0ecc8941699ae7e1022a8d3dd624de690707292fddeeec22a3c4f63f2ee74f9b3c0af1945be7498f1d7c749941f759a029048b318fc5897654158a90fb3b1794bb510218f88c71089f53e8e4537a84e3ce90b91d433e6b1f6c7da82ae634312265658cf6566d66d506a4677caa8f73bbbd7ba1aaa7d4b4294bbd72a47b0218b8d165e601d1b9b6bed0fec55152815aba2d110992228faa4df1698a0c1de91eb2456e447c926d2f66b0692d52f991f5d4befe2281d090fec3de42546dade03900f7552f62696328c5c9ac38abbf935693e35638912b52b6dfee790330cdc886940160c8135bab8c067fb097e259b877b8ac7d51401f9252b93a514ba18a376b271890bf4a7a85470cbfa6b75b4c166b1ebbcb4dbcd3ab348d91017cec61937a633a50e7e574f0bed032c9908a1d5c976ad874165aa66d2b64fdc296af5e90dd11317b39ef9562ce574f2362087e85e23af3609bca060a209f18c415e448a5ca00796b15bcf6d1f6dd6ac682b0302abd10fbbbb3507b6a5f981b5a41a6d7ca08f52c406be4966c7020a07a6bdea7a0e8cd2ffe4f9766a5ce0ad"})
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000001c0)={0x4c, 0xfc, &(0x7f0000000440)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$KVM_GET_IRQCHIP(r6, 0xc208ae62, &(0x7f0000000f40))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r9, 0xc0a85320, &(0x7f0000000100))
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000008c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$UHID_INPUT(r10, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r10, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f00000000c0)='.pending_reads\x00', 0x220400, 0x24)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f0000000000)={0x9, 0xffffffffffffffff})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x581100, 0x0)

5m47.460601844s ago: executing program 9 (id=11450):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800000000000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f00000001c0)={0x2, 0x7, 0x5, 0x4000})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

5m32.317591972s ago: executing program 43 (id=11450):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800000000000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f00000001c0)={0x2, 0x7, 0x5, 0x4000})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

25.869826692s ago: executing program 4 (id=13502):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='-0'], 0x6) (async)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0xb}, 0x2)

25.518724264s ago: executing program 4 (id=13503):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x3f2}]})
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x8282, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r3, 0x7dfff000)

25.276934923s ago: executing program 4 (id=13504):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCARDURB(r2, 0x550b, 0x0)
read$FUSE(r1, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
syz_open_dev$video4linux(&(0x7f0000000040), 0x1, 0x101000)
write$rfkill(r5, &(0x7f00000001c0)={0x7, 0x4, 0x1, 0x0, 0x1}, 0x8)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000580))
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000140)=[{0x5}]})
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f0000000080)={0x0, 0x0, {0x101, 0x0, 0x101c, 0x7, 0x6, 0x0, 0x3, 0x6}})
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r7, 0x40047459, &(0x7f00000001c0)=0x51)
pwritev(r7, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd02000040", 0x6}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

20.668316275s ago: executing program 6 (id=13508):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000540)={{}, {0x18}, 0x0, 0xbf}) (async)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000440)={<r2=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000000)={0x13, 0x10, 0x7, {0x0, r2, 0x1}}, 0x18) (async)
r3 = syz_open_dev$evdev(&(0x7f0000000200), 0xf, 0x60800)
ioctl$EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000240))
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGBITSW(r3, 0x80404525, &(0x7f0000000900)=""/162)
preadv(r4, &(0x7f0000000840)=[{&(0x7f00000006c0)=""/192, 0xc0}, {&(0x7f0000000140)}, {&(0x7f0000000040)=""/160, 0xa0}, {&(0x7f0000000280)=""/228, 0xe4}, {&(0x7f0000000380)=""/91, 0x5b}, {&(0x7f0000000400)=""/173, 0xad}, {&(0x7f00000004c0)=""/220, 0xdc}, {&(0x7f00000005c0)=""/77, 0x4d}, {&(0x7f0000000100)=""/229, 0xe5}, {&(0x7f0000000780)=""/133, 0x85}], 0xa, 0xffeffff9, 0x2001007)

20.476250256s ago: executing program 4 (id=13511):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = syz_open_dev$video(&(0x7f0000000040), 0x100, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000b40)={0x51, 0x1, 0x7, {0x0, 0x1}, {0x69, 0x2}, @period={0x59, 0x0, 0x0, 0x3, 0x80, {0x4, 0x8001, 0xf, 0xfffe}, 0x0, 0x0}})
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xa3)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$khugepaged_scan(r9, &(0x7f0000000080), 0x8)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xeeee8000, 0xffff1000, 0x9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0xa, 0xfe, 0x0, 0x0, 0x3}, {0x0, 0x3000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x50, 0x0, 0xf801, 0x0, [0x0, 0x0, 0x1]})
mmap$KVM_VCPU(&(0x7f0000e47000/0x4000)=nil, r5, 0x8, 0x100010, r8, 0x0)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDENABIO(r10, 0x4b36)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000280)={0x1, @pix={0x0, 0x0, 0x38414261}})
r11 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r11, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

20.02202545s ago: executing program 6 (id=13514):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000680)=ANY=[@ANYBLOB="01000000000008007100004050927e2ea32488"])
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x20080)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r4, 0xc0585604, &(0x7f0000000180)={0x0, 0xffffc000})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r3, 0x7dfff000)

19.420366362s ago: executing program 0 (id=13517):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000000, 0x2)
pwritev2(r2, &(0x7f0000000600)=[{&(0x7f0000000540)="c5", 0x1}], 0x1, 0x25e, 0x1, 0x1)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x1)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000100)=0x2)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000002c0)=0x19)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x104000000008)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000100)=0x31)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r4, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x2)
ioctl$TCFLSH(r5, 0x40087101, 0x20001100)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

19.160383283s ago: executing program 0 (id=13518):
r0 = dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x412c050, r0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000180))
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r2, 0x7dfff000)

19.007702527s ago: executing program 6 (id=13519):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001ff, 0x101301)
r2 = syz_open_dev$mouse(&(0x7f00000001c0), 0xe909, 0x248103)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f00000002c0)=@urb_type_interrupt={0x1, {0x8, 0x1}, 0xc84, 0x46, &(0x7f0000000340)="4ab8c0472bf9574f6332c85780fe7c559a5f6dfd225bc1a2b056062feeb645834e6ca83df5eb3c00eb7062f620cb3e7a1d883326fc4308bd4b401c2ea873836bd5b5ec3bdf45f3e16b5e4bb4b4acbe49be18f9e42ef40467d8f7147f560d0f625dcd", 0x62, 0x2, 0x3, 0x0, 0x7, 0x8, &(0x7f00000003c0)="d0da"})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
write$6lowpan_control(r1, &(0x7f0000000240)='connect aa:aa:aa:aa:aa:11 1', 0x1b)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000170101c0000000000700000000000000"])
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={&(0x7f0000000140)=[0x0], &(0x7f0000000100), &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x0, 0x6, 0x7})
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x420580, 0x0)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f000047f000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r6, 0x7dfff000)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f00000000c0)={0x0, 0x2, 0x6, &(0x7f0000000000)={0x16, "57383470180c0d9779317ef50750d2f6e57f68203ceb6e696a2439abf53a40d9a8"}})

18.581635652s ago: executing program 4 (id=13520):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r1, 0x3b88, &(0x7f00000000c0)={0xc, r2}) (async)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000080)={0xc})
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r1, 0x3b70, &(0x7f0000000100)={0x10, 0x0, 0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000) (async, rerun: 32)
close(r0) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

18.424329673s ago: executing program 6 (id=13521):
r0 = syz_open_dev$vivid(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0x1, 0x8000, 0x0, 0x0, 0x6, 0x5, 0x2, 0xfffffffe, 0xa, 0x9, 0x6f4, 0x80, 0x5, 0x7, 0x10, 0xa, {0x2, 0x200}, 0xf, 0xa}}) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000040)={0x26, 0x1, 0x0, "27425b895f17386bcec1d8665c0084feea0be6b8a80052d063e6179d13f019e3"}) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

18.265567464s ago: executing program 6 (id=13522):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8600, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0)
read(r0, &(0x7f00000001c0)=""/157, 0x9d)

17.433127153s ago: executing program 4 (id=13523):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$nci(r1, 0x0, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

17.142422989s ago: executing program 6 (id=13525):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x0, 0x4}, {0x63, 0x2}, @period={0x58, 0x0, 0x0, 0x3, 0x80, {0x1, 0x8001, 0xf, 0x1}, 0x0, 0x0}})
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2250)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x21)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r4, 0xc1004110, &(0x7f0000000000)={0x0, [0x8, 0xffff133a, 0x1], [{0x35, 0x0, 0x0, 0x1}], 0xc})
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r3, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

17.003577356s ago: executing program 5 (id=13526):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r1, 0x7b1, &(0x7f00000000c0)={&(0x7f0000000180)=[0xff, 0x9, 0xfffffffd, 0x0, 0x7ff, 0x6, 0x5, 0xfffffffd, 0x8, 0x0, 0x3, 0xff, 0x17, 0xfffffff8, 0x80, 0x9, 0x200, 0x6, 0x5, 0x3, 0x7, 0x8, 0x8, 0x3, 0x1e4f, 0x7, 0x1, 0x7, 0x4, 0x10000, 0x3, 0x3, 0x2, 0x2, 0x40, 0x4000000, 0x7, 0x3, 0x5, 0x40, 0x7, 0x9, 0x81, 0x9, 0x2, 0xf, 0x1, 0x5, 0x2, 0x8, 0x4, 0x2, 0x7781eaab, 0x0, 0x8, 0x101, 0x40, 0x8, 0x8, 0x100009, 0x6, 0x2, 0x3, 0x0, 0x9, 0x8a, 0x2, 0x5, 0x400, 0x2, 0x1, 0xcae4, 0x0, 0x8040, 0x6, 0x6, 0xc30, 0x6, 0xffff, 0x80000000, 0x6, 0x9, 0xcde, 0x5, 0x100, 0x8, 0x3, 0x5, 0x7ff, 0x9, 0x9, 0x4, 0x2, 0x0, 0x10, 0x6, 0x1, 0x1, 0x3, 0x2, 0x2, 0x8, 0x7fffffff, 0x3, 0x10, 0x87, 0x7, 0x4, 0x7, 0x8, 0xfffffff8, 0x8, 0x1, 0x8, 0x7, 0xfff, 0x8000, 0x0, 0x3796bd73, 0x9, 0xfff, 0x7, 0x2, 0xfffffff9, 0xf, 0x3, 0x1, 0x7, 0x0, 0xffff, 0x4, 0x4, 0x800, 0x1ff, 0x1, 0x80000001, 0x3, 0x1000, 0x0, 0x16e7, 0x7fffffff, 0x2, 0xf43, 0x400, 0x617, 0x9, 0x10, 0x7ff, 0xfd5, 0x50, 0x9, 0x800, 0x3, 0x6, 0xd, 0x800, 0x6, 0x3, 0x9, 0x400, 0x8, 0x81, 0x5, 0x6, 0x7, 0x6, 0xd72d6, 0x2, 0x8, 0x2, 0x6, 0x5, 0x2, 0x7fff, 0x9, 0xfffffff8, 0x3, 0x8, 0x3, 0x6f, 0xd, 0x3, 0x200, 0x80000001, 0x3, 0x4, 0xfff, 0xfffffffc, 0x9, 0x0, 0x0, 0x1, 0x2, 0x7, 0x4, 0x3, 0x3, 0x3, 0x8001, 0x2, 0x1000, 0x3, 0x3, 0x5, 0xfffffffd, 0x4, 0x7, 0x6, 0x0, 0x8, 0x1, 0x1, 0x6, 0x9, 0x8, 0x6, 0x6, 0x8001, 0x0, 0x7f, 0x6, 0x1ff, 0xf, 0x778, 0x2, 0x2, 0xc, 0x1000, 0x2, 0x0, 0xe8f8, 0x0, 0x8000, 0xfffffffb, 0x8, 0x0, 0xb, 0x58, 0x7, 0xffffffff, 0x0, 0x0, 0x7, 0x7, 0x4, 0x2, 0x0, 0x8f27, 0x9, 0xccfe, 0x9, 0x4, 0x2, 0x3, 0x6, 0x1000, 0x484, 0x5, 0x7fff, 0xffffffff, 0x0, 0x8, 0x0, 0x6, 0xce79, 0x0, 0x0, 0x3, 0xa, 0x0, 0xded1, 0xd3, 0x7f, 0x809f, 0x26, 0x3, 0xa, 0x6, 0x4, 0x4, 0x8, 0xfffffff8, 0x10001, 0xffff, 0x2690, 0x3, 0x10, 0x8, 0xe84c, 0x4, 0x9, 0x8, 0x1, 0xcb, 0x1, 0x1, 0x4355, 0xd, 0x4, 0x5, 0x5, 0x81, 0x1, 0xffffffff, 0x0, 0x8, 0x3, 0x4, 0x6, 0x1b1, 0x7f, 0x9, 0x1, 0x8, 0x8, 0x0, 0x25dd047e, 0x6, 0x8, 0x5, 0x9, 0x188, 0xd, 0x5, 0x9, 0x0, 0x1, 0x9, 0x3, 0x0, 0xfffffff9, 0x29c, 0x80, 0x5, 0x6, 0xe, 0x10000, 0xb, 0x3, 0xff, 0x6, 0x0, 0x4b15922e, 0x8, 0x968e, 0x0, 0x8, 0x2, 0x39d, 0x8, 0x1, 0x1, 0x7fffffff, 0x7, 0x9cd5, 0x7, 0x0, 0x3, 0x8000, 0x9, 0x1, 0x10000, 0x81, 0x7, 0xbdd, 0x7, 0x2, 0x9, 0x4, 0x6, 0x4, 0x2, 0x0, 0x3123, 0xd, 0x7, 0xfffffff7, 0xfffffffa, 0x9, 0x5, 0xe4c, 0x2, 0x0, 0xf4fa, 0x1ae4f237, 0x5, 0x3, 0x7fffffff, 0x5, 0x978e, 0x0, 0x8, 0x6, 0x1, 0x6, 0x1, 0x4, 0x8, 0x8, 0x5, 0xffffffff, 0x9000, 0x0, 0x8, 0xb, 0x80081, 0x2, 0x3, 0x6, 0x8, 0x8dd7, 0x9, 0x31, 0xc0, 0xfffff00b, 0x9, 0x5, 0x8, 0x1, 0x8, 0x1, 0x2, 0x7, 0x3, 0x2, 0x2, 0x0, 0x6, 0x9, 0x7ff, 0x66a, 0x4, 0x2, 0x4, 0xc, 0x1af0, 0xbf, 0x9, 0x8, 0x100, 0x2, 0x8, 0x7, 0x7fffffff, 0x6, 0x1ff, 0x1, 0x0, 0x5, 0x8001, 0x8001, 0x0, 0x7, 0x6, 0x6, 0x0, 0x5, 0x62, 0xb7, 0x844, 0x8, 0x3, 0x101, 0xff, 0xfffffffe, 0x9, 0x0, 0x5, 0xf6c, 0x0, 0x5, 0x4, 0x81, 0x3, 0xb06f, 0x8, 0x7fffffff, 0xfffffa4d, 0x80, 0x5, 0x24000000, 0x2, 0x9, 0x3, 0x7, 0x80000001, 0x80000000, 0x5, 0x5, 0x9, 0x6, 0x8, 0x10, 0x805, 0xb045, 0x8, 0xfffffff9, 0x2, 0x4, 0x6, 0x1, 0x2, 0x9, 0x0, 0x7f, 0x3, 0x0, 0x1, 0x5, 0x5, 0x0, 0x800, 0x6, 0x3653, 0x9, 0x4, 0x5, 0x7ff, 0x2, 0x1, 0xc5bd, 0x4, 0x4, 0x9, 0x1d76, 0x9, 0x9, 0xb, 0x8, 0x1ff, 0x9, 0xff, 0x7, 0x800, 0x8, 0x98, 0x4, 0x3, 0x2, 0x799, 0x1000, 0x44, 0x9, 0x1, 0x6, 0x1c6, 0x5e, 0x13a8, 0x0, 0x81, 0x7, 0x7fffffff, 0x3, 0x7, 0x8b3a, 0x9dd6, 0x7, 0x7, 0x9, 0xfffffff8, 0x8, 0x9, 0xeee, 0x4, 0xc, 0x2, 0x8, 0x2, 0x0, 0x1, 0x800, 0x8, 0x0, 0x5, 0x9, 0x6, 0xf31, 0xe, 0xffff03d9, 0x3, 0x1, 0x4, 0x40, 0x2, 0x10, 0x2, 0x6, 0x10000, 0x7, 0x7fff, 0xbccf, 0x4, 0x4, 0x7, 0x3ff, 0x64b7b5c0, 0x6, 0x6, 0x10001, 0x6, 0x4, 0x3, 0x13df, 0x1d, 0x2, 0x200, 0x1, 0x197, 0x40c7, 0x0, 0x44, 0x6, 0x3, 0x1, 0xd24, 0x8, 0x9, 0x8c0, 0x3bb5a757, 0x8, 0x200, 0x8, 0xfffffffb, 0x6, 0x0, 0x3ea, 0x8, 0x80000000, 0x7, 0x1, 0xd, 0x8, 0x401, 0x3, 0x5, 0x835, 0x8, 0x40, 0x0, 0x1000, 0x7, 0xfffffffe, 0x4, 0x8, 0x0, 0x1, 0xc, 0xe, 0x52, 0x3, 0x5, 0x3, 0x7, 0x4, 0x4, 0x6, 0xffff, 0x8, 0x6, 0x83, 0x0, 0x501d, 0x7, 0x7fff, 0xfffffff9, 0x1, 0xdcc, 0xd, 0xbcf, 0x3, 0x6, 0x4, 0x7, 0x4, 0x52c0, 0x1, 0x6, 0x7, 0x2, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x4, 0x6, 0x401, 0x1, 0x7, 0x5, 0x3, 0x8, 0x10000, 0x4, 0x1, 0xf35, 0x6, 0x7, 0x1, 0x9, 0x6, 0x80000000, 0x7, 0x6, 0x400, 0x7, 0x9, 0x8, 0xffff, 0x2, 0x1, 0x7, 0xa46, 0x8, 0x5, 0x7, 0x6, 0x1, 0x7, 0x1, 0x1, 0x1, 0x1ff, 0xffffffff, 0x4, 0xc4c, 0x166, 0xffffffff, 0x7, 0xe27, 0x4, 0x7, 0x9, 0x77b, 0x9, 0x5, 0x0, 0x10, 0x7, 0x2d, 0x0, 0x40, 0x5, 0x7, 0x4, 0x3, 0x6, 0xffff7827, 0x9, 0x7, 0x1, 0x9, 0x0, 0x0, 0x4, 0x7, 0xbbbc, 0x5, 0x8080000, 0x6, 0x1ff, 0x1000, 0x8, 0x1, 0x1ff, 0x5, 0xee98, 0x4, 0x559e, 0x70d9453e, 0x638, 0xffffffff, 0x3, 0x5, 0x8001, 0xffffff32, 0x1ff, 0x6, 0x8, 0x1, 0x9, 0x1, 0x3, 0x6, 0x7, 0x7ff, 0x10001, 0xa, 0xc, 0x6, 0x9, 0x2, 0x4, 0x2, 0x2, 0x4, 0x40, 0x9667, 0x6, 0x9, 0x779, 0x6, 0x8001, 0x4eaa, 0x3ff, 0x3ff, 0x3, 0x2, 0x8, 0x5, 0x9, 0x100, 0x256, 0x3, 0x52, 0x7fffffff, 0x3, 0x8, 0x4, 0xffff7c4a, 0x4, 0xfffffff8, 0x1, 0x9, 0x2, 0xd, 0x7ce, 0xb, 0x4, 0x80000000, 0xffff, 0x6, 0x7, 0x2, 0x400, 0x1, 0x9, 0xffffffda, 0x5, 0x4c7, 0x9, 0x280, 0xe7, 0x7fff, 0x4, 0x1, 0x0, 0xf, 0x79, 0x4, 0xf, 0x9, 0xff, 0x6, 0x504, 0xe, 0x9, 0x3836, 0x0, 0x7fff, 0x3, 0x9e, 0x4, 0x2d32, 0x1, 0xf, 0xfff, 0x8, 0x400, 0x2, 0xffffffff, 0x5, 0x86, 0x7f, 0x80, 0xab4, 0x2, 0xc0, 0x93, 0x6, 0x8, 0x6, 0x80000000, 0x6, 0x7fff, 0x400, 0x4, 0x0, 0xc, 0xf2b, 0x2c3b2b7b, 0xb, 0x40, 0x7fffffff, 0x1, 0x9, 0x4, 0x8, 0x8, 0x4, 0x9, 0x9, 0x7, 0x10000, 0xfffffffc, 0xe, 0x4, 0x80, 0x6, 0x9, 0x4, 0x1, 0x1, 0x4e, 0x5, 0x4, 0x4, 0x7, 0x2, 0x4, 0x3, 0x9, 0x5, 0x4, 0x4, 0xffff, 0x0, 0x80000000, 0x200, 0x7, 0x2dce, 0x4, 0x0, 0xc, 0x3, 0x3, 0x4040000, 0x40, 0x1, 0x8, 0x9, 0x3, 0x1, 0x8, 0x14, 0x0, 0x10, 0x3, 0x2, 0x4, 0x2, 0x7, 0x800, 0x6, 0x4, 0x3, 0x6, 0xede5, 0x6, 0x6, 0x3, 0x0, 0x7, 0x7, 0x9, 0x3, 0x10, 0x10001, 0x9, 0x8, 0x4, 0xb, 0xcb6, 0x200, 0x7ff, 0x0, 0x8, 0x41, 0x7, 0x5, 0x9, 0x200, 0x7, 0xa39c, 0xcdc5, 0x800, 0x9, 0x6, 0x934d, 0x80, 0xa, 0x6, 0x6, 0x0, 0x8001, 0x1, 0x6, 0x3, 0x3, 0xfffff32f, 0xffffffff, 0x2, 0x0, 0x7, 0x9, 0x1, 0xe, 0x4, 0x2, 0xffffffff, 0x34, 0x2, 0x99b, 0x9, 0x2, 0x6, 0x7, 0x5, 0x8, 0xd1, 0x1, 0x5, 0x6b0a], 0x6, 0x400, 0x2})
r2 = dup(r0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000140)={0x4, <r5=>0xffffffffffffffff, 0x1})
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x801c581f, 0x0)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0xe80, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r7, 0xc0046686, &(0x7f0000000000)={0x1})
r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r9 = syz_open_dev$radio(&(0x7f0000000280), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r9, 0x40305652, &(0x7f00000002c0)={0x0, 0x1, 0x11, 0x0, 0x0, 0xfa000, 0x1a5e00})
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r8, 0x7dfff000)

