last executing test programs:

13m8.327726848s ago: executing program 3 (id=1590):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x3, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2)
close(0x4)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r5, 0xc03864d0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$dsp(r2, &(0x7f0000001500)=""/4096, 0x1000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x20000000ec071, 0xffffffffffffffff, 0x4000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

13m7.621442346s ago: executing program 2 (id=1593):
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x400)
close(r0)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x200101, 0x0)
ioctl$I2C_RETRIES(r1, 0x701, 0xc00)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = dup(r2)
ioctl$IOMMU_VFIO_IOAS$GET(r3, 0x3b88, &(0x7f00000000c0)={0xc, <r4=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x1, r4, 0x0, 0xac, 0x8001})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000180)={"1092b33f482eee147f0e5624cd2dbc5cd0fe6816244838cd139c42ca65218331dfeb0c698300259c1497416db585c57eb6b574c363a6be85f586f6154aa7ba0daa96ee78878fcabb2f12c926c8b73ce3f0bfbe4da1dd3ccf2a3ef5f3d85f793306682cfce2ee3c8e20f14580977b4d76d7499282b20b9d9c2efdede07aa12c93bea9c72e8f4563d496fb7488796b7449b87953c57a5857b46681efe397cfc4a370a0b2e4ee2ef0870cf499fa2a649971ca8a0a062eda79280b4a0864f31779e148da12a5eee3e0d5d357f039b41a66a8794909f9c68899ed00154a1174cdf9c48dd8b84a769c2752f43dc3182ba1ca3be0f7e8ba62ab57027a43feeb4e1314e54a81b96cf6fd00eb4c02cb6a7a0848a372552d09cb1354d84aec825116ea003d979675057c34b99d2a54a6720f15cf2fe5cc132b33d608cf9d31ab2e7daade2ecf6ce4c3836598fe592b6d6f8fa7728f9423d1514aaf83d83b4b070eb3e7b452bab4cf589370564c6db512fb707139c3eb453cd2a245780cc80679ce9ed9f8cafb82d4cc11de00923f4467c1395791dc762bd82c822c2e130b0d32c54b3027eb47f4e5b2ebd087de447de0b47d39b9a54434d2b8129c623816366cdb01b5ec019a940f055a355b14375a59406f91740127c15f16024b2d2a6139937fb9079f7a00329e1e62efb9bccf025a39e11c87b5ec4e24964554f98063aff57ac3994087489f76a82bf1891fa5671b49bc0f66522f8fb90a45e88df503d6c961fc25684d19e78bc103db9f93a606c300f08ae2e8096f94270144275a6f26dbfbab604c1273f816027ecee371776904393a4fe11a523eadc61ec5ca72e7d23162f5c57d832248621a8038c403e7916fd43b7043855122caf3a0cb3e69e9b07f771cf4a218aef7afbfd3c8e18da309742e546457ae7f6f453873d064f5193659b268f4653c7365a360bc4de75e25d433fa7d871418ab0641869027a0b21d3971b813f76cc00e7030b4a74e2a82295cb704574e2bc44a2c16c111f8d18a12243bd4e29b2433aaeff0ee5c6520c326d6c20deb2d5158f353f81876b9a4203dbee6f109a5bff7559e3313c535db0674fdaa20df5d0b0a1153a6a583a519946aadcb0f6135f1af2c4134a8ed26be614cf30f7e7c62cde29622e052499cc89fa9f11838cee94e6fc1c1b90ac429971b98323e069c759c2d0a5cb379aed5d15db47655524d4e352b9b0caba3c31fb11774b23cab6a3e69efd84f512e2dd4110eef69e286bf3baddb1cc62746285a6868be90228f8ceb2488e5c223e396db987fbf4f38f2d83293261a6433c89d0bcfbe2186a6e85adb83f95f44b7ed10402623a92de3e7e132dacecc7a5fd4f7e7740d672f34e22a4dba58064a43d3fa205bf389a22b55dd4f1827461ef928a0128b11ce7ae6742b73789a5f831b731b8b782bd1589b0d3e131999"})
pwritev(r2, &(0x7f0000000600)=[{&(0x7f0000000580)="642ac34b042c275745af286ef23ce1d8acd5cb5ea69f205800dadeb950efc3ee3ba1d53719718c5836f41a51209be073c9861cdcce1535414342025998a2032afa54569e3bbee558ff5fbda9facb8dac02a0dcfde4cd8004df6a37f576c5d0c01261b4a064ba5516f18c5114b4ed3d1438d1d3", 0x73}], 0x1, 0x2, 0x3)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000640), 0x802, 0x0)
write$UHID_CREATE(r6, &(0x7f0000001680)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000680)=""/4096, 0x1000, 0x67, 0x3, 0x100000, 0x8, 0xe89d}}, 0x120)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
read$FUSE(r1, &(0x7f00000017c0)={0x2020}, 0x2020)
ioctl$VHOST_VDPA_SET_STATUS(r1, 0x4001af72, &(0x7f0000003800)=0x3)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000003840)={0x5, 0x0, [{0x9e1, 0x0, 0x2181}, {0x2ae, 0x0, 0x5}, {0x863, 0x0, 0xf}, {0x981, 0x0, 0xffffffffffffffff}, {0x348, 0x0, 0x1000}]})
write$cgroup_netprio_ifpriomap(r3, &(0x7f00000038c0)={'veth1_to_bond', 0x32, 0x35}, 0x10)
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000003900), 0x802, 0x0)
write$UHID_CREATE(r7, &(0x7f0000003a40)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000003940)=""/208, 0xd0, 0x12a, 0x10dd, 0x5, 0x8, 0x4}}, 0x120)
r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, &(0x7f0000003b80))
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000003bc0)={0x4, 0x0, [{0xbe4, 0x0, 0xf43}, {0x9ba, 0x0, 0x7}, {0xb91, 0x0, 0xc}, {0xc0011020, 0x0, 0x8}]})
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000003c80)={0x0, 0x0, 0x1, &(0x7f0000003c40)={0x0, "4b2c7399a1f2335b6c4e35f0aab24d5c19fdca55f477c8c3292bee10872aec8a0f"}})
r9 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000003cc0)={0x2, 0x0, [{0x61c, 0x0, 0x8}, {0x186, 0x0, 0x8001}]})
write$cgroup_netprio_ifpriomap(r3, &(0x7f0000003d00)={'syz_tun', 0x32, 0x30}, 0xa)
write$sndseq(r1, &(0x7f0000003d80)=[{0x5, 0x4, 0x8, 0xb, @time={0x1, 0x7f}, {0xf4, 0x8}, {0x0, 0x4}, @control={0x7, 0x0, 0x7}}, {0x79, 0x8, 0x5, 0x8, @tick=0x407d, {0x2, 0x2c}, {0x1, 0x8}, @addr={0x5, 0x6}}, {0xfe, 0x5, 0x4, 0xa, @tick=0x1, {0x8, 0x80}, {0x28, 0xb8}, @quote={{0xb, 0x8}, 0x4, &(0x7f0000003d40)={0x7, 0x7, 0x4, 0x3f, @tick=0x800, {0x2, 0xe3}, {0x10, 0xa}, @note={0x0, 0x6, 0xcb, 0x5, 0x9}}}}], 0x54)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000003e00)={0x1, 0x0, [{0x339, 0x0, 0x7}]})
write$UHID_INPUT(r6, &(0x7f0000003e40)={0x8, {"4ae5bce2a34700617537d4b2c106fde061ae307bbd1921488fd8a59ef7de80e3c2960a08c753dd4f75c1c4ec3855341a15ac884130eded4fa849af80996277cd1c2eb36899caf02d80903c0c1942f4e79d6aeb0ea06fdd8740545060dccdc4869826d11a26107463324f3f93938c4f5ceafc4aa3f2f21545870cbb658ccdf241ca8345af67a94ae925d24d168d23dce7e8217b6863d626bf8760c31cfa4fab8f6c714a8e5d4959d58e2a6e42580b2cdfcb3674bfe5c52485abb2db50c1fe0d393cff23b6ac525597a98ab813b0a04bae53f46ffad5f4df046b165c3c157cc0bb7d25a157f672a096140eb1603e7a587d2e47c48d265da607ea4406cf4fb9502576f53fa98030acbd30f11c9577f26b0650a6858027f3a768c6990c6bf2d546adb0f31a5cedce8ae2f2b7c8dd548cad41988d832900b36b576ba6f86d32dc82351ae5ce0b97ef3f757f39bdb0e7d83732f12ffb345f1937c6877eb52e2b82ad4329b9302dbb18dca8de264e49bd2839d29b6c4d10aa81ab432f025359048faa8536a0cd8ba93363ebcf7f219a10fac5901311d5bc3bc884eb282dd545561318491666264b8fc870c3598d4abd756e3ea3754ddbfbf1dc04a3596f6cd82768ec5a8945e5dacd2158fbcc9dc7266b0142526914a7561aac851779d1a69b70a61fa02a677e2d595d87abd6fb04730471719b674a27e6b1f80eb226c00db3ed0e57ad7cbaef8d5c60dde5499913d1811ca71a5882ee43a2fedd6b204f2af41dfc1b7164c3518dd51b2e06d40e95a1051b878762d49e1cdb8aa39b30fc77c49ebad69d1324decbe17df9f72e64d6c3f02217fd2b00e5ea8f7e5664b292342b5db6e38118ad129e7c607aacfd5c30773429630ef15a34ee47dc616b8184c546283e0bfb69a575156487d02005f3ee8bae39aabf31bfe1fd7897830b347f00bbfd87c7e2bec7796f872cf6057b653aee874afab6b30274c6ba6d4fb017aaed268b3af4d7ca4768020b654036f39803006577c4d656d3e8d7cde367df07880254f35e420cd6afc40eff6596aaeac6e734bf4c8d08c1a5d0e2047f1d0e0c9918fec2b001dd0db2d8852f0ace9ddc950366bf1aee22e4f17ad45380e5889825e9d5d08f56e41a7c389a96f89686f5d862db9569aa6f66d4be2682b4209a1d304baa1ec6d704ac042c948e7b21b7aae25cb63ef63805e5d7b205298785e33c3533267c41478df36aa9651b3c3b8756cf27ac1ec8bc33279d2d399123c9404509c8234d7bd614010cb722bcd2be54234a6119d2d580a488edcf76c9cfdf3cc7fd612068306fc4a4ffca79ecb70c0345f12fe79435b9b812b9fcd988bff27d8331946571358e246fe43030df97162ed766f4ab4fc40d904418581283b7a96f3846f1078f10fcfb77235e910b30ce365f2922124eb9ee561dac6b00d78450bfd8bf0b3e47d895a46ee8f15faa7542769c56578d6d0154772be9adc96233ae280d486e2aceab747767c9cc48f6ab7cb2255f4b54d613e1c0f9c1d253471b0f0f589c74d381b409d4d6e50117840960f79621a34f1c8f613f4ed4eadd8d9d2d4778b7964ac496a4b4c0d4650f65066dce7c5006b542245c9f0fe1ae4c64f8a85cd680c445a8393a21f7782a0255c0299d4fdbaace3ed40339e89f2892ad606def509b0e00d3a97393c967b8b0f3c2c70da19ec152437f2e9ac48aea5af8431cbe95791d8d9e77b6d2652458783a026befdab4a9c98ed443807fa4d3770c400297b29dad1cea5bc07735b92dbc9953d7ae6327d2a0413acf2eba5821d7288e3c02b560e52099159cac1d971bf32ccd89cc2512ad9389428e49a7e3aeaccdfa255a21897de3c861d91ebe93ebb92ea26aa1c01049d3a19282cb4b50a1992c5e8b833a28b43fb2181fb86fbed0d2b8ddc6f9d540d034200fbccb7aa6c70596a1176c91ae2066ff1e6d6ff1275a19e75b3a0add7b1e5564b3b888a53aa9b88f4b8e05f36526d7449909761c487c4444fa7f9e34395b59af52a8a0f5b59facb6755a47cd9a86c99416d9b03d1434b60ece1718d1ad514df70baf586b7b6ce13879a50442d5c43e938a0c21046ef0069633ca728ebd263b565babde6f925dea9b0343b1f9a2d7f64565e8458c36c68f49cb9426e214b680f16aff4864052ff78b78909eacc4483ad0b0fe742e85d20e8f349181f4e547795553cdaf661971a3b21f4b0dfeb9771fc81867fe2dd7138e43e428fdc11535cca8d5f21d3616a66e70d812a3e7b218d8e39e8ef9eeaae2accafa94ebad5c3a02f9a16f3d64dbbea756099d9fb8e17e180cb5b42bb36c06727ad918b3c3e93c8d67539699589ff0bc4d958347534ba5ec01d92b205271839f640cfdb4653fbafcea26590238ee9bc360530ad83aa90cdd0db9277f85f7cd23b6166cf06871eaa359f655288527f1c1533b1690cf68f816e39cc0702cd08ad1e7a5482254498a0762ef2a1c03b2bb54ff3e90a1f25203ce75907da2579a94b3aac5a0928ca47016ca489ed0e5b4c873f0b7bae5c1f0148a2a65fec8b01cb523b95386313d6d168bb9ff4bc3ff19dfca51abf326fb1272e5f00c2532d3bf91aba61e0e25c1a78206f30c98e6a3004e1fce467bdb9a6f321f28684c27d664d340c2488675cab9535913b3cd485210810a3a06fd4a4b927dd418964e8cd57fceeb75e0d5c2b16674085b9bff5b0e6219d46ca034393d41cc04ef4072552c44591f5fb73744589c1f477f83a47670f30baffdef9037dc197f6d150adec8c009c153a1274de0180bdd2cedca84a2264dfd63c4cd83fd9e89d7eac1c665464fdf40d91d8e46f30bedbd5cc99c2465abd5891a1d76ab3c887a20cea16c6646657ff7ff4f7fddc5da4eabb2211e317258f7474b28050c6e2d136d052ca4f9dbe5196bd64208cf8c92123e0c96d9bd69441cfdee9d5f57c90601aca915c6204f32ef2076fe1c1d82e4214ec8419beb95c531a92caee9cf08c8989dc76bdc52251c6a9098eb636c5eef51ef248a28b1b12d065b5fb952e7333912f3230a1127fbcd241e103fcb88f22f930bd227e545b4a54623810ac0edd47c29853d20c29a2c3222f05cb8959ef64f730e74dae15ea86bd3b2c9f7715a1ef7707502e50d7d9321529fd5aa92db3d94171b780e844743a47fb0185c3fc606c19724e9e2a1f5380f2dbf783ddd8147e6db163f3e575fbee63f9c8e6fa1d69a3eb1dabf36f5bd77d72e75ed261a2b107b42770bf4fa6e9f35004357535957176ee72cb96b499db76a251afd6295f575e018b6c6fb81cc7e02d7dbbf1258989ff48a2821a8564aea3acfeee593e581ab1291090f9940e32402ed441fb58ebd10d4e7f0c359be3e422f59e454f14f7c5cac39af681009ac37dae5de8050a6482d4e04db198988f061cde32a15b23f8424a1509eac2355d52615adef70bb33f28404a179fcde4d18197336f1c99f19e6ae7bff30794ab9a83e2d8142bfa334703965829336dd2709340c3f1374127ee725d74aca88b6b256cfa3a25dd9dba7dc26d011eb330e5c111dc3726a25f83202786c369f7f85e2fd049a28012c197216bf88b3df0680b0ad8c023f5ffb45a6e52e365df95a42da6c2d6ae2dd73ddb7520829fab08d15d3c32fa8f653e57ea0396f234b141984f0ebc4046889dfcbe59394feb803788d60c81c5e43b0f84e594ca48db2e7f2becdbcf5bfc3ea0b5b3f210926335faa7bff8648a3faec939e9253985e809a11e28a31963976a40d59febeaa6f1a3edb0c09e5925145bc21882032da408c1172f346f2357ecbd1c77409088a264df9b47343a508163523ed8dd9b5d6a5536aba97c9e2de4a1d63a0b36e21ae4719c69b559cdec5a8be1a2d220f92608b55a61d5e8ed8363b679eccc7f9b12037cb6ed59addae23f4c2b39da5649a0cbadbe413195311b663e6f374e6e6067ea2f274c0411f0e30268b85bac1b86866329628bae7df591960b409566d9fc5dd9fac60df67c06d8d800ab78705b9f4e61f4573bf125d1767ae580eb02545a6fb074735f7bb7a29faf1c3e1c7bc4c2d7a6f15f742d0ed1faf5cfad1209924f38a5668711de77b44932334b11025874f9c4c9d3e54a5ea9ebb48e75140edf6aac17f8b3a065a7f429bbc547406a34e739ec226e03a5dd988e8692c05ce7921bf276569aeb9c83d302c046cb065acf6b51b1b2f5c93f45667a8f55a55d87b4be989be9517c378d60c12372f7155ef2fcbcee8f781d7a502d4b8aa873e6ad36b3de165676f2fa54ff0a619657c500b4b1d5270d678912b7004c4d0e3336fd097e89fad33d7c360326d85ed54b0928ecc95827dd26cbe79ea5d3cb2684a28ee31f2cee8c5cd06e1f113655873291bd454c49d276a341691be901130dee4932fe1dfc4f80a78811b237adad9197e07e327bd1331a6c6bad9b87fc323f3f0fa39d30cb62e4f1b78f27d7921eebbf617c77f532ae84fc2b4f753a9af7501a78fc8788f7897fc2b5428681947b29ccdd0e02765cd0c94a4bef64644460445333fec36e37256c69e6e9b26f5e62b1a255328c6c64dd94c5b6c868433f0f0ee770ca4cd00db4e7bdad7937b9e0ba2e2edf36bcfe3480a58a7f94ea96d4689dc3dcb53adda3ae827d28ee18b9425fe67a8c78a05467d6e76d9627597846e71eb2cf15914d643a06a8aebd5d0781af9f3d0c049856e8df218ee6f8d4310b7a350f46401af7bdd9b446ec25b58b006facc966d3881927d238ee22c94ba284fcdf640f0148575fc68963fcff440e184d4e37b89f7caed9aa0dd1d92d52dd9ddc1cd8d64eeeaa55f05a56608d9e8e9a54ea8aeb1b3a23a3e4d560903574c96d9d6f81163b78c5cf2d6482e2a7465e12ab92d89ad48bc5faebd0abc3db13fcfc89fc14df21587226c15418b5f382041360ae50cef8c1ab153874e086e5bbad551e0fd3abe781b501cb54b6943e8cb185625a2ff9d93f36a4c798dd07fc13137e7f3f422dbe9159063d3445e02799045299afde3e01ac74c9d61c96130676973fe52033522e94a2dabe61c2fa1a0a6c489da2250d9e70f2ff273fcfd7f423d796d744fcc4c0b320f2d2309dc6645995548e714a5e493cc7e63d41d1b14c42f105a8d393769d97562f7e492be887b856041b44a464c3b32d8e6d3e0276a3ff804b26707534c21df699bce78a07ec542b3c73271601c31836c22327264e0f337249b0e99d09de3a57022041a5cebf56bb1ee4dff13e5b87c29845d0b5fc0e8047711089dc0b98f288157b9368cd8602c19a9e11ec93019d39a5413dcfc6418b7e36429fadf46c398d0dfa2a3c7fbebd5dbc40cd714013dcb45396b77ff6197917a8d57cd31c715236c0249a4e1f8e7db79e984c1c403024fe39df878025548bdd7496fce3cd017fd39a263ff37fc565d4f9e1877575de8af9707f74289b526d496b477522ff4a7e7ea7e6d4dd490fae1481c506243371bef7b1a86cb032b10b2dfde2525dff9926e07668aa7abfc9f59550fc23601c26f1ff3d06dbdf5332000f3d12ce13ba060127679505dccfd3bb712fea638c79cd2906d5cb4bce72dc1d6fa561727d561cbac600866a034bf38a33e1f67a407081e752294b1e746f1a51dba7fe48df0286b2d79911a9cda5301c9894bf58427b7837dc22135d7c962053a09da776e83b71abe32a0f97ae4d64d015d320dd8ac92e8fdd71d36aca71e4782afb2bd1e3bcb8e9abe1b829aa274c778bb33bae17a798474d22a0d05e29338b7a319abd1b3da8a25bcf8df83d83b758af3e22e7cbec8eac850c1f06b6e92b72caf309c5236cf7938cb4d52618571803e2abc", 0x1000}}, 0x1006)

13m7.539894288s ago: executing program 3 (id=1594):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x42800, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
read(r0, &(0x7f00000001c0)=""/249, 0xf9)

13m6.199288471s ago: executing program 3 (id=1595):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x10, r0, 0xc77a0000)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000005004d564b"])
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r4, 0x7dfff000)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
dup(r0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x10, r0, 0xc77a0000) (async)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000005004d564b"]) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r4, 0x7dfff000) (async)

12m59.140521339s ago: executing program 32 (id=1549):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async, rerun: 32)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async, rerun: 32)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0x11, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r1, 0x0, 0x0) (async, rerun: 64)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (rerun: 64)
r3 = dup(r2) (async)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) (async, rerun: 64)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) (rerun: 64)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
write$cgroup_subtree(r4, 0x0, 0xffe3) (async)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000500), 0x800, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0x541b, 0x0) (async)
write$rfkill(r5, &(0x7f0000000080)={0xf, 0xfc, 0x3, 0x1, 0x1}, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000400)={0x11, 0x1, 0xfe}) (async)
ioctl$KVM_X86_SET_MCE(r8, 0x4040ae9e, &(0x7f00000001c0)={0xa100000000000000, 0x2000, 0x0, 0x1, 0x12}) (async)
r9 = syz_open_dev$vbi(&(0x7f0000000140), 0x2, 0x2)
ioctl$VIDIOC_TRY_FMT(r9, 0xc0d05640, &(0x7f0000000200)={0x4, @sdr={0x64737664, 0x3ff}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000000)={0x5, 0x3, 0xffff1000, 0x1000, &(0x7f0000000000/0x1000)=nil}) (async, rerun: 32)
mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0) (async, rerun: 32)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)

12m56.655699113s ago: executing program 3 (id=1597):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8000000000000000, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f00000001c0)={0x0, @sdr={0x3831354f, 0x2}}) (async)
ioctl$vim2m_VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f00000001c0)={0x0, @sdr={0x3831354f, 0x2}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

12m56.392931504s ago: executing program 3 (id=1598):
r0 = syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x27, 0x1, 0x0, "3a8e00000034b52ba75066c27891ca55e21f0000000000b2b678d200", 0x32344d59})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r1, 0x7dfff000)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020}, 0x2020)
syz_open_dev$evdev(&(0x7f0000000040), 0x6, 0x10100)

12m56.323249139s ago: executing program 2 (id=1599):
r0 = syz_open_dev$video(&(0x7f0000001840), 0x45f1, 0x0)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000001880))
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x13, 0x8, 0x100, 0x0})
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r2, 0x2284, &(0x7f0000000040))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305829, 0x0)
ioctl$BLKOPENZONE(r1, 0x40101286, 0x0)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r4, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0x2})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

12m56.156488307s ago: executing program 3 (id=1600):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x101b82, 0x5f)
write$cgroup_int(r1, &(0x7f0000000280)=0x900000000001, 0x12)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r2, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

12m52.11019583s ago: executing program 33 (id=1592):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af10, &(0x7f0000000540))
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x10001, 0x171)
ioctl$SNDCTL_TMR_CONTINUE(r2, 0x5404)
ioctl$SNDCTL_TMR_TEMPO(r2, 0xc0045405, &(0x7f00000002c0)=0x1c)
ioctl$SNDCTL_TMR_START(r2, 0x5402)
read(r1, &(0x7f00000001c0)=""/160, 0xfffffe89)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001040)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f07306d0a0890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffebd}}, 0x1006)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

12m41.008952901s ago: executing program 34 (id=1599):
r0 = syz_open_dev$video(&(0x7f0000001840), 0x45f1, 0x0)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000001880))
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x13, 0x8, 0x100, 0x0})
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r2, 0x2284, &(0x7f0000000040))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305829, 0x0)
ioctl$BLKOPENZONE(r1, 0x40101286, 0x0)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r4, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0x2})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

12m40.90131051s ago: executing program 35 (id=1600):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x101b82, 0x5f)
write$cgroup_int(r1, &(0x7f0000000280)=0x900000000001, 0x12)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r2, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m12.311362872s ago: executing program 7 (id=6193):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x258, 0x0, 0x5802000000000002}]})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000000400)={0x8, {"17ccfb1a91c89da74454fe2379d879f6b3390a52c4e1faa12ddc0a389ca5b9fd7741454c430e1225a52bf307a9c6ee058f1df0d57042b8c8f6673e872884de2a117fd507ac4eed7afc4a1fa8395979f261ac61596af6f82e47b348a263345f5dc3895336fb9b3e34500057473be921b4005c95851c22bbf93e53b91615c43889ff56134286005b5073c82a393b99ce0f03b0d84cf3b0ba9854990739d4f01b5555ffbc083b9392190277b2acca9015f444f66ae0e9c39f52f63db0a202ef147751ef756d43b9a96cb7d2bec1ec40ded68df094268a27f0bb20464713d77e9737e51f49b3011a1cf6b3435d5f15d0afeb68bd7a0b793b2d66be4197edbc6ddb6424ae4bb8dff39d0db969d6fa7ab702ab2cf25ca8c646f2d89995436dcf014d2116fcc0ed3a17fa96da1b424eb9e1f9db6e429322f0416538e0ad1e09c9afca7a7fd25f972ac84440c8f83cc6a01e986199d85e095c3bd9d729a3b5d79607cd054dde6e3b3cc66d412ad5b8504ca4a4a5abc83c174fdd7cef6fb281a3f94a801f774da16ca170d4e7e76a8ae19feafe8daa0110021f492eee95bfe2f475cb259d5a5facd2b877906d0b5179a5b5ccde7594b99e2140e51dfa587d61d43ced2ecc8a780b5897889c0512c4b12bf2ef133cb6cac73bea674d057cf4f5d2f67611a6ce6ea0b74324f310cba7138fd400b548ff5351f55a60414744760e95777161089c795ed354fd8aaf3a139de2a80dc50d5983140995b46291e697f40d5f90c02330974b912f7cc2924cc1df2d22a9d725ffd6f058d0f57ac4b58c56a672a704c7055b61377bb54dad5798bb1b39e00c555d46796119095567288bd02451eb51b02e95f3f0d1fae31d2c28c72eb00ffe813f5830331d37679b1e350e54f505a11ce7f11480266203221a62b92b6ae74f0f3c672311ae5a38cb4e26f2b3667e15100c8009bd500cc32a38b5681c4defbd864abbb816c9b0a5d82054f3dcd91529a2fee7f099bd7e1a6efbb0c49cbd5ea12f291ffd287a5381db58ccdbc6f02b781392ca0c4e3c46b7c1cda72d316cc4861557a6ba9368febc47aad2e1e77ff0550b48bc5b8c88ec7a44bff723d9268d66a6fe06594797f45081ecebb59fd2bd8517fdcef057c23f201a63a559e04d3e674e13c5bdd6b81f38e3d993d4b7abb9e0bd45498af172edeb2e0713eb6b7722936c847f67db73a91c0cefee85778915453003a8fe5854b6170fd0fe854adb53967ea28a3db937c4d27cb36f959730fe31147eff456b4a17cd41b76183c835efe1105e7b1404c28b9be3cf396c83da3462cfe19cff4dd9f29a01c48aec92d1ffe0afe86a8966f82ae4edcdee8dfe231bf50b65b9f7f5dc36f2cfaed8a440817ebbd56a3bff40773a6d8a207c54bde63d7d187dca8c9f984e3a6946e3ad7bb0efb82215a3cc2b986a344d80b09ba3fc9262e0750378730af96bc898247797b45e65e9c5e6dd9c72a6e6d2c120cb5fc65459f01e0a5ef1d033f962459e16a88ee5f93be1c50adbbf10449d0e597750575fe435bcb37c01faab2f038aec23a9b76102df10973ee452b43530a416a863ddd92a2fe6e353bcd8fd5856208cd12e854f229eb418b1930cb748fda6c50ce5da9c76c715ee1b6d36f9561e3d929cb740072431eb6e571661c5db82cd0d08f66f3ab6e66bc0b28fba1039f27b8b55a664e789bf155bfd18562e5ac28c94ae3d7d23af0e44dc5b5a60dc481015941d3d0e229c346396ec142c44d11004bc2d9a46239aa2c77fbc25a27a5d88eddaa8bea5354cba80a0db3af9d119898f389614f9c6ffc4a21e601c385c946d02e8cce992ba19ac9c2d194223b0d18b1d8c0151adde0164d1b5809b1a8d14e18386bd89bd688482101c33d844520e522e216406d307f98c06ee13462177d112443b8ae414dd753bdb7747e5ffb7f3dad56cd4a3990d6d4a9b6b24c7d0cdf8f427c7f0cff0437f2936402beab0287e4542d52ca3eb0a67206ca57073d32dd1aca300a65a2341ea8a8cd3c4d48c6edc2fb21249487120c4697a7560ca034df3e395b979801903a73b66d39b2638d61c28e00102dfbba9188d6713b352ce6d3d2ac112de8a9114a152988295921e3258fb80ab2c4d3b40361a33a902372bf9868872888463892733f91ddb847eb13d5e2dc1595d83f308042e577fedb52c93d2de137ccb6813d975e82f2b8459471c4a615b8fe7f00487c57e659322f679157f7f64c2cd82cf68b46ca0d0f5f7d58817355ed744a3c63b81014c9cbbcc277fbb5435dc9c15f58c290f2fd21aacb056c551c3e0de877676beea3e54ea51de6a7f8cfe4d038902fff732307907976db79fba15f327b6244a349e349432fb1eaa8bc4e3587eba88e44649e577802f8318cbdf051b50fdb90877a73d09d4bf7fbc72671cd6bc01a973ffd401b95ab37f387d98f93e1d565944338d1eba8f7323912d3cb4b12f872ede48cca519a7c00a176be4f0cdf7b92607dbb640b4f0cc8b7551968e1c626c54607122898bbf63fd077b53967a7ff49d400e9ebad06b3e8eea30dab81700c16a7dc71989559744e387565f72c2b9488bc2e7bac48a86e4368f2d60f678cdf612a0bb291552a84e3b4a26843c915c13a56a0a7beb5cf698723210040f0795ead913f601a128d6b49d41084b8dccf096dbf550cc2d90ef520944c3c73a8fc970418f235a1858960e02aff69d18ff9eb0670363c8e7b114222482992340d27ce51ea8cc45ba676d764d2cfdbae5485f52c282714c37f9bda2a7542a0f1b90ff65db2f43521e84efd376739648d3f079550e16bd9b4025802a80772da560e90d0d9ad96d69ce49a43f9ca2d77012e0541b9296feb572158d7aeedcc30fe596271bfb1092688a05887c3b68a403a9d865d48d19c9ec98e956c3b0f0ea110d0ffa98f8447b757255f6a415ab1211dbbaf6bb6b830a2f2d3da866b221b11771504c4a5d2c14803d5a1ca5178e8bad0b23c6093649bbeed21789d348c1d3980dc1f4e63ad864285670dba7d6d15fd25e6c8b89f2de424d808fdd0348701f1cc75834047050dd7ff8b2ea366f53a61f572280cdf8070e88ee3a4e0f24812e5a5fe5826e191b6f0498dda8eaab3cb7f8fa85764321a0a919e1763395f609813297825d55deec91a11e51a66ef86ca6edeff91776db9a1a82a709d6cd3ef6ff9595d7797b550549ee1548bceee22032439987a03157cf78a2fe0044c2ea2867bbc8919bddffd8dfe32cf3451093b9bbc82a3694e12372b8cf725ec40838adcfc1d965d90f478dedcba5f29cd5fc2e89e44f2a6654dc2bd2992f01c91a3543e7c7c30b422599b350af49d4fdb27d1e06a2e46909735239e355342d26a81a682519ca6e8f1a69a86c457a927b86dbc4146a128db5922649771ef8c1ae6a9106ab17e95e2ef606baf7cba318d4c18a9ecf91df81a1c0c6580ba10a7f9721c69cb39d982518936eb43123da96898a5a4a066bebbcf827d923965b608e751b1dbb41c7ff906f505717a14b41b82bd1d6ff550fff8818384a2fb8bf310da4afb2bc34e17db96a5905fff532da3d17d87d349318953487e17eb9cd319f296be1717b437315166dbfda241433096c7792efe7e24d0428e35d60712416dde995ed65bdc8d759299c701167c4d65461323b7bcff5a3b153bbe82605282ef0261d1c4d2ad4e9cd5d37012d4a95a1e3d44165bd0db3f9a71826d4bb9768c2c5d64feb8e412deb390c840484e4a16d5bbca96211bf6bcef12f421d333394042ed0562c77c5d522790d25aed7a2bee973ef65c415a41787d2df1a997910ea25084b7f87e23cb641e22cccfeecdbd848fc2724aeb05149bfc05e2f4fdd2aa2033b646ad24b2ee3142ce0a333ff3d4cedcb3c364cec7d8ea0348a19622e996522db1fbc7441f51b1c67348c888927aeb1721c44130259dc8c03fe8763611487e36d294d3b5aac8ef3fd17a2a1fceebd660e4814161e28733df88c5a8e5f843df6a93d016d9c711a7acf617dc249f212426883578e590cabb8d071a0770a2be96ce02b2f71317a648b7a2bce10ed6ff33e76ad14ff3c7f6d6d716e8f8fd1a6ec93a127972b8e24c97c8a43f526ad9a7b94b50be7e2a54a095722cdeda8773cb414cc20c4e210e1804534ca3e89aa21fe39f7cba5535a00a9254ce06102d9aa3bedeb3d099b07fd6bda931504b34dc9c033f906fefda5e8de9baaec9f1f37d0310c7522cf3e16d56a132d507898f7496f1d96b6eb45966099f5a1e172ca7c775b44ae79a6c852989478fe62801f1c2665083aafe047121187fb9e08f452e094c9b9300a3d0ab0b6f774b11c92f5179238627af7b3a88661177ab0f63e7bc593491ef5846331d25ff073cd68dcb1a601cf7fafd50ed76df1801902e899c7f102b244500c320a4a8eed29723bcaa677ff5ec4a9f803aca5c592fabf020c4dc9bba09267e28f857b7ff38384de2d69b4e5d9f6ff19ba87137172cda46ea05698d1b1587e4af84ca06d216381be3eff0f3c130876ff5b40b105843198efb2648ed350ef6014e7f37d2fea778284e28f4d6e4b1ec22ca2c7a9bbf713f2baeac04ab58b860949f28c3ed3d417a72ff12303d93e8cc91f85e1fd82a45b426f6daccb8c4d9eedede2620b6b821303c6904a6c3b60cf34143ebb6c6a1f675718fcfa30064b6d54b936c284c95269276a07e12eb9ddc5e054b8ed5bfa75b8d2e06c6f20ba9673c7e5c9ffd76975435b532a3eb91180145a2bd050ae60ff24fee7cb0b4a0b23ab9e6b494fcd890de74d8e7023eea0b3256094203464261af128f99e2cbafee3cbeef7345e5834b9901162a3093c8621afda7cf8adaeeebdec0fde6d8ceef1dc8233018756f82deb412e2130ea48aa1319dbd6d952594c26f2d42236482af9a8f333a5708dba1691ff5d67ffa0d38211c79c74142473ea9d5be51114b3353902ed46595831ec72378256e8e0975ac64a4191f02c97d7482af6e595d76860b8ed0aad8d0295c27dc8d82681f818cecac6446993403d63b591cef365c969f4a7294c0c3daf45b8d845b27d5ccc49c3f03a447452b6dcaa6364fd56c6893eb15fc553e8af92cfc3c60da2084b7964b890d72d2ab22b5f5f705f1625ce1da7b515562f8e00f323e843d8fe877f06e731af145d5b7eb35c615584acf042e151b7b759e32f9e9ed1eb5b9bcc0ebaefb5bef2615dc2a1a0babf6faf6a8750de689c85a417333eadca0d9e628b54ec8f138dbe718b5741d9f4477947ed29c8e822ecfbee64260de024e04776982d9fc8ad4888bd52eb375115534d11510269b5c85b741479a92cfa8fa4666e213a137bc8980e30010600e06ca25e40dbf0f73f79680b1ec88c8a3dcc05f8abacb42394e6a473c0630a08cdb39b47af60c8d9e687ec1eb926595186be6c4d2c1353d5f416d83fc6eb78af055800b0ec386c671c17ff4f77438e66dff5af7e7b0b2c47ea8d18efec8f726d9190526822501176f845f1062ec41a0c1436cbe18362ddb51889e216e48a43ccbc608d08ab3017837937ee7c1d691792413725b3bfab16f7230f0a947d3938e88cfacb60146dac7a290f6f556529438ca0772434b30abdb18e977a1d9aff42048e5c2b0dc3607220f7da1fb16910f7a091a67d5561957b9aebd7c29f204ff84742454bfa389e92cccb82ac2b54ab491f95aa4a0cde22b3a672f14f7d23eff5a1d9a87e62527dffa79f69ba759163038d57d99a8e9f6ffd21e187237c25f99e65dc97192ceb7fcfea6cbfdf4c66f4097a9688ca2c460cc8c779ba09fde5569b6d75faa909a9122567882a50da2d0c", 0x1000}}, 0x1006)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

1m11.458162705s ago: executing program 4 (id=6198):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f00000000c0)={{0x1, 0x0, 0x0, 0x3, 0xfffffffd}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) (async)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0xab, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000200)={r4, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000400)={&(0x7f00000002c0)=[r7, r7], 0x2, r8, r5, 0x0, 0x0, 0x100, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe156, 0x0, 0x0, 0x10, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}}) (async)
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000400)={&(0x7f00000002c0)=[r7, r7], 0x2, r8, r5, 0x0, 0x0, 0x100, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe156, 0x0, 0x0, 0x10, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r1, 0x7dfff000)

1m10.03415362s ago: executing program 7 (id=6201):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x20004, 0x3, 0xfffffffe})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCCONS(r2, 0x541d)
ioctl$BLKOPENZONE(r1, 0x40101286, 0x0)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r3, 0x0, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r5 = dup(r4)
syz_open_dev$loop(&(0x7f0000000000), 0x8, 0x204000)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r6, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "90737f0000fffffffffffffbff95647fffffeb"})
r7 = dup(r6)
ioctl$TCSETAF(r7, 0x5408, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x82f6, 0x0, "0800000000000002"})
read(r7, &(0x7f0000000c80)=""/4096, 0x1000)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000100)=0xff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x50, r5, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m9.447106529s ago: executing program 7 (id=6205):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000008e"])
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
ioctl$SNDCTL_SEQ_TESTMIDI(r6, 0x40045108, &(0x7f00000001c0)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000008e"]) (async)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r1, 0x0, 0x0) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (async)
dup(r5) (async)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) (async)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) (async)
ioctl$SNDCTL_SEQ_TESTMIDI(r6, 0x40045108, &(0x7f00000001c0)=0x8) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0) (async)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) (async)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600}) (async)

1m8.953868126s ago: executing program 7 (id=6209):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x7ffffffff000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

1m8.684974487s ago: executing program 7 (id=6211):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000040)={0x3d17, 0x3, 0xcb, 0x8, 0x19, "7e12105588e833bbb1df022dace17a32d211ee"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xd)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280), 0x1e1982, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r2, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r2, &(0x7f00000001c0)=[{&(0x7f00000004c0)="00214717a70700000001030600710a5e31163ceb9d04", 0x16}], 0x1, 0x0, 0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f00000002c0)=0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
lseek(r4, 0x0, 0x4)
ioctl$SNDCTL_SYNTH_MEMAVL(r3, 0xc004510e, &(0x7f00000010c0))
read(r1, &(0x7f0000000080)=""/171, 0xab)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180), 0x111, 0xa}}, 0x20)
r9 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0)
r10 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_GET_HW_INFO(r10, 0x3b8a, &(0x7f00000000c0)={0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f})
ioctl$SNDCTL_DSP_SUBDIVIDE(r9, 0xc0045009, &(0x7f00000000c0)=0x1)
r11 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r11, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f903, 0x0, '\x00', @p_u32=0x0}})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, r1, 0x1000000000000000)

1m8.325898044s ago: executing program 7 (id=6213):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={0x0, 0x0, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000200)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r5, 0xc06864a2, &(0x7f00000000c0)={0x0, 0x0, r6, r7, 0x0, 0x0, 0x0, 0x5, {0x5, 0xfff7, 0x9, 0x8000, 0x2, 0x7f, 0x0, 0x872, 0x4, 0x0, 0x12, 0x0, 0x100001, 0x2010000, "0e19cd276f6c8c20761a58418bdffb38a310364ef87b48499c76277e0300"}})
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x79, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r8, 0x641e)
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000280)={0x2, r6, 0x7fff, 0x10002, 0x5, 0x6, 0xb})
ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, <r9=>0xffffffffffffffff})
ioctl$DMA_BUF_IOCTL_SYNC(r9, 0x40086200, &(0x7f0000000000)=0x300)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r11 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000140), 0x101102, 0x0)
ioctl$DMA_BUF_IOCTL_SYNC(r11, 0x40086200, &(0x7f0000000180))
write$cgroup_int(r10, 0x0, 0x0)
r12 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r12, &(0x7f0000000080), 0x0)
ioctl$VIDIOC_S_FMT(r12, 0xc0d05605, &(0x7f00000002c0)={0x5, @sdr={0x33524742, 0xfffffffe}})
r13 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r13, 0x40505331, &(0x7f0000000140)={{}, {0x40}, 0x1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r0, 0x7dfff000)

1m2.4917347s ago: executing program 5 (id=6245):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0xff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x5420, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "9e4d2236078f0080000004ff98023dffffffff"})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r2, 0x40101286, 0x0)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x0, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x104000001, 0x3, 0x10000, 0x1, 0x1, 0x7, 0xc, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r4, 0xc0145401, &(0x7f0000000340)={0x3, 0x0, 0x1, 0x0, 0x7fffffff})
read$FUSE(r3, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r9, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3})
ioctl$KVM_SET_GSI_ROUTING(r9, 0x4008ae6a, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000030000000400000000000000000000df00020e"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
close(r8)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m1.642727945s ago: executing program 5 (id=6247):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
dup(0xffffffffffffffff) (async)
dup(0xffffffffffffffff)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000000)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000040)={@host}) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r2, 0x7cb, &(0x7f0000000980)={&(0x7f0000000540)={{@hyper}, {}, 0x400, "1710194bd1372be65d5d1be456d243acca17147843aa07e4676b6e5e13d51fe3b442ddd575b7ea5ad5807b65f6ffac80b65547d4a62858f758a3c310e491a45dff1707cfb8288781aa397d3e28b552db90c3fd57f459b4e3da5126b8963a25e860e40c989341b47e8b95063656f91660d61ae86764cd5302c60b77fff946ee5d5b95a65deb8a11af66212c0a3802da8734cf65656145658ef881a33b771b9134fe2e1407a2ffeb9ae90b1cd06a1e2438c7cd1667c0d3dc53f15fd720ed9adc68ca0bf8cb3a5f3e8f2b48ec05a30d52182f3be35dc35ddad91cd4123051996b766cf7f2791773011420d79b507bba3f90ba48eb066b68d56570e96cdac68675271dc756c582705ced77c094ae8f12a4f268fd1c5ed18f1264e27fcc5d2cced8dc50569b03dffbb749caffa1748c5f7c5fc60a7264e04c53bef6c2cba5ed946d420a97a2fa74cb564f80206f75b408bb69c27ab96ae43936e5c497bc56409f13221e4736c3229193f32dfeae901c32027c5941b73beee853b0fcccfb97d02b8675ca92bfe97adcf83d49f8a405dc9be0cfbaa239a73b40b37ee1c03ae15bf08b05d594d3ae80c131b6a0f958a0b5e09653d5d541c29fa4203671c3e8d3898a5618d7d05e7742dad4a6696ae13deef6c402e2afea4acf40d2c14ed5092a438170f1681d4b97eab16fcbfa86d7a361c02f89069d58c2b32c58d5ef7babf62b97c7ac97e413f53bea59cdbf72fc1c14718b1fa6306da64c9700df190c356a9e972d9e63cc9b0383cc8cab28a02a4b3d4f8b96d485dedb3e6a3f4e40d110676dc8de884d3f915b04f220072d4d68697b106faa3577b5011f3144f235439f1aac9f59d37adcc58ba20f209442df6e2975fa5e9b5cc2653b15b7be37172df2d84329307831f2977cac3cca11676512d2d351e00d09889681f9e0e6c172f2d0c3c15eb75ffe6297aecc1cc9d3ebc80735a50b07c7b1eedadbc9f637e26dd4035322abcb77f93fcd9feb2c33bf37c34595dc9bb2e16ada83dc541f98880dd6d4e0ef38e27adf412d1e08a5c1ce83acdc4f40674d9dc14fbff2f42eb71ba5fac19fc742e00c4c15154fcf8f79ad4cd4c8183d4b2d9693eab7f0da562a9ffba7058b272b280611d877f0b05dda462a5e605ea5a8803ad17ce5a9c5f88ec6fef54f407f5f26dc218b21ac5899d03946fdc4d95791f09a272ef0f1388d718c3d38727b1fbbb2c9f22f2d5091c2d0963b971ab47402130e3ca8e201609c34d4379f75257240f9ff0fe921e29bdcc1319bf77a469739ebfc1d1f8605bfb6d46c0cdc31692254715082be9152eabb5a9f2c562c06a985f573b63f02aad0eb63ff970e5a9a28d209b657cd20dc572238ef1d5bbc57041f77c70fca6b5314b6bff2a9b1a03ed2269456e6467664ac0ec2d2304916885fd1f91d5c3b32b924de00"}, 0x418})
ioctl$IOCTL_VMCI_SET_NOTIFY(r2, 0x7cb, &(0x7f00000009c0)={0x9})
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r1, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001}) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r1})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) (async)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x100000000, 0x0, 0x20, 0x0, 0x0, 0x2004c9, 0x7000, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x4000000000000004, 0x2], 0xffff1000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0x7ff, 0x7fffffff, 0x6, 0x2, 0x4, 0xe, 0x80, 0xc, 0x0, 0x6, 0x2, 0x7, 0x0, 0x5, 0x4, 0xfffffffffffffffa], 0x2, 0x4804})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

1m1.549367365s ago: executing program 5 (id=6248):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x10000)
r2 = syz_open_dev$video(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_STREAMON(r2, 0x40045612, &(0x7f0000000200)=0x5)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x6, 0x2010, r1, 0x3ffbf000)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$SNDCTL_SEQ_TESTMIDI(r4, 0x40045108, &(0x7f0000000200))
close(r4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

1m1.128422104s ago: executing program 5 (id=6251):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/crypto\x00', 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f00000000c0)={0x54fc7cce, 0xad29}) (async, rerun: 64)
preadv(r1, &(0x7f00000004c0)=[{&(0x7f00000013c0)=""/4102, 0x1006}, {&(0x7f0000000380)=""/241, 0xf1}, {&(0x7f0000000500)=""/59, 0x3b}], 0x3, 0x80000000, 0x0) (async, rerun: 64)
ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f0000000280)={0x3, @win={{0x8, 0x80000000, 0x4, 0x43a2}, 0x9, 0x2, &(0x7f0000000080)={{0x1, 0x1}, &(0x7f0000000000)={{0x2, 0x6, 0x1, 0xa}}}, 0x7fffffff, &(0x7f00000001c0)="37587ded4faf5bb419f48aa51aa8c3e417bee9df6f7ca53b2e5421fca0b739d4ff87164b37b179edacadb5b139564ac7e607975c5ecc3012099aca42d57745ed5f1da3531e4655b2282c1a14eacdd3c0b82cb052c53dac2e761088f8295b1545809708658d68457efbe169d9a28de10560125324017f6a315e21fecb918e68764ede45c5c363b925f8473b6e", 0x10}})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