16.63633553s ago: executing program 5 (id=13527):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc7)
syz_open_dev$tty20(0xc, 0x4, 0x1)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
r4 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000180)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x10, 0x0, 0x0, 0x0, 0x2, 0x1d, "fee8a2ab78fc979fd1e00d96072800001ea89de2b7fb0000e60080d2780000000000fffffffffffffff70000000000000700", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90bf8b1c000000001600000000effb00", [0x8, 0x2]}})
mmap$binder(&(0x7f0000c73000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x6)

16.173487029s ago: executing program 5 (id=13528):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r1, 0x80089203, 0x200000000000000)
r2 = dup(r0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_CALL(r3, 0x4008af21, &(0x7f0000000300)={0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x28)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r6 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGSERIAL(r6, 0x541e, 0x0)
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r5, 0x7dfff000)

16.131341337s ago: executing program 0 (id=13529):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
dup(0xffffffffffffffff)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0}) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f00000000c0)={0x7, 0x1, 0x9}) (async)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000002404"])
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r8, 0x4140aecd, &(0x7f0000000dc0)={{0x1, 0x0, 0x80, {0x4000, 0xf000, 0x1}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca02000000000000008b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd96dba8d84c65c2bef91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4515a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bf4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e446401803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db43029d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efe0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6d3b0498a95377451bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f81c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629fa4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809373c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"}) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x8000000}) (async)
r9 = syz_open_dev$media(&(0x7f0000001a80), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r9, 0xc0287c02, &(0x7f0000000180)={0x80000000, 0x0, 0xfffffffffffffffe}) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001}) (async)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r2}) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

15.968367056s ago: executing program 5 (id=13530):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
dup(0xffffffffffffffff)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x8000000})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
read(r3, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000500)={0x28, 0x5, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r2})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

15.92029512s ago: executing program 5 (id=13531):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8600, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x64a1c0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae03, 0x6)
read(r3, &(0x7f00000001c0)=""/157, 0x9d)

15.794985005s ago: executing program 0 (id=13532):
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x8100, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x48b, 0x0, 0x7}]})
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f0000000080)=0x1b)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000000c0)={0xc96, <r5=>0x0})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000001c0)={0x0, r5})
read(r4, &(0x7f0000000100)=""/159, 0xfffffe5a)

15.700239509s ago: executing program 5 (id=13533):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe99, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffe]})
read$FUSE(r1, 0x0, 0x0) (async)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3) (async)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0xfd, 0x6, 0x1}, 0x8) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x8010, r4, 0xc5b31000)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
r6 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r6, 0xc014563b, &(0x7f0000000080)={0xa}) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xa7) (async, rerun: 32)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x583200, 0x0) (rerun: 32)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

15.232797304s ago: executing program 0 (id=13534):
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x8}}, './file0\x00'})
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000100)={0x5, <r1=>r0, 'id0\x00'})
ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f00000000c0))
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x6601, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x110, r2, 0x7dfff000)

15.174850853s ago: executing program 0 (id=13535):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x82540, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r1, 0x4610, &(0x7f0000000000)={0x3a})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40402, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x2})
write$cgroup_devices(r2, &(0x7f0000002d80)=ANY=[], 0xffdd)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x7041, 0x0)
read(r0, &(0x7f0000000100)=""/151, 0x97)

2.120730435s ago: executing program 44 (id=13523):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$nci(r1, 0x0, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

1.078292527s ago: executing program 45 (id=13525):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x0, 0x4}, {0x63, 0x2}, @period={0x58, 0x0, 0x0, 0x3, 0x80, {0x1, 0x8001, 0xf, 0x1}, 0x0, 0x0}})
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2250)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x21)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r4, 0xc1004110, &(0x7f0000000000)={0x0, [0x8, 0xffff133a, 0x1], [{0x35, 0x0, 0x0, 0x1}], 0xc})
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r3, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

42.398434ms ago: executing program 46 (id=13533):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe99, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffe]})
read$FUSE(r1, 0x0, 0x0) (async)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3) (async)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0xfd, 0x6, 0x1}, 0x8) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x8010, r4, 0xc5b31000)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
r6 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r6, 0xc014563b, &(0x7f0000000080)={0xa}) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xa7) (async, rerun: 32)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x583200, 0x0) (rerun: 32)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

0s ago: executing program 47 (id=13535):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x82540, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r1, 0x4610, &(0x7f0000000000)={0x3a})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40402, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x2})
write$cgroup_devices(r2, &(0x7f0000002d80)=ANY=[], 0xffdd)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x7041, 0x0)
read(r0, &(0x7f0000000100)=""/151, 0x97)

kernel console output (not intermixed with test programs):