1m1.013903385s ago: executing program 5 (id=6252):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r1, 0x3b88, &(0x7f0000000180)={0xc, <r2=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r2, 0x0, 0xffffffffffffffff, 0x9ec21dbfc48aaec1}) (async)
r3 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
read(r3, &(0x7f00000003c0)=""/152, 0x98) (async)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
r5 = syz_open_dev$vbi(&(0x7f00000000c0), 0x2, 0x2)
ioctl$VIDIOC_G_STD(r5, 0x80085617, &(0x7f0000000080))
ioctl$TCFLSH(r4, 0x400455c8, 0x1)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000100)=0x2)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r6, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0xffffffffffffffff, 0x6bf, 0x6, 0x1, {0x6, 0x8000000003, 0x80, 0x4000000000000, 0x400006, 0x5, 0x101, 0x9, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r6, 0x0, 0x0) (async, rerun: 64)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (rerun: 64)
r8 = dup(r7) (async)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x10400, 0x0) (async, rerun: 64)
r9 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) (rerun: 64)
write$rfkill(r9, &(0x7f0000000080)={0x4, 0x0, 0x1, 0x1}, 0x8)
read$FUSE(0xffffffffffffffff, &(0x7f0000008300)={0x2020}, 0x10021) (async)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) (async)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r8, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r6, 0xc034564b, &(0x7f00000001c0)={0x2877, 0x4f565559, 0x7, 0x1f46, 0x3, @stepwise={{0xc7, 0x479d}, {0x7, 0x29f5}, {0x8, 0x6}}}) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/crash_elfcorehdr_size', 0x8000, 0x5)
ioctl$BLKZEROOUT(r8, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m0.834695096s ago: executing program 6 (id=6253):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x81)
ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000040)={0x5e, 0xfff, 0x5, 0x1}) (async)
ioctl$VIDIOC_LOG_STATUS(0xffffffffffffffff, 0x5646, 0x0) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000080)={@my=0x1, 0x1}) (async, rerun: 64)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (rerun: 64)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r1, 0x7b1, &(0x7f0000001100)={&(0x7f0000000100)=[0x0, 0xfffffff7, 0x1000, 0x2, 0x0, 0x6, 0x7, 0x6, 0x40, 0xb669, 0x7, 0x5, 0x2, 0xffffffff, 0x7, 0x2, 0x2, 0x8, 0x7, 0x5, 0x8, 0x39, 0x5, 0x0, 0x2, 0x8, 0x5, 0x0, 0x8f, 0x8, 0x7, 0x5, 0x7, 0x2, 0x8, 0x6, 0xcc6, 0x8, 0x1, 0x10001, 0xb, 0x7fffffff, 0x3, 0x80000001, 0xfffffff3, 0xa75, 0xd949, 0x80000000, 0x145, 0x5, 0x2, 0x7, 0xfffffffb, 0x2, 0xd4a9, 0xff, 0x1, 0x3, 0x4, 0x48000, 0x1, 0x3, 0x1000, 0x6, 0x1, 0x7, 0x40, 0x1, 0xf, 0xcad, 0x1ff, 0x4, 0x5, 0x7, 0x231, 0x8, 0xfffffc01, 0xe6, 0x7f, 0x10, 0x4, 0x2, 0x0, 0x5, 0x1, 0x7d, 0x7, 0x2, 0xff, 0x10000, 0xbe89, 0x40, 0x2, 0x8, 0xc05, 0x8, 0x2c6, 0x1, 0x0, 0x0, 0x8, 0x46778d6, 0x101, 0x6, 0x89ac, 0x7, 0x8000, 0x5, 0x6, 0xdf, 0x2c0, 0xffffffff, 0xd, 0xffffff7f, 0x5, 0x3, 0x3, 0x4, 0x788f, 0xb, 0x8, 0x5, 0x80, 0x4, 0x8, 0x7, 0x100, 0x8, 0x4, 0x8, 0x80, 0x1, 0x4, 0x8, 0x8, 0x7, 0x7, 0x2, 0x5, 0xac7, 0x5, 0x0, 0x2, 0xffffff93, 0xf, 0x47a, 0x1, 0x8a, 0xd83, 0x800, 0x6, 0x5, 0xffffffff, 0xeef, 0x401, 0x1, 0x8a0e, 0x4, 0x1ff, 0x9, 0x0, 0x0, 0x3, 0x2, 0x2, 0xfffffffc, 0x570d, 0xa656, 0x7, 0x1, 0x1ff, 0x6, 0x9, 0x0, 0x7, 0x3, 0xfffffff7, 0x1, 0x1d7, 0x793, 0x0, 0x4, 0x6, 0x7, 0x8, 0x8, 0xad0a, 0x4, 0x8, 0x6, 0x1, 0x7, 0x6, 0x2, 0x8de, 0xb, 0x6, 0x674, 0x3b6, 0xfffffffa, 0x7fffffff, 0xc4, 0x7, 0x8e7, 0x3, 0xe, 0x1, 0x5, 0x7fff, 0xab, 0x2, 0x1, 0x1, 0x1, 0xff, 0xfffffeff, 0x10001, 0x7, 0x2, 0x40, 0x2, 0x9, 0x3, 0x100, 0x6, 0x80000, 0xc4, 0x3, 0x7ff, 0xb928, 0xffffff7e, 0x1ff, 0x6, 0x3, 0x1, 0x100, 0x928, 0xfffffffe, 0x0, 0x9, 0x9, 0x9, 0x4, 0x4, 0x5, 0xc32, 0x8, 0x5f5, 0x4, 0x5, 0x3, 0x2d186b7e, 0x400, 0x6c8, 0x6, 0x5f, 0x1, 0x0, 0x1, 0x9, 0x5, 0xff9e1fb, 0xa809, 0x4, 0x0, 0x9, 0x9, 0x2, 0x5, 0x7ff, 0x80000000, 0xff, 0xb, 0xec9c, 0x101, 0x9, 0x8001, 0x1, 0x3, 0x3, 0xe, 0x1, 0x9, 0x7de6, 0x0, 0xfffffff7, 0x6, 0xc, 0x6, 0x12, 0xc2, 0x101, 0xcba, 0x0, 0xb0, 0x7, 0x2, 0xef1, 0x1f1, 0x2, 0xd, 0x6, 0xf, 0x996, 0x9, 0x8, 0xf9f, 0x8, 0x88a4, 0x3, 0x719, 0x10001, 0x81dc, 0x6, 0x7, 0x6, 0x3, 0xa8, 0x2, 0x80, 0x1, 0x4, 0x4, 0x4, 0x10, 0x1, 0x5, 0x1, 0xfffffffe, 0x7, 0x7, 0xd5, 0x6, 0xffffffff, 0x5c7f, 0xfa, 0x4, 0x6, 0xd664, 0x0, 0xfffffffd, 0x4, 0x2, 0x49105cd4, 0x0, 0x7, 0xf6a0, 0x1fb5, 0x7, 0x4, 0x10001, 0x2, 0x6e9, 0x6009c3bb, 0x9, 0x9, 0xffffeaf3, 0xf22, 0x7, 0xde7, 0x3ff, 0x7f, 0x1e, 0x8, 0xf4, 0x651, 0x4af, 0x4, 0x0, 0x39d, 0x2, 0x5, 0x0, 0x1000, 0x200, 0x5, 0xf5d, 0x5fcb000d, 0x3, 0x401, 0x7, 0x8000, 0x8, 0x8, 0x3, 0x4, 0x5, 0x7, 0x4, 0x8a2, 0x80, 0xfffffffc, 0xb, 0x2, 0x9, 0x8, 0x5, 0x3, 0x5, 0xd, 0x2, 0xfffffff0, 0x9, 0x65, 0x5, 0x5, 0x400, 0x9, 0x683, 0x1, 0xf1, 0x2, 0x0, 0x9, 0x8, 0x2, 0x3, 0x84, 0x1ff, 0x1, 0xeba6, 0x1, 0x1, 0xfffffffe, 0xe2e, 0x5, 0x1, 0x4, 0x3, 0x0, 0x10000, 0x10, 0x3, 0x8, 0x7, 0x8, 0xfffffffc, 0x6, 0x81, 0x1, 0x8, 0xd, 0x7cd2, 0x3344f572, 0x300000, 0xce, 0x9, 0x10, 0x7, 0x509, 0x2, 0x2, 0x4, 0x6, 0x7, 0x4e0, 0xffffff1f, 0x2, 0xe, 0xfff, 0xfffffffc, 0x5, 0x4, 0x4, 0x7, 0x1, 0xfffffff9, 0x7ff, 0x800, 0x10, 0xa95e, 0xa, 0x1, 0x9, 0x3, 0x8, 0x8, 0x2, 0x23, 0x7fff, 0x15f8812, 0x7, 0xfffffff7, 0x3, 0x7, 0x5, 0x7fffffff, 0x200, 0x3, 0x5, 0x6547, 0x0, 0xa, 0xf, 0x5, 0xffff, 0x9, 0x1ff, 0x4, 0xd, 0x8, 0x8000, 0xf, 0x657, 0x3, 0x8, 0x71f0, 0xc0e, 0x76, 0x6, 0x0, 0x5, 0x4a0, 0x1, 0x12e, 0x400, 0x7, 0x10000, 0x0, 0x4, 0x4, 0x8, 0x80000001, 0x8, 0x9, 0x8aad, 0xb, 0xe79d, 0x1, 0x10, 0xa9ff, 0x7fffffff, 0x101, 0x1, 0x10, 0xaee6, 0x80000000, 0x4, 0xfffffffb, 0x6, 0x5, 0x5, 0x10001, 0xfa, 0x9d, 0x9, 0x7fff, 0x0, 0x9, 0xf4, 0x2, 0x8, 0x5, 0x1, 0x1, 0xffffffff, 0x6, 0x7f, 0x0, 0x2, 0x0, 0x2cf, 0x7, 0x8, 0x9, 0x1, 0x80, 0x100, 0x400, 0xd, 0x9, 0x5, 0x2, 0xfffffff9, 0x80000001, 0xffffffc0, 0x3, 0x3, 0x0, 0x7, 0xc, 0x1000, 0xffffffff, 0x10000, 0x10000, 0xbcae, 0x3, 0x4, 0x8, 0xa1a, 0x10001, 0x2, 0x9, 0xffffffff, 0x8, 0x2, 0x4, 0x5, 0x10000, 0x4, 0xfa1e, 0xb, 0x8, 0x5, 0x80000001, 0x8000, 0x80000000, 0xff, 0x1, 0x5, 0x81, 0x8, 0x3, 0x7, 0x1, 0xfffffffd, 0x80000000, 0x5, 0x23a3a2d, 0xfffffff8, 0x8, 0x4, 0x92, 0x4e9f9dbd, 0x85, 0x7, 0x4, 0x3, 0x2, 0x6, 0x200, 0x84, 0x2, 0x5, 0x4, 0x80000000, 0x1, 0x8, 0x3225, 0x100, 0x9, 0x800, 0x9, 0x400, 0x7, 0x8, 0x9, 0x81, 0x1ff, 0x1f, 0x401, 0x5, 0x8, 0x7, 0x6, 0x9, 0x9, 0x9, 0x7, 0x6, 0x0, 0xbb, 0xc, 0x1, 0x2, 0xffffffff, 0x2, 0x8, 0x3, 0x3, 0x10, 0x5, 0xd97f87bc, 0x80000001, 0x8, 0x2, 0xe8, 0x5, 0xe, 0x2, 0x13d, 0x2, 0x4, 0xd, 0x400, 0x4, 0x5, 0x0, 0x3, 0x1, 0x1, 0x6, 0x4, 0x6, 0x78, 0x400, 0x0, 0x6a6, 0x1, 0x5, 0x100, 0x7, 0x9322, 0x7, 0x7, 0x9, 0x8, 0x9, 0x6, 0x2a7b, 0x2, 0x4, 0x2, 0xff, 0xffffffff, 0x7, 0x4, 0x322b, 0x30000000, 0x7b7e08c0, 0x2, 0x6, 0x4, 0x5fe, 0x2, 0x3, 0x4, 0x4, 0xf, 0x7, 0x5, 0x6, 0xf6d6, 0x0, 0x8b, 0xc9, 0xffff, 0x5, 0x4, 0x0, 0x5, 0x5, 0x8, 0x5, 0x1, 0x5, 0x4, 0x6, 0x8, 0xf, 0x4, 0x1, 0x4, 0x8, 0x8, 0x3, 0x7, 0x8, 0x873e, 0x5db, 0x6, 0x1, 0x6, 0x46ef, 0x101, 0x0, 0x4, 0x10000, 0xc, 0x81, 0xffffb730, 0x1, 0xd, 0x7, 0x8, 0x1, 0x0, 0x9, 0x8, 0x0, 0x2, 0x39, 0x10, 0x379, 0x7ff, 0xffffffff, 0x0, 0xfff, 0x4, 0x7, 0xd, 0xff, 0x9, 0xf, 0x40, 0x4, 0x6, 0xfd, 0x9, 0x4, 0x8, 0x0, 0x8, 0x0, 0x4, 0x9, 0x5, 0x1ff, 0x685d, 0x6, 0x4, 0x0, 0x68cf7500, 0x444c, 0x80000001, 0x8, 0x100, 0xfffffffe, 0x9e, 0x3, 0x81, 0x4, 0x0, 0x12db9bb5, 0x4, 0x40, 0x8000, 0x6, 0x9, 0x9, 0x7, 0x6, 0x1, 0x3, 0x0, 0x8, 0x1, 0x8, 0x1, 0x400, 0x8, 0x200, 0x5, 0x1, 0x8000, 0x0, 0x4, 0x7fff, 0x4, 0xff, 0xdf4, 0x8, 0x5, 0x8, 0x4, 0x9, 0xb58, 0x7, 0xb5, 0x4, 0x4, 0x6, 0x4, 0x6, 0x8, 0x6, 0x5, 0x100, 0x80000001, 0xd757, 0x7, 0x3ff, 0x0, 0x2, 0x9, 0x8b54, 0xc73, 0x6, 0x86, 0x1, 0x0, 0x4, 0x2, 0x5, 0xed, 0x6, 0x4, 0xa7, 0x800, 0x80000001, 0x7, 0x0, 0x7aa1, 0xbb07, 0x1ff, 0x9, 0x8, 0xb, 0x6, 0x0, 0x6, 0x1ff, 0x7, 0xb7d, 0x1000, 0x0, 0x5, 0x80, 0x8000, 0xff, 0xbc, 0x4, 0x9, 0x0, 0x9f4, 0xfffffffe, 0xdf38, 0x4, 0xe4, 0x8, 0x0, 0x5, 0x7f, 0xfffffffc, 0x9, 0x8001, 0xcb5c, 0x1, 0x1, 0x7fff, 0x0, 0x8, 0x2, 0x6, 0xc, 0x4, 0x7, 0x101, 0xd6b, 0x9, 0x7, 0x0, 0x598, 0x0, 0x5, 0x2, 0x6, 0x2, 0xfffffff8, 0x5, 0x40, 0x6, 0x1, 0x3, 0x1, 0x9, 0x10000, 0xfd9b, 0x9, 0x0, 0x4, 0xbb, 0x5101b4a3, 0x10001, 0x5, 0xff, 0x4, 0x4, 0x8, 0x1, 0x7, 0x6, 0x6, 0x7fff, 0x40c29d5, 0x9, 0x4, 0xc936, 0x1b, 0x0, 0xf, 0xf, 0xfffffff7, 0x9, 0x10001, 0x2, 0x0, 0xfffffffb, 0x5, 0x1735, 0x7, 0x8, 0xd79, 0x4f2, 0x6a7, 0x400, 0x2aa6, 0x0, 0x9, 0x0, 0x9, 0x2, 0x6, 0xffffffff, 0x4, 0x99e3, 0x9, 0x81, 0x4, 0x4, 0xb4, 0x5, 0x800, 0x1, 0x6, 0x800, 0x5, 0x0, 0x2, 0x7, 0x4, 0x10001, 0x3, 0x14b0], 0x3, 0x400})
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f0000001140)={0x0, {}, 0x0, {}, 0x3, 0x9, 0x1d, 0x1, "772e841f579b044aba88b749fb9f262a7f900cc894caaf644694e7a709d09909e6db79d3c57b86eb96ea3a5d2e18dfba68eb3adca94909408ff43b2960c2562d", "8308a41696901c700851269e2b8123236b51afb27b83e90efe9a95d12bc322ba", [0x0, 0x4f]}) (async)
ioctl$NBD_SET_BLKSIZE(r0, 0xab01, 0x2) (async)
r2 = syz_open_dev$sndpcmc(&(0x7f0000001200), 0x8, 0x2000)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r2, 0x40184150, &(0x7f0000001300)={0x0, &(0x7f0000001240)="d7d17eacbb4b3519ea2a6cef42643e3a8c9135313bbcfefde3dddf733e730ce639908c167446058ebc1dceb2b076365b79fa3c11916a5b4cb6f88118ed4041faa5f48915905bce12d6e0ad1482865882893aced076d3520aa11baa10aa2432937a195bd0ff8bc05153074964247a379ac3a14cb81857446c33ddc6dcfe40c86d8118ceef9eef911620f700f8b717de59dc3083313c5c90f2541ce44582814bf0f57b89c2104a5b18a368e9718457", 0xae})
r3 = syz_open_dev$vcsn(&(0x7f0000001340), 0xf43, 0x208200)
ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000001380)={{0x0, 0x0, 0x80}})
ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f0000003400)={{0x1, 0x1, 0x18, <r4=>r3, {0x101, 0x4}}, './file0\x00'})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r4, 0x84009422, &(0x7f0000003440)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r5 = openat$cgroup_ro(r4, &(0x7f0000003840)='cgroup.kill\x00', 0x0, 0x0)
ioctl$TCSETS(r5, 0x5402, &(0x7f0000003880)={0x4, 0x7, 0xfffffff9, 0xe, 0x1b, "808da05cfa90c59fd8c889faa1efa01764f372"})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000038c0), 0x80000, 0x0)
ioctl$SNDCTL_SYNTH_INFO(r6, 0xc08c5102, &(0x7f0000003900)={"be1e65e0fa14645cd2bb0eb1a0c8e527f6dc716e63ea02eaf474781e264e", 0x17, 0x1, 0x0, 0xbbb, 0x166f, 0x5, 0x9, 0x5, [0x4, 0x5, 0x367, 0xfffffffe, 0x9, 0x2, 0xfffffff8, 0x1, 0x3448a69a, 0x7, 0x9, 0x730e, 0x100000, 0xfffffff3, 0x6, 0x5dc, 0x1, 0x4]}) (async)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000039c0)='./cgroup/syz0\x00', 0x200002, 0x0)
r8 = openat$cgroup_ro(r7, &(0x7f0000003a00)='blkio.bfq.avg_queue_size\x00', 0x0, 0x0)
ioctl$NBD_SET_BLKSIZE(r0, 0xab01, 0x3b96) (async)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r8, 0xc018937e, &(0x7f0000003a40)={{0x1, 0x1, 0x18, <r9=>r7}, './file0/file0\x00'}) (async)
r10 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000003a80), 0x2000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000003ac0)={{0x1, 0x1, 0x18, <r11=>r10, {0x4}}, './file0/file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r9, 0xc0189375, &(0x7f0000003b00)={{0x1, 0x1, 0x18, r9}, './file0/file0\x00'}) (async)
ioctl$IOC_PR_REGISTER(r9, 0x401870c8, &(0x7f0000003b40)={0xfffffffffffffffd, 0x5, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r11, 0xc01064b5, &(0x7f0000003bc0)={&(0x7f0000003b80)=[<r12=>0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000003d00)={&(0x7f0000003c00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000003c40)=[0x0, 0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000003c80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000003cc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x7, 0x7, 0x6})
ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f0000003ec0)={r12, r13, 0x0, 0x0, 0x0, 0x4, &(0x7f0000003e80)=[0x0, 0x0, 0x0, 0x0]})

1m0.686344102s ago: executing program 4 (id=6254):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0)='memory.min\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x4904, 0x12)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x101, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4ca31, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(r4, &(0x7f00000000c0)={[{0x2d, 'devices'}, {0x2b, 'blkio'}, {0x2d, 'pids'}]}, 0x16)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
ioctl$TCSETS(r3, 0x40204706, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000310000000000200"})
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x280000, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000080)={0xc, <r6=>0x0})
ioctl$IOMMU_IOAS_UNMAP(r5, 0x3b86, &(0x7f00000000c0)={0x18, r6, 0x9, 0x9b3d})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

1m0.685444187s ago: executing program 6 (id=6255):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0xc0105303, &(0x7f00000001c0)={0xffff, 0x0, 0x0, 'queue0\x00'})
read$FUSE(r1, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (async)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
dup(r3) (async)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m0.359744762s ago: executing program 4 (id=6256):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000001180)=0x40)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

1m0.083312803s ago: executing program 4 (id=6257):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a000, 0x0)
ioctl$PPPIOCGIDLE64(r0, 0x8010743f, &(0x7f0000000080))
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r2, &(0x7f0000001c00)={0x8, {"21388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb69e6f4048f2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778681ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae38d36b839e3cd54ae4933ad529888fdac7bb08000000c0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659e506d5c7e63fb67c81164c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f96d467ddcabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b560300020000000000005131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca168eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa812a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc67c78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d526d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe65701000000000000000742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa70010de2573530324e14d158607883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca89db0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7f6ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x104f}}, 0x601)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r2, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x1)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000300)={r5, 0x0, 0x9, 0x0, 0x0, [<r6=>0x0], [0x9, 0x0, 0x0, 0x8], [0x3, 0x0, 0x100, 0x3], [0x1000000000000, 0x0, 0xa, 0x200]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
lseek(r7, 0x4, 0x1)
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000240)={0x0, 0x0})
r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x8600, 0x0)
read(r8, &(0x7f00000001c0)=""/157, 0x9d)

59.965467492s ago: executing program 6 (id=6258):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x6)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

59.90314949s ago: executing program 4 (id=6259):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0xe8, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r4, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f00005e0000/0x4000)=nil, 0x4000, 0x0, 0x100010, r4, 0xf2f3b000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_SMBUS(r5, 0x720, &(0x7f0000000100)={0x0, 0x0, 0x5, &(0x7f0000000040)={0xfe, "9989c68556dd9d63a9a0cb7da9cb879ac40f981015593121eec7061ac272a7cb2d"}})
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

59.619155118s ago: executing program 6 (id=6260):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r4, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

59.215582375s ago: executing program 6 (id=6261):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000680)=ANY=[@ANYBLOB="01000000000008007100004050927e2ea32488"])
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r4, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r6, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

58.905089015s ago: executing program 5 (id=6262):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
close(r1)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "65366a50432b7ee2c7feddd91df868e7cfc6fa7272f3bf0a71b5d0c19323a260"}})
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x8, 0xd100)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000002, 0x7d, 0x80, 0x0, <r4=>0x0})
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000480)={0x80, 0xb77, 0x9})
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000340)={0xfffd, 0x881, 0x4, 0x0, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r5, 0xc00464b4, &(0x7f00000001c0)={r7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x86b, 0xe9, 0x2b})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r2, 0xc00464b4, &(0x7f0000000040)={r4})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$TCXONC(r1, 0x540a, 0x1)

58.587109664s ago: executing program 6 (id=6263):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.threads\x00', 0x2, 0x0) (async)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000240)={0x3361cc09, 0x10001, {<r2=>0x0}, {0xee01}, 0x732, 0x4})
write$cgroup_pid(r1, &(0x7f0000000280)=r2, 0x12)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r3, 0x0, 0x0)
r4 = syz_open_dev$swradio(&(0x7f0000000200), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000000)={0x5}) (async)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r4, 0x4020565b, &(0x7f0000000080)={0x3}) (async)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5) (async)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r8, 0xc018643a, &(0x7f0000000000)={0x8000001}) (async)
r9 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x4000, 0x1000, &(0x7f0000137000/0x1000)=nil})
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000001640)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"]) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
ioctl$BLKZEROOUT(r9, 0x127f, &(0x7f00000002c0)={0x10001, 0x3}) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) (async)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

58.332497059s ago: executing program 4 (id=6264):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_normal', 0x2, 0x2)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x2, 0x2})
write$FUSE_NOTIFY_STORE(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='-', @ANYRESDEC], 0x28)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000200)={0xf030000, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f909, 0x7fff, '\x00', @value64=0x2}}) (async)
ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000200)={0xf030000, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f909, 0x7fff, '\x00', @value64=0x2}})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x420200, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x420200, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600) (async)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f000009e000/0x4000)=nil, 0x4000, 0x2800007, 0x8032, 0xffffffffffffffff, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x900, 0x12) (async)
write$cgroup_int(r3, &(0x7f0000000040)=0x900, 0x12)