È1Å>)©Mă‰ÏT§²Ú(ÌÇAÏ�„}9·Ú¥ÃJ*MÑœ¥Ä¡«'L¹£Q	ÌDWŸÒظ=ؽ|Q¬	ÏÆ™W;5ÆÙŽª!ÑDB¸X`ɧÖ/÷ÂE�`ƦM¢XÎÂ"Ä\
[ 1579.187625][ T6106] [U] {;ŽÕ¥ÂÙ˜_ˆO2«Ñ)ÎO®›.2ÐW2ʲ¨ÐYÙÃÃX_  HPϱœSªD­�¦Ø:]‚{Ë©ÔÝÆȽ
[ 1579.197223][ T6119] sg_write: data in/out 65499/14 bytes for SCSI command 0x0-- guessing data in;
[ 1579.197223][ T6119]    program syz.5.10245 not setting count and/or reply_len properly
[ 1579.197371][ T6106] [U] I,Ç>ÇÓ¤	ÎÙ5�1Ñ÷^1ÒN4¯OǶÞ'0Ý?Ö’IÙ9W.Ï_.¶WŠA¼Š�Vˆ±`)ÑZ¬ÏÆC6GIÓ¹²A»¬XL[¢›½¡FÜ*ÀÑO‰W)+‡Ç'\NÆ
[K@ÑËÄÜ2ÇǬ–®¡P"^`Á‰Í	Ø¿
[ 1579.232335][ T6106] [U] 22½“Æ©ÐÛ©X?0;3U±
[ 1579.237481][ T6106] [U] ÞœÕ
Æ�ÓSOBX 8”Wˆ4Á‘(Ð~/§¿ÍKÇUžÃÔ–OQËE+·G®-YµGY_
•>V¢ÜÈË—3.HÁÓ™]Í„²2‘”)™DË,	‘Ä	ÞD~×D©£¡+ÃW;A\˜F
PÉÞȘ|$ºØ)�
KØ�I³ÉÐÉ¿KÑYT^RÍÜÙÇ™µ“ËA=±#–Üœ	ÝÍ¿ËAE©�TÅ1·Îݯ4K¯.E"RÚS|ПÀSÖ’Á:•Ù>P™…RÐ"Z‰Ú­ÛÚÉ#P!˜KY"›}ÃÆF¿N84ܳƒÅHÞ±£O•ÈS¿™Ì«%DLWÙMƲÇ
[ 1579.263864][ T6106] [U] [ª['XN€'²÷Á¿Ü,MR¦«/žšœÂ1D=!DŽX91BÙ
WÇ»R—LF…ƒÆK̤ZÕÊ# `Ì‘LØ›§Ëœ»×B~ÅMÒÔÖ
[ 1579.273797][ T6106] [U] ™LÖ>�Ñ�D+ˆD¯§—®Ì"5ŽÊ��H3<ª¨ÅIR=F^”F�NÕÓÜÀ‰¿Û­VÛ÷œDÁOIOÚ:UÖ>ÖYÂ
[ 1579.283897][ T6106] [U] 'B—6VÝ20³Ä·Çž¥·×ŒÏ"T8Ñ{9ÆFW��]ÔÊÄÌ©�
[ 1579.290642][ T6106] [U] Ù72Þ‰ÏÂÃUÞC6™ÎÜÔÏ„I]8Cª£TÛ¨QSK�YÞÎIÒÀ¹ ¿|V'ÛTV/ÙÅG•$[ 9KH`Ú"Ü‘ÚÕ}€Ñ[^=ˆÚ0Á]½Ã%ÆÌ‚T“Šž¹ØFÌ_VÖ4C¸ÒÅ
[ 1579.340924][ T6106] [U] ¹EC�
[ 1579.346283][ T6106] [U] �—”|‚ÊÌ<ÄÎ:^Ü3$7NK~Ø-™@÷¦?Ÿ–/MTL·�Û¾©IˆWȬ@G~TØ{ÊÜP¿+Æ$ªJP|µŽÇIÛRIÓ�PMÐ Õ·YÓ Ú”8ÌTÉÐÞVžÙßÆË,ÎLÂ,Õ
[ 1579.448676][ T6128] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1579.483507][ T6128] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1579.576367][ T6105] [U] ˆKÌÚÛÕ‰)0ÄÄÝ~ܳʪÁIP'ÍFÓÒœZÚÞR¬™ß@BÓ]Â5ÝÊ{­©Ê¼Ô'À8ÅÆ¥F‡¹UTQUD
Ç©¤K;7ͪ0C[„ÃY–¼ÈYC¦¶»Ø°Mª™LÒ8’T…ÍšÎ5³ÝÝRX�™¶ÐWÍ X¤²ÓOQHVI'8œ¥Î…Lµ
[ 1580.235024][ T6158] input: syz1 as /devices/virtual/input/input347
[ 1580.630341][ T6180] binder: 6174:6180 ioctl c018620c 200000000380 returned -22
[ 1581.247062][ T6200] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1581.773167][ T6221] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1581.827264][ T6238] binder: 6220:6238 ioctl c0306201 200000000480 returned -14
[ 1582.324183][ T6263] qrtr: Invalid version 0
[ 1582.456385][ T6265] QAT: Device 253 not found
[ 1582.567796][ T6284] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 1582.583334][ T6276] loop6: detected capacity change from 0 to 63
[ 1582.601917][ T6284] buffer_io_error: 6 callbacks suppressed
[ 1582.601937][ T6284] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1582.617536][ T6284] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1582.627845][ T6284] Buffer I/O error on dev loop6, logical block 2, async page read
[ 1582.638027][ T6284] Buffer I/O error on dev loop6, logical block 3, async page read
[ 1582.678241][ T6276] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1582.711184][ T6276] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1582.746991][ T6276] Buffer I/O error on dev loop6, logical block 2, async page read
[ 1582.747099][ T6276] Buffer I/O error on dev loop6, logical block 3, async page read
[ 1582.781380][ T6276] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1582.781498][ T6276] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1582.784421][ T6276] ldm_validate_partition_table(): Disk read failed.
[ 1582.785804][ T6276] Dev loop6: unable to read RDB block 0
[ 1582.826699][ T6276]  loop6: unable to read partition table
[ 1582.902572][ T6276] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1584.138223][ T6330] input: syz0 as /devices/virtual/input/input348
[ 1584.824731][ T6363] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1585.438652][ T6405] program syz.0.10298 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1585.500148][ T6408] program syz.0.10298 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1585.510661][ T6408] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1585.777248][ T6416] cgroup: fork rejected by pids controller in /syz9
[ 1587.126172][ T1036] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1587.345459][ T1036] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1587.502581][ T1036] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1587.876784][ T1036] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1587.898550][T16365] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1587.915858][T16365] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1587.924986][T16365] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1587.944603][T16365] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1587.958554][T16365] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1587.998406][T16099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1588.006911][T16099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1588.040211][T16099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1588.061366][T16099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1588.074180][T16099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1588.316724][ T1036] bridge_slave_1: left allmulticast mode
[ 1588.332340][ T1036] bridge_slave_1: left promiscuous mode
[ 1588.338311][ T1036] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1588.357220][ T1036] bridge_slave_0: left allmulticast mode
[ 1588.378517][ T1036] bridge_slave_0: left promiscuous mode
[ 1588.402609][ T1036] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1589.019547][ T6635] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1589.982875][ T6660] Bluetooth: Error in BCSP hdr checksum
[ 1590.127399][T16365] Bluetooth: hci1: command tx timeout
[ 1590.639853][ T6673] kvm: kvm [6670]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010005) = 0x1
[ 1590.997569][ T1036] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1591.036706][ T1036] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1591.094548][ T1036] bond0 (unregistering): Released all slaves
[ 1591.892527][ T1036] hsr_slave_0: left promiscuous mode
[ 1591.907220][ T1036] hsr_slave_1: left promiscuous mode
[ 1591.933962][ T1036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1591.952846][ T1036] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1591.973598][ T1036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1591.989183][ T1036] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1592.027677][ T6799] program syz.5.10334 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1592.029128][ T1036] veth1_macvtap: left promiscuous mode
[ 1592.043169][T16099] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1592.058675][ T1036] veth0_macvtap: left promiscuous mode
[ 1592.065066][ T1036] veth1_vlan: left promiscuous mode
[ 1592.070481][ T1036] veth0_vlan: left promiscuous mode
[ 1592.116273][ T6799] [U] 
[ 1592.119100][ T6799] [U] K{‘
[ 1592.122158][ T6799] [U] ät Ž1ÊàŠªFìÇÄfËŠî`GÊJç˜Ügö毹¬¡—þÈoÕñ/ümCç
[ 1592.129166][ T6799] [U] tžØ–/,�~ˆÄœ­‹jõÿÊ}8îÊþ'o1�Ü"™7-î‚JQœK—¤Wºïqé5c%"¬H12–¦Y“„‰ž€ÊXÍ`ˆ‚íè¼`+³û(·â¿!(éûéz'àtXln»I®gÅj– °üÝ­·på~÷7í!‘Õò"ø¨Î¾ª(È5ˆObü¤‡ÍƒJÖ
[ 1592.144761][ T6799] [U] ±k\&—}6£6œXîHX�¥ôµ„Ìþ.`¸a“$Û40|϶¿�9°øÞ¨„¯ÀÏU‚ò4�ôä®VbzÃð}ÌwÔM”TºŽíQŸýΦr’4”ÿ
[ 1592.155419][ T6799] [U] ".h6øÞ"Ökã‡[›‰¤ŒJá4çØI�n¨™[Z(•„C|Të]z{�â3Ÿc=»¨xîôžë…î4ßw‰)\T‘XJø�SH{q;ì¹¢…ötÔÇ+‹¦÷gíèÿ®d„.Ë‚³>yž�÷éwUh„fN—Ž�Çhl]SÔ2ŠÇÙ\g%ŠO¼&z)µðš'¨pul‚_<ã	¢Ø°‰ò®Ôå`Ò±TÔÁþœÐËþ;_ô"(‘u{7jœ¿2X ‘/€'ÝÙcÑÌõIº©ÀÏH¿c�Õ³žV¦=�‘AiÇ%w¼Esž RšŸjŠîœƒÚ”gÂ÷rÁ¹í¡hI
˜¢œaïì6-úD�úV¨á i"øånæ¨ þÚAsc~4Áª¹8cø*­OO5/ÿœJš~º§¡w—vK+¬®‰Œ3èÇY)Ž¹M°¸æv¶Ìyqæ½€DTr¯
Otpem%f×ÊejÍA5æÔT_-X~ ^aaÛ‚ò˜½qÖå
[ 1592.191098][ T6799] [U] 	+�w‰G?]£Ó'a:	»Ú)Õ
ïó™“' B>t¢ ¡f/™÷<'èUÓ'–¼h§ié.+]eŸ.½-É¿ÿ¿Ò%÷è>2`¶^Uÿ8F.Š6¤Å3ÓØ+ËA¾Â««„°g3ÓpÂó6:�^0À�téèv÷'Eõt¼€ûâYC‰n¾þrÏ©ÞnèPj×;æZ†êôñû‘8!¯È\ù…¸AØÊ–2Á£$ðµ™Â­wi.Íç#ŠÈ/Bai¼�Ä`ðá4j’ôdîy@Óz„ügW÷5Ë¿Bĵٜ Nóy"vI2ûÌ
[ 1592.214674][ T6799] [U] ôT¦_K5¸t¬YJÐþÎ9ðÕcÊ$brŸLúNul¶ü9wÈýÍ|žGå"ʃÆ%Çú¶êCªØ�°¶ºqîÙ
 ŸÇ3‹Æq¯ôN^HP*½Ü$	µ.Î7yÓ±œ2³
[ 1592.225807][ T6799] [U] ½?�©ÿhüä*ÙÁ”Î3í�7Üé�¾^#Q�"0~‡‚ð(éoïXLŒb£,'vîÓ=‹ÝëCÌS«…’G‚S¶Þ0•Ö‚‹Ù`˜›žÙ‡Ÿ†=1(÷î¾™÷p#ò2DO*Ƀ
[ 1592.237404][ T6799] [U] ©s¹“gžµ²¶“˜GuÐÔd-{¸™â|&“�®ŸŸñ�2µ›LÞc_©œ!`¨ÍozÖ¥¢B¶³%>êrñ¶öwï‡ýŽSsÂH"£yA4£O.šYÙÛä�„RTÔ¶ŒBÚ[+/<<R�B�Êäõ|ФeŽžÑÛ –V96#ûúÑͤê¦jºUº%
s851ƒ�þÒ©s�P±¨\£ƒ?qª|L�´QXµ0ÂKÔ1orÉ´2¡½|ÖüdÖFÌ¿»ù�ÚË2Þ”–¨×0ÌåH•}C[/¤»“Ÿpx^¼èo
[ 1592.268043][ T6799] [U] ÖØ›·Ü—(JÅЛ•§mÛüxz˜;œ½±ÓÿØ�_¹»µÔ*3÷3…ß5¸\ƒxm³ÚU�‰AK!aQ`ßË;Fð•�I+ÖÐVUHåðÂmÑj³´Æ·ÙÛZÄcøãz‹¼Â)_矡	ô‘¡&ÿö¡ÿáaÇxtoÈÝê_½ ú¼¦:¨â×%à²Pò×ÈCö²‚yö+_þü›ýû}Uïm˜ƒÆ«CÅ!KJò7Ðßg¯Ë=bè
[ 1592.286816][ T6799] [U] Ù½¥Fœ%ŽXAÙÂlŸ2r*gŒòVW¬Ñ$ƒüj	ãA˜›F¶ß�·+ø¾9Í„ViºÖ—¼kÙ¾Å1}_©â
á¥%Ãr6„•(]“¦/Ÿ¶ø�Å™YܺÇÞh㤾üÑr gªÄrn/Ü«Î#!êdÙûÚ«%ÞÛËDªï-{ð$þvU‘ýT²¼ª$:mtrÔEŽC1V‰D~îÈ];[˜ËÚÐ÷sq¾¯œù(ìëe,X¦8â"Ù
æðG¥dŸúµ2@T8ž¾´òƒàðÿàt8.Rc+Ä@Ëꦇp‡uá
p”‰¼¶C±‡Ë'å„yLÓ-Ss1E?Å7ÓO‡§ì^]¦†Âóc”â½H]§Jkr]Rkq܆�øÝ£þ´OTcôÆx¶¨¾4™NË	³Ï&�á­ðÚ‹ŠÓ@¶:m7ß~�+”W*ÛÁ–xMüó>>—¡{q¢Ú×
_²Õ�LX8ÊU„ÇØî{ðZ³íø�)ÿÒ7?ËrR;ÿcßr hײڣỨè1Å>)©Măâ‰Ït§²Ú(ìÇaÏ�„}9·Ú¥ãJ*MÑœ¥Ä¡«'L¹£q	ìDWŸòø¸=ؽ|q¬	ÏÆ™W;5æÙŽª!ñdB¸x`é§ö/÷ÂE�`ƦM¢Xîâ"ä\
[ 1592.296332][T16099] Bluetooth: hci1: command tx timeout
[ 1592.333736][ T6799] [U] {;Žõ¥ÂÙ˜_ˆo2«Ñ)îo®›.2ÐW2겨ðyùÃãx_  HPϱœSªD­�¦ø:]‚{Ë©ÔÝæè½
[ 1592.333764][ T6799] [U] I,Ç>Çó¤	îÙ5�1ñ÷^1òN4¯oǶþ'0ý?Ö’iÙ9w.ï_.¶WŠa¼Š�Vˆ±`)ÑZ¬ïæc6GiÓ¹²a»¬XL[¢›½¡Fü*ÀñO‰W)+‡Ç'\nÆ
[K@ÑëÄü2çǬ–®¡p"^`Á‰í	øß
[ 1592.333780][ T6799] [U] 22½“Æ©Ðû©x?0;3u±
[ 1592.333803][ T6799] [U] ÞœÕ
æ�ósObx 8”Wˆ4á‘(ð~/§¿íKÇUžãÔ–oQËe+·G®-yµgY_
•>v¢ÜÈë—3.hÁÓ™]Í„²2‘”)™DË,	‘Ä	þD~×d©£¡+Ãw;A\˜F
PÉþȘ|$ºø)�
KØ�I³éÐÉ¿kñYT^RÍüù癵“ËA=±#–Üœ	ÝíßËae©�tå1·Îݯ4K¯.e"RÚS|ðŸÀsÖ’Á:•ù>p™…rÐ"z‰ú­ûúé#P!˜KY"›}ÃÆF¿N84ü³ƒÅhÞ±£o•Èsߙ̫%DlwÙmæ²Ç
[ 1592.333828][ T6799] [U] [ª['xn€'²÷á¿Ü,mr¦«/žšœâ1D=!DŽx91Bù
wç»R—lf…ƒÆKì¤Zõê# `ì‘lØ›§Ëœ»×b~åmÒÔÖ
[ 1592.333844][ T6799] [U] ™LÖ>�ñ�d+ˆd¯§—®Ì"5Žê��h3<ª¨ÅiR=F^”f�nõóÜÀ‰¿û­vÛ÷œDÁOIOÚ:Uö>ÖYâ
[ 1592.333878][ T6799] [U] 'B—6vý20³ä·çž¥·×Œï"t8Ñ{9ÆFW��]ôÊäì©�
[ 1592.415149][ T6799] [U] ù72þ‰ïÂÃuþC6™îüÔÏ„I]8cª£tÛ¨QSk�YÞîIÒÀâ¹ ¿|V'ÛTV/ùÅg•$[â 9kh`ú"ü‘úõ}€ñ[^=ˆú0á]½ã%ÆÌ‚T“Šž¹ØFì_vö4C¸òÅ
[ 1592.427501][ T6799] [U] ¹ec�
[ 1592.430634][ T6799] [U] �—”|‚Êì<äî:^ü3$7nK~Ø-™@÷¦?Ÿ–/mtl·�Û¾©Iˆwè¬@g~tØ{êÜPß+Æ$ªjp|µŽçIÛRió�pmð õ·YÓ ú”8ìtÉÐÞVžÙÿÆë,îlâ,Õ
[ 1592.747460][ T6798] [U] ˆKÌúÛõ‰)0ÄÄÝ~ü³ÊªÁiP'ífóòœzÚÞr¬™ÿ@BÓ]Â5ÝÊ{­©Ê¼ô'à8åÆ¥F‡¹UTqUd
Ç©¤K;7íª0c[„ãy–¼ÈYC¦¶»Ø°mª™Lò8’T…ÍšÎ5³ýýrx�™¶ðWí x¤²óoQhVi'8œ¥Î…Lµ
[ 1594.282474][T16099] Bluetooth: hci1: command tx timeout
[ 1594.741730][ T6860] CUSE: info not properly terminated
[ 1595.450325][ T1036] team0 (unregistering): Port device team_slave_1 removed
[ 1595.653189][ T1036] team0 (unregistering): Port device team_slave_0 removed
[ 1596.363365][T16099] Bluetooth: hci1: command tx timeout
[ 1598.149611][ T6570] chnl_net:caif_netlink_parms(): no params data found
[ 1598.189306][ T6826] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1598.222535][ T6826] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1598.458337][ T6570] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1598.493309][ T6570] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1598.500689][ T6570] bridge_slave_0: entered allmulticast mode
[ 1598.535535][ T6570] bridge_slave_0: entered promiscuous mode
[ 1598.551300][ T6570] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1598.580531][ T6941] CUSE: zero length info key specified
[ 1598.590346][ T6570] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1598.601755][ T6570] bridge_slave_1: entered allmulticast mode
[ 1598.614522][ T6570] bridge_slave_1: entered promiscuous mode
[ 1598.629757][ T6944] vivid-001: =================  START STATUS  =================
[ 1598.655677][ T6944] vivid-001: Radio HW Seek Mode: Bounded
[ 1598.661441][ T6944] vivid-001: Radio Programmable HW Seek: false
[ 1598.690903][ T6944] vivid-001: RDS Rx I/O Mode: Block I/O
[ 1598.698653][ T6944] vivid-001: Generate RBDS Instead of RDS: false
[ 1598.712633][ T6944] vivid-001: RDS Reception: true
[ 1598.717700][ T6944] vivid-001: RDS Program Type: 0 inactive
[ 1598.740052][ T6944] vivid-001: RDS PS Name:  inactive
[ 1598.769679][ T6570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1598.774499][ T6944] vivid-001: RDS Radio Text:  inactive
[ 1598.784975][ T6570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1598.831867][ T6944] vivid-001: RDS Traffic Announcement: false inactive
[ 1598.862597][ T6944] vivid-001: RDS Traffic Program: false inactive
[ 1598.869063][ T6944] vivid-001: RDS Music: false inactive
[ 1598.902224][ T6944] vivid-001: ==================  END STATUS  ==================
[ 1599.061704][ T6570] team0: Port device team_slave_0 added
[ 1599.099398][ T6570] team0: Port device team_slave_1 added
[ 1599.250223][ T7025] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1599.423941][ T7039] usb usb1: usbfs: process 7039 (syz.5.10352) did not claim interface 0 before use
[ 1599.466365][ T6570] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1599.487776][ T6570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1599.574926][ T6570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1599.614550][ T6570] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1599.621664][ T6570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1599.675120][ T6570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1599.839951][ T6570] hsr_slave_0: entered promiscuous mode
[ 1599.852942][ T6570] hsr_slave_1: entered promiscuous mode
[ 1599.859507][ T6570] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1599.885620][ T7089] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1599.892946][ T6570] Cannot create hsr debugfs directory
[ 1601.058778][ T6570] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1601.178831][ T6570] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1601.208912][ T6570] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1601.237184][ T6570] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1601.517192][ T6570] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1601.546693][ T6570] 8021q: adding VLAN 0 to HW filter on device team0
[ 1601.564285][ T1102] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1601.571632][ T1102] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1601.610864][ T1102] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1601.618141][ T1102] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1601.670510][ T6570] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1601.889474][ T7242] QAT: failed to copy from user.
[ 1602.057075][ T6570] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1602.233686][ T7253] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1602.629953][ T6570] veth0_vlan: entered promiscuous mode
[ 1602.651652][ T6570] veth1_vlan: entered promiscuous mode
[ 1602.707688][ T6570] veth0_macvtap: entered promiscuous mode
[ 1602.719216][ T6570] veth1_macvtap: entered promiscuous mode
[ 1602.788424][ T6570] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1602.813660][ T6570] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1602.829941][ T6570] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.858147][ T6570] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.883139][ T6570] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.892021][ T6570] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1603.157715][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1603.184528][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1603.239921][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1603.259914][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1603.598719][ T7313] input: syz0 as /devices/virtual/input/input351
[ 1603.763067][ T7332] random: crng reseeded on system resumption
[ 1604.334565][ T7356] binder: 7349:7356 ioctl c0306201 200000000080 returned -14
[ 1604.993569][ T7380] binder: 7379:7380 ioctl c0306201 200000000540 returned -14
[ 1605.295345][ T7396] mkiss: ax0: crc mode is auto.
[ 1605.391255][ T7411] input: syz0 as /devices/virtual/input/input354
[ 1605.398006][ T7404] ALSA: seq fatal error: cannot create timer (-19)
[ 1607.593121][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.599539][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 1607.714891][ T7519] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1608.132660][ T7536] binder: 7535:7536 ioctl c0306201 200000000540 returned -22
[ 1609.236073][T24986] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1609.254115][T24986] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1609.282472][T24986] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1609.302286][T24986] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1609.309781][T24986] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1609.334816][T24986] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1609.883048][ T7636] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1611.099297][ T7678] input: syz1 as /devices/virtual/input/input356
[ 1611.129449][ T7689] input: syz1 as /devices/virtual/input/input357
[ 1612.030906][ T7736] loop6: detected capacity change from 0 to 4
[ 1612.084291][ T7734] binder: 7733:7734 ioctl c018620b 9999999999999999 returned -14
[ 1612.301670][ T7754] kvm: kvm [7753]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010006) = 0xaf
[ 1612.346450][ T7754] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1612.663406][ T7778] loop8: detected capacity change from 0 to 7
[ 1612.671827][ T7778] Dev loop8: unable to read RDB block 7
[ 1612.706910][ T7778]  loop8: unable to read partition table
[ 1612.723038][ T7778] loop8: partition table beyond EOD, truncated
[ 1612.729298][ T7778] loop_reread_partitions: partition scan of loop8 (ÿÿÿÿ) failed (rc=-5)
[ 1612.874261][ T7786] binder: 7780:7786 ioctl c0306201 200000000300 returned -22
[ 1612.874794][ T7787] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1613.354407][ T7816] input: syz0 as /devices/virtual/input/input358
[ 1613.365863][ T7814] input: syz1 as /devices/virtual/input/input359
[ 1614.141108][ T7850] binder: 7849:7850 ioctl c0306201 200000000300 returned -22
[ 1614.770903][ T7882] usb usb8: usbfs: process 7882 (syz.5.10477) did not claim interface 0 before use
[ 1616.138097][ T7933] mkiss: ax0: crc mode is auto.
[ 1616.322506][ T7938] usb usb1: usbfs: process 7938 (syz.9.10487) did not claim interface 0 before use
[ 1617.086570][ T8007] usb usb1: usbfs: process 8007 (syz.9.10494) did not claim interface 0 before use
[ 1617.377547][ T8016] block nbd9: NBD_DISCONNECT
[ 1618.388385][ T8051] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1621.635227][ T8203] serio: Serial port ttynull
[ 1622.096138][ T8227] random: crng reseeded on system resumption
[ 1622.658900][ T8237] syz.0.10532: vmalloc error: size 16105472, failed to allocated page array size 31456, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1622.700127][ T8237] CPU: 1 UID: 0 PID: 8237 Comm: syz.0.10532 Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 1622.700161][ T8237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1622.700176][ T8237] Call Trace:
[ 1622.700185][ T8237]  <TASK>
[ 1622.700195][ T8237]  dump_stack_lvl+0x189/0x250
[ 1622.700226][ T8237]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1622.700262][ T8237]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1622.700287][ T8237]  ? __pfx__printk+0x10/0x10
[ 1622.700311][ T8237]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1622.700340][ T8237]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1622.700378][ T8237]  warn_alloc+0x214/0x310
[ 1622.700416][ T8237]  ? __pfx_warn_alloc+0x10/0x10
[ 1622.700456][ T8237]  ? __get_vm_area_node+0x28f/0x300
[ 1622.700484][ T8237]  ? kvm_set_memslot+0x4e2/0x1310
[ 1622.700512][ T8237]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1622.700568][ T8237]  ? kvm_set_memslot+0x3e/0x1310
[ 1622.700593][ T8237]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1622.700634][ T8237]  ? kvm_set_memslot+0x4e2/0x1310
[ 1622.700653][ T8237]  __vmalloc_noprof+0xb1/0xf0
[ 1622.700688][ T8237]  ? kvm_set_memslot+0x4e2/0x1310
[ 1622.700714][ T8237]  kvm_set_memslot+0x4e2/0x1310
[ 1622.700740][ T8237]  ? kvm_set_memory_region+0x775/0xc00
[ 1622.700770][ T8237]  kvm_set_memory_region+0x9bb/0xc00
[ 1622.700810][ T8237]  kvm_vm_ioctl_set_memory_region+0x6f/0xa0
[ 1622.700836][ T8237]  kvm_vm_ioctl+0x957/0xc60
[ 1622.700862][ T8237]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1622.700889][ T8237]  ? do_vfs_ioctl+0x12ba/0x1990
[ 1622.700918][ T8237]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1622.700966][ T8237]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1622.701002][ T8237]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1622.701041][ T8237]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[ 1622.701073][ T8237]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1622.701107][ T8237]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1622.701149][ T8237]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1622.701190][ T8237]  ? __lock_acquire+0xab9/0xd20
[ 1622.701235][ T8237]  ? __fget_files+0x2a/0x420
[ 1622.701271][ T8237]  ? __fget_files+0x2a/0x420
[ 1622.701301][ T8237]  ? __fget_files+0x3a0/0x420
[ 1622.701331][ T8237]  ? __fget_files+0x2a/0x420
[ 1622.701367][ T8237]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1622.701389][ T8237]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1622.701411][ T8237]  __se_sys_ioctl+0xfc/0x170
[ 1622.701440][ T8237]  do_syscall_64+0xfa/0x3b0
[ 1622.701460][ T8237]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1622.701492][ T8237]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1622.701512][ T8237]  ? clear_bhb_loop+0x60/0xb0
[ 1622.701538][ T8237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1622.701559][ T8237] RIP: 0033:0x7f794658e929
[ 1622.701579][ T8237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1622.701597][ T8237] RSP: 002b:00007f794746a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1622.701620][ T8237] RAX: ffffffffffffffda RBX: 00007f79467b6080 RCX: 00007f794658e929
[ 1622.701636][ T8237] RDX: 0000200000000080 RSI: 000000004020ae46 RDI: 0000000000000007
[ 1622.701650][ T8237] RBP: 00007f7946610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1622.701664][ T8237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1622.701682][ T8237] R13: 0000000000000000 R14: 00007f79467b6080 R15: 00007ffcd21161a8
[ 1622.701716][ T8237]  </TASK>
[ 1622.701827][ T8237] Mem-Info:
[ 1622.852408][ T8237] active_anon:20960 inactive_anon:0 isolated_anon:0
[ 1622.852408][ T8237]  active_file:1530 inactive_file:40514 isolated_file:0
[ 1622.852408][ T8237]  unevictable:768 dirty:33 writeback:0
[ 1622.852408][ T8237]  slab_reclaimable:14491 slab_unreclaimable:99182
[ 1622.852408][ T8237]  mapped:24306 shmem:5502 pagetables:1640
[ 1622.852408][ T8237]  sec_pagetables:0 bounce:0
[ 1622.852408][ T8237]  kernel_misc_reclaimable:0
[ 1622.852408][ T8237]  free:1319343 free_pcp:14811 free_cma:0
[ 1623.148175][ T8237] Node 0 active_anon:83724kB inactive_anon:0kB active_file:6120kB inactive_file:161756kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97316kB dirty:128kB writeback:0kB shmem:20472kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12220kB pagetables:6452kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1623.212252][ T8237] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1623.312466][ T8237] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1623.364211][ T8237] lowmem_reserve[]: 0 2497 2498 2498 2498
[ 1623.370181][ T8237] Node 0 DMA32 free:1357356kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:84480kB inactive_anon:0kB active_file:6124kB inactive_file:161696kB unevictable:1536kB writepending:124kB present:3129332kB managed:2557540kB mlocked:0kB bounce:0kB free_pcp:49692kB local_pcp:29368kB free_cma:0kB
[ 1623.465545][ T8237] lowmem_reserve[]: 0 0 1 1 1
[ 1623.470524][ T8237] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:4kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[ 1623.513797][ T8256] blktrace: Concurrent blktraces are not allowed on sg0
[ 1623.552420][ T8237] lowmem_reserve[]: 0 0 0 0 0
[ 1623.557257][ T8237] Node 1 Normal free:3911976kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:8544kB local_pcp:0kB free_cma:0kB
[ 1623.642344][ T8237] lowmem_reserve[]: 0 0 0 0 0
[ 1623.647207][ T8237] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1623.692353][ T8237] Node 0 DMA32: 43*4kB (UME) 180*8kB (UME) 652*16kB (UME) 819*32kB (UME) 686*64kB (UME) 523*128kB (UME) 209*256kB (UME) 49*512kB (UM) 75*1024kB (UME) 28*2048kB (UME) 242*4096kB (UM) = 1353068kB
[ 1623.762271][ T8237] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[ 1623.802872][ T8237] Node 1 Normal: 228*4kB (UME) 63*8kB (UME) 50*16kB (UME) 266*32kB (UME) 95*64kB (UME) 33*128kB (UME) 7*256kB (UME) 4*512kB (ME) 2*1024kB (UM) 1*2048kB (E) 948*4096kB (M) = 3911976kB
[ 1623.862231][ T8237] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1623.882558][ T8237] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1623.891956][ T8237] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1623.942331][ T8237] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1623.951726][ T8237] 50358 total pagecache pages
[ 1623.982229][ T8237] 1 pages in swap cache
[ 1623.986493][ T8237] Free swap  = 124992kB
[ 1623.990688][ T8237] Total swap = 124996kB
[ 1624.027888][ T8237] 2097051 pages RAM
[ 1624.031790][ T8237] 0 pages HighMem/MovableOnly
[ 1624.042496][ T8237] 425688 pages reserved
[ 1624.046751][ T8237] 0 pages cma reserved
[ 1624.902425][ T8300] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1625.039697][ T8307] kvm: emulating exchange as write
[ 1625.197803][ T8302] sp0: Synchronizing with TNC
[ 1626.978747][ T8373] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1627.072365][ T8379] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:16x16 (0x34324142, 8, 0, 0, 0)
[ 1628.579208][ T8433] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1684633135.2322277)
[ 1630.517489][ T8497] syz.5.10585: attempt to access beyond end of device
[ 1630.517489][ T8497] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1633.497044][ T8592] input: syz1 as /devices/virtual/input/input363
[ 1634.721754][ T8742] can0: slcan on ptm0.
[ 1634.837747][ T8756] input: syz0 as /devices/virtual/input/input364
[ 1634.903361][ T8742] can0 (unregistered): slcan off ptm0.
[ 1636.470059][ T8805] vivid-000: =================  START STATUS  =================
[ 1636.470100][ T8805] vivid-000: Enable Output Cropping: false
[ 1636.470145][ T8805] vivid-000: Enable Output Composing: false
[ 1636.470169][ T8805] vivid-000: Enable Output Scaler: false
[ 1636.470193][ T8805] vivid-000: Tx RGB Quantization Range: Automatic
[ 1636.470218][ T8805] vivid-000: Transmit Mode: HDMI
[ 1636.470239][ T8805] vivid-000: Hotplug Present: 0x00000000
[ 1636.470292][ T8805] vivid-000: RxSense Present: 0x00000000
[ 1636.470312][ T8805] vivid-000: EDID Present: 0x00000000
[ 1636.470333][ T8805] vivid-000: ==================  END STATUS  ==================
[ 1636.644014][ T8814] tun0: tun_chr_ioctl cmd 1074025675
[ 1636.644038][ T8814] tun0: persist disabled
[ 1636.675686][ T8819] tun0: tun_chr_ioctl cmd 1074025673
[ 1636.684823][ T8814] tun0: tun_chr_ioctl cmd 1074025675
[ 1636.702277][ T8814] tun0: persist disabled
[ 1639.419084][ T8878] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1640.784928][ T8902] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1641.851766][   T30] audit: type=1804 audit(1750406734.198:63): pid=8943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.10647" name="/newroot/243/cgroup.controllers" dev="tmpfs" ino=1252 res=1 errno=0
[ 1641.882521][   T30] audit: type=1800 audit(1750406734.198:64): pid=8943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.10647" name="cgroup.controllers" dev="tmpfs" ino=1252 res=0 errno=0
[ 1642.902312][ T5830] psmouse serio26: Failed to reset mouse on : -5
[ 1643.649816][ T9025] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1644.188569][ T9034] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1645.195082][ T9068] sp0: Synchronizing with TNC
[ 1646.231322][ T9118] [U] ^R
[ 1646.538877][ T9123] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1646.782757][ T5830] misc userio: Buffer overflowed, userio client isn't keeping up
[ 1647.351831][   T30] audit: type=1800 audit(1750406739.698:65): pid=9156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.10693" name="dmabuf" dev="dmabuf" ino=74 res=0 errno=0
[ 1647.858660][ T5830] input: PS/2 Generic Mouse as /devices/serio26/input/input366
[ 1648.105336][ T5830] psmouse serio26: Failed to enable mouse on 
[ 1648.916920][ T1036] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1648.924276][T16365] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1650.675296][ T9287] input: syz0 as /devices/virtual/input/input369
[ 1650.922594][T16365] Bluetooth: hci4: command 0x1003 tx timeout
[ 1650.923005][T16099] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1651.088284][ T9305] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1651.475985][ T9318] input: syz1 as /devices/virtual/input/input370
[ 1651.596290][ T9321] ptm ptm11: ldisc open failed (-12), clearing slot 11
[ 1651.843539][ T9329] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1652.182296][ T9355] mkiss: ax0: crc mode is auto.
[ 1654.065376][ T9428] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1654.671794][ T9451] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1654.993932][ T9467] blktrace: Concurrent blktraces are not allowed on sg0
[ 1655.994113][ T9483] sp0: Synchronizing with TNC
[ 1658.951658][ T9641] ubi: mtd0 is already attached to ubi0
[ 1659.078522][ T9645] block nbd0: NBD_DISCONNECT
[ 1659.086094][ T9645] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1660.144062][ T9689] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1662.107099][ T9754] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1662.155189][ T9757] loop8: detected capacity change from 0 to 7
[ 1662.166946][ T9757] Dev loop8: unable to read RDB block 7
[ 1662.178474][ T9757]  loop8: unable to read partition table
[ 1662.305299][ T9757] loop8: partition table beyond EOD, truncated
[ 1662.311576][ T9757] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[ 1662.323272][ T9754] Dev loop8: unable to read RDB block 7
[ 1662.328948][ T9754]  loop8: unable to read partition table
[ 1662.337031][ T9754] loop8: partition table beyond EOD, truncated
[ 1662.885893][ T9792] usb usb8: usbfs: process 9792 (syz.0.10813) did not claim interface 0 before use
[ 1663.514461][ T9816] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1663.530556][ T9810] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1664.953918][ T9886] Attempt to restore checkpoint with obsolete wellknown handles
[ 1665.511528][ T9915] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1666.038824][   T30] audit: type=1400 audit(1750406758.388:66): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=9929 comm="syz.0.10841"
[ 1666.682006][ T9949] input: syz1 as /devices/virtual/input/input372
[ 1667.207688][ T9976] input: syz0 as /devices/virtual/input/input373
[ 1667.216043][ T9976] usb usb1: usbfs: process 9976 (syz.9.10852) did not claim interface 0 before use
[ 1667.216263][ T9976] usb usb1: selecting invalid altsetting 256
[ 1667.216322][ T9983] usb usb1: selecting invalid altsetting 256
[ 1667.927161][ T9986] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1669.021846][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.021917][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.162313][T16365] Bluetooth: hci4: command 0x1003 tx timeout
[ 1669.166287][T16099] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1669.595014][T10048] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1669.861062][T10055] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1670.402678][T10080] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1671.219584][T10125] sp0: Synchronizing with TNC
[ 1671.628277][T10121] [U] è
[ 1672.210261][T10158] vivid-000: disconnect
[ 1672.385630][T10168] misc userio: Begin command sent, but we're already running
[ 1672.406893][T10150] vivid-000: reconnect
[ 1674.552458][T10283] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1675.071946][T24986] hid (null): unknown global tag 0xd
[ 1675.080322][T24986] hid-generic 0001:0002:0000.0018: unknown main item tag 0x4
[ 1675.080403][T24986] hid-generic 0001:0002:0000.0018: unknown main item tag 0x1
[ 1675.080434][T24986] hid-generic 0001:0002:0000.0018: unknown global tag 0xd
[ 1675.080452][T24986] hid-generic 0001:0002:0000.0018: item 0 2 1 13 parsing failed
[ 1675.081239][T24986] hid-generic 0001:0002:0000.0018: probe with driver hid-generic failed with error -22
[ 1675.583527][T10304] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1676.228392][T10322] syz.6.10917: attempt to access beyond end of device
[ 1676.228392][T10322] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1677.865266][T10394] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1677.979975][T10399] input: syz1 as /devices/virtual/input/input375
[ 1678.591808][T10431] usb usb1: usbfs: process 10431 (syz.9.10945) did not claim interface 0 before use
[ 1678.593579][T10432] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1679.155248][T10443] CUSE: info not properly terminated
[ 1680.756058][T10483] ubi: mtd0 is already attached to ubi0
[ 1680.798055][   T30] audit: type=1400 audit(1750406773.148:67): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=10490 comm="syz.9.10958"
[ 1681.680741][T10519] random: crng reseeded on system resumption
[ 1681.718790][T10519] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1681.963737][T10535] input: syz1 as /devices/virtual/input/input376
[ 1682.111638][ T3467] hid-generic 0000:0000:0000.0019: unknown main item tag 0x4
[ 1682.134782][ T3467] hid-generic 0000:0000:0000.0019: unknown main item tag 0x2
[ 1682.145356][ T3467] hid-generic 0000:0000:0000.0019: unknown main item tag 0x3
[ 1682.183001][ T3467] hid-generic 0000:0000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1684.600317][T10634] loop6: detected capacity change from 0 to 262144
[ 1686.144088][ T5895] hid-generic 0800:0002:0002.001A: ignoring exceeding usage max
[ 1686.167206][ T5895] hid-generic 0800:0002:0002.001A: unknown main item tag 0x7
[ 1686.192287][ T5895] hid-generic 0800:0002:0002.001A: reserved main item tag 0xe
[ 1686.219326][ T5895] hid-generic 0800:0002:0002.001A: unexpected long global item
[ 1686.247233][ T5895] hid-generic 0800:0002:0002.001A: probe with driver hid-generic failed with error -22
[ 1689.707194][ T5830] hid (null): invalid report_count 44315
[ 1689.728668][ T5830] hid (null): invalid report_count 47424
[ 1689.751853][ T5830] hid (null): global environment stack underflow
[ 1689.779834][ T5830] hid-generic 0003:0080:0008.001B: reserved main item tag 0xe
[ 1689.807319][ T5830] hid-generic 0003:0080:0008.001B: unknown main item tag 0x3
[ 1689.832833][ T5830] hid-generic 0003:0080:0008.001B: unknown main item tag 0x0
[ 1689.840431][ T5830] hid-generic 0003:0080:0008.001B: unknown main item tag 0x5
[ 1689.874422][ T5830] hid-generic 0003:0080:0008.001B: unexpected long global item
[ 1689.887299][ T5830] hid-generic 0003:0080:0008.001B: probe with driver hid-generic failed with error -22
[ 1690.294744][T10945] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1690.316177][T10949] input: syz0 as /devices/virtual/input/input377
[ 1690.820736][T10973] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1690.953476][T10992] binder: 10991:10992 ioctl c0306201 200000000300 returned -22
[ 1691.456962][ T5830] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1691.468082][ T5830] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1691.492581][ T5830] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1691.510684][ T5830] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1691.551173][ T5830] rtc rtc0: __rtc_set_alarm: err=-22
[ 1691.784446][T11017] input: syz1 as /devices/virtual/input/input378
[ 1691.829298][T11017] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1691.902238][T11028] vivid-000: =================  START STATUS  =================
[ 1691.910415][T11028] vivid-000: Test Pattern: 100% Colorbar
[ 1691.930379][T11028] vivid-000: Fill Percentage of Frame: 100
[ 1691.938541][T11028] vivid-000: Horizontal Movement: Move Left Slow
[ 1692.040378][T11028] vivid-000: Vertical Movement: Move Up Slow
[ 1692.049326][T11028] vivid-000: OSD Text Mode: All
[ 1692.139175][T11028] vivid-000: Show Border: true
[ 1692.146634][T11028] vivid-000: Show Square: true
[ 1692.151503][T11028] vivid-000: Sensor Flipped Horizontally: true
[ 1692.157932][T11028] vivid-000: Sensor Flipped Vertically: true
[ 1692.164891][T11028] vivid-000: Insert SAV Code in Image: true
[ 1692.171119][T11028] vivid-000: Insert EAV Code in Image: true
[ 1692.179686][T11028] vivid-000: Insert Video Guard Band: false
[ 1692.188920][T11028] vivid-000: Reduced Framerate: true
[ 1692.233946][T11028] vivid-000: HDMI 000-0 Is Connected To: None
[ 1692.240804][T11028] vivid-000: S-Video 000-0 Is Connected To: None
[ 1692.253912][T11028] vivid-000: Enable Capture Cropping: false
[ 1692.260019][T11028] vivid-000: Enable Capture Composing: false
[ 1692.395110][T11056] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1692.442312][T11028] vivid-000: Enable Capture Scaler: false
[ 1692.622350][T11028] vivid-000: Timestamp Source: Start of Exposure
[ 1692.762403][T11028] vivid-000: Colorspace: sRGB
[ 1692.939770][T11028] vivid-000: Transfer Function: sRGB
[ 1693.012085][T11028] vivid-000: Y'CbCr Encoding: Default
[ 1693.028437][T11028] vivid-000: HSV Encoding: Hue 0-256
[ 1693.036331][T11028] vivid-000: Quantization: Limited Range
[ 1693.046295][T11028] vivid-000: Apply Alpha To Red Only: true
[ 1693.057585][T11028] vivid-000: Standard Aspect Ratio: 14x9
[ 1693.064345][T11028] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[ 1693.154722][T11028] vivid-000: DV Timings: 640x480p59 inactive
[ 1693.160888][T11028] vivid-000: DV Timings Aspect Ratio: 14x9
[ 1693.237519][T11087] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1693.370299][T11028] vivid-000: Maximum EDID Blocks: 256
[ 1693.382819][T11094] random: crng reseeded on system resumption
[ 1693.419600][T11028] vivid-000: Limited RGB Range (16-235): true
[ 1693.426618][T11028] vivid-000: Rx RGB Quantization Range: RGB Full Range (0-255)
[ 1693.475883][T11028] vivid-000: Power Present: 0x00000000
[ 1693.553251][T11028] tpg source WxH: 320x180 (Y'CbCr)
[ 1693.628029][T11028] tpg field: 1
[ 1693.631493][T11028] tpg crop: (0,0)/320x180
[ 1693.712615][T11028] tpg compose: (0,0)/320x180
[ 1693.842218][T11028] tpg colorspace: 8
[ 1693.968573][T11028] tpg transfer function: 7/7
[ 1694.072032][T11028] tpg Y'CbCr encoding: 0/1
[ 1694.072055][T11028] tpg quantization: 1/1
[ 1694.072068][T11028] tpg RGB range: 0/1
[ 1694.072081][T11028] vivid-000: ==================  END STATUS  ==================
[ 1695.324569][T11151] mkiss: ax0: crc mode is auto.
[ 1696.945447][ T3573] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1698.287799][T11266] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1698.951106][T11295] binder: 11287:11295 ioctl 4018620d 0 returned -22
[ 1699.003552][T16099] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1699.005949][T16365] Bluetooth: hci4: command 0x1003 tx timeout
[ 1699.110199][T11300] binder: 11287:11300 ioctl c018620c 0 returned -14
[ 1699.848767][T11330] binder: 11329:11330 ioctl 400c620e 2000000014c0 returned -22
[ 1700.689232][T11367] syz.9.11101: attempt to access beyond end of device
[ 1700.689232][T11367] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1700.928727][T11380] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1701.357745][T11408] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1701.378145][T11408] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1701.455863][T11418] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 1701.499585][T11425] binder: 11424:11425 ioctl c0306201 0 returned -14
[ 1701.780672][T11442] random: crng reseeded on system resumption
[ 1702.054120][T11447] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[ 1703.944306][T11505] binder_alloc: binder_alloc_mmap_handler: 11503 200000fd2000-200000fd3000 already mapped failed -16
[ 1704.277682][T11524] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1704.286487][T11523] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 1705.310823][T11556] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1705.489729][T11570] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1705.637959][T11584] CUSE: unknown device info "MzP�´Ã{UÀÞÒ—ýEÞsª¹Z$cw#¤/…fƒ}Ù”Ðb,Q«[{æ•Æ®$
[ 1705.637959][T11584] Ç4&I:#5o6Ÿ3”ÑŽ.l%¤žwC
[ 1705.637959][T11584] Ž?"
[ 1705.722434][T11584] CUSE: unknown device info "v…2‰.7’õ¸Ë‚þ ®Ñ*5®¸Óì•SEAy û…	¿`?e`þŠl6Ý¡ÐÙéQ0V84ÜŽ{c"áKüü^÷vaOÖ�M Œ××Ê8æf1¨\.dž6�á(3´iË¿­›ƒfω11,kb­°îz›Ö‰"�NXjª}˜	ß~
ïwu/¾KÈ9Ê.²Ðrù¯×¤©"
[ 1705.812192][T11584] CUSE: DEVNAME unspecified
[ 1706.587860][T11610] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1707.675112][T11654] binder: 11653:11654 ioctl c018620c 200000001180 returned -22
[ 1708.151176][T11677] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1708.354620][T11688] sp0: Synchronizing with TNC
[ 1708.539791][T11698] input: syz1 as /devices/virtual/input/input381
[ 1708.737522][T11713] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1709.205500][   T30] audit: type=1400 audit(1750406801.558:68): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name="-" pid=11729 comm="syz.6.11169"
[ 1709.713508][T11760] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1710.052627][T11787] ubi: mtd0 is already attached to ubi0
[ 1710.703206][T11810] binder: 11806:11810 ioctl c00c620f 0 returned -14
[ 1710.948610][T11823] sp0: Synchronizing with TNC
[ 1711.143199][T11822] [U] è
[ 1711.374766][T11846] sp0: Synchronizing with TNC
[ 1711.401640][T11846] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1711.467080][T11810] binder: 11806:11810 ioctl c0306201 200000001680 returned -14
[ 1712.431757][T11902] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1712.441193][T11902] QAT: failed to copy from user cfg_data.
[ 1712.805203][T11921] loop8: detected capacity change from 0 to 7
[ 1712.831971][T11921] Dev loop8: unable to read RDB block 7
[ 1713.217611][T11921]  loop8: unable to read partition table
[ 1713.512039][T11921] loop8: partition table beyond EOD, truncated
[ 1713.530425][T11921] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[ 1713.715773][T11930] Dev loop8: unable to read RDB block 7
[ 1713.721465][T11930]  loop8: unable to read partition table
[ 1713.750428][T11930] loop8: partition table beyond EOD, truncated
[ 1713.965919][T11968] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=220138064 (3522209024 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1714.222476][T11974] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 1714.462406][T11981] kvm: Disabled LAPIC found during irq injection
[ 1714.566439][T11988] sp0: Synchronizing with TNC
[ 1714.985621][T12010] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1715.165067][T12023] input: syz0 as /devices/virtual/input/input383
[ 1715.185898][T12026] CUSE: info not properly terminated
[ 1715.523241][T12044] CUSE: info not properly terminated
[ 1716.115938][T12066] PM: Enabling pm_trace changes system date and time during resume.
[ 1716.115938][T12066] PM: Correct system time has to be restored manually after resume.
[ 1716.358829][T12072] binder: 12071:12072 ioctl c018620c 200000000640 returned -22
[ 1716.880867][T12103] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1717.030372][T12112] input: syz0 as /devices/virtual/input/input384
[ 1717.048271][T12112] input: failed to attach handler leds to device input384, error: -6
[ 1718.165401][T12172] snd_dummy snd_dummy.0: control 1:0:0:syz0:254 is already present
[ 1718.798781][ T3573] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1718.816049][T16365] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1719.290257][T12223] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1719.327703][T12223] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1719.347203][T12223] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 1719.381546][T12223] iommufd_mock iommufd_mock3: Adding to iommu group 3
[ 1719.420618][T12223] iommufd_mock iommufd_mock4: Adding to iommu group 4
[ 1719.446670][T12223] iommufd_mock iommufd_mock5: Adding to iommu group 5
[ 1719.460445][T12223] iommufd_mock iommufd_mock6: Adding to iommu group 6
[ 1719.471348][T12223] iommufd_mock iommufd_mock7: Adding to iommu group 7
[ 1719.484797][T12223] iommufd_mock iommufd_mock8: Adding to iommu group 8
[ 1719.499204][T12223] iommufd_mock iommufd_mock9: Adding to iommu group 9
[ 1719.510469][T12223] iommufd_mock iommufd_mock10: Adding to iommu group 10
[ 1719.527010][T12223] iommufd_mock iommufd_mock11: Adding to iommu group 11
[ 1719.541568][T12223] iommufd_mock iommufd_mock12: Adding to iommu group 12
[ 1719.558665][T12223] iommufd_mock iommufd_mock13: Adding to iommu group 13
[ 1719.574495][T12223] iommufd_mock iommufd_mock14: Adding to iommu group 14
[ 1719.594104][T12223] iommufd_mock iommufd_mock15: Adding to iommu group 15
[ 1719.608280][T12223] iommufd_mock iommufd_mock16: Adding to iommu group 16
[ 1719.645387][T12223] iommufd_mock iommufd_mock17: Adding to iommu group 17
[ 1719.654894][T12223] iommufd_mock iommufd_mock18: Adding to iommu group 18
[ 1719.664099][T12223] iommufd_mock iommufd_mock19: Adding to iommu group 19
[ 1719.673261][T12223] iommufd_mock iommufd_mock20: Adding to iommu group 20
[ 1719.683633][T12223] iommufd_mock iommufd_mock21: Adding to iommu group 21
[ 1719.693118][T12223] iommufd_mock iommufd_mock22: Adding to iommu group 22
[ 1719.702314][T12223] iommufd_mock iommufd_mock23: Adding to iommu group 23
[ 1719.711360][T12223] iommufd_mock iommufd_mock24: Adding to iommu group 24
[ 1719.720558][T12223] iommufd_mock iommufd_mock25: Adding to iommu group 25
[ 1719.729710][T12223] iommufd_mock iommufd_mock26: Adding to iommu group 26
[ 1719.739054][T12223] iommufd_mock iommufd_mock27: Adding to iommu group 27
[ 1719.748194][T12223] iommufd_mock iommufd_mock28: Adding to iommu group 28
[ 1719.757492][T12223] iommufd_mock iommufd_mock29: Adding to iommu group 29
[ 1719.775289][T12223] iommufd_mock iommufd_mock30: Adding to iommu group 30
[ 1719.794705][T12223] iommufd_mock iommufd_mock31: Adding to iommu group 31
[ 1719.804207][T12223] iommufd_mock iommufd_mock32: Adding to iommu group 32
[ 1720.842244][T16099] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1720.842350][T16365] Bluetooth: hci4: command 0x1003 tx timeout
[ 1721.055746][T12389] program syz.5.11270 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1721.083650][T12389] program syz.5.11270 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1721.109175][T12391] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1721.122507][T12389] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1721.169333][T12389] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1723.037591][T12485] kvm: kvm [12484]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000002a) = 0x4
[ 1723.207286][T12489] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1724.635388][T12543] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1725.111053][T12567] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1725.634642][T12576] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1726.104441][T12586] ALSA: mixer_oss: invalid OSS volume ''
[ 1728.515943][T12690] binder: 12687:12690 ioctl c00c620f 200000000180 returned -22
[ 1730.450851][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.457717][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.494865][T12762] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1730.625120][T12767] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 1730.688867][T12767] input: syz1 as /devices/virtual/input/input387
[ 1730.787186][T12775] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1731.574969][T12823] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1731.864630][T12841] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1731.897165][T12844] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1732.197447][T12867] loop6: detected capacity change from 0 to 524287487
[ 1732.212914][T12867] buffer_io_error: 58 callbacks suppressed
[ 1732.212935][T12867] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.328078][T12870] loop6: detected capacity change from 524287487 to 0
[ 1732.344682][T12867] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.392377][T12867] ldm_validate_partition_table(): Disk read failed.
[ 1732.422304][T12867] Dev loop6: unable to read RDB block 0
[ 1732.431126][T12867]  loop6: unable to read partition table
[ 1732.448844][T12867] loop6: partition table beyond EOD, truncated
[ 1732.478705][T12867] loop_reread_partitions: partition scan of loop6 (™^L‹¦øíA;åó§Èb»ö@’†�Ö”:B‚w¾<ØÈgønf.-Ó‘†³.àië�í>^.¾dDd—Â) failed (rc=-5)
[ 1733.429728][T12903] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1733.939172][T12918] sp0: Synchronizing with TNC
[ 1734.930784][T12955] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1735.953432][T12985] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1736.294645][T13006] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1736.968781][T13033] binder: 13032:13033 ioctl c018620c 200000000100 returned -22
[ 1737.437454][   T30] audit: type=1400 audit(1750406829.788:69): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=13048 comm="syz.5.11397"
[ 1737.461928][T13054] loop7: detected capacity change from 0 to 61
[ 1739.138408][T13150] binder: 13146:13150 ioctl 40046205 0 returned -22
[ 1739.473202][T13170] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1741.820867][T13271] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1742.869562][T13313] Context (ID=0x0) not attached to queue pair (handle=0x0:0x2)