52.310777911s ago: executing program 36 (id=6213):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={0x0, 0x0, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000200)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r5, 0xc06864a2, &(0x7f00000000c0)={0x0, 0x0, r6, r7, 0x0, 0x0, 0x0, 0x5, {0x5, 0xfff7, 0x9, 0x8000, 0x2, 0x7f, 0x0, 0x872, 0x4, 0x0, 0x12, 0x0, 0x100001, 0x2010000, "0e19cd276f6c8c20761a58418bdffb38a310364ef87b48499c76277e0300"}})
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x79, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r8, 0x641e)
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000280)={0x2, r6, 0x7fff, 0x10002, 0x5, 0x6, 0xb})
ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, <r9=>0xffffffffffffffff})
ioctl$DMA_BUF_IOCTL_SYNC(r9, 0x40086200, &(0x7f0000000000)=0x300)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r11 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000140), 0x101102, 0x0)
ioctl$DMA_BUF_IOCTL_SYNC(r11, 0x40086200, &(0x7f0000000180))
write$cgroup_int(r10, 0x0, 0x0)
r12 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r12, &(0x7f0000000080), 0x0)
ioctl$VIDIOC_S_FMT(r12, 0xc0d05605, &(0x7f00000002c0)={0x5, @sdr={0x33524742, 0xfffffffe}})
r13 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r13, 0x40505331, &(0x7f0000000140)={{}, {0x40}, 0x1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r0, 0x7dfff000)

50.241370044s ago: executing program 8 (id=6265):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x101401, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r1, 0x2284, &(0x7f0000000000))
ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000380))
ioctl$PTP_PIN_SETFUNC(r0, 0x40603d07, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000180))
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x4d, 0x1, 0x3}, {0x61}, {}, {}, {0x6}]})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0xf)
ioctl$TCFLSH(r3, 0x540b, 0x0)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0xabd7, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000240)={0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000080)={0x0})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f00000000c0)={0x4})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x3000007, 0x202812, r4, 0xf4f21000)

43.21719287s ago: executing program 37 (id=6262):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
close(r1)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "65366a50432b7ee2c7feddd91df868e7cfc6fa7272f3bf0a71b5d0c19323a260"}})
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x8, 0xd100)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000002, 0x7d, 0x80, 0x0, <r4=>0x0})
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000480)={0x80, 0xb77, 0x9})
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000340)={0xfffd, 0x881, 0x4, 0x0, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r5, 0xc00464b4, &(0x7f00000001c0)={r7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x86b, 0xe9, 0x2b})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r2, 0xc00464b4, &(0x7f0000000040)={r4})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$TCXONC(r1, 0x540a, 0x1)

43.174831872s ago: executing program 38 (id=6264):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_normal', 0x2, 0x2)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x2, 0x2})
write$FUSE_NOTIFY_STORE(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='-', @ANYRESDEC], 0x28)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000200)={0xf030000, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f909, 0x7fff, '\x00', @value64=0x2}}) (async)
ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000200)={0xf030000, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f909, 0x7fff, '\x00', @value64=0x2}})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x420200, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x420200, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600) (async)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f000009e000/0x4000)=nil, 0x4000, 0x2800007, 0x8032, 0xffffffffffffffff, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x900, 0x12) (async)
write$cgroup_int(r3, &(0x7f0000000040)=0x900, 0x12)

43.133391027s ago: executing program 39 (id=6263):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.threads\x00', 0x2, 0x0) (async)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000240)={0x3361cc09, 0x10001, {<r2=>0x0}, {0xee01}, 0x732, 0x4})
write$cgroup_pid(r1, &(0x7f0000000280)=r2, 0x12)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r3, 0x0, 0x0)
r4 = syz_open_dev$swradio(&(0x7f0000000200), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000000)={0x5}) (async)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r4, 0x4020565b, &(0x7f0000000080)={0x3}) (async)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r6 = dup(r5) (async)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r8, 0xc018643a, &(0x7f0000000000)={0x8000001}) (async)
r9 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x4000, 0x1000, &(0x7f0000137000/0x1000)=nil})
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000001640)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"]) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
ioctl$BLKZEROOUT(r9, 0x127f, &(0x7f00000002c0)={0x10001, 0x3}) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) (async)
ioctl$BLKZEROOUT(r6, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

34.863210769s ago: executing program 40 (id=6265):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x101401, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r1, 0x2284, &(0x7f0000000000))
ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000380))
ioctl$PTP_PIN_SETFUNC(r0, 0x40603d07, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000180))
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x4d, 0x1, 0x3}, {0x61}, {}, {}, {0x6}]})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0xf)
ioctl$TCFLSH(r3, 0x540b, 0x0)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0xabd7, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000240)={0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000080)={0x0})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f00000000c0)={0x4})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x3000007, 0x202812, r4, 0xf4f21000)

22.243599984s ago: executing program 1 (id=6320):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f00000001c0)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r2, 0x40101286, 0x0)
r3 = openat$mice(0xffffffffffffff9c, 0x0, 0x80082)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x80000000, 0x1ff, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}}}, 0xa0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r5, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TCFLSH(0xffffffffffffffff, 0x80044704, 0x20001100)
read$FUSE(r1, 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r8, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000000)='io.stat\x00', 0x0, 0x0)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0xc80, 0x0)
syz_open_dev$media(&(0x7f00000000c0), 0x29, 0x28000)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r11 = dup(r10)
write$UHID_INPUT(r11, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d09f90750090987f70906d038e7ff7fc6e5539b0d3d0e8b089b39346d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610062c02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r12 = syz_open_dev$video(&(0x7f0000000000), 0x1c, 0x428081)
ioctl$VIDIOC_ENUMINPUT(r12, 0xc050561a, &(0x7f00000002c0)={0x3, "099fdbcd9b7f20bc91f5c2ef8e3b22bf2db466e70d01ed7d11f67f754354bf9e", 0x0, 0x0, 0x4})
ioctl$RTC_AIE_OFF(r9, 0x7002)

20.443505917s ago: executing program 1 (id=6325):
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000869000/0x2000)=nil, 0x2000, 0x2000006, 0x12, r1, 0x70800000)
mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xc0010006, 0x0, 0xaf}]})
ioctl$FS_IOC_RESVSP(r2, 0x40305829, &(0x7f0000000540)={0x1100, 0x0, 0x52, 0x10000})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000003, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

19.799580024s ago: executing program 1 (id=6328):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f00000001c0)={{0x3, 0x2, 0x2, 0x7, 'syz1\x00', 0x80000000}, 0x1, [0x1, 0x4, 0x5, 0x6, 0x4, 0x6, 0x2, 0x8669, 0x3, 0x0, 0x9, 0x2, 0x8000, 0xc, 0x1, 0x5, 0x0, 0x2, 0xb14, 0x8, 0x4, 0x65, 0x4, 0x7a, 0x0, 0x5, 0x79a9, 0x5, 0x0, 0x1000, 0x4, 0x2, 0x79, 0x8000, 0x1, 0xffffffff, 0x80000001, 0x6, 0x4603800000000000, 0x1, 0xfffffffffffffffe, 0x6, 0x7, 0x1000, 0x10000, 0x2, 0x1000, 0xffffffffffffc9f4, 0x7fff, 0x9, 0x80, 0x335, 0x3, 0x1, 0x0, 0x2000, 0x80000001, 0xa5a0, 0x3ff, 0xf, 0x32, 0x100000001, 0x5, 0x1, 0x101, 0x40, 0x5, 0x8, 0x1, 0x5, 0x401, 0xdc3, 0xee1, 0x10001, 0x19, 0x5f6, 0x5, 0x8, 0xd5, 0x70000000, 0x8, 0x9, 0x9, 0xffffffffffffffff, 0x3, 0x3, 0x1, 0x88, 0x0, 0x92, 0x6, 0x7, 0x7c61aaca, 0x7fffffff, 0x1, 0xf53, 0x6, 0x2, 0xffffffffffffffff, 0x8000000000000000, 0x200, 0x7, 0x7f, 0xa1cd, 0xffffffff, 0x7fffffff, 0xa080, 0xd2bb, 0x9, 0x4, 0x80000000, 0x293b, 0x4, 0x1000, 0x9, 0x5, 0xc2, 0x1, 0x80, 0x3, 0x0, 0x3, 0xae, 0x100, 0x1, 0x5, 0xcfd9, 0x9]})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x1, 0xeeee0000, 0x2000, &(0x7f0000369000/0x2000)=nil})
ioctl$KVM_GET_NR_MMU_PAGES(r2, 0xae45, 0x1)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000013, 0x20000000ec071, 0xffffffffffffffff, 0xa784a000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

19.271630705s ago: executing program 1 (id=6330):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x321a82, 0x0)
read$midi(r1, 0x0, 0x43)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xe042, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000400)={0xf0f01e, 0xd50})
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8010, r3, 0x4000)
pwritev(r2, 0x0, 0x0, 0xfffffffffffffffc, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000193c0), 0x40000)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r4, 0x404c534a, &(0x7f0000000040))
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
write$sndseq(r5, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000080)={0x6c6, 0x1, 0x2, 0x0, 0x80})
r7 = openat$kvm(0x0, &(0x7f0000000000), 0x600080, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r9=>r1}, './file0\x00'})
r10 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r10, 0xc0105500, &(0x7f00000007c0)=@urb_type_iso={0x0, {0x4}, 0x40, 0x0, &(0x7f0000000340)="990f819c391365fdd0c2606e742671e57c477e454fbe7a688065e9c9c54d5ac6777582e30237e72dcd193faa4701442c1ad80544594f9ee25a70d1fac1b9f91f5a761790d710abc6d96d941d27aab1f3808f70bdf862b71113edc5de2af8d2a90abce1417de20fb53d194079d646fdee52c9bade50154d0aa4d3aa", 0x7b, 0x2433ad64, 0x2, 0x4e, 0x9, 0x1, &(0x7f0000000500)="c453cbc3d64d146eace13f5895ca01bb7cc5532a3a37a8899349d3b26ef9639ee73f055fa66ce5b6c1abce3a6550c3535761d503fcd32eb8400e33f546d6365171aa8d95fdadd855e2e0f5f8e17fcc92d22a20661c8329565709d0f316a0feaa7dd99e587e23fc9d18edc42ebdda7cf999893992468c493e8e978e01999bddb70e58610e77d4906772291e9ee142c73e671635f02831bfdccb6e5e795ae7", [{0xa7d, 0x40, 0xffffffff}, {0x5, 0x3, 0x4}, {0x8, 0x9, 0x9e}, {0x5, 0x44e0, 0x101}, {0xe2, 0x7ffd, 0x896}, {0x8, 0x8ef, 0x9}, {0x4060, 0x8, 0x8}, {0x442d, 0x400, 0x8dc9}, {0xd, 0x5, 0x10000}, {0x7, 0x7, 0x7}, {0x3b, 0x4, 0x1}, {0xa, 0x9, 0x8}, {0xffffffff, 0xfffffff1, 0x7}, {0x7ff, 0x101, 0x3}, {0x2, 0x400, 0x7}, {0x6, 0x40, 0x5}, {0x8, 0x8, 0xfffffffd}, {0x49fe2ead, 0x9c15, 0x6}, {0x81, 0x9, 0x4}, {0xca, 0x2, 0x98}, {0x9, 0x4, 0x697}, {0x7, 0x1d, 0x1}, {0x4, 0x10, 0x80ab}, {0xffff8001, 0x1, 0x3}, {0x4, 0x7, 0x5}, {0x7, 0x5, 0x9}, {0x6, 0x3, 0x1}, {0x8, 0x7, 0xea3}, {0x2, 0x0, 0x4}, {0xfffffffe, 0x0, 0x80}, {0x4, 0x8, 0x5}, {0x10, 0x7ff, 0x8}, {0x8, 0x0, 0xe0}, {0x10001, 0x7, 0x6}, {0x80, 0x3, 0xfff}, {0x2000, 0x6, 0x2}, {0x7f, 0x0, 0xc82}, {0x4, 0xa, 0x300}, {0x7fff, 0x1, 0x4}, {0x3a, 0x6, 0x89}, {0x1, 0x0, 0x7}, {0x7, 0x7df8, 0x7}, {0xfff, 0x1, 0x9}, {0xa, 0x9, 0x7}, {0x401, 0x2, 0xa}, {0xd, 0x5, 0x42e}, {0x101, 0x5}, {0x1ff, 0x8}, {0xc, 0x6, 0x9}, {0x4, 0x0, 0x1}, {0x5, 0x80000000, 0x6}, {0xd6e, 0x3ff, 0x193}, {0x8, 0x2, 0x1}, {0x800, 0x5, 0xe}, {0xe, 0x5, 0x9}, {0x2, 0x7, 0x8}, {0x7fffffff, 0x0, 0xffffff81}, {0x3, 0xfffffffc, 0x8}, {0x3, 0x1000}, {0xffffffff, 0x4, 0x577}, {0x3, 0x62, 0x1}, {0x9, 0x2, 0x80}, {0xaf9a, 0x9, 0x3}, {0x0, 0x7, 0xd8bc}, {0x7, 0xfff, 0xd}, {0x2, 0xc, 0xd}, {0x6, 0x7, 0x5}, {0x101, 0x10001, 0x7ffe}, {0x0, 0x0, 0x6}, {0x0, 0x8, 0x3}, {0x8, 0x7, 0x9e}, {0x8, 0x8, 0x100}, {0x2, 0x0, 0x81}, {0x9f, 0x3, 0x3ff}, {0xf, 0xd, 0x1}, {0x5, 0x7, 0x4}, {0x4, 0x1, 0x1738000}, {0xad, 0x6, 0xf653}]})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r9, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r10, {0xf2}}, './file0\x00'})
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYRES8=r10])
r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sysvipc/shm\x00', 0x0, 0x0)
preadv(r11, &(0x7f0000000780), 0x0, 0x1, 0x10)

19.202511122s ago: executing program 9 (id=6331):
r0 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000200)={'\x00', 0x0, 0xfff, 0x2, 0x200008001})
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000400)={0x2020, 0x0, <r3=>0x0}, 0x2020)
read$FUSE(0xffffffffffffffff, &(0x7f0000002440)={0x2020, 0x0, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000004480)={0xa0, 0xfffffffffffffff5, r3, {{0x1, 0x3, 0x4, 0xfffffffffffffbb1, 0x0, 0x1, {0x5, 0x1, 0x41, 0x4, 0x40, 0xa, 0x4, 0xffff, 0x7f, 0xe000, 0x4, r4, r5, 0x2, 0x50760b1b}}, {0x0, 0x10}}}, 0xa0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f00000001c0)={0x4})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r6, 0x404c534a, &(0x7f0000000380))
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0x40605346, &(0x7f0000000040)={0x0, 0x0, {0x3, 0x1, 0x1, 0x0, 0x8}, 0x6})
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r9=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r8, 0x3b88, &(0x7f00000002c0)={0xc, r9})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r8, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r9})
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x3b85, &(0x7f0000000340)={0x28, 0x4, r9, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r6, 0x80045301, &(0x7f00000000c0))
ioctl$IOMMU_VFIO_SET_IOMMU(r8, 0x3b66, 0x1)
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$rfkill(r10, &(0x7f0000000080)={0x1}, 0x8)
mmap(&(0x7f000038a000/0x1000)=nil, 0x1000, 0x0, 0x2010, r1, 0x1000000000040000)

18.738869452s ago: executing program 0 (id=6332):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x8000000})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000500)={0x48, 0x2, r6})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r5, 0x0, 0xffffffffffffffff, 0x1})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r5, 0x0, &(0x7f0000392000/0x3000)=nil, 0x3000, 0xab1a})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000080)={0x28, 0x3, r5, 0x0, &(0x7f00000a6000/0x3000)=nil, 0x3000, 0x10000})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000b80)={'\x00', 0x8411})
ioctl$TUNSETOFFLOAD(r7, 0x400454c9, 0x9)
ioctl$TUNATTACHFILTER(r7, 0x400454cc, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r2})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) (async)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc}) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x8000000}) (async)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000140)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000240)={0xc}) (async)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000500)={0x48, 0x2, r6}) (async)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r5, 0x0, 0xffffffffffffffff, 0x1}) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r5, 0x0, &(0x7f0000392000/0x3000)=nil, 0x3000, 0xab1a}) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000080)={0x28, 0x3, r5, 0x0, &(0x7f00000a6000/0x3000)=nil, 0x3000, 0x10000}) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000b80)={'\x00', 0x8411}) (async)
ioctl$TUNSETOFFLOAD(r7, 0x400454c9, 0x9) (async)
ioctl$TUNATTACHFILTER(r7, 0x400454cc, 0x0) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001}) (async)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r2}) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)

18.326386958s ago: executing program 9 (id=6333):
r0 = syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x27, 0x1, 0x0, "3a8e00000034b52ba75066c27891ca55e21f0000000000b2b678d200", 0x32344d59}) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000080)={0x28, 0x0, 0x0}) (async)
read(r1, &(0x7f00000001c0)=""/161, 0xa1)

18.209110063s ago: executing program 0 (id=6334):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000000), 0x5dc0, 0x48502)
syz_open_dev$usbfs(&(0x7f0000000380), 0x2fb8, 0xc0002)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0})
r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f00000000c0)={"fbffffff", 0x0, 0x6, 0x2, 0x0, 0x0, "000000ff00070000000900", '\x00', "05030400", "e859ad33", ['\x00', "00000008000906000000da00", "0c000004dd372a9000"]})
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0xfdfdffff, 0x0, 0xfffffff8})
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007)

17.86084217s ago: executing program 0 (id=6335):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$FS_IOC_GETFSSYSFSPATH(r0, 0x80811501, &(0x7f00000001c0)={0x80})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
mmap(&(0x7f0000767000/0x2000)=nil, 0x2000, 0x3, 0x1010, 0xffffffffffffffff, 0x80f4a000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

17.812635926s ago: executing program 2 (id=6270):
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {<r1=>0xffffffffffffffff}}, './file0\x00'})
ioctl$SNDCTL_SEQ_GETINCOUNT(r1, 0x80045105, &(0x7f0000000040))
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000080)={0xd, 0x6})
ioctl$EXT4_IOC_CHECKPOINT(r1, 0x4004662b, &(0x7f00000000c0)=0x6)
ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f0000000100))
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x111680, 0x0)
tee(r0, r2, 0xfffffffffffffff8, 0x9)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>r1, {0x2, 0xffff15c5}}, './file0\x00'})
mmap$usbfs(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x10, r0, 0x3)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r1, 0xc0245720, &(0x7f00000001c0)={0x1})
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000200))
ioctl$PPPIOCGIDLE64(r0, 0x8010743f, &(0x7f0000000240))
ioctl$SNDCTL_FM_LOAD_INSTR(r0, 0x40285107)
ioctl$KDSKBLED(r1, 0x4b65, 0x8)
ioctl$SNDCTL_SEQ_GETINCOUNT(r3, 0x80045105, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r4=>r2, {0x9}}, './file0\x00'})
r5 = syz_open_dev$ttys(0xc, 0x2, 0x1)
preadv(r5, &(0x7f0000000800)=[{&(0x7f0000000300)=""/211, 0xd3}, {&(0x7f0000000400)=""/104, 0x68}, {&(0x7f0000000480)=""/208, 0xd0}, {&(0x7f0000000580)=""/153, 0x99}, {&(0x7f0000000640)=""/209, 0xd1}, {&(0x7f0000000740)=""/50, 0x32}, {&(0x7f0000000780)=""/123, 0x7b}], 0x7, 0x8001, 0x5)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r4, 0x40049366, &(0x7f0000000880)=0x1)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000008c0)='./binderfs/custom0\x00', 0x802, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(r6, 0x40046721, &(0x7f0000000900)={r3})
syz_open_dev$midi(&(0x7f0000000940), 0x2, 0x40)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000980)={0x28, 0x5, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x80000000})
preadv(r1, &(0x7f0000000f40)=[{&(0x7f00000009c0)=""/159, 0x9f}, {&(0x7f0000000a80)=""/53, 0x35}, {&(0x7f0000000ac0)=""/167, 0xa7}, {&(0x7f0000000b80)=""/226, 0xe2}, {&(0x7f0000000c80)=""/208, 0xd0}, {&(0x7f0000000d80)=""/70, 0x46}, {&(0x7f0000000e00)=""/22, 0x16}, {&(0x7f0000000e40)=""/174, 0xae}, {&(0x7f0000000f00)=""/1, 0x1}], 0x9, 0x6, 0xfffffffe)
ioctl$RTC_PIE_OFF(r1, 0x7006)
ioctl$EVIOCGABS3F(r2, 0x8018457f, &(0x7f0000001000)=""/186)
ioctl$KDGKBLED(r2, 0x4b64, &(0x7f00000010c0))
preadv(r2, &(0x7f0000001480)=[{&(0x7f0000001100)=""/195, 0xc3}, {&(0x7f0000001200)=""/129, 0x81}, {&(0x7f00000012c0)=""/79, 0x4f}, {&(0x7f0000001340)=""/241, 0xf1}, {&(0x7f0000001440)=""/31, 0x1f}], 0x5, 0x101, 0x4)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000001500), 0x80, 0x0)
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r7, 0x3b8c, &(0x7f0000001600)={0x30, 0x0, 0x0, 0x0, 0x5, 0x4, 0x82a2, &(0x7f00000015c0)=""/1})

17.709336695s ago: executing program 2 (id=6336):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f00000001c0)=""/162, 0xa2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee3, 0x0)
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000080)={0xc, 0x9, 0x1, "9b651e7daa43f842e53b7c18f12cc514b0fcff2d149ea1333d8f737d1ca4864e", 0x47504a4d})

17.307386408s ago: executing program 9 (id=6337):
ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r0, 0x7dfff000)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x40)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000080)={0xf2, 0x5, 0x65, "1dc0e6f44739cc7cbea7848f833b19064ac9cfd45923b0ea3e4dc73b27198ca70eedfee4f5b0efddbf583f216ce118341e09b74295cef732d0b81a5ad4aa7ae79207f7ef1d37044ace65569c0976666c51c01556ba965540957a34caf5eb0540de394496dbdb0a46890230bc2fd7ee6ca24ceee376420ec665ed353bad4b78d0cba654e52333f36bbc40547bf06c537f3c157b43749b525aeb1f66113917d0680b9e30292c4fdbd5c101e683b5482e1b8bd2f4502064f9f31c7b2f2f3595ca84ffcff3a699c2888f736ff7ce88cbc9ccd6bbd243ad77d6ebccac0c53ffcd4fa18500ee92db4c77fb9199d71a001c5daf616f"})

17.306915638s ago: executing program 2 (id=6338):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000640)={0x400, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8, 0x1}})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x42002)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000180)={0x73, @time={0xecef}})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

17.120203242s ago: executing program 9 (id=6339):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
dup(0xffffffffffffffff)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r2})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x8)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x900, 0x12)

16.990171695s ago: executing program 0 (id=6340):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x4008700c, 0x0) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

16.707356282s ago: executing program 0 (id=6341):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x13, r1, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000200)=0xa0000)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r2, 0x7a9, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x300000b, 0x12, 0xffffffffffffffff, 0x22978000)

16.705514251s ago: executing program 2 (id=6342):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000009780)={0x2020}, 0x2020) (async)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000240)={0xb0, 0x0, 0x3, [{{0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x4, {0x0, 0x5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x0, 0x4, 0x1, 0x0, '('}}]}, 0xb0) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000e4c000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, r2, 0x61cd6000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0), 0x3, 0x2}}, 0x20) (async)
openat$nvram(0xffffff9c, &(0x7f0000000000), 0x2ce40, 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$nci(r4, &(0x7f0000000200)=""/11, 0xb)
mmap(&(0x7f0000bb9000/0x3000)=nil, 0x3000, 0x2000007, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

16.537592143s ago: executing program 9 (id=6343):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132})
ioctl$TUNSETGROUP(r0, 0x541b, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040))
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0884113, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x10001})
ioctl$SNDCTL_DSP_GETODELAY(r3, 0x80045017, &(0x7f0000000300))
r5 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
read$msr(r5, &(0x7f00000001c0)=""/42, 0x2a)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xc0010006, 0x0, 0xaf}]})
r9 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
r10 = syz_open_dev$I2C(&(0x7f0000000080), 0x2, 0x10400)
r11 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
read$FUSE(r11, &(0x7f0000005e40)={0x2020, 0x0, <r12=>0x0, <r13=>0x0, <r14=>0x0}, 0x2020)
write$FUSE_ATTR(r11, &(0x7f0000005340)={0x78, 0x0, r12, {0x2000000007, 0x400, 0x0, {0x6, 0xfffe000000000000, 0xfffffffffffffffb, 0xff, 0x694, 0x3, 0x7f, 0x9, 0x800, 0x2000, 0x2, r13, r14, 0xb, 0x8, 0x1000000}}}, 0x78)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0xee00, <r15=>0xee01}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r9, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, r10, {r13, r15}}, './file0\x00'})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r1, 0x7dfff000)

16.501142546s ago: executing program 1 (id=6344):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x32)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x1000)=nil, 0x1000, 0x5a051feb1f984a1d, 0x202812, r3, 0x7dfff000)

16.19052196s ago: executing program 0 (id=6345):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r4, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCFLSH(r5, 0x540b, 0x7ffffffffffffd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

15.454026431s ago: executing program 9 (id=6346):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r2, 0x0, 0x0, 0x0, <r3=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r1, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r3, r2, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r1, 0x3b89, &(0x7f0000000300)={0x21, 0x0, r3, r4, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r6, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000240)='H', 0x1, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r6, 0xc00464be, &(0x7f0000000000)={r7})
read$FUSE(r5, 0x0, 0x0)
ioctl$SG_BLKSECTGET(r5, 0x1267, &(0x7f00000001c0))
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r9 = dup(r8)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f00000002c0)={0x38, 0x0, 0x0, [{0x0, 0x80000001, 0xd, 0x5, '/dev/rnullb0\x00'}]}, 0x38)
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r10, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r11 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r11, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000240)='H', 0x1, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r11, 0xc00464be, &(0x7f0000000000)={r12})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r9, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
r13 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r13, 0x3b85, &(0x7f0000000100)={0x28, 0x6, 0x0, 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x800})
ioctl$IOMMU_IOAS_MAP$PAGES(r13, 0x3b85, &(0x7f0000000000)={0x28, 0x4, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000})
ioctl$IOMMU_IOAS_COPY(0xffffffffffffffff, 0x3b83, &(0x7f0000000040)={0x28, 0x5, 0x0, 0x0, 0x3, 0xfffffffffefffff8, 0xbdf9})

15.191301932s ago: executing program 1 (id=6347):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async, rerun: 64)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0) (rerun: 64)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async, rerun: 64)
ioctl$TUNSETOFFLOAD(r3, 0x400454ce, 0xa) (async, rerun: 64)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
ioctl$PTP_EXTTS_REQUEST2(r2, 0x80503d0a, &(0x7f0000000080)) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

1.127698173s ago: executing program 41 (id=6345):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r4, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCFLSH(r5, 0x540b, 0x7ffffffffffffd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1.067307971s ago: executing program 42 (id=6342):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000009780)={0x2020}, 0x2020) (async)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000240)={0xb0, 0x0, 0x3, [{{0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x4, {0x0, 0x5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x0, 0x4, 0x1, 0x0, '('}}]}, 0xb0) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000e4c000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, r2, 0x61cd6000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0), 0x3, 0x2}}, 0x20) (async)
openat$nvram(0xffffff9c, &(0x7f0000000000), 0x2ce40, 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$nci(r4, &(0x7f0000000200)=""/11, 0xb)
mmap(&(0x7f0000bb9000/0x3000)=nil, 0x3000, 0x2000007, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

35.340381ms ago: executing program 43 (id=6346):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r2, 0x0, 0x0, 0x0, <r3=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r1, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r3, r2, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r1, 0x3b89, &(0x7f0000000300)={0x21, 0x0, r3, r4, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r6, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000240)='H', 0x1, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r6, 0xc00464be, &(0x7f0000000000)={r7})
read$FUSE(r5, 0x0, 0x0)
ioctl$SG_BLKSECTGET(r5, 0x1267, &(0x7f00000001c0))
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r9 = dup(r8)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f00000002c0)={0x38, 0x0, 0x0, [{0x0, 0x80000001, 0xd, 0x5, '/dev/rnullb0\x00'}]}, 0x38)
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r10, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r11 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r11, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000240)='H', 0x1, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r11, 0xc00464be, &(0x7f0000000000)={r12})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r9, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
r13 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r13, 0x3b85, &(0x7f0000000100)={0x28, 0x6, 0x0, 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x800})
ioctl$IOMMU_IOAS_MAP$PAGES(r13, 0x3b85, &(0x7f0000000000)={0x28, 0x4, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000})
ioctl$IOMMU_IOAS_COPY(0xffffffffffffffff, 0x3b83, &(0x7f0000000040)={0x28, 0x5, 0x0, 0x0, 0x3, 0xfffffffffefffff8, 0xbdf9})

0s ago: executing program 44 (id=6347):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async, rerun: 64)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0) (rerun: 64)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async, rerun: 64)
ioctl$TUNSETOFFLOAD(r3, 0x400454ce, 0xa) (async, rerun: 64)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
ioctl$PTP_EXTTS_REQUEST2(r2, 0x80503d0a, &(0x7f0000000080)) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

kernel console output (not intermixed with test programs):