[ 1744.148484][T13377] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1745.690198][ T1161] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1745.722993][T13413] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1747.302355][T13440] usb usb8: usbfs: process 13440 (syz.6.11463) did not claim interface 0 before use
[ 1747.725636][T16099] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1749.702204][T13501] input: syz0 as /devices/virtual/input/input389
[ 1751.065429][T13544] loop6: detected capacity change from 0 to 524287999
[ 1751.108129][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 0
[ 1751.117979][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 0
[ 1751.131876][    C1] I/O error, dev loop6, sector 1018 op 0x1:(WRITE) flags 0x8800 phys_seg 128 prio class 0
[ 1751.141928][    C1] I/O error, dev loop6, sector 1018 op 0x1:(WRITE) flags 0x8800 phys_seg 128 prio class 0
[ 1751.152009][    C1] I/O error, dev loop6, sector 2042 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 0
[ 1751.162144][    C1] I/O error, dev loop6, sector 2042 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 0
[ 1751.174024][    C1] I/O error, dev loop6, sector 3066 op 0x1:(WRITE) flags 0x8800 phys_seg 128 prio class 0
[ 1751.184077][    C1] I/O error, dev loop6, sector 3066 op 0x1:(WRITE) flags 0x8800 phys_seg 128 prio class 0
[ 1751.194312][    C1] I/O error, dev loop6, sector 4090 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 0
[ 1751.204385][    C1] I/O error, dev loop6, sector 4090 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 0
[ 1752.735033][T13587] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1755.226200][T13639] tun0: tun_chr_ioctl cmd 1074025675
[ 1755.231637][T13639] tun0: persist enabled
[ 1755.243016][T13639] tun0: tun_chr_ioctl cmd 1074025675
[ 1755.258377][T13639] tun0: persist enabled
[ 1755.678937][T13651] input: syz0 as /devices/virtual/input/input390
[ 1756.025250][T13668] input input391: cannot allocate more than FF_MAX_EFFECTS effects
[ 1756.469643][T13680] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1760.008113][T16099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1760.028292][T16099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1760.036956][T16099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1760.046338][T16099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1760.059570][T16099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1760.089889][T16365] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1760.106772][T16365] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1760.115941][T16365] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1760.129955][T16365] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1760.138051][T16365] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1760.686638][ T3573] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1760.910585][ T3573] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1761.614614][ T3573] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1761.832975][ T3573] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1761.958894][T13782] chnl_net:caif_netlink_parms(): no params data found
[ 1762.066879][T13982] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1762.202380][T16099] Bluetooth: hci1: command tx timeout
[ 1762.542596][T13782] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1762.563846][T13782] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1762.571189][T13782] bridge_slave_0: entered allmulticast mode
[ 1762.599757][T13782] bridge_slave_0: entered promiscuous mode
[ 1762.649870][T14049] PM: Enabling pm_trace changes system date and time during resume.
[ 1762.649870][T14049] PM: Correct system time has to be restored manually after resume.
[ 1762.695637][T13782] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1762.703200][T13782] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1762.710527][T13782] bridge_slave_1: entered allmulticast mode
[ 1762.745594][T13782] bridge_slave_1: entered promiscuous mode
[ 1762.963104][T13782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1762.980518][T13782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1763.034772][ T3573] bridge_slave_1: left allmulticast mode
[ 1763.040512][ T3573] bridge_slave_1: left promiscuous mode
[ 1763.074322][ T3573] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1763.111878][ T3573] bridge_slave_0: left allmulticast mode
[ 1763.132314][ T3573] bridge_slave_0: left promiscuous mode
[ 1763.140404][ T3573] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1764.284906][T16099] Bluetooth: hci1: command tx timeout
[ 1764.595744][T14149] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1765.000258][T14167] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1765.143034][ T3573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1765.195107][ T3573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1765.238243][ T3573] bond0 (unregistering): Released all slaves
[ 1765.427449][T13782] team0: Port device team_slave_0 added
[ 1765.430796][T13782] team0: Port device team_slave_1 added
[ 1765.650366][T13782] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1765.650387][T13782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1765.650425][T13782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1765.653712][T13782] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1765.653732][T13782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1765.653771][T13782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1766.049291][T13782] hsr_slave_0: entered promiscuous mode
[ 1766.067088][T13782] hsr_slave_1: entered promiscuous mode
[ 1766.093096][T13782] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1766.110033][T13782] Cannot create hsr debugfs directory
[ 1766.206473][ T3573] hsr_slave_0: left promiscuous mode
[ 1766.238188][ T3573] hsr_slave_1: left promiscuous mode
[ 1766.246096][ T3573] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1766.259052][ T3573] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1766.280081][ T3573] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1766.302302][ T3573] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1766.336131][T14285] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1766.362220][T16099] Bluetooth: hci1: command tx timeout
[ 1766.394630][ T3573] veth1_macvtap: left promiscuous mode
[ 1766.419960][ T3573] veth0_macvtap: left promiscuous mode
[ 1766.447434][ T3573] veth1_vlan: left promiscuous mode
[ 1766.467739][ T3573] veth0_vlan: left promiscuous mode
[ 1767.908520][T14324] [U] ^G
[ 1768.442477][T16099] Bluetooth: hci1: command tx timeout
[ 1769.510940][T14363] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1770.073233][ T3573] team0 (unregistering): Port device team_slave_1 removed
[ 1770.126405][T14356] Falling back ldisc for ptm0.
[ 1770.300556][ T3573] team0 (unregistering): Port device team_slave_0 removed
[ 1770.969498][T14402] usb usb8: usbfs: process 14402 (syz.5.11610) did not claim interface 0 before use
[ 1773.535409][T14312] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1773.541409][T14312] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1776.888194][T14643] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1776.954772][T13782] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1776.997686][T13782] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1777.108977][T13782] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1777.187325][T13782] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1777.628900][T13782] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1777.657999][T13782] 8021q: adding VLAN 0 to HW filter on device team0
[ 1777.731957][ T4350] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1777.739283][ T4350] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1777.764777][ T4350] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1777.772143][ T4350] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1778.669843][T13782] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1779.454466][T13782] veth0_vlan: entered promiscuous mode
[ 1779.554179][T13782] veth1_vlan: entered promiscuous mode
[ 1779.681628][T13782] veth0_macvtap: entered promiscuous mode
[ 1779.723905][T13782] veth1_macvtap: entered promiscuous mode
[ 1779.806393][T13782] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1779.849531][T13782] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1779.889271][T13782] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1779.915817][T13782] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1779.942312][T13782] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1779.951187][T13782] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1780.230533][ T3573] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1780.271204][ T3573] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1780.328906][T14789] program syz.5.11652 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1780.427845][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1780.456949][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1780.580600][T14800] ALSA: seq fatal error: cannot create timer (-22)
[ 1782.508677][T14862] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1787.500258][T15019] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1788.512941][T16365] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1788.524239][T16365] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1788.542674][T16365] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1788.562376][T16365] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1788.580967][T16365] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1788.602915][T16099] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1788.622574][T16099] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1788.631846][T16099] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1788.648590][T16099] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1788.662508][T16099] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1789.789698][ T4350] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1790.762371][T16365] Bluetooth: hci2: command tx timeout
[ 1790.785605][ T4350] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1790.868694][T15063] chnl_net:caif_netlink_parms(): no params data found
[ 1791.116440][ T4350] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1791.279693][ T4350] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1791.399549][T15063] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1791.416860][T15063] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1791.430898][T15063] bridge_slave_0: entered allmulticast mode
[ 1791.439796][T15063] bridge_slave_0: entered promiscuous mode
[ 1791.459887][T15063] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1791.471244][T15063] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1791.488018][T15063] bridge_slave_1: entered allmulticast mode
[ 1791.496644][T15063] bridge_slave_1: entered promiscuous mode
[ 1791.621334][T15063] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1791.649251][T15063] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1791.791439][ T4350] bridge_slave_1: left allmulticast mode
[ 1791.799089][ T4350] bridge_slave_1: left promiscuous mode
[ 1791.808820][ T4350] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1791.821082][ T4350] bridge_slave_0: left allmulticast mode
[ 1791.830542][ T4350] bridge_slave_0: left promiscuous mode
[ 1791.837923][ T4350] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1791.892835][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.899386][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.258698][T15125] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1792.294964][T15125] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1792.842755][T16365] Bluetooth: hci2: command tx timeout
[ 1793.849914][T15386] binder: 15385:15386 ioctl c0306201 200000000640 returned -22
[ 1793.890468][T15386] binder: 15385:15386 ioctl c0306201 200000000640 returned -22
[ 1794.294251][T15408] sd 0:0:1:0: device reset
[ 1794.478875][ T4350] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1794.552681][ T4350] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1794.619120][ T4350] bond0 (unregistering): Released all slaves
[ 1794.658893][T15063] team0: Port device team_slave_0 added
[ 1794.675535][T15063] team0: Port device team_slave_1 added
[ 1795.000963][T15409] tap0: tun_chr_ioctl cmd 1074812118
[ 1795.154808][T15443] loop6: detected capacity change from 0 to 524287999
[ 1795.304213][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1795.426886][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1795.459391][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1795.546655][T15063] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1795.562265][T15063] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1795.615276][T15063] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1795.743088][T15063] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1795.750395][T15063] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1795.776506][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1795.783242][T15462] Invalid logical block size (6)
[ 1795.789290][T15063] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1795.830027][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1795.960697][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1796.080468][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1796.125641][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1796.185563][ T4350] hsr_slave_0: left promiscuous mode
[ 1796.199530][ T4350] hsr_slave_1: left promiscuous mode
[ 1796.208205][ T4350] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1796.222946][ T4350] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1796.236718][ T4350] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1796.245255][ T4350] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1796.281749][ T4350] veth1_macvtap: left promiscuous mode
[ 1796.289844][ T4350] veth0_macvtap: left promiscuous mode
[ 1796.304028][ T4350] veth1_vlan: left promiscuous mode
[ 1796.309607][ T4350] veth0_vlan: left promiscuous mode
[ 1796.321986][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1796.331216][T15443] ldm_validate_partition_table(): Disk read failed.
[ 1796.343032][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1796.351144][T15443] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1796.364720][T15443] Dev loop6: unable to read RDB block 0
[ 1796.370879][T15443]  loop6: unable to read partition table
[ 1796.379912][T15443] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[ 1796.927035][T15513] CUSE: info not properly terminated
[ 1797.750465][T15527] binder: 15519:15527 ioctl 40046210 ffffffffffffffff returned -14
[ 1799.477115][ T4350] team0 (unregistering): Port device team_slave_1 removed
[ 1799.710237][ T4350] team0 (unregistering): Port device team_slave_0 removed
[ 1802.231398][T15063] hsr_slave_0: entered promiscuous mode
[ 1802.238383][T15063] hsr_slave_1: entered promiscuous mode
[ 1802.245410][T15063] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1802.262850][T15063] Cannot create hsr debugfs directory
[ 1802.718007][T15619] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1803.253385][T15640] vivid-000: disconnect
[ 1803.369178][T15634] vivid-000: reconnect
[ 1803.610228][T15663] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1804.073006][T15063] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1804.138871][T15063] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1804.156522][T15063] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1804.196243][T15063] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1804.407815][T15063] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1804.477699][T15063] 8021q: adding VLAN 0 to HW filter on device team0
[ 1804.507870][ T1036] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1804.515136][ T1036] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1804.567658][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1804.574883][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1805.134360][T15063] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1805.253702][T15063] veth0_vlan: entered promiscuous mode
[ 1805.268575][T15063] veth1_vlan: entered promiscuous mode
[ 1805.303168][T15063] veth0_macvtap: entered promiscuous mode
[ 1805.314650][T15063] veth1_macvtap: entered promiscuous mode
[ 1805.352038][T15063] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1805.375786][T15063] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1805.399438][T15063] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1805.419689][T15063] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1805.431571][T15063] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1805.448109][T15063] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1805.670195][ T4350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1805.694492][ T4350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1805.745512][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1805.769219][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1810.057089][T15925] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1810.578922][T15950] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1812.732138][T16040] vivid-001: kernel_thread() failed
[ 1812.996985][T16060] sp0: Synchronizing with TNC
[ 1813.216407][T16077] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1814.024465][T16102] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1814.057670][T16104] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1815.075988][T16121] input: syz1 as /devices/virtual/input/input399
[ 1816.033800][T16189] syz.0.11816: attempt to access beyond end of device
[ 1816.033800][T16189] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1816.206746][T16197] ubi: mtd0 is already attached to ubi0
[ 1817.357103][T16247] binder: 16246:16247 ioctl 4018620d 0 returned -22
[ 1817.409396][T16249] kvm: user requested TSC rate below hardware speed
[ 1817.436473][T16251] binder: 16246:16251 ioctl c018620c 0 returned -14
[ 1818.163034][T16247] binder: 16246:16247 ioctl c0306201 2000000000c0 returned -14
[ 1820.927594][T16386] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1821.736473][T16408] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=220138064 (3522209024 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1821.766259][T16408] binder: 16407:16408 ioctl c018620c 0 returned -14
[ 1822.263845][T16099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1822.288780][T16099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1822.308552][T16099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1822.317517][T16099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1822.325379][T16099] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1822.351903][T16365] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1822.360611][T16365] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1822.377874][T16365] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1822.388661][T16365] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1822.399744][T16365] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1823.068309][T31074] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1823.335249][T31074] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1823.477628][T31074] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1823.610300][T31074] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1823.967419][T16413] chnl_net:caif_netlink_parms(): no params data found
[ 1824.307035][T31074] bridge_slave_1: left allmulticast mode
[ 1824.315409][T31074] bridge_slave_1: left promiscuous mode
[ 1824.321308][T31074] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1824.442507][T16365] Bluetooth: hci3: command tx timeout
[ 1824.453444][T31074] bridge_slave_0: left allmulticast mode
[ 1824.461966][T31074] bridge_slave_0: left promiscuous mode
[ 1824.494747][T31074] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1825.174650][T16678] FAULT_INJECTION: forcing a failure.
[ 1825.174650][T16678] name failslab, interval 1, probability 0, space 0, times 0
[ 1825.174703][T16678] CPU: 1 UID: 0 PID: 16678 Comm: syz.0.11880 Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 1825.174727][T16678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1825.174741][T16678] Call Trace:
[ 1825.174750][T16678]  <TASK>
[ 1825.174759][T16678]  dump_stack_lvl+0x189/0x250
[ 1825.174790][T16678]  ? __pfx____ratelimit+0x10/0x10
[ 1825.174844][T16678]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1825.174870][T16678]  ? __pfx__printk+0x10/0x10
[ 1825.174899][T16678]  ? __pfx___might_resched+0x10/0x10
[ 1825.174923][T16678]  ? fs_reclaim_acquire+0x7d/0x100
[ 1825.174958][T16678]  should_fail_ex+0x414/0x560
[ 1825.174991][T16678]  should_failslab+0xa8/0x100
[ 1825.175020][T16678]  __kmalloc_noprof+0xcb/0x4f0
[ 1825.175043][T16678]  ? kfree+0x4d/0x440
[ 1825.175064][T16678]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1825.175095][T16678]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1825.175122][T16678]  ? tomoyo_domain+0xd9/0x130
[ 1825.175159][T16678]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1825.175191][T16678]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1825.175228][T16678]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1825.175279][T16678]  ? __lock_acquire+0xab9/0xd20
[ 1825.175322][T16678]  ? __fget_files+0x2a/0x420
[ 1825.175357][T16678]  ? __fget_files+0x2a/0x420
[ 1825.175386][T16678]  ? __fget_files+0x3a0/0x420
[ 1825.175415][T16678]  ? __fget_files+0x2a/0x420
[ 1825.175450][T16678]  security_file_ioctl+0xcb/0x2d0
[ 1825.175484][T16678]  __se_sys_ioctl+0x47/0x170
[ 1825.175512][T16678]  do_syscall_64+0xfa/0x3b0
[ 1825.175532][T16678]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1825.175564][T16678]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1825.175585][T16678]  ? clear_bhb_loop+0x60/0xb0
[ 1825.175610][T16678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1825.175630][T16678] RIP: 0033:0x7f9af978e929
[ 1825.175649][T16678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1825.175667][T16678] RSP: 002b:00007f9afa593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1825.175689][T16678] RAX: ffffffffffffffda RBX: 00007f9af99b5fa0 RCX: 00007f9af978e929
[ 1825.175705][T16678] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 1825.175717][T16678] RBP: 00007f9afa593090 R08: 0000000000000000 R09: 0000000000000000
[ 1825.175730][T16678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1825.175743][T16678] R13: 0000000000000000 R14: 00007f9af99b5fa0 R15: 00007fff051bba68
[ 1825.175776][T16678]  </TASK>
[ 1825.175785][T16678] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1826.522398][T16365] Bluetooth: hci3: command tx timeout
[ 1827.043542][T31074] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1827.136047][T31074] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1827.148905][T16698] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1827.174905][T31074] bond0 (unregistering): Released all slaves
[ 1827.434352][T16413] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1827.441895][T16413] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1827.451701][T16413] bridge_slave_0: entered allmulticast mode
[ 1827.479792][T16413] bridge_slave_0: entered promiscuous mode
[ 1827.504666][T16413] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1827.511894][T16413] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1827.533597][T16413] bridge_slave_1: entered allmulticast mode
[ 1827.541601][T16413] bridge_slave_1: entered promiscuous mode
[ 1827.791820][T16413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1827.822018][T16413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1828.080575][T16413] team0: Port device team_slave_0 added
[ 1828.090587][T16413] team0: Port device team_slave_1 added
[ 1828.168394][T16413] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1828.186545][T16413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1828.220594][T16413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1828.232593][T16726] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1828.238562][T16726] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1828.249164][T16413] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1828.260030][T16413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1828.296541][T16413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1828.479750][T16413] hsr_slave_0: entered promiscuous mode
[ 1828.487997][T16413] hsr_slave_1: entered promiscuous mode