T7792] Ž?"
[  746.164140][ T7792] CUSE: unknown device info "v…2‰.7’õ¸Ë‚þ ®Ñ*5®¸Óì•SEAy û…	¿`?e`þŠl6Ý¡ÐÙéQ0V84ÜŽ{c"áKüü^÷vaOÖ�M Œ××Ê8æf1¨\.dž6�á(3´iË¿­›ƒfω11,kb­°îz›Ö‰"�NXjª}˜	ß~
ïwu/¾KÈ9Ê.²Ðrù¯×¤©"
[  746.232797][ T7792] CUSE: DEVNAME unspecified
[  747.184449][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  747.194033][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  748.775635][T15391] psmouse serio15: Failed to reset mouse on : -5
[  749.044161][ T7908] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  749.496438][ T7933] input: syz1 as /devices/virtual/input/input146
[  751.846327][ T8046] usb usb1: usbfs: process 8046 (syz.7.4762) did not claim interface 0 before use
[  752.836454][T15391] misc userio: Buffer overflowed, userio client isn't keeping up
[  753.897559][T15391] input: PS/2 Generic Mouse as /devices/serio15/input/input145
[  753.936192][ T8143] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  754.149976][ T8159] syz.7.4779: attempt to access beyond end of device
[  754.149976][ T8159] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  754.155533][T15391] psmouse serio15: Failed to enable mouse on 
[  754.907063][ T8219] mkiss: ax0: crc mode is auto.
[  755.103136][ T8226] mkiss: ax0: crc mode is auto.
[  757.405995][ T8333] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  758.154069][ T8370] autofs4:pid:8370:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(2.1), cmd(0xc0189374)
[  758.205231][ T8370] autofs4:pid:8370:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189374)
[  759.069652][ T8397] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  759.089725][T13871] Bluetooth: hci4: Frame reassembly failed (-84)
[  759.922286][ T8437] can0: slcan on ptm2.
[  760.121435][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.145588][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.153048][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.185736][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.203481][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.211282][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.236477][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.254185][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.261957][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.285493][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.330137][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.338013][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.362482][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.372876][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.381923][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.428556][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.436393][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.443907][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.475514][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.482960][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.513646][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.526985][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.534429][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.563571][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.595553][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.605895][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.625535][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.633424][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.672233][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.700314][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.718181][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.745513][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.756752][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.775924][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.795517][    T9] hid-generic 66F0:0005:0005.000D: unknown main item tag 0x0
[  760.840163][    T9] hid-generic 66F0:0005:0005.000D: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz0
[  761.027768][ T8483] fido_id[8483]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  761.095479][ T5159] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  761.095826][ T5845] Bluetooth: hci4: command 0x1003 tx timeout
[  761.206413][ T8493] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  761.697438][ T8435] can0 (unregistered): slcan off ptm2.
[  762.116413][ T8544] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  762.272947][ T8552] QAT: failed to copy from user cfg_data.
[  766.667846][ T8703] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  766.685506][ T8704] mkiss: ax0: crc mode is auto.
[  766.721373][ T8703] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  766.769438][ T8703] iommufd_mock iommufd_mock2: Adding to iommu group 2
[  768.864141][ T8854] blktrace: Concurrent blktraces are not allowed on rnullb0
[  768.881949][ T8854] snd_dummy snd_dummy.0: control 0:50499:2264:syz0:-3 is already present
[  769.119050][ T8876] input: syz1 as /devices/virtual/input/input147
[  769.682494][ T8942] input: syz0 as /devices/virtual/input/input148
[  769.783379][ T8945] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  769.845336][ T8945] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  770.347734][ T8979] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  770.449957][ T8985] input: syz0 as /devices/virtual/input/input149
[  771.401537][ T9040] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  772.942044][ T9120] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  775.161454][ T9234] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  775.577120][ T9254] autofs4:pid:9254:validate_dev_ioctl: path string terminator missing for cmd(0xc0189371)
[  776.539377][ T9292] syz.6.4945: attempt to access beyond end of device
[  776.539377][ T9292] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  777.092426][ T9309] program syz.7.4948 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  777.118405][ T9309] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  777.645059][ T9332] syz.6.4953: attempt to access beyond end of device
[  777.645059][ T9332] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  779.147120][ T9370] binder: 9369:9370 ioctl c0306201 200000000300 returned -22
[  779.173568][ T9375] binder: 9369:9375 ioctl c0306201 200000000300 returned -22
[  779.733452][ T9405] input: syz1 as /devices/virtual/input/input153
[  780.557872][ T9441] input: syz1 as /devices/virtual/input/input154
[  781.081433][ T9472] tap0: tun_chr_ioctl cmd 1074025680
[  782.259775][   T30] audit: type=1400 audit(1750394470.018:25): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=9529 comm="syz.4.4993"
[  783.624527][ T9575] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  785.130861][ T9630] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  785.380280][T13871] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.524586][T13871] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.770958][T13871] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.933649][ T9671] mkiss: ax0: crc mode is auto.
[  786.034991][T13871] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.151066][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  786.161065][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  786.176286][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  786.195562][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  786.203472][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  786.249418][ T5159] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  786.266487][ T5159] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  786.274757][ T5159] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  786.293493][ T5159] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  786.303954][ T5159] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  786.730436][T13871] bridge_slave_1: left allmulticast mode
[  786.739799][T13871] bridge_slave_1: left promiscuous mode
[  786.746061][T13871] bridge0: port 2(bridge_slave_1) entered disabled state
[  786.807111][T13871] bridge_slave_0: left allmulticast mode
[  786.812816][T13871] bridge_slave_0: left promiscuous mode
[  786.835680][T13871] bridge0: port 1(bridge_slave_0) entered disabled state
[  787.887971][T13871] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  787.909972][T13871] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  787.923276][T13871] bond0 (unregistering): Released all slaves
[  787.968480][ T9758] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  787.974437][ T9758] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  788.873769][ T9906] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  788.995885][T13871] hsr_slave_0: left promiscuous mode
[  789.004266][ T9908] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  789.027088][T13871] hsr_slave_1: left promiscuous mode
[  789.027868][T13871] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  789.084145][T13871] batman_adv: batadv0: Removing interface: batadv_slave_0
[  789.118026][T13871] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  789.131929][T13871] batman_adv: batadv0: Removing interface: batadv_slave_1
[  789.203099][T13871] veth1_macvtap: left promiscuous mode
[  789.235518][T13871] veth0_macvtap: left promiscuous mode
[  789.241242][T13871] veth1_vlan: left promiscuous mode
[  789.266684][T13871] veth0_vlan: left promiscuous mode
[  790.080022][ T9959] dlm: non-version read from control device 2
[  790.419688][T13871] team0 (unregistering): Port device team_slave_1 removed
[  790.473884][T13871] team0 (unregistering): Port device team_slave_0 removed
[  791.047012][ T9688] chnl_net:caif_netlink_parms(): no params data found
[  791.438058][ T9688] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.445239][ T9688] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.470075][ T9688] bridge_slave_0: entered allmulticast mode
[  791.475839][T10058] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  791.478389][ T9688] bridge_slave_0: entered promiscuous mode
[  791.506770][ T9688] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.525649][ T9688] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.532902][ T9688] bridge_slave_1: entered allmulticast mode
[  791.564225][ T9688] bridge_slave_1: entered promiscuous mode
[  791.714114][ T9688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  791.752670][ T9688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  792.023015][ T9688] team0: Port device team_slave_0 added
[  792.067203][ T9688] team0: Port device team_slave_1 added
[  792.359602][ T9688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  792.377373][ T9688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  792.403286][    C1] vkms_vblank_simulate: vblank timer overrun
[  792.492358][ T9688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  792.529258][ T9688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  792.547866][ T9688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  792.573778][    C1] vkms_vblank_simulate: vblank timer overrun
[  792.614667][ T9688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  792.866722][ T9688] hsr_slave_0: entered promiscuous mode
[  792.875328][ T9688] hsr_slave_1: entered promiscuous mode
[  792.895464][ T9688] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  792.903100][ T9688] Cannot create hsr debugfs directory
[  793.542130][T10315] binder: 10296:10315 ioctl c00c620f 2000000001c0 returned -22
[  794.884729][ T9688] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  794.898361][ T9688] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  794.916506][ T9688] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  794.988974][ T9688] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  795.354979][ T9688] 8021q: adding VLAN 0 to HW filter on device bond0
[  795.438812][ T9688] 8021q: adding VLAN 0 to HW filter on device team0
[  795.552250][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  795.552398][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  795.558985][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  795.559088][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  795.654481][ T9688] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  796.242101][ T9688] 8021q: adding VLAN 0 to HW filter on device batadv0
[  797.036527][ T9688] veth0_vlan: entered promiscuous mode
[  797.092923][ T9688] veth1_vlan: entered promiscuous mode
[  797.204811][T10473] loop6: detected capacity change from 0 to 63
[  797.222564][ T9688] veth0_macvtap: entered promiscuous mode
[  797.237520][T10473] buffer_io_error: 10 callbacks suppressed
[  797.237538][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.258828][ T9688] veth1_macvtap: entered promiscuous mode
[  797.280614][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.305627][T10476] mkiss: ax0: crc mode is auto.
[  797.339410][ T9688] batman_adv: batadv0: Interface activated: batadv_slave_0
[  797.347076][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.358238][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.371053][ T9688] batman_adv: batadv0: Interface activated: batadv_slave_1
[  797.408687][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.430152][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.444666][ T9688] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  797.454635][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.468127][ T9688] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  797.473804][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.490247][ T9688] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  797.491044][T10473] ldm_validate_partition_table(): Disk read failed.
[  797.501136][ T9688] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  797.529464][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.529575][T10473] Buffer I/O error on dev loop6, logical block 0, async page read
[  797.529800][T10473] Dev loop6: unable to read RDB block 0
[  797.530243][T10473]  loop6: unable to read partition table
[  797.537508][T10473] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  797.976538][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  797.976592][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  798.036515][T10537] input: syz1 as /devices/virtual/input/input156
[  798.037964][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  798.037985][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  798.568615][T10564] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  798.571598][T10564] input: syz1 as /devices/virtual/input/input157
[  798.856900][T10585] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  799.181539][T10608] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  800.041331][T10647] kvm: kvm [10645]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x500000000a1a9
[  800.088599][T10647] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  800.450985][T10688] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  801.047874][ T1099] Bluetooth: hci4: Frame reassembly failed (-90)
[  801.791262][T10757] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  802.144140][    C1] sd 0:0:1:0: [sda] tag#4224 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  802.154708][    C1] sd 0:0:1:0: [sda] tag#4224 CDB: Read(6) 08 00 00 00 85 f0
[  803.095841][T31741] Bluetooth: hci4: command 0x1003 tx timeout
[  803.102753][ T5159] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  803.592334][T10832] tun0: tun_chr_ioctl cmd 1074025676
[  803.605167][T10832] tun0: owner set to 0
[  805.610696][T10927] usb usb9: usbfs: process 10927 (syz.5.5122) did not claim interface 0 before use
[  805.730227][T10930] sp0: Synchronizing with TNC
[  806.220694][T10962] input: syz1 as /devices/virtual/input/input158
[  806.838988][T10982] mkiss: ax0: crc mode is auto.
[  808.512712][T11061] vivid-000: disconnect
[  808.529124][T11060] vivid-000: reconnect
[  808.628594][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  808.635141][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  809.081953][T11086] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  810.609743][T11177] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  811.072061][T11187] loop6: detected capacity change from 0 to 524287487
[  811.091504][T11187] buffer_io_error: 11 callbacks suppressed
[  811.091522][T11187] Buffer I/O error on dev loop6, logical block 0, async page read
[  811.132682][   T30] audit: type=1804 audit(1750394498.888:26): pid=11203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5171" name="/newroot/372/cgroup.controllers" dev="tmpfs" ino=1921 res=1 errno=0
[  811.200320][   T30] audit: type=1800 audit(1750394498.888:27): pid=11203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5171" name="cgroup.controllers" dev="tmpfs" ino=1921 res=0 errno=0
[  811.243200][   T30] audit: type=1800 audit(1750394498.888:28): pid=11205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5171" name="cgroup.controllers" dev="tmpfs" ino=1921 res=0 errno=0
[  811.247476][T11197] loop6: detected capacity change from 524287487 to 0
[  811.268401][T11187] Buffer I/O error on dev loop6, logical block 0, async page read
[  811.282969][T11187] ldm_validate_partition_table(): Disk read failed.
[  811.292511][T11187] Dev loop6: unable to read RDB block 0
[  811.303661][T11187]  loop6: unable to read partition table
[  811.309982][T11187] loop6: partition table beyond EOD, truncated
[  811.341353][T11210] binder: 11209:11210 ioctl 40046210 ffffffffffffffff returned -14
[  811.368380][T11187] loop_reread_partitions: partition scan of loop6 (™^L‹¦øíA;åó§Èb»ö@’†�Ö”:B‚w¾<ØÈgønf.-Ó‘†³.àië�í>^.¾dDd—Â) failed (rc=-5)
[  811.465659][T11215] input: syz1 as /devices/virtual/input/input160
[  811.909945][T11240] sp0: Synchronizing with TNC
[  812.477478][T11265] QAT: failed to copy from user cfg_data.
[  813.016184][T11286] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  813.618868][T11319] snd_dummy snd_dummy.0: control 1:254:0:syz0:32 is already present
[  814.188005][T11333] tap0: tun_chr_ioctl cmd 1074025677
[  814.203611][T11333] tap0: linktype set to 776
[  814.209521][T11346] syz.5.5195: attempt to access beyond end of device
[  814.209521][T11346] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  815.973019][T11442] ALSA: mixer_oss: invalid OSS volume ''
[  816.055198][T11444] binder: 11438:11444 ioctl c0306201 2000000003c0 returned -22
[  816.608017][T11471] syz.7.5213: attempt to access beyond end of device
[  816.608017][T11471] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  816.632002][T11473] ALSA: mixer_oss: invalid index 100000
[  816.674121][T11478] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  820.400171][T11764] binder: 11763:11764 ioctl 3b85 200000000280 returned -22
[  825.534027][T11963] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  826.186085][T11982] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  826.768992][T12016] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  826.793683][T12016] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  826.822995][T12016] iommufd_mock iommufd_mock2: Adding to iommu group 2
[  827.537999][T12045] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  829.001198][T12067] tty tty28: ldisc open failed (-12), clearing slot 27
[  831.050276][T12217] kvm: kvm [12213]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x4000000000000001
[  831.523770][T12242] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  831.532269][T12242] QAT: Device 7 not found
[  831.537530][T12242] QAT: Invalid ioctl -1060596699
[  831.542871][T12242] QAT: Invalid ioctl -1070591350
[  831.548254][T12242] QAT: Invalid ioctl 1076408081
[  833.028270][T12351] sp0: Synchronizing with TNC
[  834.408420][T12457] random: crng reseeded on system resumption
[  834.961374][T31741] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  834.963736][T31741] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  834.966319][T31741] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  834.967393][T31741] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  834.968346][T31741] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  834.979942][ T5159] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  834.980691][ T5159] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  834.981847][ T5159] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  834.984746][ T5159] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  834.987392][ T5159] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  835.241373][   T49] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.359820][   T49] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.511567][   T49] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.673208][   T49] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  836.255141][T12468] chnl_net:caif_netlink_parms(): no params data found
[  836.371862][   T49] bridge_slave_1: left allmulticast mode
[  836.371890][   T49] bridge_slave_1: left promiscuous mode
[  836.372167][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  836.518551][   T49] bridge_slave_0: left allmulticast mode
[  836.605826][   T49] bridge_slave_0: left promiscuous mode
[  836.611674][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.015536][ T5159] Bluetooth: hci0: command tx timeout
[  837.995263][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  838.000379][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  838.002473][   T49] bond0 (unregistering): Released all slaves
[  838.331805][T12468] bridge0: port 1(bridge_slave_0) entered blocking state
[  838.348090][T12728] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  838.351236][T12468] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.366689][T12468] bridge_slave_0: entered allmulticast mode
[  838.375288][T12468] bridge_slave_0: entered promiscuous mode
[  838.506512][T12468] bridge0: port 2(bridge_slave_1) entered blocking state
[  838.513722][T12468] bridge0: port 2(bridge_slave_1) entered disabled state
[  838.524449][T12468] bridge_slave_1: entered allmulticast mode
[  838.551173][T12468] bridge_slave_1: entered promiscuous mode
[  838.658293][   T49] hsr_slave_0: left promiscuous mode
[  838.666783][   T49] hsr_slave_1: left promiscuous mode
[  838.682819][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  838.706378][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  838.724716][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  838.752736][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  838.808691][   T49] veth1_macvtap: left promiscuous mode
[  838.814299][   T49] veth0_macvtap: left promiscuous mode
[  838.840179][   T49] veth1_vlan: left promiscuous mode
[  838.851258][   T49] veth0_vlan: left promiscuous mode
[  839.095909][ T5159] Bluetooth: hci0: command tx timeout
[  840.293632][   T49] team0 (unregistering): Port device team_slave_1 removed
[  840.378238][   T49] team0 (unregistering): Port device team_slave_0 removed
[  840.514185][T12798] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  841.175933][ T5159] Bluetooth: hci0: command tx timeout
[  841.278928][T12827] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  841.323536][T12831] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  841.503140][T12839] blktrace: Concurrent blktraces are not allowed on sg0
[  841.520921][T12839] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  841.839995][T12468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  841.877538][T12468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  842.064583][T12890] usb usb8: usbfs: process 12890 (syz.6.5375) did not claim interface 0 before use
[  842.100360][T12468] team0: Port device team_slave_0 added
[  842.149681][T12468] team0: Port device team_slave_1 added
[  842.301243][T12468] batman_adv: batadv0: Adding interface: batadv_slave_0
[  842.310806][T12468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.372097][T12468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  842.410640][T12468] batman_adv: batadv0: Adding interface: batadv_slave_1
[  842.428195][T12468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.485500][T12468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  842.691853][T12468] hsr_slave_0: entered promiscuous mode
[  842.717265][T12468] hsr_slave_1: entered promiscuous mode
[  843.256129][ T5159] Bluetooth: hci0: command tx timeout
[  844.291464][T13161] binder: 13146:13161 ioctl c0306201 2000000003c0 returned -14
[  844.549595][T12468] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  844.599008][T12468] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  844.649581][T13098] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  844.672420][T12468] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  844.702096][T13098] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  844.729701][T12468] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  845.090626][T12468] 8021q: adding VLAN 0 to HW filter on device bond0
[  845.173598][T12468] 8021q: adding VLAN 0 to HW filter on device team0
[  845.235081][ T3030] bridge0: port 1(bridge_slave_0) entered blocking state
[  845.242436][ T3030] bridge0: port 1(bridge_slave_0) entered forwarding state
[  845.298839][ T1117] bridge0: port 2(bridge_slave_1) entered blocking state
[  845.306072][ T1117] bridge0: port 2(bridge_slave_1) entered forwarding state
[  845.493374][T12468] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  845.505273][T12468] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  846.071305][T12468] 8021q: adding VLAN 0 to HW filter on device batadv0
[  846.329804][T13356] input: syz0 as /devices/virtual/input/input162
[  846.408239][T13356] input: failed to attach handler leds to device input162, error: -6
[  847.002334][T12468] veth0_vlan: entered promiscuous mode
[  847.092304][T12468] veth1_vlan: entered promiscuous mode
[  847.227526][T12468] veth0_macvtap: entered promiscuous mode
[  847.247991][T12468] veth1_macvtap: entered promiscuous mode
[  847.299402][T12468] batman_adv: batadv0: Interface activated: batadv_slave_0
[  847.323487][T12468] batman_adv: batadv0: Interface activated: batadv_slave_1
[  847.351672][T12468] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  847.385608][T12468] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  847.407117][T12468] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  847.435479][T12468] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  847.929358][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.929382][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  848.010463][ T2987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  848.010486][ T2987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  848.307090][T13457] support for cryptoloop has been removed.  Use dm-crypt instead.
[  849.307783][T13538] random: crng reseeded on system resumption
[  851.277497][T13610] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  851.294799][T13609] iommufd_mock iommufd_mock0: Adding to iommu group 1
[  851.431956][T13627] CUSE: DEVNAME unspecified
[  853.083524][T13729] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  853.623231][ T3030] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  853.778490][ T3030] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  853.928113][ T3030] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  854.085550][T13765] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  854.146838][ T3030] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  854.296320][ T3034] cgroup: fork rejected by pids controller in /syz5
[  854.631299][ T3030] bridge_slave_1: left allmulticast mode
[  854.642281][ T3030] bridge_slave_1: left promiscuous mode
[  854.664856][ T3030] bridge0: port 2(bridge_slave_1) entered disabled state
[  854.707767][ T3030] bridge_slave_0: left allmulticast mode
[  854.738407][ T3030] bridge_slave_0: left promiscuous mode
[  854.765672][ T3030] bridge0: port 1(bridge_slave_0) entered disabled state
[  855.148562][T31741] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  855.170036][T31741] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  855.179424][T31741] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  855.189378][T31741] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  855.199625][T31741] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  855.239873][ T5159] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  855.255089][ T5159] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  855.270774][ T5159] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  855.281559][T13812] slcan: can't register candev
[  855.288696][ T5159] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  855.292283][T13812] Falling back ldisc for ptm0.
[  855.302693][ T5159] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  855.354245][T13813] slcan: can't register candev
[  855.851252][ T3030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  855.861851][ T3030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  855.872950][ T3030] bond0 (unregistering): Released all slaves
[  856.427497][ T3030] hsr_slave_0: left promiscuous mode
[  856.437034][ T3030] hsr_slave_1: left promiscuous mode
[  856.446230][ T3030] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  856.471164][ T3030] batman_adv: batadv0: Removing interface: batadv_slave_0
[  856.486397][ T3030] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  856.501669][ T3030] batman_adv: batadv0: Removing interface: batadv_slave_1
[  856.547265][ T3030] veth1_macvtap: left promiscuous mode
[  856.552893][ T3030] veth0_macvtap: left promiscuous mode
[  856.558788][ T3030] veth1_vlan: left promiscuous mode
[  856.564151][ T3030] veth0_vlan: left promiscuous mode
[  856.998503][ T5159] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  857.008500][ T5159] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  857.019252][ T5159] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  857.034398][ T5159] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  857.054175][ T5159] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  857.308422][ T3030] team0 (unregistering): Port device team_slave_1 removed
[  857.347882][ T3030] team0 (unregistering): Port device team_slave_0 removed
[  857.419908][T31741] Bluetooth: hci1: command tx timeout
[  857.438049][T13902] Falling back ldisc for ttyprintk.
[  858.411656][T13805] chnl_net:caif_netlink_parms(): no params data found
[  858.863767][T13805] bridge0: port 1(bridge_slave_0) entered blocking state
[  858.871819][T13805] bridge0: port 1(bridge_slave_0) entered disabled state
[  858.880842][T13805] bridge_slave_0: entered allmulticast mode
[  858.892702][T13805] bridge_slave_0: entered promiscuous mode
[  858.914004][T13805] bridge0: port 2(bridge_slave_1) entered blocking state
[  858.944512][T13805] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.965946][T13805] bridge_slave_1: entered allmulticast mode
[  858.973711][T13805] bridge_slave_1: entered promiscuous mode
[  859.098954][T31741] Bluetooth: hci3: command tx timeout
[  859.192381][ T3030] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.240373][T13805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  859.339609][T13805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  859.418758][T13911] chnl_net:caif_netlink_parms(): no params data found
[  859.464360][ T3030] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.505594][T31741] Bluetooth: hci1: command tx timeout
[  859.523458][T13805] team0: Port device team_slave_0 added
[  859.558653][T13805] team0: Port device team_slave_1 added
[  859.712305][ T3030] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.754409][T13805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  859.763468][T13805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  859.790844][T13805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  859.931029][ T3030] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.998258][T13805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  860.005477][T13805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  860.036356][T14300] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  860.067935][T13805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  860.236789][T13911] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.257981][T13911] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.265228][T13911] bridge_slave_0: entered allmulticast mode
[  860.309157][T13911] bridge_slave_0: entered promiscuous mode
[  860.326937][T13911] bridge0: port 2(bridge_slave_1) entered blocking state
[  860.334192][T13911] bridge0: port 2(bridge_slave_1) entered disabled state
[  860.361188][T13911] bridge_slave_1: entered allmulticast mode
[  860.377372][T13911] bridge_slave_1: entered promiscuous mode
[  860.514450][T13911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  860.584105][T13911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  860.684100][T13805] hsr_slave_0: entered promiscuous mode
[  860.702577][T13805] hsr_slave_1: entered promiscuous mode
[  860.714543][T13805] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  860.729548][T13805] Cannot create hsr debugfs directory
[  860.840632][T13911] team0: Port device team_slave_0 added
[  860.883742][T14299] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  860.893800][T14299] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  860.937030][T13911] team0: Port device team_slave_1 added
[  860.939178][T14299] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  860.982956][T14299] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  861.004818][T14299] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  861.057264][T14299] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  861.137742][T13911] batman_adv: batadv0: Adding interface: batadv_slave_0
[  861.144731][T13911] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  861.214039][T13911] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  861.253255][T13911] batman_adv: batadv0: Adding interface: batadv_slave_1
[  861.275703][T13911] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  861.342059][T13911] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  861.525582][ T3030] bridge_slave_1: left allmulticast mode
[  861.531344][ T3030] bridge_slave_1: left promiscuous mode
[  861.554504][ T3030] bridge0: port 2(bridge_slave_1) entered disabled state
[  861.573670][ T3030] bridge_slave_0: left allmulticast mode
[  861.585425][ T3030] bridge_slave_0: left promiscuous mode
[  861.601779][ T3030] bridge0: port 1(bridge_slave_0) entered disabled state
[  861.880806][T14538] nvme_fabrics: missing parameter 'transport=%s'
[  861.891010][T14538] nvme_fabrics: missing parameter 'nqn=%s'
[  862.216791][T31741] Bluetooth: hci1: command 0x0419 tx timeout
[  862.444402][T14569] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  862.566667][ T3030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  862.586978][ T3030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  862.603066][ T3030] bond0 (unregistering): Released all slaves
[  862.816149][T13911] hsr_slave_0: entered promiscuous mode
[  862.822849][T13911] hsr_slave_1: entered promiscuous mode
[  862.846992][T13911] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  862.854608][T13911] Cannot create hsr debugfs directory
[  863.017443][T31741] Bluetooth: hci3: command 0x040f tx timeout
[  863.260776][T14679] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  863.278683][T14679] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  864.058577][T14671] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  864.085443][T14671] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  864.128481][T14671] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  864.134434][T14671] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  864.314596][ T3030] hsr_slave_0: left promiscuous mode
[  864.380472][ T3030] hsr_slave_1: left promiscuous mode
[  864.401423][ T3030] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  864.411846][ T3030] batman_adv: batadv0: Removing interface: batadv_slave_0
[  864.416447][T14805] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  864.436238][ T3030] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  864.443697][ T3030] batman_adv: batadv0: Removing interface: batadv_slave_1
[  864.480430][ T3030] veth1_macvtap: left promiscuous mode
[  864.498594][ T3030] veth0_macvtap: left promiscuous mode
[  864.514380][ T3030] veth1_vlan: left promiscuous mode
[  864.525704][ T3030] veth0_vlan: left promiscuous mode
[  865.721843][ T3030] team0 (unregistering): Port device team_slave_1 removed
[  865.802598][ T3030] team0 (unregistering): Port device team_slave_0 removed
[  866.967532][T13805] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  867.037269][T13805] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  867.213714][T13805] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  867.283926][T13805] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  868.038466][T13911] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  868.063531][T13805] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.082775][T13911] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  868.113141][T13911] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  868.141506][T13911] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  868.177606][T13805] 8021q: adding VLAN 0 to HW filter on device team0
[  868.220900][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  868.228148][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  868.343065][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.350934][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  868.619905][T13911] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.668553][T13911] 8021q: adding VLAN 0 to HW filter on device team0
[  868.731717][ T3030] bridge0: port 1(bridge_slave_0) entered blocking state
[  868.738911][ T3030] bridge0: port 1(bridge_slave_0) entered forwarding state
[  868.844279][ T1099] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.851510][ T1099] bridge0: port 2(bridge_slave_1) entered forwarding state
[  869.300450][T13805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  869.345482][T14922] psmouse serio16: Failed to reset mouse on : -5
[  869.487974][T13911] 8021q: adding VLAN 0 to HW filter on device batadv0
[  870.064300][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  870.074075][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  870.104930][T13805] veth0_vlan: entered promiscuous mode
[  870.134081][T13805] veth1_vlan: entered promiscuous mode
[  870.187187][T13911] veth0_vlan: entered promiscuous mode
[  870.217437][T13911] veth1_vlan: entered promiscuous mode
[  870.262583][T13805] veth0_macvtap: entered promiscuous mode
[  870.281945][T13805] veth1_macvtap: entered promiscuous mode
[  870.331369][T13911] veth0_macvtap: entered promiscuous mode
[  870.366333][T13911] veth1_macvtap: entered promiscuous mode
[  870.389617][T13805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  870.411621][T13805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  870.471624][T13805] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  870.488798][T13805] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  870.499635][T13805] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  870.510256][T13805] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  870.567723][T13911] batman_adv: batadv0: Interface activated: batadv_slave_0
[  870.602331][T13911] batman_adv: batadv0: Interface activated: batadv_slave_1
[  870.638895][T13911] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  870.665911][T13911] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  870.685219][T13911] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  870.705635][T13911] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  870.950019][ T2987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  870.979566][ T2987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  871.020151][ T2987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  871.048112][ T2987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  871.081946][ T2987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  871.095929][ T2987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  871.134141][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  871.153414][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  871.364100][T15082] random: crng reseeded on system resumption
[  872.248923][T15127] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  873.164941][T15156] input: syz1 as /devices/virtual/input/input168
[  873.335500][T14922] misc userio: Buffer overflowed, userio client isn't keeping up
[  874.409083][T14922] input: PS/2 Generic Mouse as /devices/serio16/input/input165
[  874.636441][T14922] psmouse serio16: Failed to enable mouse on 
[  875.873374][T15294] binder: 15288:15294 ioctl c0306201 2000000003c0 returned -14
[  877.224972][T15350] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  879.482930][T15421] kvm: user requested TSC rate below hardware speed
[  879.484029][T15421] kvm: user requested TSC rate below hardware speed
[  879.487883][T15421] kvm: user requested TSC rate below hardware speed
[  879.492229][T15421] kvm: user requested TSC rate below hardware speed
[  879.496197][T15421] kvm: user requested TSC rate below hardware speed
[  879.497160][T15421] kvm: user requested TSC rate below hardware speed
[  879.501462][T15421] kvm: user requested TSC rate below hardware speed
[  879.504879][T15421] kvm: user requested TSC rate below hardware speed
[  879.510525][T15421] kvm: user requested TSC rate below hardware speed
[  879.514909][T15421] kvm: user requested TSC rate below hardware speed
[  879.792593][T15427] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  880.206439][T15433] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  880.285265][T15433] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  880.699500][T15459] syz.7.5552: attempt to access beyond end of device
[  880.699500][T15459] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  881.477246][T15510] sp0: Synchronizing with TNC
[  882.838928][T15557] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  883.407686][T15583] vivid-001: disconnect
[  883.564525][T15583] vivid-001: reconnect
[  883.859746][T15621] syz.7.5581: attempt to access beyond end of device
[  883.859746][T15621] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  884.905752][T15673] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  884.924279][T15673] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  885.222991][T15700] loop8: detected capacity change from 0 to 7
[  885.255860][T15700] Dev loop8: unable to read RDB block 7
[  885.271737][T15700]  loop8: unable to read partition table
[  885.282555][T15700] loop8: partition table beyond EOD, truncated
[  885.300470][T15700] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[  885.944688][   T30] audit: type=1400 audit(1750394573.698:29): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="[" pid=15746 comm="syz.7.5601"
[  886.002119][T15749] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  886.112200][T15745] input: syz1 as /devices/virtual/input/input174
[  886.795815][T15772] syz.4.5604: attempt to access beyond end of device
[  886.795815][T15772] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  887.057324][T15804] binder: 15802:15804 ioctl c018620b 9999999999999999 returned -14
[  888.233965][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.252324][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.263381][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.277073][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.284869][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.293915][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.301836][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.309978][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.322295][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.332843][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.343818][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.351709][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.363344][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.371433][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.382391][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.393114][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.404064][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.412360][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.423348][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.442206][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.450160][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.461112][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.469145][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.480010][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.487824][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.498782][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.506650][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.514330][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.525875][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.533563][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.552287][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.561174][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.571841][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.580726][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.607510][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.628841][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.661189][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.705980][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.709796][   T30] audit: type=1400 audit(1750394576.468:30): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=15910 comm="syz.6.5624"
[  888.713420][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.713448][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.746852][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.754410][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.762159][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.803203][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.818495][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.838427][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.858587][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.871182][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.891623][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.915478][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.925413][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.932855][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.958327][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.975420][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  888.993106][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.003220][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.023474][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.033587][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.053820][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.063931][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.083891][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.102291][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.132922][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.155433][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.165452][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.172960][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.195417][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.203043][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.221426][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.235548][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.245464][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.252905][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.295410][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.302858][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.326649][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.334107][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.365510][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.372957][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.388658][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.448411][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.467997][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.485563][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.493006][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.515436][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.522888][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.560938][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.576631][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.584084][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.605450][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.613225][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.635461][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.642914][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.675969][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.683415][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.706274][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.713767][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.721782][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.735964][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.743407][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.825708][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.833171][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.859357][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.877138][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.884590][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.895799][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.905131][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.922305][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.930607][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.940743][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.949546][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.961075][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  889.983434][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.011948][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.032209][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.050600][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.061783][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.079644][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.096422][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.111535][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129640][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129672][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129696][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129719][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129743][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129767][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129790][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129813][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129835][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129858][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129880][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129905][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129928][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129952][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.129977][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130002][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130027][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130051][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130073][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130096][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130117][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130140][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130163][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130192][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130215][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130237][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130260][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130283][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130306][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130328][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130350][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130373][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130394][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130418][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130442][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130465][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130490][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130514][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130537][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130561][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130585][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130609][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130633][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130658][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130682][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130707][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130732][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130754][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130777][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130798][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130822][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130845][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130868][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130890][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130914][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130937][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130960][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.130983][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.131006][ T5925] hid-generic 0004:0005:044B.000E: unknown main item tag 0x0
[  890.161909][ T5925] hid-generic 0004:0005:044B.000E: hidraw0: <UNKNOWN> HID vf.ff Device [syz0] on syz1
[  890.299124][T15964] fido_id[15964]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  890.520323][T15978] vivid-000: disconnect
[  890.827980][T15984] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  891.020399][T15974] vivid-000: reconnect
[  891.593809][T16005] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  891.646045][T16005] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2
[  891.658651][   T49] Bluetooth: hci4: Frame reassembly failed (-84)
[  892.758819][T16021] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  893.210215][T16043] syz.7.5647: attempt to access beyond end of device
[  893.210215][T16043] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  893.655511][T31741] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  894.831955][T16091] block device autoloading is deprecated and will be removed.
[  894.832112][T16091] syz.6.5655: attempt to access beyond end of device
[  894.832112][T16091] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  895.595266][   T30] audit: type=1804 audit(1750394583.348:31): pid=16122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.5662" name="/newroot/49/cgroup.controllers" dev="tmpfs" ino=265 res=1 errno=0
[  895.617568][    C0] vkms_vblank_simulate: vblank timer overrun
[  895.669627][   T30] audit: type=1800 audit(1750394583.348:32): pid=16122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5662" name="cgroup.controllers" dev="tmpfs" ino=265 res=0 errno=0
[  895.735421][   T30] audit: type=1804 audit(1750394583.358:33): pid=16128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.5662" name="/newroot/49/cgroup.controllers" dev="tmpfs" ino=265 res=1 errno=0
[  897.070160][T16170] input: syz1 as /devices/virtual/input/input176
[  897.315492][    C0] vkms_vblank_simulate: vblank timer overrun
[  897.522608][ T2987] Bluetooth: hci4: Frame reassembly failed (-84)
[  897.540972][T16203] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  898.101153][T16221] loop6: detected capacity change from 0 to 524287999
[  898.535966][T16241] blktrace: Concurrent blktraces are not allowed on rnullb0
[  899.580167][ T5159] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  902.722980][T16496] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  902.955013][ T1099] Bluetooth: hci4: Frame reassembly failed (-84)
[  902.965902][T16505] syz.7.5705: attempt to access beyond end of device
[  902.965902][T16505] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  905.015472][T31741] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  905.022422][ T5159] Bluetooth: hci4: command 0x1003 tx timeout
[  905.241699][T16621] input: syz1 as /devices/virtual/input/input177
[  905.251532][T16621] input: failed to attach handler leds to device input177, error: -6
[  905.365705][T16621] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  908.070199][T16823] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  909.378739][T16886] syz.6.5744: attempt to access beyond end of device
[  909.378739][T16886] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  910.341569][T16941] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  910.798744][T17002] Invalid logical block size (5)
[  913.296735][T17156] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  913.957467][T17197] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  914.633240][T17233] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  914.731389][T17248] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  914.844792][T17253] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  915.117563][T17275] random: crng reseeded on system resumption
[  916.234215][T17315] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  917.062856][T17368] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  918.171071][T17434] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  918.665965][T17454] random: crng reseeded on system resumption
[  919.069465][T17478] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  920.988100][T17579] syz.4.5842: attempt to access beyond end of device
[  920.988100][T17579] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  921.517924][T17608] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  923.015823][T31741] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  924.681162][T17739] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  924.704684][T17738] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  925.062314][T17762] vim2m vim2m.0: Fourcc format (0x31384142) invalid.
[  925.621844][T17774] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4093662463 (4093662463 ns) > initial count (1099723850 ns). Using initial count to start timer.
[  925.930875][T17794] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  926.714526][T17810] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[  927.831560][T17919] program syz.7.5894 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  927.899816][T17919] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  928.149665][T17967] binder: BINDER_SET_CONTEXT_MGR already set
[  928.173029][T17967] binder: 17966:17967 ioctl 40046207 0 returned -16
[  928.587736][T18017] vivid-001: =================  START STATUS  =================
[  928.639109][T18017] vivid-001: Radio HW Seek Mode: Bounded
[  928.644974][T18017] vivid-001: Radio Programmable HW Seek: false
[  928.651863][T18017] vivid-001: RDS Rx I/O Mode: Block I/O
[  928.658199][T18017] vivid-001: Generate RBDS Instead of RDS: false
[  928.664644][T18017] vivid-001: RDS Reception: true
[  928.679492][T18017] vivid-001: RDS Program Type: 0 inactive
[  928.685669][T18017] vivid-001: RDS PS Name:  inactive
[  928.691044][T18017] vivid-001: RDS Radio Text:  inactive
[  928.727824][T18017] vivid-001: RDS Traffic Announcement: false inactive
[  928.778776][T18017] vivid-001: RDS Traffic Program: false inactive
[  928.787167][T18017] vivid-001: RDS Music: false inactive
[  928.792708][T18017] vivid-001: ==================  END STATUS  ==================
[  928.934129][T18031] dlm: no local IP address has been set
[  928.969822][T18031] dlm: cannot start dlm midcomms -107
[  928.987139][T18036] ALSA: seq fatal error: cannot create timer (-22)
[  929.773352][T18066] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  929.944417][T18084] input: syz1 as /devices/virtual/input/input181
[  930.264887][T18094] usb usb8: usbfs: process 18094 (syz.6.5912) did not claim interface 0 before use
[  930.831267][T18115] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  931.513553][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  931.525208][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  931.855179][T18178] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  932.080661][T18192] input input182: cannot allocate more than FF_MAX_EFFECTS effects
[  933.080568][T18234] qrtr: Invalid version 6
[  934.523791][T18407] program syz.7.5945 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  934.526890][T18406] program syz.7.5945 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  935.059407][T18421] random: crng reseeded on system resumption
[  935.234655][T18424] input: syz1 as /devices/virtual/input/input183
[  936.017364][T18456] FAULT_INJECTION: forcing a failure.
[  936.017364][T18456] name failslab, interval 1, probability 0, space 0, times 0
[  936.017450][T18456] CPU: 0 UID: 0 PID: 18456 Comm: syz.6.5955 Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[  936.017471][T18456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  936.017482][T18456] Call Trace:
[  936.017490][T18456]  <TASK>
[  936.017497][T18456]  dump_stack_lvl+0x189/0x250
[  936.017525][T18456]  ? __pfx____ratelimit+0x10/0x10
[  936.017551][T18456]  ? __pfx_dump_stack_lvl+0x10/0x10
[  936.017570][T18456]  ? __pfx__printk+0x10/0x10
[  936.017595][T18456]  ? __pfx___might_resched+0x10/0x10
[  936.017614][T18456]  ? fs_reclaim_acquire+0x7d/0x100
[  936.017642][T18456]  should_fail_ex+0x414/0x560
[  936.017668][T18456]  should_failslab+0xa8/0x100
[  936.017692][T18456]  __kmalloc_cache_noprof+0x70/0x3d0
[  936.017712][T18456]  ? vhost_task_create+0xf6/0x290
[  936.017736][T18456]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  936.017753][T18456]  vhost_task_create+0xf6/0x290
[  936.017775][T18456]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  936.017794][T18456]  ? __pfx_vhost_task_create+0x10/0x10
[  936.017823][T18456]  ? __pfx_vhost_task_fn+0x10/0x10
[  936.017854][T18456]  ? kasan_save_track+0x4f/0x80
[  936.017871][T18456]  ? kasan_save_track+0x3e/0x80
[  936.017895][T18456]  kvm_mmu_post_init_vm+0x147/0x2b0
[  936.017918][T18456]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  936.017948][T18456]  ? __mutex_trylock_common+0x153/0x260
[  936.017971][T18456]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  936.017997][T18456]  ? rcu_is_watching+0x15/0xb0
[  936.018017][T18456]  ? look_up_lock_class+0x74/0x170
[  936.018035][T18456]  ? register_lock_class+0x51/0x320
[  936.018059][T18456]  ? __lock_acquire+0xab9/0xd20
[  936.018107][T18456]  kvm_vcpu_ioctl+0x95c/0xe90
[  936.018145][T18456]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  936.018162][T18456]  ? __lock_acquire+0xab9/0xd20
[  936.018200][T18456]  ? __fget_files+0x2a/0x420
[  936.018226][T18456]  ? __fget_files+0x2a/0x420
[  936.018247][T18456]  ? __fget_files+0x3a0/0x420
[  936.018268][T18456]  ? __fget_files+0x2a/0x420
[  936.018293][T18456]  ? bpf_lsm_file_ioctl+0x9/0x20
[  936.018312][T18456]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  936.018332][T18456]  __se_sys_ioctl+0xfc/0x170
[  936.018355][T18456]  do_syscall_64+0xfa/0x3b0
[  936.018372][T18456]  ? lockdep_hardirqs_on+0x9c/0x150
[  936.018402][T18456]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.018419][T18456]  ? clear_bhb_loop+0x60/0xb0
[  936.018441][T18456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.018457][T18456] RIP: 0033:0x7fe30778e929
[  936.018475][T18456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  936.018490][T18456] RSP: 002b:00007fe3055f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  936.018509][T18456] RAX: ffffffffffffffda RBX: 00007fe3079b5fa0 RCX: 00007fe30778e929
[  936.018522][T18456] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  936.018533][T18456] RBP: 00007fe3055f6090 R08: 0000000000000000 R09: 0000000000000000
[  936.018544][T18456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  936.018555][T18456] R13: 0000000000000000 R14: 00007fe3079b5fa0 R15: 00007ffefb17b608
[  936.018585][T18456]  </TASK>
[  936.781280][T18451] tty tty3: ldisc open failed (-12), clearing slot 2
[  937.067760][T18498] program syz.4.5962 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  937.078684][T18497] program syz.4.5962 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  937.520708][T18511] FAULT_INJECTION: forcing a failure.
[  937.520708][T18511] name failslab, interval 1, probability 0, space 0, times 0
[  937.535172][T18511] CPU: 0 UID: 0 PID: 18511 Comm: syz.7.5965 Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[  937.535200][T18511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  937.535212][T18511] Call Trace:
[  937.535221][T18511]  <TASK>
[  937.535229][T18511]  dump_stack_lvl+0x189/0x250
[  937.535256][T18511]  ? __pfx____ratelimit+0x10/0x10
[  937.535284][T18511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  937.535307][T18511]  ? __pfx__printk+0x10/0x10
[  937.535335][T18511]  ? __pfx___might_resched+0x10/0x10
[  937.535353][T18511]  ? fs_reclaim_acquire+0x7d/0x100
[  937.535379][T18511]  should_fail_ex+0x414/0x560
[  937.535402][T18511]  should_failslab+0xa8/0x100
[  937.535424][T18511]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  937.535442][T18511]  ? dup_task_struct+0x52/0x860
[  937.535462][T18511]  dup_task_struct+0x52/0x860
[  937.535479][T18511]  ? lockdep_hardirqs_on+0x9c/0x150
[  937.535503][T18511]  copy_process+0x54b/0x3c00
[  937.535546][T18511]  ? __pfx_copy_process+0x10/0x10
[  937.535575][T18511]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  937.535589][T18511]  vhost_task_create+0x1c4/0x290
[  937.535609][T18511]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  937.535625][T18511]  ? __pfx_vhost_task_create+0x10/0x10
[  937.535653][T18511]  ? __pfx_vhost_task_fn+0x10/0x10
[  937.535683][T18511]  ? kasan_save_track+0x4f/0x80
[  937.535697][T18511]  ? kasan_save_track+0x3e/0x80
[  937.535719][T18511]  kvm_mmu_post_init_vm+0x147/0x2b0
[  937.535741][T18511]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  937.535767][T18511]  ? __mutex_trylock_common+0x153/0x260
[  937.535791][T18511]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  937.535816][T18511]  ? rcu_is_watching+0x15/0xb0
[  937.535834][T18511]  ? look_up_lock_class+0x74/0x170
[  937.535851][T18511]  ? register_lock_class+0x51/0x320
[  937.535872][T18511]  ? __lock_acquire+0xab9/0xd20
[  937.535913][T18511]  kvm_vcpu_ioctl+0x95c/0xe90
[  937.535938][T18511]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  937.535954][T18511]  ? __lock_acquire+0xab9/0xd20
[  937.535989][T18511]  ? __fget_files+0x2a/0x420
[  937.536013][T18511]  ? __fget_files+0x2a/0x420
[  937.536033][T18511]  ? __fget_files+0x3a0/0x420
[  937.536053][T18511]  ? __fget_files+0x2a/0x420
[  937.536078][T18511]  ? bpf_lsm_file_ioctl+0x9/0x20
[  937.536096][T18511]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  937.536114][T18511]  __se_sys_ioctl+0xfc/0x170
[  937.536136][T18511]  do_syscall_64+0xfa/0x3b0
[  937.536151][T18511]  ? lockdep_hardirqs_on+0x9c/0x150
[  937.536172][T18511]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.536187][T18511]  ? clear_bhb_loop+0x60/0xb0
[  937.536207][T18511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.536223][T18511] RIP: 0033:0x7f7a9df8e929
[  937.536240][T18511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  937.536254][T18511] RSP: 002b:00007f7a9ed7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  937.536273][T18511] RAX: ffffffffffffffda RBX: 00007f7a9e1b5fa0 RCX: 00007f7a9df8e929
[  937.536284][T18511] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  937.536294][T18511] RBP: 00007f7a9ed7b090 R08: 0000000000000000 R09: 0000000000000000
[  937.536305][T18511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  937.536324][T18511] R13: 0000000000000000 R14: 00007f7a9e1b5fa0 R15: 00007fff71dc8188
[  937.536351][T18511]  </TASK>
[  938.342533][T18528] [U] ^C
[  938.614096][T18545] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  939.864483][T18605] AppArmor: change_hat: Invalid input ''
[  940.387163][T18634] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  941.552248][T18682] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  942.032229][T18722] FAULT_INJECTION: forcing a failure.
[  942.032229][T18722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  942.080239][T18722] CPU: 0 UID: 0 PID: 18722 Comm: syz.4.5998 Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[  942.080264][T18722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  942.080274][T18722] Call Trace:
[  942.080282][T18722]  <TASK>
[  942.080289][T18722]  dump_stack_lvl+0x189/0x250
[  942.080311][T18722]  ? __pfx____ratelimit+0x10/0x10
[  942.080333][T18722]  ? __pfx_dump_stack_lvl+0x10/0x10
[  942.080350][T18722]  ? __pfx__printk+0x10/0x10
[  942.080369][T18722]  ? __might_fault+0xb0/0x130
[  942.080398][T18722]  should_fail_ex+0x414/0x560
[  942.080424][T18722]  __kvm_read_guest_page+0x18d/0x240
[  942.080449][T18722]  kvm_read_guest+0x75/0x150
[  942.080473][T18722]  kvm_hv_setup_tsc_page+0x166/0xa70
[  942.080494][T18722]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.080517][T18722]  ? kvm_guest_time_update+0x149/0xd70
[  942.080536][T18722]  ? seqcount_lockdep_reader_access+0x174/0x1c0
[  942.080556][T18722]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  942.080576][T18722]  ? __pfx_kvm_hv_setup_tsc_page+0x10/0x10
[  942.080609][T18722]  kvm_guest_time_update+0x8fe/0xd70
[  942.080644][T18722]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  942.080662][T18722]  ? queue_delayed_work_on+0x11a/0x280
[  942.080683][T18722]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.080706][T18722]  ? queue_delayed_work_on+0x1f7/0x280
[  942.080729][T18722]  ? kvm_end_pvclock_update+0x2c4/0x3b0
[  942.080752][T18722]  ? __pfx_queue_delayed_work_on+0x10/0x10
[  942.080773][T18722]  ? pvclock_update_vm_gtod_copy+0x3c9/0x690
[  942.080803][T18722]  vcpu_run+0x1396/0x6f70
[  942.080909][T18722]  ? __pfx_vcpu_run+0x10/0x10
[  942.080937][T18722]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  942.080967][T18722]  ? rcu_is_watching+0x15/0xb0
[  942.080990][T18722]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  942.081021][T18722]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  942.081042][T18722]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  942.081067][T18722]  ? rcu_is_watching+0x15/0xb0
[  942.081085][T18722]  ? look_up_lock_class+0x74/0x170
[  942.081103][T18722]  ? register_lock_class+0x51/0x320
[  942.081126][T18722]  ? __lock_acquire+0xab9/0xd20
[  942.081174][T18722]  kvm_vcpu_ioctl+0x95c/0xe90
[  942.081202][T18722]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  942.081220][T18722]  ? __lock_acquire+0xab9/0xd20
[  942.081257][T18722]  ? __fget_files+0x2a/0x420
[  942.081283][T18722]  ? __fget_files+0x2a/0x420
[  942.081303][T18722]  ? __fget_files+0x3a0/0x420
[  942.081324][T18722]  ? __fget_files+0x2a/0x420
[  942.081349][T18722]  ? bpf_lsm_file_ioctl+0x9/0x20
[  942.081367][T18722]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  942.081387][T18722]  __se_sys_ioctl+0xfc/0x170
[  942.081409][T18722]  do_syscall_64+0xfa/0x3b0
[  942.081425][T18722]  ? lockdep_hardirqs_on+0x9c/0x150
[  942.081448][T18722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.081465][T18722]  ? clear_bhb_loop+0x60/0xb0
[  942.081491][T18722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.081507][T18722] RIP: 0033:0x7f1a2b38e929
[  942.081524][T18722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  942.081538][T18722] RSP: 002b:00007f1a2c11e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  942.081558][T18722] RAX: ffffffffffffffda RBX: 00007f1a2b5b5fa0 RCX: 00007f1a2b38e929
[  942.081571][T18722] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  942.081582][T18722] RBP: 00007f1a2c11e090 R08: 0000000000000000 R09: 0000000000000000
[  942.081593][T18722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  942.081604][T18722] R13: 0000000000000000 R14: 00007f1a2b5b5fa0 R15: 00007fffa3c852f8
[  942.081633][T18722]  </TASK>
[  943.314825][T18762] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  943.900578][T18787] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  943.961583][T31741] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  944.009975][T31741] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  944.018777][T31741] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  944.028546][T31741] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  944.040482][T31741] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  944.058000][ T5159] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  944.067924][ T5159] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  944.076274][ T5159] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  944.087681][ T5159] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  944.097010][ T5159] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  944.290476][ T1099] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  944.518512][ T1099] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  944.562906][T18835] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  944.661927][ T1099] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  944.844828][ T1099] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  945.264294][T18964] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  945.393203][T18793] chnl_net:caif_netlink_parms(): no params data found
[  945.601315][ T1099] bridge_slave_1: left allmulticast mode
[  945.616867][ T1099] bridge_slave_1: left promiscuous mode
[  945.625851][T18983] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  945.628895][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[  945.707460][ T1099] bridge_slave_0: left allmulticast mode
[  945.721240][ T1099] bridge_slave_0: left promiscuous mode
[  945.924290][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[  946.139042][T31741] Bluetooth: hci2: command tx timeout
[  946.693511][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  946.704322][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  946.716667][ T1099] bond0 (unregistering): Released all slaves
[  946.766808][T19026] mkiss: ax0: crc mode is auto.
[  946.769278][T18995] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  946.793854][T18995] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  947.142446][T18793] bridge0: port 1(bridge_slave_0) entered blocking state
[  947.155644][T18793] bridge0: port 1(bridge_slave_0) entered disabled state
[  947.163348][T18793] bridge_slave_0: entered allmulticast mode
[  947.177321][T18793] bridge_slave_0: entered promiscuous mode
[  947.221367][T18793] bridge0: port 2(bridge_slave_1) entered blocking state
[  947.247712][T18793] bridge0: port 2(bridge_slave_1) entered disabled state
[  947.257997][T18793] bridge_slave_1: entered allmulticast mode
[  947.269564][T18793] bridge_slave_1: entered promiscuous mode
[  947.460764][T18793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  947.484779][ T1099] hsr_slave_0: left promiscuous mode
[  947.543942][ T1099] hsr_slave_1: left promiscuous mode
[  947.560210][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  947.593499][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[  947.608856][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  947.616887][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[  947.719960][ T1099] veth1_macvtap: left promiscuous mode
[  947.744638][T19148] vivid-000: disconnect
[  947.770846][ T1099] veth0_macvtap: left promiscuous mode
[  947.787602][T19142] input: syz0 as /devices/virtual/input/input185
[  947.802042][ T1099] veth1_vlan: left promiscuous mode
[  947.811986][ T1099] veth0_vlan: left promiscuous mode
[  948.588378][T19145] vivid-000: reconnect
[  950.157477][ T1099] team0 (unregistering): Port device team_slave_1 removed
[  950.298242][T19219] usb usb8: usbfs: process 19219 (syz.5.6031) did not claim interface 0 before use
[  950.360700][T19223] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  950.611088][ T1099] team0 (unregistering): Port device team_slave_0 removed
[  951.301203][T18793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  951.557760][T18793] team0: Port device team_slave_0 added
[  951.577571][T18793] team0: Port device team_slave_1 added
[  951.718146][T18793] batman_adv: batadv0: Adding interface: batadv_slave_0
[  951.725155][T18793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  951.774200][T18793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  951.846198][T18793] batman_adv: batadv0: Adding interface: batadv_slave_1
[  951.869815][T18793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  951.902297][T18793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  951.992987][T19323] ptm ptm2: ldisc open failed (-12), clearing slot 2
[  952.037552][T19340] vivid-000: disconnect
[  952.128056][T19322] dlm: non-version read from control device 2147479552
[  952.172584][T18793] hsr_slave_0: entered promiscuous mode
[  952.179158][T19321] vivid-000: reconnect
[  952.190617][T18793] hsr_slave_1: entered promiscuous mode
[  952.211521][T18793] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  952.231739][T18793] Cannot create hsr debugfs directory
[  952.733009][T19444] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  954.033838][T18793] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  954.101097][T18793] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  954.120759][T18793] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  954.180409][T18793] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  954.196212][T19546] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  954.544030][T18793] 8021q: adding VLAN 0 to HW filter on device bond0
[  954.617613][T18793] 8021q: adding VLAN 0 to HW filter on device team0
[  954.828952][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state
[  954.836177][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state
[  954.875584][ T1099] bridge0: port 2(bridge_slave_1) entered blocking state
[  954.882844][ T1099] bridge0: port 2(bridge_slave_1) entered forwarding state
[  955.582225][T18793] 8021q: adding VLAN 0 to HW filter on device batadv0
[  955.656185][T19599] sp0: Synchronizing with TNC
[  955.807314][T19610] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  956.118139][T19629] serio: Serial port ttynull
[  956.197166][T19637] syz.7.6064: attempt to access beyond end of device
[  956.197166][T19637] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  956.415178][T18793] veth0_vlan: entered promiscuous mode
[  956.442571][T18793] veth1_vlan: entered promiscuous mode
[  956.527631][T18793] veth0_macvtap: entered promiscuous mode
[  956.564211][T18793] veth1_macvtap: entered promiscuous mode
[  956.629260][T18793] batman_adv: batadv0: Interface activated: batadv_slave_0
[  956.662419][T18793] batman_adv: batadv0: Interface activated: batadv_slave_1
[  956.690508][T18793] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  956.720643][T18793] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  956.744631][T18793] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  956.769645][T18793] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  957.029190][ T2987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  957.061784][ T2987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  957.125039][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  957.166632][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  957.853021][T19738] input: syz1 as /devices/virtual/input/input187
[  958.091536][T19765] syz.7.6075: attempt to access beyond end of device
[  958.091536][T19765] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  958.306323][T19780] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  958.570860][T19801] i2c i2c-0: Invalid block write size 254
[  959.414745][T19861] binder: 19860:19861 ioctl c0046209 0 returned -22
[  961.003931][T19856] tty tty30: ldisc open failed (-12), clearing slot 29
[  962.936379][T19980] misc userio: Begin command sent, but we're already running
[  963.342497][T19999] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  965.172442][T20062] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  965.436843][T20079] input: syz1 as /devices/virtual/input/input194
[  969.662684][T20239] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  969.706523][T20240] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  970.111370][T20264] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  970.390756][T20280] CUSE: info not properly terminated
[  970.869696][T20295] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  971.273650][T20307] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  972.644241][T20353] syz.6.6175: attempt to access beyond end of device
[  972.644241][T20353] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  972.719184][T20348] syz.4.6174: attempt to access beyond end of device
[  972.719184][T20348] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  974.754976][T20431] input: syz1 as /devices/virtual/input/input196
[  975.057520][T20447] binfmt_misc: register: failed to install interpreter file ./cgroup
[  976.531611][T20480] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  978.162030][T20526] binder: 20524:20526 ioctl c018620c 200000000380 returned -22
[  980.230154][T20588] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  982.953304][T20681] Sensor A: =================  START STATUS  =================
[  982.968016][T20681] Sensor A: Test Pattern: Horizontal 100% Colorbar
[  982.983369][T20681] Sensor A: Show Information: None
[  982.989256][T20681] Sensor A: Vertical Flip: false
[  982.994348][T20681] Sensor A: Horizontal Flip: false
[  983.002825][T20681] Sensor A: Brightness: 255
[  983.008023][T20681] Sensor A: Contrast: 0
[  983.012242][T20681] Sensor A: Hue: 3
[  983.019668][T20681] Sensor A: Saturation: 128
[  983.024244][T20681] Sensor A: ==================  END STATUS  ==================
[  984.282178][T20704] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  986.026044][T20755] sp0: Synchronizing with TNC
[  986.038384][T20755] sp0: Found TNC
[  986.097543][T20755] [U] è`
[  986.537615][T20476] platform vkms: [drm] *ERROR* [CRTC:39:crtc-0] flip_done timed out
[  986.613028][   T49] Bluetooth: Error in BCSP hdr checksum
[  987.621258][T20844] i2c i2c-0: Invalid block write size 254
[  988.375426][ T5159] Bluetooth: hci4: command 0x1003 tx timeout