[ 1828.503352][T16413] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1828.512230][T16864] random: crng reseeded on system resumption
[ 1828.543332][T16413] Cannot create hsr debugfs directory
[ 1829.027939][T31074] hsr_slave_0: left promiscuous mode
[ 1829.035942][T31074] hsr_slave_1: left promiscuous mode
[ 1829.047073][T31074] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1829.054700][T31074] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1829.093875][T31074] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1829.101398][T31074] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1829.133394][T31074] veth1_macvtap: left promiscuous mode
[ 1829.139035][T31074] veth0_macvtap: left promiscuous mode
[ 1829.146998][T31074] veth1_vlan: left promiscuous mode
[ 1829.155331][T31074] veth0_vlan: left promiscuous mode
[ 1831.317048][T16940] program syz.4.11894 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1831.918948][T31074] team0 (unregistering): Port device team_slave_1 removed
[ 1832.227153][T31074] team0 (unregistering): Port device team_slave_0 removed
[ 1836.097164][T16413] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1836.149279][T16413] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1836.191908][T16413] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1836.238194][T16413] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1836.457855][T16413] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1836.496201][T16413] 8021q: adding VLAN 0 to HW filter on device team0
[ 1836.513846][T17058] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1836.515781][T17056] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1836.521143][T17058] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1836.566000][T17058] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1836.573266][T17058] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1836.639184][T16413] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1836.663692][T16413] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1837.356505][T16413] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1838.055398][T16413] veth0_vlan: entered promiscuous mode
[ 1838.095630][T16413] veth1_vlan: entered promiscuous mode
[ 1838.162786][T16413] veth0_macvtap: entered promiscuous mode
[ 1838.185683][T16413] veth1_macvtap: entered promiscuous mode
[ 1838.288574][T16413] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1838.307703][T16413] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1838.330654][T16413] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1838.346062][T16413] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1838.355458][T16413] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1838.365833][T16413] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1838.587702][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1838.611187][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1838.673466][ T4350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1838.681924][ T4350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1839.245649][T17117] loop6: detected capacity change from 0 to 524287999
[ 1839.326355][T17148] ALSA: seq fatal error: cannot create timer (-22)
[ 1841.611973][T17244] sd 0:0:1:0: device reset
[ 1841.781080][T17255] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1849.508007][T17516] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1849.533810][T17516] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1849.553699][T17516] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 1849.945097][T17539] loop8: detected capacity change from 0 to 7
[ 1849.967335][T17539] Dev loop8: unable to read RDB block 7
[ 1849.976382][T17539]  loop8: unable to read partition table
[ 1850.070740][T17546] autofs4:pid:17546:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(2.1), cmd(0xc0189374)
[ 1850.087358][T17546] autofs4:pid:17546:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189374)
[ 1850.242638][T17539] loop8: partition table beyond EOD, truncated
[ 1850.248895][T17539] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[ 1852.493560][T17600] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[ 1852.927441][T17623] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1853.157404][T17631] input: syz1 as /devices/virtual/input/input407
[ 1853.270107][T17631] kvm: user requested TSC rate below hardware speed
[ 1853.334672][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.341063][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 1854.709750][T17684] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1854.756400][T17685] hub 6-0:1.0: USB hub found
[ 1854.762629][T17685] hub 6-0:1.0: 1 port detected
[ 1856.302007][T17723] kvm: kvm [17722]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0xa1a9
[ 1856.795142][T17751] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1858.579333][T17848] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1859.299446][T17871] syz.0.12054: attempt to access beyond end of device
[ 1859.299446][T17871] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1863.143875][T18026] loop6: detected capacity change from 0 to 524287999
[ 1863.156504][    C1] blk_print_req_error: 22 callbacks suppressed
[ 1863.156527][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[ 1863.172332][    C1] buffer_io_error: 6 callbacks suppressed
[ 1863.172350][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[ 1863.186630][    C1] Buffer I/O error on dev loop6, logical block 1, lost async page write
[ 1864.229850][T18066] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1864.713741][T18085] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1864.795065][T18089] input: syz1 as /devices/virtual/input/input409
[ 1867.162593][T18301] CUSE: info not properly terminated
[ 1867.235922][T18306] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1867.933277][T18331] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1867.964021][T18331] mkiss: ax0: crc mode is auto.
[ 1868.321024][T18349] random: crng reseeded on system resumption
[ 1868.339031][T18349] Restarting kernel threads ...
[ 1868.350593][T18349] Done restarting kernel threads.
[ 1871.474065][T18428] CUSE: info not properly terminated
[ 1871.776844][T18431] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1871.809585][T18431] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1873.721527][   T30] audit: type=1800 audit(1750406966.068:70): pid=18514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.12157" name="dmabuf" dev="dmabuf" ino=79 res=0 errno=0
[ 1874.754897][T18534] input: syz1 as /devices/virtual/input/input411
[ 1875.008118][T18546] input: syz1 as /devices/virtual/input/input412
[ 1875.689473][T18570] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1875.838609][T18581] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1876.010246][T18591] can0: slcan on ptm0.
[ 1877.103318][T18590] can0 (unregistered): slcan off ptm0.
[ 1878.263161][T18670] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1879.905265][T18719] syz.6.12191: attempt to access beyond end of device
[ 1879.905265][T18719] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1881.780364][T18798] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1881.789154][T18785] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 1882.760202][T18851] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1883.486195][T18875] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1884.709346][T18906] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1884.961185][T18914] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1885.257109][T18927] mkiss: ax0: crc mode is auto.
[ 1885.266777][T18927] input: syz1 as /devices/virtual/input/input414
[ 1885.279866][T18927] input: syz0 as /devices/virtual/input/input415
[ 1885.882936][T18964] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1886.254759][T18993] CUSE: info not properly terminated
[ 1886.612450][T19000] input: syz0 as /devices/virtual/input/input416
[ 1886.618897][T19000] input: failed to attach handler leds to device input416, error: -6
[ 1887.067756][T19022] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1887.108745][T19022] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1888.507856][T19078] ubi: mtd0 is already attached to ubi0
[ 1889.127743][T19106] usb usb8: usbfs: process 19106 (syz.4.12264) did not claim interface 32 before use
[ 1891.569009][T19216] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1892.964839][T19253] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1894.602432][T19310] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1894.622256][T19310] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1894.629678][T19310] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1894.675427][T19310] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1895.425729][T19338] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1895.551901][T19347] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[ 1896.122298][T16099] Bluetooth: hci4: command 0x1003 tx timeout
[ 1896.130557][T16365] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1898.321226][T19448] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1901.757218][T19544] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1901.772440][T19544] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1902.462702][    C1] sd 0:0:1:0: [sda] tag#3316 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1902.473304][    C1] sd 0:0:1:0: [sda] tag#3316 CDB: Read(6) 08 00 00 00 85 f0
[ 1903.380805][T19599] random: crng reseeded on system resumption
[ 1903.400268][T19599] Unrecognized hibernate image header format!
[ 1903.407299][T19599] PM: hibernation: Image mismatch: architecture specific data
[ 1903.416434][T19599] Unrecognized hibernate image header format!
[ 1903.425086][T19599] PM: hibernation: Image mismatch: architecture specific data
[ 1903.436785][T19599] Unrecognized hibernate image header format!
[ 1903.447129][T19599] PM: hibernation: Image mismatch: architecture specific data
[ 1905.261806][T19656] binder: 19654:19656 ioctl c018620b 200000000100 returned -14
[ 1908.021437][T19737] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1908.074370][T19736] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 1908.932268][T19784] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1909.015356][T19793] usb usb8: usbfs: process 19793 (syz.0.12415) did not claim interface 0 before use
[ 1909.431738][T19803] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1910.249514][T19826] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1911.237349][T19851] qrtr: Invalid version 43
[ 1912.774916][T19899] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1913.343106][T19922] loop6: detected capacity change from 0 to 4
[ 1913.360565][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[ 1913.370112][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[ 1913.389077][    C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[ 1913.399577][    C0] Buffer I/O error on dev loop6, logical block 0, lost async page write
[ 1913.869574][T19946] input: syz0 as /devices/virtual/input/input420
[ 1914.768767][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.775752][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 1916.858467][T20067] Sensor A: =================  START STATUS  =================
[ 1916.867423][T20067] Sensor A: Test Pattern: Horizontal 100% Colorbar
[ 1916.884054][T20067] Sensor A: Show Information: None
[ 1916.904413][T20067] Sensor A: Vertical Flip: false
[ 1916.946002][T20067] Sensor A: Horizontal Flip: true
[ 1916.951156][T20067] Sensor A: Brightness: 3
[ 1916.985963][T20067] Sensor A: Contrast: 0
[ 1916.990339][T20067] Sensor A: Hue: 3
[ 1917.018483][T20067] Sensor A: Saturation: 0
[ 1917.034962][T20067] Sensor A: ==================  END STATUS  ==================
[ 1917.263596][T20080] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1917.343911][T20080] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1917.563813][T20099] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1918.655443][T20147] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1920.456831][T20222] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1920.593627][T20233] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1921.386179][T20254] vim2m vim2m.0: Fourcc format (0x56595559) invalid.
[ 1922.345629][T20277] loop8: detected capacity change from 0 to 7
[ 1922.382435][T20277] Dev loop8: unable to read RDB block 7
[ 1922.392969][T20277]  loop8: unable to read partition table
[ 1922.398913][T20277] loop8: partition table beyond EOD, truncated
[ 1922.436106][T20277] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[ 1925.398081][T20412] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1925.882992][T20427] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1926.751203][T20457] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1927.323743][T20478] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1928.321610][T20517] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1928.734350][T20522] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1928.968472][T20540] binder: 20537:20540 ioctl 4018620d 0 returned -22
[ 1932.652285][T20655] syz.0.12596: attempt to access beyond end of device
[ 1932.652285][T20655] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1932.777405][T20661] Attempt to restore checkpoint with obsolete wellknown handles
[ 1933.205131][T20684] input: syz0 as /devices/virtual/input/input426
[ 1933.331976][T20694] input: syz1 as /devices/virtual/input/input427
[ 1935.045399][T20756] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1935.361987][T20769] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1936.136463][T20798] misc userio: No port type given on /dev/userio
[ 1936.153021][T20798] misc userio: The device must be registered before sending interrupts
[ 1936.162160][T20799] misc userio: The device must be registered before sending interrupts
[ 1936.763278][T20815] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1936.817374][T20817] ALSA: mixer_oss: invalid OSS volume ''
[ 1937.854247][T20853] input: syz1 as /devices/virtual/input/input428
[ 1938.222377][T20870] syz.5.12636: attempt to access beyond end of device
[ 1938.222377][T20870] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1938.520437][T20875] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1938.820912][T20879] syz.4.12635: attempt to access beyond end of device
[ 1938.820912][T20879] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1939.964389][T20909] random: crng reseeded on system resumption
[ 1940.505069][T20928] CUSE: zero length info key specified
[ 1941.851381][T20967] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1945.372487][T21099] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1947.592325][T21193] CUSE: info not properly terminated
[ 1948.189411][T21214] binder: 21213:21214 ioctl c0306201 2000000002c0 returned -14
[ 1948.793655][T21236] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1949.293709][T21255] ALSA: seq fatal error: cannot create timer (-22)
[ 1951.739662][T21361] input: syz0 as /devices/virtual/input/input431
[ 1951.848198][T21369] program syz.4.12746 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1953.158709][T21418] kvm: user requested TSC rate below hardware speed
[ 1958.323746][T21588] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1958.457737][T21591] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1959.408674][T21624] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1959.661243][T21638] syz.5.12801: attempt to access beyond end of device
[ 1959.661243][T21638] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1960.248357][T21639] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:4096x2160 (0x30314142, 8, 0, 0, 0)
[ 1960.857761][T21672] binder: BINDER_SET_CONTEXT_MGR already set
[ 1960.867394][T21672] binder: 21668:21672 ioctl 40046207 0 returned -16
[ 1961.079036][T21679] input: syz0 as /devices/virtual/input/input432
[ 1961.979415][T21717] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1962.805630][T21749] binder: 21747:21749 ioctl c0306201 200000000340 returned -14
[ 1964.786510][T21811] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1966.579743][T21856] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1967.152577][T21895] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1969.077302][T21936] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1970.227697][T21978] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1970.300949][T21984] binder: 21982:21984 ioctl c400941b 200000002840 returned -22
[ 1970.479761][T21994] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1972.967776][T22110] vivid-000: disconnect
[ 1973.067647][T22114] qrtr: Invalid version 43
[ 1973.269560][T22125] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1973.387930][T22109] vivid-000: reconnect
[ 1975.946765][T22205] input: syz1 as /devices/virtual/input/input437
[ 1976.225889][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.232444][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 1977.203244][T22254] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1977.367655][ T4350] Bluetooth: Error in BCSP hdr checksum
[ 1977.458855][T22265] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1977.466734][T22265] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1978.444659][T22296] input: syz1 as /devices/virtual/input/input439
[ 1978.514288][T22295] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1978.836792][T22312] input: syz0 as /devices/virtual/input/input440
[ 1979.172150][T16099] Bluetooth: hci4: command 0x1003 tx timeout
[ 1979.172568][T16365] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1979.317260][T22328] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1979.699748][T22354] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1979.731894][T22354] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1979.755511][T22354] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1980.130549][T22383] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1982.739138][T22476] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1982.781779][T22480] loop6: detected capacity change from 0 to 524287999
[ 1983.174460][T22501] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1984.132350][T22535] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1984.143949][T22535] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1984.557008][T22557] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1984.595417][T22558] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1987.377727][T22668] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1987.402477][T22668] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1987.986895][T22685] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1988.247813][T22685] CUSE: info not properly terminated
[ 1990.371531][T22765] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1990.549299][T22771] CUSE: info not properly terminated
[ 1990.557404][T22774] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1990.567400][T22775] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1990.934708][T22798] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1992.826978][T22857] ptm ptm5: ldisc open failed (-12), clearing slot 5
[ 1993.874777][T22894] loop6: detected capacity change from 0 to 524287999
[ 1994.819309][T22928] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1995.277634][T22944] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1995.285816][T22946] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 1995.599919][T22967] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1995.888855][T22973] random: crng reseeded on system resumption
[ 1996.028507][T22983] dlm: plock device version mismatch: kernel (1.2.0), user (1.6.16)
[ 1996.058853][T22983] input: syz1 as /devices/virtual/input/input446
[ 1996.075004][T22981] loop6: detected capacity change from 0 to 7
[ 1996.268131][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.277454][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.289902][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.299207][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.315912][T23002] binder: 22999:23002 ioctl c0306201 200000000540 returned -22
[ 1996.331109][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.340418][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.353324][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.362602][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.377314][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.386612][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.399318][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.408611][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.422927][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.432235][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.448066][T22981] ldm_validate_partition_table(): Disk read failed.
[ 1996.488061][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.497374][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.516077][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.525366][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.549507][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1996.558822][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1996.589822][T23005] syz.5.13077: attempt to access beyond end of device
[ 1996.589822][T23005] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1996.732375][T23010] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1996.785197][T22981] Dev loop6: unable to read RDB block 0
[ 1996.856038][T22981]  loop6: unable to read partition table
[ 1996.865259][T22981] loop6: partition table beyond EOD, truncated
[ 1996.873979][T22981] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà–() failed (rc=-5)
[ 1996.899754][ T5208] ldm_validate_partition_table(): Disk read failed.
[ 1996.907231][ T5208] Dev loop6: unable to read RDB block 0
[ 1996.924679][ T5208]  loop6: unable to read partition table
[ 1996.930616][ T5208] loop6: partition table beyond EOD, truncated
[ 2000.028453][T23154] binder: 23153:23154 ioctl c018620c 200000000140 returned -22
[ 2000.041493][T23155] binder: 23153:23155 ioctl c028660f 200000000140 returned -22
[ 2000.400148][T23167] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2000.665700][T23179] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2001.268502][T23231] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2002.154154][T23356] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2002.795460][T23389] program syz.5.13123 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2003.326633][T23406] program syz.0.13126 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2004.933520][T23443] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 2004.951765][T23442] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 2005.402116][T16365] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 2005.402547][T16099] Bluetooth: hci4: command 0x1003 tx timeout
[ 2007.894957][T23516] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2007.998034][T23521] CUSE: info not properly terminated
[ 2010.600430][T23615] sp0: Synchronizing with TNC
[ 2010.685209][T23615] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[ 2010.888001][T23614] [U] è
[ 2011.193256][T23650] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 2011.524912][   T30] audit: type=1400 audit(1750407103.878:71): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=23662 comm="syz.5.13171"
[ 2011.840297][T23676] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2012.389723][T23698] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2013.541930][T23751] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2014.117611][T23769] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2014.161054][T23785] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2015.069711][T23819] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2016.294699][T23859] [U] ^C
[ 2016.539832][T23869] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2018.608893][T23936] input: syz0 as /devices/virtual/input/input448
[ 2021.771186][T24034] binder: 24033:24034 ioctl 400c620e 2000000000c0 returned -22
[ 2022.243040][T24054] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2022.514533][T24048] ALSA: mixer_oss: invalid OSS volume ''
[ 2022.674172][T24065] input: syz0 as /devices/virtual/input/input449
[ 2022.681047][T24062] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2022.747361][T24065] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2023.118249][T24095] vivid-000: =================  START STATUS  =================
[ 2023.118276][T24095] vivid-000: Enable Output Cropping: false
[ 2023.118307][T24095] vivid-000: Enable Output Composing: false
[ 2023.118335][T24095] vivid-000: Enable Output Scaler: false
[ 2023.118360][T24095] vivid-000: Tx RGB Quantization Range: Automatic
[ 2023.118387][T24095] vivid-000: Transmit Mode: HDMI
[ 2023.118411][T24095] vivid-000: Hotplug Present: 0x00000000
[ 2023.118436][T24095] vivid-000: RxSense Present: 0x00000000
[ 2023.118460][T24095] vivid-000: EDID Present: 0x00000000
[ 2023.118486][T24095] vivid-000: ==================  END STATUS  ==================
[ 2023.936479][T24130] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1317914598 (2635829196 ns) > initial count (1377675984 ns). Using initial count to start timer.
[ 2024.674918][T24162] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2026.294080][   T30] audit: type=1400 audit(1750407118.638:72): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2221D01A0B978D2F2F262D2A83D1 pid=24222 comm="syz.0.13285"
[ 2026.394548][T24226] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2027.198260][T24270] dlm: no locking on control device
[ 2027.298872][T24272] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2029.437200][T24359] sp0: Synchronizing with TNC
[ 2030.400186][T24384] binder: 24383:24384 ioctl c0306201 0 returned -14
[ 2030.412553][T24384] binder: 24383:24384 ioctl c0306201 2000000000c0 returned -11
[ 2032.954491][T24458] CUSE: info not properly terminated
[ 2033.373097][T24468] CUSE: DEVNAME unspecified
[ 2033.974008][T24490] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2034.301488][T24507] input: syz1 as /devices/virtual/input/input452
[ 2034.653264][T24516] tap0: tun_chr_ioctl cmd 1074025672
[ 2034.662155][T24516] tap0: ignored: set checksum enabled
[ 2035.090604][T24539] binder: 24533:24539 ioctl c00c620f 0 returned -14
[ 2035.195711][T24542] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2035.260955][T24539] Sensor A: =================  START STATUS  =================
[ 2035.320830][T24539] Sensor A: Test Pattern: Horizontal 100% Colorbar
[ 2035.363308][   T30] audit: type=1800 audit(1750407127.718:73): pid=24553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.13355" name="video#" dev="devtmpfs" ino=3142 res=0 errno=0
[ 2035.461678][T24539] Sensor A: Show Information: None
[ 2035.468056][T24539] Sensor A: Vertical Flip: false
[ 2035.569673][T24558] blktrace: Concurrent blktraces are not allowed on sg0
[ 2035.650958][T24539] Sensor A: Horizontal Flip: true
[ 2035.906172][T24539] Sensor A: Brightness: 3
[ 2036.245207][T24563] mkiss: ax0: crc mode is auto.
[ 2036.453773][T24539] Sensor A: Contrast: 0
[ 2036.458052][T24539] Sensor A: Hue: 3
[ 2036.623748][T24539] Sensor A: Saturation: 0
[ 2036.628206][T24539] Sensor A: ==================  END STATUS  ==================
[ 2036.955546][T24596] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2037.195871][T24612] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2037.238781][T24612] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2037.650297][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 2037.656790][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 2040.506118][T24738] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2042.704719][T24817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2042.714653][T24817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2042.724542][T24817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2042.739881][T24817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2042.761729][T24817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2042.807262][T16365] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2042.834013][T16365] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2042.862293][T16365] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2042.875435][T16365] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2042.892358][T16365] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2042.955995][T24841] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2043.862540][T24894] blktrace: Concurrent blktraces are not allowed on sg0
[ 2044.118540][ T4350] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2044.324385][ T4350] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2044.691011][T24886] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2044.699550][ T4350] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2044.720402][T24886] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 2044.918908][ T4350] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2044.932595][T16365] Bluetooth: hci4: command tx timeout
[ 2044.944917][T24812] chnl_net:caif_netlink_parms(): no params data found
[ 2045.380001][T24812] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2045.403784][T24812] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2045.411308][T24812] bridge_slave_0: entered allmulticast mode
[ 2045.430393][T24812] bridge_slave_0: entered promiscuous mode
[ 2045.440696][T24812] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2045.452474][T24812] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2045.459828][T24812] bridge_slave_1: entered allmulticast mode
[ 2045.477137][T24812] bridge_slave_1: entered promiscuous mode
[ 2045.628666][T24812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2045.650304][ T4350] bridge_slave_1: left allmulticast mode
[ 2045.658356][ T4350] bridge_slave_1: left promiscuous mode
[ 2045.666591][ T4350] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2045.688742][ T4350] bridge_slave_0: left allmulticast mode
[ 2045.696438][ T4350] bridge_slave_0: left promiscuous mode
[ 2045.702481][ T4350] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2047.816774][ T4350] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2047.881212][ T4350] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2047.924042][ T4350] bond0 (unregistering): Released all slaves
[ 2047.950537][T24812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2048.185076][T24812] team0: Port device team_slave_0 added
[ 2048.204977][T24812] team0: Port device team_slave_1 added
[ 2048.599616][T25226] vivid-000: disconnect
[ 2048.649228][T24812] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2048.657904][T24812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2048.693591][T24812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2048.769474][T24812] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2048.781433][T24812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2048.807599][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2048.815364][T24812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2048.893154][T25211] vivid-000: reconnect
[ 2048.947302][T24812] hsr_slave_0: entered promiscuous mode
[ 2048.975710][T24812] hsr_slave_1: entered promiscuous mode
[ 2049.002592][T24812] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2049.010376][T24812] Cannot create hsr debugfs directory
[ 2049.224879][ T4350] hsr_slave_0: left promiscuous mode
[ 2049.242201][ T4350] hsr_slave_1: left promiscuous mode
[ 2049.248471][ T4350] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2049.272101][ T4350] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2049.354836][ T4350] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2049.364770][ T4350] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2049.440194][ T4350] veth1_macvtap: left promiscuous mode
[ 2049.452148][ T4350] veth0_macvtap: left promiscuous mode
[ 2049.457951][ T4350] veth1_vlan: left promiscuous mode
[ 2049.476610][ T4350] veth0_vlan: left promiscuous mode
[ 2051.668843][ T4350] team0 (unregistering): Port device team_slave_1 removed
[ 2051.864937][ T4350] team0 (unregistering): Port device team_slave_0 removed
[ 2055.061442][T25389] binder: 25376:25389 ioctl c0306201 200000000640 returned -22
[ 2055.318554][T25402] random: crng reseeded on system resumption
[ 2055.415201][T25410] random: crng reseeded on system resumption
[ 2055.432285][T25410] syz.5.13456: attempt to access beyond end of device
[ 2055.432285][T25410] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2055.851667][T24812] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2055.910412][T24812] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2056.021152][T24812] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2056.082971][T24812] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2056.285828][T24812] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2056.317284][T24812] 8021q: adding VLAN 0 to HW filter on device team0
[ 2056.479075][T17058] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2056.486370][T17058] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2056.519828][T17058] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2056.527165][T17058] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2057.038625][T24812] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2057.117688][T24812] veth0_vlan: entered promiscuous mode
[ 2057.137247][T24812] veth1_vlan: entered promiscuous mode
[ 2057.200550][T24812] veth0_macvtap: entered promiscuous mode
[ 2057.251598][T24812] veth1_macvtap: entered promiscuous mode
[ 2057.279672][T24812] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2057.306966][T24812] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2057.321962][T24812] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2057.342053][T24812] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2057.350965][T24812] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2057.370639][T24812] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2057.522810][T17058] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2057.530723][T17058] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2057.572228][T17058] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2057.580127][T17058] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2058.661229][T24817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2058.678583][T24817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2058.692935][T24817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2058.703180][T24817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2058.710960][T24817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2059.327061][ T1161] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2059.498094][ T1161] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2059.868478][ T1161] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2060.006793][ T1161] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2060.269855][T25537] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2060.282298][T25537] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 2060.365721][ T1161] bridge_slave_1: left allmulticast mode
[ 2060.371460][ T1161] bridge_slave_1: left promiscuous mode
[ 2060.382427][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2060.414691][ T1161] bridge_slave_0: left allmulticast mode
[ 2060.420466][ T1161] bridge_slave_0: left promiscuous mode
[ 2060.428414][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2060.863424][   T30] audit: type=1800 audit(1750407153.218:74): pid=25687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.13473" name="sg3" dev="devtmpfs" ino=6729 res=0 errno=0
[ 2062.158767][T25718] syz.0.13481: attempt to access beyond end of device
[ 2062.158767][T25718] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2062.198227][T25719] ALSA: seq fatal error: cannot create timer (-22)
[ 2062.346526][T25722] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2063.152854][ T1161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2063.197836][ T1161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2063.245317][ T1161] bond0 (unregistering): Released all slaves
[ 2063.266832][T25511] chnl_net:caif_netlink_parms(): no params data found
[ 2063.775497][T25511] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2063.793153][T25511] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2063.801137][T25511] bridge_slave_0: entered allmulticast mode
[ 2063.809874][T25511] bridge_slave_0: entered promiscuous mode
[ 2063.823685][T25511] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2063.831071][T25511] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2063.849731][T25511] bridge_slave_1: entered allmulticast mode
[ 2063.861794][T25511] bridge_slave_1: entered promiscuous mode
[ 2064.245119][T25511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2064.328804][ T1161] hsr_slave_0: left promiscuous mode
[ 2064.337115][ T1161] hsr_slave_1: left promiscuous mode
[ 2064.352735][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2064.360665][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2064.375458][ T1161] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2064.394751][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2064.420336][ T1161] veth1_macvtap: left promiscuous mode
[ 2064.429895][ T1161] veth0_macvtap: left promiscuous mode
[ 2064.435719][ T1161] veth1_vlan: left promiscuous mode
[ 2064.441089][ T1161] veth0_vlan: left promiscuous mode
[ 2066.961194][ T1161] team0 (unregistering): Port device team_slave_1 removed
[ 2067.196180][ T1161] team0 (unregistering): Port device team_slave_0 removed
[ 2069.706828][T25511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2069.887350][T25511] team0: Port device team_slave_0 added
[ 2070.084315][T25511] team0: Port device team_slave_1 added
[ 2070.394576][T25511] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2070.419831][T25511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2070.456187][T25511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2070.474674][T25511] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2070.481681][T25511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2070.512139][T25511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2070.778048][T25511] hsr_slave_0: entered promiscuous mode
[ 2070.791007][T25511] hsr_slave_1: entered promiscuous mode
[ 2070.800314][T25511] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2070.811631][T25511] Cannot create hsr debugfs directory
[ 2072.203047][T25511] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2072.279344][T25511] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2072.310103][T25511] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2072.326289][T25511] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2072.486411][T25511] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2072.520603][T25511] 8021q: adding VLAN 0 to HW filter on device team0
[ 2072.541930][ T4350] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2072.549218][ T4350] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2072.569614][T25622] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2072.576866][T25622] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2072.946228][T25511] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2073.434382][T25511] veth0_vlan: entered promiscuous mode
[ 2073.451368][T25511] veth1_vlan: entered promiscuous mode
[ 2073.511156][T25511] veth0_macvtap: entered promiscuous mode
[ 2073.524499][T25511] veth1_macvtap: entered promiscuous mode
[ 2073.558709][T25511] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2073.586794][T25511] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2073.601552][T25511] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2073.610689][T25511] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2073.621692][T25511] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2073.633195][T25511] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2073.864284][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2073.873107][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2073.919432][ T1036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2073.928948][ T1036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2074.001597][T26185] binder: 26179:26185 ioctl 4018620d 0 returned -22
[ 2074.884224][T26238] loop6: detected capacity change from 0 to 7
[ 2074.902506][    C1] blk_print_req_error: 20 callbacks suppressed
[ 2074.902527][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2074.918063][    C1] buffer_io_error: 20 callbacks suppressed
[ 2074.918082][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2074.941647][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2074.950937][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2074.965096][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2074.974365][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2074.983312][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2074.992552][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2075.010196][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2075.019499][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2075.028679][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2075.037956][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2075.052461][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2075.061688][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2075.070174][T26238] ldm_validate_partition_table(): Disk read failed.
[ 2075.078411][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2075.087660][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2075.095859][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2075.105194][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2075.114333][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2075.123641][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2075.132200][T26238] Dev loop6: unable to read RDB block 0
[ 2075.140215][T26238]  loop6: unable to read partition table
[ 2075.164481][T26238] loop6: partition table beyond EOD, truncated
[ 2075.170731][T26238] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà–() failed (rc=-5)
[ 2075.385882][T26248] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2099.089519][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 2099.096038][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 2160.529464][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 2160.536026][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 2221.968356][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[ 2221.976944][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[ 2232.211547][   T31] INFO: task kworker/0:0:14115 blocked for more than 143 seconds.
[ 2232.219618][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 2232.230462][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2232.240676][   T31] task:kworker/0:0     state:D stack:23880 pid:14115 tgid:14115 ppid:2      task_flags:0x4208060 flags:0x00004000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2232.256314][   T31] Workqueue: events rfkill_global_led_trigger_worker
[ 2232.263693][   T31] Call Trace:
[ 2232.267284][   T31]  <TASK>
[ 2232.270262][   T31]  __schedule+0x16f5/0x4d00
[ 2232.292078][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2232.297659][   T31]  ? schedule+0x165/0x360
[ 2232.312279][   T31]  ? __pfx___schedule+0x10/0x10
[ 2232.317304][   T31]  ? schedule+0x91/0x360
[ 2232.332385][   T31]  schedule+0x165/0x360
[ 2232.336656][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2232.352287][   T31]  __mutex_lock+0x724/0xe80
[ 2232.356895][   T31]  ? look_up_lock_class+0x74/0x170
[ 2232.372035][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2232.376995][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 2232.383768][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2232.388857][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2232.396148][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2232.405202][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 2232.411435][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 2232.417783][   T31]  process_scheduled_works+0xae1/0x17b0
[ 2232.426802][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2232.436254][   T31]  worker_thread+0x8a0/0xda0
[ 2232.440929][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2232.451240][   T31]  ? __kthread_parkme+0x7b/0x200
[ 2232.456625][   T31]  kthread+0x70e/0x8a0
[ 2232.460763][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 2232.470649][   T31]  ? __pfx_kthread+0x10/0x10
[ 2232.476081][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2232.481350][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2232.490434][   T31]  ? __pfx_kthread+0x10/0x10
[ 2232.495550][   T31]  ret_from_fork+0x3f9/0x770
[ 2232.500195][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2232.510231][   T31]  ? __switch_to_asm+0x39/0x70
[ 2232.515460][   T31]  ? __switch_to_asm+0x33/0x70
[ 2232.520278][   T31]  ? __pfx_kthread+0x10/0x10
[ 2232.528431][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2232.533622][   T31]  </TASK>
[ 2232.536756][   T31] INFO: task syz.4.13523:26233 blocked for more than 143 seconds.
[ 2232.551193][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 2232.566031][   T31]       Blocked by coredump.
[ 2232.570681][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2232.581054][   T31] task:syz.4.13523     state:D stack:26328 pid:26233 tgid:26195 ppid:13782  task_flags:0x40044c flags:0x00004002
[ 2232.596905][   T31] Call Trace:
[ 2232.600246][   T31]  <TASK>
[ 2232.603838][   T31]  __schedule+0x16f5/0x4d00
[ 2232.608444][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2232.617928][   T31]  ? schedule+0x165/0x360
[ 2232.622767][   T31]  ? __pfx___schedule+0x10/0x10
[ 2232.627709][   T31]  ? schedule+0x91/0x360
[ 2232.635510][   T31]  schedule+0x165/0x360
[ 2232.639748][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2232.645712][   T31]  __mutex_lock+0x724/0xe80
[ 2232.650271][   T31]  ? kobject_put+0x43f/0x480
[ 2232.661246][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2232.668387][   T31]  ? rfkill_unregister+0xc8/0x220
[ 2232.677405][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2232.684914][   T31]  ? __pfx_device_del+0x10/0x10
[ 2232.689846][   T31]  rfkill_unregister+0xc8/0x220
[ 2232.698325][   T31]  nfc_unregister_device+0x96/0x2a0
[ 2232.704297][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 2232.710084][   T31]  virtual_ncidev_close+0x56/0x90
[ 2232.718789][   T31]  __fput+0x44c/0xa70
[ 2232.724162][   T31]  task_work_run+0x1d1/0x260
[ 2232.728828][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 2232.737827][   T31]  do_exit+0x6ad/0x22e0
[ 2232.742679][   T31]  ? do_raw_spin_lock+0x121/0x290
[ 2232.748212][   T31]  ? __pfx_do_exit+0x10/0x10
[ 2232.756521][   T31]  do_group_exit+0x21c/0x2d0
[ 2232.761194][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2232.771430][   T31]  get_signal+0x1286/0x1340
[ 2232.781472][   T31]  arch_do_signal_or_restart+0x9a/0x750
[ 2232.787996][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2232.797968][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2232.804579][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 2232.810124][   T31]  exit_to_user_mode_loop+0x75/0x110
[ 2232.819426][   T31]  ? ret_from_fork+0x472/0x770
[ 2232.824611][   T31]  ret_from_fork+0x47f/0x770
[ 2232.829278][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2232.839143][   T31]  ? __switch_to_asm+0x39/0x70
[ 2232.872222][   T31]  ? __switch_to_asm+0x33/0x70
[ 2232.877121][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2232.915407][   T31]  </TASK>
[ 2232.918549][   T31] INFO: task syz.6.13525:26216 blocked for more than 144 seconds.
[ 2232.952083][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 2232.959803][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2232.974891][   T31] task:syz.6.13525     state:D stack:25080 pid:26216 tgid:26205 ppid:1204   task_flags:0x400040 flags:0x00004006
[ 2232.990031][   T31] Call Trace:
[ 2232.993435][   T31]  <TASK>
[ 2232.996416][   T31]  __schedule+0x16f5/0x4d00
[ 2233.001087][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2233.010237][   T31]  ? schedule+0x165/0x360
[ 2233.019828][   T31]  ? __pfx___schedule+0x10/0x10
[ 2233.029264][   T31]  ? schedule+0x91/0x360
[ 2233.034044][   T31]  schedule+0x165/0x360
[ 2233.038277][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2233.046870][   T31]  __mutex_lock+0x724/0xe80
[ 2233.051460][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2233.057449][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2233.065564][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 2233.070957][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2233.076507][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2233.081811][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 2233.091519][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2233.098047][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 2233.107141][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[ 2233.112431][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 2233.118221][   T31]  rfkill_set_block+0x1cf/0x440
[ 2233.126456][   T31]  rfkill_fop_write+0x44b/0x570
[ 2233.131391][   T31]  ? common_file_perm+0x199/0x200
[ 2233.141090][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2233.147011][   T31]  ? security_kernfs_init_security+0x250/0x290
[ 2233.156320][   T31]  ? rw_verify_area+0x258/0x650
[ 2233.161256][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2233.167926][   T31]  vfs_write+0x27b/0xa90
[ 2233.175449][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 2233.180305][   T31]  ? __fget_files+0x2a/0x420
[ 2233.185036][   T31]  ? __fget_files+0x2a/0x420
[ 2233.189693][   T31]  ? __fget_files+0x3a0/0x420
[ 2233.197556][   T31]  ? __fget_files+0x2a/0x420
[ 2233.202308][   T31]  ksys_write+0x145/0x250
[ 2233.206706][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 2233.211618][   T31]  ? rcu_is_watching+0x15/0xb0
[ 2233.219581][   T31]  ? do_syscall_64+0xbe/0x3b0
[ 2233.224549][   T31]  do_syscall_64+0xfa/0x3b0
[ 2233.229116][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2233.236655][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2233.250509][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 2233.256015][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2233.265281][   T31] RIP: 0033:0x7f0a00b8e929
[ 2233.269764][   T31] RSP: 002b:00007f0a0191d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2233.279353][   T31] RAX: ffffffffffffffda RBX: 00007f0a00db6080 RCX: 00007f0a00b8e929
[ 2233.290539][   T31] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000008
[ 2233.298666][   T31] RBP: 00007f0a00c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 2233.309864][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2233.318023][   T31] R13: 0000000000000000 R14: 00007f0a00db6080 R15: 00007ffdbcc88d58
[ 2233.329780][   T31]  </TASK>
[ 2233.332952][   T31] INFO: task syz.5.13533:26270 blocked for more than 144 seconds.
[ 2233.340811][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 2233.352271][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2233.361015][   T31] task:syz.5.13533     state:D stack:28248 pid:26270 tgid:26268 ppid:25511  task_flags:0x400040 flags:0x00004004
[ 2233.379504][   T31] Call Trace:
[ 2233.382983][   T31]  <TASK>
[ 2233.385969][   T31]  __schedule+0x16f5/0x4d00
[ 2233.390546][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2233.395656][   T31]  ? schedule+0x165/0x360
[ 2233.400055][   T31]  ? __pfx___schedule+0x10/0x10
[ 2233.405086][   T31]  ? schedule+0x91/0x360
[ 2233.409396][   T31]  schedule+0x165/0x360
[ 2233.413687][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2233.419225][   T31]  __mutex_lock+0x724/0xe80
[ 2233.423852][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2233.428585][   T31]  ? rfkill_fop_open+0x12d/0x820
[ 2233.433672][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2233.438779][   T31]  ? __raw_spin_lock_init+0x45/0x100
[ 2233.444194][   T31]  ? __init_waitqueue_head+0xa9/0x150
[ 2233.449634][   T31]  rfkill_fop_open+0x12d/0x820
[ 2233.454618][   T31]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 2233.460047][   T31]  misc_open+0x2bc/0x330
[ 2233.464476][   T31]  chrdev_open+0x4cc/0x5e0
[ 2233.468962][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2233.474054][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2233.479055][   T31]  do_dentry_open+0xdf3/0x1970
[ 2233.484494][   T31]  vfs_open+0x3b/0x340
[ 2233.488625][   T31]  ? path_openat+0x2ecd/0x3830
[ 2233.496391][   T31]  path_openat+0x2ee5/0x3830
[ 2233.501050][   T31]  ? arch_stack_walk+0xfc/0x150
[ 2233.508804][   T31]  ? __pfx_path_openat+0x10/0x10
[ 2233.514830][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2233.520983][   T31]  do_filp_open+0x1fa/0x410
[ 2233.528148][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2233.534070][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 2233.539192][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 2233.546683][   T31]  ? alloc_fd+0x64c/0x6c0
[ 2233.551112][   T31]  do_sys_openat2+0x121/0x1c0
[ 2233.557001][   T31]  ? __se_sys_futex+0x36f/0x400
[ 2233.566305][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2233.571590][   T31]  ? rcu_is_watching+0x15/0xb0
[ 2233.577724][   T31]  __x64_sys_openat+0x138/0x170
[ 2233.585537][   T31]  do_syscall_64+0xfa/0x3b0
[ 2233.590107][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2233.597040][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2233.608365][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 2233.617259][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2233.625844][   T31] RIP: 0033:0x7f5bfc58e929
[ 2233.630330][   T31] RSP: 002b:00007f5bfd372038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2233.640557][   T31] RAX: ffffffffffffffda RBX: 00007f5bfc7b6080 RCX: 00007f5bfc58e929
[ 2233.651536][   T31] RDX: 0000000000000801 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 2233.660725][   T31] RBP: 00007f5bfc610b39 R08: 0000000000000000 R09: 0000000000000000
[ 2233.671679][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2233.685410][   T31] R13: 0000000000000000 R14: 00007f5bfc7b6080 R15: 00007ffd923e53e8
[ 2233.694748][   T31]  </TASK>
[ 2233.697858][   T31] INFO: task syz.0.13535:26277 blocked for more than 144 seconds.
[ 2233.717067][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 2233.728507][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2233.740365][   T31] task:syz.0.13535     state:D stack:26168 pid:26277 tgid:26276 ppid:24812  task_flags:0x400040 flags:0x00004004
[ 2233.755579][   T31] Call Trace:
[ 2233.758929][   T31]  <TASK>
[ 2233.762488][   T31]  __schedule+0x16f5/0x4d00
[ 2233.767076][   T31]  ? __kasan_slab_free+0x62/0x70
[ 2233.775371][   T31]  ? security_file_open+0xb1/0x270
[ 2233.780574][   T31]  ? do_dentry_open+0x35e/0x1970
[ 2233.787052][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2233.796374][   T31]  ? schedule+0x165/0x360
[ 2233.800807][   T31]  ? __pfx___schedule+0x10/0x10
[ 2233.807761][   T31]  ? schedule+0x91/0x360
[ 2233.815813][   T31]  schedule+0x165/0x360
[ 2233.820075][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2233.828222][   T31]  __mutex_lock+0x724/0xe80
[ 2233.839577][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2233.844688][   T31]  ? misc_open+0x51/0x330
[ 2233.849093][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2233.857553][   T31]  misc_open+0x51/0x330
[ 2233.861805][   T31]  chrdev_open+0x4cc/0x5e0
[ 2233.866650][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2233.871678][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2233.880069][   T31]  do_dentry_open+0xdf3/0x1970
[ 2233.885335][   T31]  vfs_open+0x3b/0x340
[ 2233.889476][   T31]  ? path_openat+0x2ecd/0x3830
[ 2233.901215][   T31]  path_openat+0x2ee5/0x3830
[ 2233.907267][   T31]  ? arch_stack_walk+0xfc/0x150
[ 2233.915572][   T31]  ? __pfx_path_openat+0x10/0x10
[ 2233.920591][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2233.927465][   T31]  do_filp_open+0x1fa/0x410
[ 2233.937229][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2233.945831][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 2233.950965][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 2233.959214][   T31]  ? alloc_fd+0x64c/0x6c0
[ 2233.964651][   T31]  do_sys_openat2+0x121/0x1c0
[ 2233.969399][   T31]  ? __se_sys_futex+0x36f/0x400
[ 2233.977795][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2233.983398][   T31]  ? rcu_is_watching+0x15/0xb0
[ 2233.988258][   T31]  __x64_sys_openat+0x138/0x170
[ 2233.996486][   T31]  do_syscall_64+0xfa/0x3b0
[ 2234.001058][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2234.007682][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.018125][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 2234.023228][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.029199][   T31] RIP: 0033:0x7f200c98e929
[ 2234.037639][   T31] RSP: 002b:00007f200d736038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2234.049507][   T31] RAX: ffffffffffffffda RBX: 00007f200cbb5fa0 RCX: 00007f200c98e929
[ 2234.064341][   T31] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 2234.073277][   T31] RBP: 00007f200ca10b39 R08: 0000000000000000 R09: 0000000000000000
[ 2234.081324][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2234.092035][   T31] R13: 0000000000000000 R14: 00007f200cbb5fa0 R15: 00007ffc5776cbd8
[ 2234.100631][   T31]  </TASK>
[ 2234.107055][   T31] INFO: task syz.0.13535:26278 blocked for more than 145 seconds.
[ 2234.121335][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 2234.134713][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2234.144844][   T31] task:syz.0.13535     state:D stack:27840 pid:26278 tgid:26276 ppid:24812  task_flags:0x400040 flags:0x00004004
[ 2234.161276][   T31] Call Trace:
[ 2234.167780][   T31]  <TASK>
[ 2234.170993][   T31]  __schedule+0x16f5/0x4d00
[ 2234.179039][   T31]  ? __kasan_slab_free+0x62/0x70
[ 2234.185025][   T31]  ? security_file_open+0xb1/0x270
[ 2234.190214][   T31]  ? do_dentry_open+0x35e/0x1970
[ 2234.196856][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2234.201779][   T31]  ? schedule+0x165/0x360
[ 2234.207816][   T31]  ? __pfx___schedule+0x10/0x10
[ 2234.214381][   T31]  ? schedule+0x91/0x360
[ 2234.218707][   T31]  schedule+0x165/0x360
[ 2234.224147][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2234.229698][   T31]  __mutex_lock+0x724/0xe80
[ 2234.238377][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2234.243269][   T31]  ? misc_open+0x51/0x330
[ 2234.247662][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2234.256314][   T31]  misc_open+0x51/0x330
[ 2234.260560][   T31]  chrdev_open+0x4cc/0x5e0
[ 2234.267127][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2234.277867][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2234.285009][   T31]  do_dentry_open+0xdf3/0x1970
[ 2234.289877][   T31]  vfs_open+0x3b/0x340
[ 2234.297098][   T31]  ? path_openat+0x2ecd/0x3830
[ 2234.302026][   T31]  path_openat+0x2ee5/0x3830
[ 2234.306673][   T31]  ? arch_stack_walk+0xfc/0x150
[ 2234.311621][   T31]  ? __pfx_path_openat+0x10/0x10
[ 2234.319699][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.325939][   T31]  do_filp_open+0x1fa/0x410
[ 2234.330510][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2234.339480][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 2234.345714][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 2234.350634][   T31]  ? alloc_fd+0x64c/0x6c0
[ 2234.358124][   T31]  do_sys_openat2+0x121/0x1c0
[ 2234.363684][   T31]  ? __se_sys_futex+0x36f/0x400
[ 2234.370342][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2234.380882][   T31]  ? rcu_is_watching+0x15/0xb0
[ 2234.388457][   T31]  __x64_sys_openat+0x138/0x170
[ 2234.397640][   T31]  do_syscall_64+0xfa/0x3b0
[ 2234.402338][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2234.407600][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.416783][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 2234.421539][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.427584][   T31] RIP: 0033:0x7f200c98e929
[ 2234.432216][   T31] RSP: 002b:00007f200d715038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2234.440693][   T31] RAX: ffffffffffffffda RBX: 00007f200cbb6080 RCX: 00007f200c98e929
[ 2234.456369][   T31] RDX: 0000000000040402 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 2234.466163][   T31] RBP: 00007f200ca10b39 R08: 0000000000000000 R09: 0000000000000000
[ 2234.476252][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2234.488025][   T31] R13: 0000000000000000 R14: 00007f200cbb6080 R15: 00007ffc5776cbd8
[ 2234.500209][   T31]  </TASK>
[ 2234.505875][   T31] INFO: task syz.0.13535:26279 blocked for more than 145 seconds.
[ 2234.515382][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 2234.524712][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2234.535040][   T31] task:syz.0.13535     state:D stack:27840 pid:26279 tgid:26276 ppid:24812  task_flags:0x400040 flags:0x00004004
[ 2234.548670][   T31] Call Trace:
[ 2234.554519][   T31]  <TASK>
[ 2234.557516][   T31]  __schedule+0x16f5/0x4d00
[ 2234.564604][   T31]  ? __kasan_slab_free+0x62/0x70
[ 2234.569622][   T31]  ? security_file_open+0xb1/0x270
[ 2234.576412][   T31]  ? do_dentry_open+0x35e/0x1970
[ 2234.581439][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2234.588338][   T31]  ? schedule+0x165/0x360
[ 2234.596243][   T31]  ? __pfx___schedule+0x10/0x10
[ 2234.601294][   T31]  ? schedule+0x91/0x360
[ 2234.609765][   T31]  schedule+0x165/0x360
[ 2234.617496][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2234.624815][   T31]  __mutex_lock+0x724/0xe80
[ 2234.629387][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2234.635970][   T31]  ? misc_open+0x51/0x330
[ 2234.640374][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2234.647285][   T31]  misc_open+0x51/0x330
[ 2234.651516][   T31]  chrdev_open+0x4cc/0x5e0
[ 2234.657833][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2234.665754][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 2234.670772][   T31]  do_dentry_open+0xdf3/0x1970
[ 2234.678500][   T31]  vfs_open+0x3b/0x340
[ 2234.686478][   T31]  ? path_openat+0x2ecd/0x3830
[ 2234.691313][   T31]  path_openat+0x2ee5/0x3830
[ 2234.698259][   T31]  ? arch_stack_walk+0xfc/0x150
[ 2234.706919][   T31]  ? __pfx_path_openat+0x10/0x10
[ 2234.715609][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.721779][   T31]  do_filp_open+0x1fa/0x410
[ 2234.729698][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2234.736404][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 2234.741521][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 2234.748295][   T31]  ? alloc_fd+0x64c/0x6c0
[ 2234.754517][   T31]  do_sys_openat2+0x121/0x1c0
[ 2234.759262][   T31]  ? __se_sys_futex+0x36f/0x400
[ 2234.766278][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2234.771565][   T31]  ? rcu_is_watching+0x15/0xb0
[ 2234.779468][   T31]  __x64_sys_openat+0x138/0x170
[ 2234.787458][   T31]  do_syscall_64+0xfa/0x3b0
[ 2234.793792][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2234.799063][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.807368][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 2234.816082][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2234.825977][   T31] RIP: 0033:0x7f200c98e929
[ 2234.830472][   T31] RSP: 002b:00007f200a7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2234.845257][   T31] RAX: ffffffffffffffda RBX: 00007f200cbb6160 RCX: 00007f200c98e929
[ 2234.854191][   T31] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 2234.864647][   T31] RBP: 00007f200ca10b39 R08: 0000000000000000 R09: 0000000000000000
[ 2234.873570][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2234.881602][   T31] R13: 0000000000000000 R14: 00007f200cbb6160 R15: 00007ffc5776cbd8
[ 2234.890814][   T31]  </TASK>
[ 2234.897366][   T31] 
[ 2234.897366][   T31] Showing all locks held in the system:
[ 2234.906799][   T31] 2 locks held by ksoftirqd/0/15:
[ 2234.911881][   T31] 1 lock held by khungtaskd/31:
[ 2234.919422][   T31]  #0: ffffffff8e33eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 2234.936729][   T31] 2 locks held by getty/5597:
[ 2234.941506][   T31]  #0: ffff88803124e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2234.956048][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 2234.966376][   T31] 1 lock held by syz-executor/13782:
[ 2234.971707][   T31]  #0: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 2234.982138][   T31] 3 locks held by kworker/0:0/14115:
[ 2234.987469][   T31]  #0: ffff88801a880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2235.004377][   T31]  #1: ffffc9000b377bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2235.020313][   T31]  #2: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 2235.037301][   T31] 2 locks held by syz.4.13523/26233:
[ 2235.044883][   T31]  #0: ffff8880585ee100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 2235.057739][   T31]  #1: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 2235.069457][   T31] 2 locks held by syz.6.13525/26216:
[ 2235.078144][   T31]  #0: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x191/0x570
[ 2235.089518][   T31]  #1: ffff8880585ee100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 2235.103787][   T31] 2 locks held by syz.5.13533/26270:
[ 2235.109142][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.121310][   T31]  #1: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x12d/0x820
[ 2235.132046][   T31] 1 lock held by syz.0.13535/26277:
[ 2235.137302][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.151622][   T31] 1 lock held by syz.0.13535/26278:
[ 2235.173270][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.181848][   T31] 1 lock held by syz.0.13535/26279:
[ 2235.190645][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.199358][   T31] 1 lock held by syz-executor/26288:
[ 2235.207768][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.217488][   T31] 1 lock held by syz-executor/26291:
[ 2235.226944][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.235659][   T31] 1 lock held by syz-executor/26294:
[ 2235.240994][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.255014][   T31] 1 lock held by syz-executor/26295:
[ 2235.260385][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.270596][   T31] 1 lock held by syz-executor/26306:
[ 2235.279603][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.290903][   T31] 1 lock held by syz-executor/26309:
[ 2235.298476][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.308660][   T31] 1 lock held by syz-executor/26312:
[ 2235.315665][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.325522][   T31] 1 lock held by syz-executor/26313:
[ 2235.330878][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.344604][   T31] 1 lock held by syz-executor/26321:
[ 2235.349983][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.358625][   T31] 1 lock held by syz-executor/26323:
[ 2235.366283][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.374928][   T31] 1 lock held by syz-executor/26328:
[ 2235.380265][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.389095][   T31] 1 lock held by syz-executor/26329:
[ 2235.395583][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 2235.404813][   T31] 
[ 2235.407194][   T31] =============================================
[ 2235.407194][   T31] 
[ 2235.417810][   T31] NMI backtrace for cpu 1
[ 2235.417830][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 2235.417856][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2235.417869][   T31] Call Trace:
[ 2235.417879][   T31]  <TASK>
[ 2235.417888][   T31]  dump_stack_lvl+0x189/0x250
[ 2235.417916][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 2235.417950][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2235.417974][   T31]  ? __pfx__printk+0x10/0x10
[ 2235.418012][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 2235.418044][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2235.418068][   T31]  ? _printk+0xcf/0x120
[ 2235.418096][   T31]  ? __pfx__printk+0x10/0x10
[ 2235.418120][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2235.418156][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 2235.418189][   T31]  watchdog+0xfee/0x1030
[ 2235.418211][   T31]  ? watchdog+0x1de/0x1030
[ 2235.418240][   T31]  kthread+0x70e/0x8a0
[ 2235.418273][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2235.418290][   T31]  ? __pfx_kthread+0x10/0x10
[ 2235.418318][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2235.418349][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2235.418379][   T31]  ? __pfx_kthread+0x10/0x10
[ 2235.418408][   T31]  ret_from_fork+0x3f9/0x770
[ 2235.418433][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2235.418461][   T31]  ? __switch_to_asm+0x39/0x70
[ 2235.418487][   T31]  ? __switch_to_asm+0x33/0x70
[ 2235.418512][   T31]  ? __pfx_kthread+0x10/0x10
[ 2235.418542][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2235.418594][   T31]  </TASK>
[ 2235.418603][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 2235.577530][    C0] NMI backtrace for cpu 0
[ 2235.577547][    C0] CPU: 0 UID: 0 PID: 5208 Comm: udevd Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 2235.577569][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2235.577581][    C0] RIP: 0010:kasan_quarantine_put+0xb3/0x220
[ 2235.577608][    C0] Code: 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f e9 86 cc 4b 09 cc 48 8d 80 c0 85 c1 92 45 8b 76 18 48 83 38 00 74 6f 48 8b 48 08 48 89 19 <48> 89 58 08 48 c7 03 00 00 00 00 4c 03 70 10 4c 89 70 10 49 81 fe
[ 2235.577622][    C0] RSP: 0018:ffffc90002ec7d58 EFLAGS: 00000086
[ 2235.577638][    C0] RAX: ffff8880b86345c0 RBX: ffff888039668000 RCX: ffff88807a489100
[ 2235.577652][    C0] RDX: 0000000000000000 RSI: ffffffff8be41860 RDI: ffffffff8be41820
[ 2235.577665][    C0] RBP: 0000000000000000 R08: ffffffff8fc232f7 R09: 1ffffffff1f8465e
[ 2235.577677][    C0] R10: dffffc0000000000 R11: fffffbfff1f8465f R12: ffffea0000e59a00
[ 2235.577691][    C0] R13: 0000000000000000 R14: 0000000000001100 R15: 0000000000000286
[ 2235.577702][    C0] FS:  00007f6002874880(0000) GS:ffff888125a1c000(0000) knlGS:0000000000000000
[ 2235.577717][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2235.577729][    C0] CR2: 00007ffe036c0fcc CR3: 0000000033518000 CR4: 00000000003526f0
[ 2235.577744][    C0] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[ 2235.577754][    C0] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2235.577765][    C0] Call Trace:
[ 2235.577772][    C0]  <TASK>
[ 2235.577781][    C0]  ? do_unlinkat+0x509/0x560
[ 2235.577804][    C0]  kmem_cache_free+0x18f/0x400
[ 2235.577829][    C0]  do_unlinkat+0x509/0x560
[ 2235.577854][    C0]  ? __pfx_do_unlinkat+0x10/0x10
[ 2235.577880][    C0]  ? getname_flags+0x1e5/0x540
[ 2235.577898][    C0]  __x64_sys_unlink+0x47/0x50
[ 2235.577921][    C0]  do_syscall_64+0xfa/0x3b0
[ 2235.577939][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2235.577955][    C0]  ? asm_common_interrupt+0x26/0x40
[ 2235.577971][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 2235.577991][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2235.578007][    C0] RIP: 0033:0x7f6002115937
[ 2235.578021][    C0] Code: 00 00 e9 a9 fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 5f 00 00 00 0f 05 c3 0f 1f 84 00 00 00 00 00 b8 57 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 91 b4 0d 00 f7 d8 64 89 02 b8
[ 2235.578035][    C0] RSP: 002b:00007ffd1298ba48 EFLAGS: 00000202 ORIG_RAX: 0000000000000057
[ 2235.578053][    C0] RAX: ffffffffffffffda RBX: 0000000000000bb8 RCX: 00007f6002115937
[ 2235.578065][    C0] RDX: 0000000000000000 RSI: 00000000853764c0 RDI: 0000556292bad02e
[ 2235.578077][    C0] RBP: 0000000000000000 R08: 00000000853fb7e5 R09: 7fffffffffffffff
[ 2235.578088][    C0] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000000000
[ 2235.578099][    C0] R13: 0000556292bc8100 R14: 0000000000000001 R15: 0000000000000000
[ 2235.578119][    C0]  </TASK>
[ 2235.578698][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 2235.858857][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 2235.870677][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2235.880762][   T31] Call Trace:
[ 2235.884074][   T31]  <TASK>
[ 2235.887029][   T31]  dump_stack_lvl+0x99/0x250
[ 2235.891666][   T31]  ? __asan_memcpy+0x40/0x70
[ 2235.896293][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2235.901575][   T31]  ? __pfx__printk+0x10/0x10
[ 2235.906219][   T31]  panic+0x2db/0x790
[ 2235.910158][   T31]  ? __pfx_panic+0x10/0x10
[ 2235.914592][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 2235.920421][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 2235.925823][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 2235.932013][   T31]  watchdog+0x102d/0x1030
[ 2235.936375][   T31]  ? watchdog+0x1de/0x1030
[ 2235.940818][   T31]  kthread+0x70e/0x8a0
[ 2235.944914][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2235.949628][   T31]  ? __pfx_kthread+0x10/0x10
[ 2235.954244][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2235.959487][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2235.964715][   T31]  ? __pfx_kthread+0x10/0x10
[ 2235.969363][   T31]  ret_from_fork+0x3f9/0x770
[ 2235.973985][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2235.979124][   T31]  ? __switch_to_asm+0x39/0x70
[ 2235.983917][   T31]  ? __switch_to_asm+0x33/0x70
[ 2235.988704][   T31]  ? __pfx_kthread+0x10/0x10
[ 2235.993321][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2235.998121][   T31]  </TASK>
[ 2236.001448][   T31] Kernel Offset: disabled
[ 2236.005795][   T31] Rebooting in 86400 seconds..