[  988.375816][T31741] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  992.941957][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  992.948469][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  995.179548][ T5159] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  995.189276][ T5159] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  995.198578][ T5159] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  995.209174][ T5159] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  995.218168][ T5159] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  995.239350][T31741] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  995.247981][T31741] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  995.258899][T31741] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  995.274153][T31741] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  995.283056][T31741] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  995.512599][T20877] chnl_net:caif_netlink_parms(): no params data found
[  995.601137][T20877] bridge0: port 1(bridge_slave_0) entered blocking state
[  995.609259][T20877] bridge0: port 1(bridge_slave_0) entered disabled state
[  995.619058][T20877] bridge_slave_0: entered allmulticast mode
[  995.627561][T20877] bridge_slave_0: entered promiscuous mode
[  995.635138][T20877] bridge0: port 2(bridge_slave_1) entered blocking state
[  995.642715][T20877] bridge0: port 2(bridge_slave_1) entered disabled state
[  995.650884][T20877] bridge_slave_1: entered allmulticast mode
[  995.658812][T20877] bridge_slave_1: entered promiscuous mode
[  995.696793][T20877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  995.708395][T20877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  995.760867][T20877] team0: Port device team_slave_0 added
[  995.770233][T20877] team0: Port device team_slave_1 added
[  995.805634][T20877] batman_adv: batadv0: Adding interface: batadv_slave_0
[  995.812611][T20877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  995.839628][T20877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  995.852898][T20877] batman_adv: batadv0: Adding interface: batadv_slave_1
[  995.860272][T20877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  995.887196][T20877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  995.948857][T20877] hsr_slave_0: entered promiscuous mode
[  995.955643][T20877] hsr_slave_1: entered promiscuous mode
[  995.961710][T20877] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  995.971542][T20877] Cannot create hsr debugfs directory
[  996.147126][T20877] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  996.157799][T20877] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  996.168877][T20877] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  996.180360][T20877] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  996.209474][T20877] bridge0: port 2(bridge_slave_1) entered blocking state
[  996.217027][T20877] bridge0: port 2(bridge_slave_1) entered forwarding state
[  996.225179][T20877] bridge0: port 1(bridge_slave_0) entered blocking state
[  996.232384][T20877] bridge0: port 1(bridge_slave_0) entered forwarding state
[  996.284913][T20877] 8021q: adding VLAN 0 to HW filter on device bond0
[  996.304178][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  996.314025][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  996.333724][T20877] 8021q: adding VLAN 0 to HW filter on device team0
[  996.354604][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  996.361737][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  996.372215][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  996.379356][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  996.557281][T20877] 8021q: adding VLAN 0 to HW filter on device batadv0
[  996.760141][T20877] veth0_vlan: entered promiscuous mode
[  996.770713][T20877] veth1_vlan: entered promiscuous mode
[  996.782578][T20561] platform vkms: [drm] *ERROR* flip_done timed out
[  996.794058][T20561] platform vkms: [drm] *ERROR* [CRTC:39:crtc-0] commit wait timed out
[  996.817650][T20877] veth0_macvtap: entered promiscuous mode
[  996.828098][T20877] veth1_macvtap: entered promiscuous mode
[  996.844301][T20877] batman_adv: batadv0: Interface activated: batadv_slave_0
[  996.863707][T20877] batman_adv: batadv0: Interface activated: batadv_slave_1
[  996.874956][T20877] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  996.885956][T20877] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  996.894669][T20877] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  996.908147][T20877] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  996.974320][ T3030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  996.986909][ T3030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  997.014895][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  997.024872][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  997.337144][ T5159] Bluetooth: hci4: command tx timeout
[  999.415503][ T5159] Bluetooth: hci4: command tx timeout
[ 1001.496057][ T5159] Bluetooth: hci4: command tx timeout
[ 1003.575537][ T5159] Bluetooth: hci4: command tx timeout
[ 1004.622428][T31741] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1004.641840][T31741] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1004.652289][T31741] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1004.661321][T31741] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1004.678194][T21282] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1004.691778][T21282] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1004.699180][T21282] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1004.713312][ T5159] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1004.734308][ T5159] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1004.742648][ T5159] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1004.756928][ T5845] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1004.774728][ T5845] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1004.785070][ T5845] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1004.797389][ T5845] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1004.809258][ T5845] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1005.407955][T21273] chnl_net:caif_netlink_parms(): no params data found
[ 1005.493135][T21278] chnl_net:caif_netlink_parms(): no params data found
[ 1005.614649][T21286] chnl_net:caif_netlink_parms(): no params data found
[ 1005.634904][T21273] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1005.642512][T21273] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1005.650349][T21273] bridge_slave_0: entered allmulticast mode
[ 1005.658462][T21273] bridge_slave_0: entered promiscuous mode
[ 1005.681584][T21273] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1005.688979][T21273] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1005.696711][T21273] bridge_slave_1: entered allmulticast mode
[ 1005.703696][T21273] bridge_slave_1: entered promiscuous mode
[ 1005.808404][T21273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1005.851329][T21273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1005.870641][T21278] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1005.878119][T21278] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1005.886327][T21278] bridge_slave_0: entered allmulticast mode
[ 1005.893354][T21278] bridge_slave_0: entered promiscuous mode
[ 1005.941336][T21278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1005.949926][T21278] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1005.957939][T21278] bridge_slave_1: entered allmulticast mode
[ 1005.964943][T21278] bridge_slave_1: entered promiscuous mode
[ 1006.008727][T21286] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1006.017384][T21286] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1006.024579][T21286] bridge_slave_0: entered allmulticast mode
[ 1006.033767][T21286] bridge_slave_0: entered promiscuous mode
[ 1006.065933][T21273] team0: Port device team_slave_0 added
[ 1006.072940][T21286] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1006.081166][T21286] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1006.091035][T21286] bridge_slave_1: entered allmulticast mode
[ 1006.098887][T21286] bridge_slave_1: entered promiscuous mode
[ 1006.126997][T21273] team0: Port device team_slave_1 added
[ 1006.138277][T21278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1006.151200][T21278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1006.290197][T21286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1006.303210][T21286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1006.313300][T21273] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1006.320540][T21273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.346686][T21273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1006.361035][T21273] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1006.368129][T21273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.397065][T21273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1006.413595][T21278] team0: Port device team_slave_0 added
[ 1006.423500][T21278] team0: Port device team_slave_1 added
[ 1006.513006][T21286] team0: Port device team_slave_0 added
[ 1006.524590][T21278] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1006.532287][T21278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.559829][T21278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1006.577256][T21286] team0: Port device team_slave_1 added
[ 1006.584439][T21278] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1006.591845][T21278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.618580][T21278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1006.731053][T21286] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1006.740496][T21286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.769523][T21286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1006.780407][ T5845] Bluetooth: hci6: command tx timeout
[ 1006.781048][ T5845] Bluetooth: hci5: command tx timeout
[ 1006.819586][T21273] hsr_slave_0: entered promiscuous mode
[ 1006.826261][T21273] hsr_slave_1: entered promiscuous mode
[ 1006.832360][T21273] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1006.841637][T21273] Cannot create hsr debugfs directory
[ 1006.850053][T21286] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1006.857144][ T5845] Bluetooth: hci7: command tx timeout
[ 1006.862727][T21286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.888900][T21286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1006.912502][T21278] hsr_slave_0: entered promiscuous mode
[ 1006.919477][T21278] hsr_slave_1: entered promiscuous mode
[ 1006.925951][T21278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1006.933582][T21278] Cannot create hsr debugfs directory
[ 1007.016358][T20561] platform vkms: [drm] *ERROR* flip_done timed out
[ 1007.022926][T20561] platform vkms: [drm] *ERROR* [CONNECTOR:47:Virtual-1] commit wait timed out
[ 1007.087859][T21286] hsr_slave_0: entered promiscuous mode
[ 1007.094901][T21286] hsr_slave_1: entered promiscuous mode
[ 1007.102113][T21286] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1007.109761][T21286] Cannot create hsr debugfs directory
[ 1007.738235][T21273] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1007.753512][T21273] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1007.777068][T21273] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1007.793773][T21273] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1008.213650][T21273] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1008.273941][T21273] 8021q: adding VLAN 0 to HW filter on device team0
[ 1008.319450][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1008.326674][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1008.381497][T21514] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1008.388718][T21514] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1008.606535][T21278] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1008.627353][T21278] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1008.761454][T21278] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1008.781212][T21273] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1008.797258][T21278] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1008.856125][ T5845] Bluetooth: hci5: command tx timeout
[ 1008.860930][ T5159] Bluetooth: hci6: command tx timeout
[ 1008.942425][ T5159] Bluetooth: hci7: command tx timeout
[ 1009.283302][T21273] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1009.519399][T21278] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1009.573394][T21286] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1009.617878][T21278] 8021q: adding VLAN 0 to HW filter on device team0
[ 1009.632009][T21286] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1009.650090][T21286] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1009.690450][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1009.697702][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1009.730207][ T1099] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1009.737440][ T1099] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1009.751507][T21286] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1010.101151][T21273] veth0_vlan: entered promiscuous mode
[ 1010.114450][T21286] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1010.144571][T21273] veth1_vlan: entered promiscuous mode
[ 1010.191926][T21286] 8021q: adding VLAN 0 to HW filter on device team0
[ 1010.234081][ T2987] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1010.241402][ T2987] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1010.290235][ T2987] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1010.297897][ T2987] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1010.389235][T21273] veth0_macvtap: entered promiscuous mode
[ 1010.429332][T21273] veth1_macvtap: entered promiscuous mode
[ 1010.522959][T21278] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1010.572691][T21273] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1010.644275][T21273] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1010.707311][T21278] veth0_vlan: entered promiscuous mode
[ 1010.738746][T21273] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.770686][T21273] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.795957][T21273] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.804710][T21273] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.822529][T21278] veth1_vlan: entered promiscuous mode
[ 1010.940404][ T5159] Bluetooth: hci6: command tx timeout
[ 1010.940415][ T5845] Bluetooth: hci5: command tx timeout
[ 1010.993131][T21278] veth0_macvtap: entered promiscuous mode
[ 1011.015581][ T5159] Bluetooth: hci7: command tx timeout
[ 1011.052971][T21286] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1011.068187][T21278] veth1_macvtap: entered promiscuous mode
[ 1011.097821][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1011.111625][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1011.177919][T21278] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1011.193769][T21286] veth0_vlan: entered promiscuous mode
[ 1011.218113][T21278] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1011.251780][T21286] veth1_vlan: entered promiscuous mode
[ 1011.262977][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1011.273197][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1011.276623][T21278] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.297386][T21278] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.306756][T21278] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.315879][T21278] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.546585][T21286] veth0_macvtap: entered promiscuous mode
[ 1011.559830][T21514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1011.578985][T21286] veth1_macvtap: entered promiscuous mode
[ 1011.596605][T21514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1011.692071][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1011.709585][T21286] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1011.718750][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1011.750864][T21286] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1011.808108][T21286] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.823313][T21286] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.836839][T21286] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.846489][T21286] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1012.141596][T13871] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1012.168421][T13871] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1012.246626][ T3030] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1012.254491][ T3030] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1013.016227][ T5159] Bluetooth: hci5: command tx timeout
[ 1013.016238][ T5845] Bluetooth: hci6: command tx timeout
[ 1013.096531][ T5159] Bluetooth: hci7: command tx timeout
[ 1013.449005][ T5845] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1013.473420][ T5845] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1013.483087][ T5845] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1013.491307][ T5845] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1013.500290][ T5845] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1014.126372][T22517] chnl_net:caif_netlink_parms(): no params data found
[ 1014.268615][T22652] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1014.621437][T22517] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1014.635467][T22517] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1014.647357][T22517] bridge_slave_0: entered allmulticast mode
[ 1014.667326][T22517] bridge_slave_0: entered promiscuous mode
[ 1014.707431][T22517] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1014.714610][T22517] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1014.735597][T22517] bridge_slave_1: entered allmulticast mode
[ 1014.758291][T22517] bridge_slave_1: entered promiscuous mode
[ 1015.043144][T22517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1015.070289][T22517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1015.411560][T22517] team0: Port device team_slave_0 added
[ 1015.496428][T22517] team0: Port device team_slave_1 added
[ 1015.595838][ T5159] Bluetooth: hci8: command tx timeout
[ 1015.908119][T22517] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1015.915199][T22517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1015.996374][T22517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1016.021367][T22517] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1016.030557][T22517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1016.063612][T22517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1016.208303][T22517] hsr_slave_0: entered promiscuous mode
[ 1016.222690][T22517] hsr_slave_1: entered promiscuous mode
[ 1016.252094][T22517] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1016.270646][T22517] Cannot create hsr debugfs directory
[ 1016.560541][T22890] binder: 22889:22890 ioctl c0306201 2000000003c0 returned -14
[ 1016.699230][T22902] input: syz1 as /devices/virtual/input/input197
[ 1017.012029][T22925] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1017.265144][T20561] platform vkms: [drm] *ERROR* flip_done timed out
[ 1017.281817][T20561] platform vkms: [drm] *ERROR* [PLANE:33:plane-0] commit wait timed out
[ 1017.658043][ T5159] Bluetooth: hci8: command tx timeout
[ 1018.443109][T22989] random: crng reseeded on system resumption
[ 1019.319653][T23025] binder: 23022:23025 ioctl c0306201 2000000003c0 returned -14
[ 1019.612563][ T3030] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1019.739229][ T5159] Bluetooth: hci8: command tx timeout
[ 1019.989327][T23016] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1019.990230][ T3030] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1019.996374][T23016] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1020.019896][T23016] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1020.035677][T23016] Bluetooth: hci6: Error when powering off device on rfkill (-4)
[ 1020.084980][T23016] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[ 1020.144047][T23016] Bluetooth: hci7: Error when powering off device on rfkill (-4)
[ 1020.308080][ T3030] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1020.432702][ T3030] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1020.632830][T23108] blktrace: Concurrent blktraces are not allowed on sg0
[ 1020.659603][T23016] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[ 1020.662352][T22517] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1020.673374][T23016] Bluetooth: hci8: Error when powering off device on rfkill (-4)
[ 1020.689507][T22517] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1020.736219][T22517] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1020.793652][T22517] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1021.089225][ T3030] bridge_slave_1: left allmulticast mode
[ 1021.119510][ T3030] bridge_slave_1: left promiscuous mode
[ 1021.136719][ T3030] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1021.214892][ T3030] bridge_slave_0: left allmulticast mode
[ 1021.223095][ T3030] bridge_slave_0: left promiscuous mode
[ 1021.228964][ T3030] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1021.279302][T23142] binder: 23138:23142 ioctl c018620c 200000001180 returned -22
[ 1021.915713][ T3030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1021.931179][ T3030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1021.941797][ T3030] bond0 (unregistering): Released all slaves
[ 1022.128090][T22517] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1022.293174][T22517] 8021q: adding VLAN 0 to HW filter on device team0
[ 1022.504598][ T1772] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.511845][ T1772] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.584931][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.592544][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.791207][ T3030] hsr_slave_0: left promiscuous mode
[ 1022.815390][ T3030] hsr_slave_1: left promiscuous mode
[ 1022.845765][ T3030] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1022.885413][ T3030] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1022.919830][ T3030] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1022.955473][ T3030] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1023.066556][ T3030] veth1_macvtap: left promiscuous mode
[ 1023.072155][ T3030] veth0_macvtap: left promiscuous mode
[ 1023.110737][ T3030] veth1_vlan: left promiscuous mode
[ 1023.130292][ T3030] veth0_vlan: left promiscuous mode
[ 1023.871252][T23220] binder: 23218:23220 ioctl c0306201 2000000003c0 returned -14
[ 1024.747397][ T3030] team0 (unregistering): Port device team_slave_1 removed
[ 1024.864305][ T3030] team0 (unregistering): Port device team_slave_0 removed
[ 1025.784734][T23253] tun0: tun_chr_ioctl cmd 1074025675
[ 1025.790502][T23253] tun0: persist enabled
[ 1025.799235][T23255] tun0: tun_chr_ioctl cmd 1074025675
[ 1025.804571][T23255] tun0: persist enabled
[ 1025.957884][T22517] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1026.582096][T22517] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1026.678091][T23288] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1026.847953][ T3030] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.033411][ T3030] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.078190][T23308] kvm: kvm [23300]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010006) = 0xaf
[ 1027.223162][ T3030] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.247086][T22517] veth0_vlan: entered promiscuous mode
[ 1027.318459][ T3030] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.429318][T22517] veth1_vlan: entered promiscuous mode
[ 1027.594360][T22517] veth0_macvtap: entered promiscuous mode
[ 1027.637574][T22517] veth1_macvtap: entered promiscuous mode
[ 1027.933511][T22517] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1027.978500][T22517] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1028.108537][ T3030] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.198254][T22517] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.228530][T22517] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.245326][T22517] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.259342][T22517] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.413801][T23352] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1028.590903][ T3030] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.603876][T23357] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1028.721017][T23360] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 1028.967799][ T3030] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1029.022362][T13871] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1029.041542][T13871] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1029.072733][ T3030] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1029.160230][T13871] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1029.180630][T13871] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1029.843773][ T3030] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1030.075588][T23453] program syz.9.6337 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1030.151690][ T3030] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1030.302400][T23460] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1030.411511][ T3030] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1030.500199][T23460] syz.9.6339: attempt to access beyond end of device
[ 1030.500199][T23460] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1030.698768][ T3030] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1031.265187][T23489] kvm: kvm [23485]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010006) = 0xaf
[ 1031.308212][T23489] CUSE: info not properly terminated
[ 1031.517216][ T3030] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1032.009015][ T3030] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1032.083319][T23558] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1032.154457][ T3030] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1032.398116][ T3030] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1032.642590][ T3030] bridge_slave_1: left allmulticast mode
[ 1032.655618][ T3030] bridge_slave_1: left promiscuous mode
[ 1032.662431][ T3030] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1032.707322][ T3030] bridge_slave_0: left allmulticast mode
[ 1032.721198][ T3030] bridge_slave_0: left promiscuous mode
[ 1032.875521][ T3030] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1032.916005][ T3030] bridge_slave_1: left allmulticast mode
[ 1032.931814][ T3030] bridge_slave_1: left promiscuous mode
[ 1032.948248][ T3030] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1032.972363][ T3030] bridge_slave_0: left allmulticast mode
[ 1032.993515][ T3030] bridge_slave_0: left promiscuous mode
[ 1033.010982][ T3030] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1033.035460][ T3030] bridge_slave_1: left allmulticast mode
[ 1033.048529][ T3030] bridge_slave_1: left promiscuous mode
[ 1033.064494][ T3030] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1033.088651][ T3030] bridge_slave_0: left allmulticast mode
[ 1033.094354][ T3030] bridge_slave_0: left promiscuous mode
[ 1033.108820][ T3030] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1033.121636][ T3030] bridge_slave_1: left allmulticast mode
[ 1033.127685][ T3030] bridge_slave_1: left promiscuous mode
[ 1033.133470][ T3030] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1033.146663][ T3030] bridge_slave_0: left allmulticast mode
[ 1033.152467][ T3030] bridge_slave_0: left promiscuous mode
[ 1033.160371][ T3030] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1033.607280][ T3030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1033.620563][ T3030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1033.631644][ T3030] bond0 (unregistering): Released all slaves
[ 1033.942743][ T3030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1033.953559][ T3030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1033.965162][ T3030] bond0 (unregistering): Released all slaves
[ 1034.254285][ T3030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1034.265050][ T3030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1034.276548][ T3030] bond0 (unregistering): Released all slaves
[ 1034.576117][ T3030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1034.587289][ T3030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1034.597297][ T3030] bond0 (unregistering): Released all slaves
[ 1054.381263][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.393074][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[ 1115.821084][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.829212][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.260440][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.266877][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[ 1192.615625][   T31] INFO: task kworker/u8:10:3030 blocked for more than 143 seconds.
[ 1192.623592][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1192.631479][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1192.640449][   T31] task:kworker/u8:10   state:D stack:22216 pid:3030  tgid:3030  ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1192.652620][   T31] Workqueue: netns cleanup_net
[ 1192.657570][   T31] Call Trace:
[ 1192.660860][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1192.663807][   T31]  __schedule+0x16f5/0x4d00
[ 1192.669269][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.674183][   T31]  ? schedule+0x165/0x360
[ 1192.684261][   T31]  ? __pfx___schedule+0x10/0x10
[ 1192.690116][   T31]  ? schedule+0x91/0x360
[ 1192.694406][   T31]  schedule+0x165/0x360
[ 1192.728185][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1192.733721][   T31]  __mutex_lock+0x724/0xe80
[ 1192.749089][   T31]  ? kobject_put+0x43f/0x480
[ 1192.753740][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1192.759804][   T31]  ? rfkill_unregister+0xc8/0x220
[ 1192.764866][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1192.770356][   T31]  ? __pfx_device_del+0x10/0x10
[ 1192.781672][   T31]  rfkill_unregister+0xc8/0x220
[ 1192.786879][   T31]  wiphy_unregister+0x238/0xae0
[ 1192.791757][   T31]  ? __pfx_skb_queue_purge_reason+0x10/0x10
[ 1192.797981][   T31]  ? __pfx_wiphy_unregister+0x10/0x10
[ 1192.803405][   T31]  ? kasan_quarantine_put+0xdd/0x220
[ 1192.808813][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1192.814032][   T31]  ? kfree+0x18e/0x440
[ 1192.818221][   T31]  ieee80211_unregister_hw+0x1e2/0x2c0
[ 1192.823697][   T31]  mac80211_hwsim_del_radio+0x275/0x460
[ 1192.830395][   T31]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[ 1192.836644][   T31]  hwsim_exit_net+0x584/0x640
[ 1192.841334][   T31]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 1192.846644][   T31]  ? __ip_vs_dev_cleanup_batch+0x238/0x260
[ 1192.852461][   T31]  ops_undo_list+0x49a/0x990
[ 1192.857179][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1192.862319][   T31]  cleanup_net+0x4c5/0x800
[ 1192.866894][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1192.871845][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1192.877184][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1192.882920][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1192.888780][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1192.894355][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1192.900447][   T31]  worker_thread+0x8a0/0xda0
[ 1192.905090][   T31]  kthread+0x70e/0x8a0
[ 1192.909308][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1192.914462][   T31]  ? __pfx_kthread+0x10/0x10
[ 1192.919192][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1192.924434][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1192.929763][   T31]  ? __pfx_kthread+0x10/0x10
[ 1192.934371][   T31]  ret_from_fork+0x3f9/0x770
[ 1192.939239][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1192.944380][   T31]  ? __switch_to_asm+0x39/0x70
[ 1192.949304][   T31]  ? __switch_to_asm+0x33/0x70
[ 1192.954094][   T31]  ? __pfx_kthread+0x10/0x10
[ 1192.959040][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1192.963850][   T31]  </TASK>
[ 1192.967434][   T31] INFO: task kworker/0:5:22283 blocked for more than 143 seconds.
[ 1192.975340][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1192.983137][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1192.992726][   T31] task:kworker/0:5     state:D stack:24296 pid:22283 tgid:22283 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1193.005124][   T31] Workqueue: events rfkill_global_led_trigger_worker
[ 1193.011846][   T31] Call Trace:
[ 1193.015126][   T31]  <TASK>
[ 1193.018318][   T31]  __schedule+0x16f5/0x4d00
[ 1193.022908][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1193.028926][   T31]  ? schedule+0x165/0x360
[ 1193.033295][   T31]  ? __pfx___schedule+0x10/0x10
[ 1193.038228][   T31]  ? schedule+0x91/0x360
[ 1193.042490][   T31]  schedule+0x165/0x360
[ 1193.046858][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1193.052341][   T31]  __mutex_lock+0x724/0xe80
[ 1193.056982][   T31]  ? look_up_lock_class+0x74/0x170
[ 1193.062142][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1193.066934][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 1193.073185][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1193.078284][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1193.084027][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1193.089966][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 1193.096291][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1193.102042][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1193.108228][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1193.114246][   T31]  worker_thread+0x8a0/0xda0
[ 1193.118942][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1193.125397][   T31]  ? __kthread_parkme+0x7b/0x200
[ 1193.130344][   T31]  kthread+0x70e/0x8a0
[ 1193.134408][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1193.139900][   T31]  ? __pfx_kthread+0x10/0x10
[ 1193.144515][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1193.149787][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.154992][   T31]  ? __pfx_kthread+0x10/0x10
[ 1193.159628][   T31]  ret_from_fork+0x3f9/0x770
[ 1193.164224][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1193.169408][   T31]  ? __switch_to_asm+0x39/0x70
[ 1193.174208][   T31]  ? __switch_to_asm+0x33/0x70
[ 1193.179100][   T31]  ? __pfx_kthread+0x10/0x10
[ 1193.183723][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1193.188678][   T31]  </TASK>
[ 1193.191875][   T31] INFO: task syz.2.6342:23479 blocked for more than 143 seconds.
[ 1193.200033][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1193.211576][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1193.220333][   T31] task:syz.2.6342      state:D stack:25768 pid:23479 tgid:23478 ppid:22517  task_flags:0x400040 flags:0x00004006
[ 1193.232384][   T31] Call Trace:
[ 1193.235711][   T31]  <TASK>
[ 1193.238666][   T31]  __schedule+0x16f5/0x4d00
[ 1193.243186][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.248312][   T31]  ? schedule+0x165/0x360
[ 1193.252664][   T31]  ? __pfx___schedule+0x10/0x10
[ 1193.257884][   T31]  ? schedule+0x91/0x360
[ 1193.262152][   T31]  schedule+0x165/0x360
[ 1193.266383][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1193.271850][   T31]  __mutex_lock+0x724/0xe80
[ 1193.276390][   T31]  ? kobject_put+0x43f/0x480
[ 1193.280988][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1193.285767][   T31]  ? rfkill_unregister+0xc8/0x220
[ 1193.290800][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1193.295898][   T31]  ? __pfx_device_del+0x10/0x10
[ 1193.300781][   T31]  rfkill_unregister+0xc8/0x220
[ 1193.305738][   T31]  nfc_unregister_device+0x96/0x2a0
[ 1193.310966][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 1193.316738][   T31]  virtual_ncidev_close+0x56/0x90
[ 1193.321788][   T31]  __fput+0x44c/0xa70
[ 1193.325864][   T31]  task_work_run+0x1d1/0x260
[ 1193.330884][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1193.336316][   T31]  get_signal+0x11ed/0x1340
[ 1193.340861][   T31]  ? task_work_add+0x377/0x420
[ 1193.345986][   T31]  ? __pfx_vfs_read+0x10/0x10
[ 1193.350694][   T31]  arch_do_signal_or_restart+0x9a/0x750
[ 1193.356673][   T31]  ? __pfx___fput_deferred+0x10/0x10
[ 1193.361991][   T31]  ? __fget_files+0x2a/0x420
[ 1193.366973][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1193.373169][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1193.378697][   T31]  exit_to_user_mode_loop+0x75/0x110
[ 1193.383992][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1193.388891][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.394111][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.400221][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1193.404925][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.411006][   T31] RIP: 0033:0x7f29d538e929
[ 1193.415530][   T31] RSP: 002b:00007f29d6240038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1193.423960][   T31] RAX: fffffffffffffff2 RBX: 00007f29d55b5fa0 RCX: 00007f29d538e929
[ 1193.432053][   T31] RDX: 000000000000000b RSI: 0000200000000200 RDI: 0000000000000007
[ 1193.440103][   T31] RBP: 00007f29d5410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1193.448609][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1193.456679][   T31] R13: 0000000000000000 R14: 00007f29d55b5fa0 R15: 00007ffe54b4b6c8
[ 1193.464766][   T31]  </TASK>
[ 1193.468099][   T31] INFO: task syz.0.6345:23520 blocked for more than 144 seconds.
[ 1193.476323][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1193.483981][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1193.492731][   T31] task:syz.0.6345      state:D stack:24792 pid:23520 tgid:23515 ppid:21278  task_flags:0x400040 flags:0x00004006
[ 1193.505066][   T31] Call Trace:
[ 1193.510019][   T31]  <TASK>
[ 1193.513008][   T31]  __schedule+0x16f5/0x4d00
[ 1193.517674][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.522537][   T31]  ? schedule+0x165/0x360
[ 1193.526945][   T31]  ? __pfx___schedule+0x10/0x10
[ 1193.531822][   T31]  ? schedule+0x91/0x360
[ 1193.536171][   T31]  schedule+0x165/0x360
[ 1193.540368][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1193.545900][   T31]  __mutex_lock+0x724/0xe80
[ 1193.550391][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.555363][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1193.560083][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 1193.565459][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1193.570508][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.576260][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1193.582203][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1193.588993][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1193.594741][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[ 1193.600378][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1193.606408][   T31]  rfkill_set_block+0x1cf/0x440
[ 1193.611282][   T31]  rfkill_fop_write+0x44b/0x570
[ 1193.616198][   T31]  ? common_file_perm+0x199/0x200
[ 1193.621232][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 1193.626694][   T31]  ? security_kernfs_init_security+0x250/0x290
[ 1193.632868][   T31]  ? rw_verify_area+0x258/0x650
[ 1193.637770][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 1193.643416][   T31]  vfs_write+0x27b/0xa90
[ 1193.647723][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1193.652496][   T31]  ? __fget_files+0x2a/0x420
[ 1193.657261][   T31]  ? __fget_files+0x2a/0x420
[ 1193.661875][   T31]  ? __fget_files+0x3a0/0x420
[ 1193.666718][   T31]  ? __fget_files+0x2a/0x420
[ 1193.671332][   T31]  ksys_write+0x145/0x250
[ 1193.675738][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1193.680600][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1193.685451][   T31]  ? do_syscall_64+0xbe/0x3b0
[ 1193.690161][   T31]  do_syscall_64+0xfa/0x3b0
[ 1193.694676][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.700250][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.706474][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1193.711177][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.717428][   T31] RIP: 0033:0x7fca1898e929
[ 1193.722308][   T31] RSP: 002b:00007fca167d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1193.730911][   T31] RAX: ffffffffffffffda RBX: 00007fca18bb6080 RCX: 00007fca1898e929
[ 1193.739130][   T31] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000005
[ 1193.747320][   T31] RBP: 00007fca18a10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1193.755460][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1193.763448][   T31] R13: 0000000000000000 R14: 00007fca18bb6080 R15: 00007fff711ac068
[ 1193.771579][   T31]  </TASK>
[ 1193.775086][   T31] INFO: task syz.9.6346:23558 blocked for more than 144 seconds.
[ 1193.784861][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1193.792678][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1193.802438][   T31] task:syz.9.6346      state:D stack:27240 pid:23558 tgid:23554 ppid:21273  task_flags:0x400140 flags:0x00004004
[ 1193.814926][   T31] Call Trace:
[ 1193.818455][   T31]  <TASK>
[ 1193.821399][   T31]  __schedule+0x16f5/0x4d00
[ 1193.827904][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.832800][   T31]  ? schedule+0x165/0x360
[ 1193.838137][   T31]  ? __pfx___schedule+0x10/0x10
[ 1193.843077][   T31]  ? schedule+0x91/0x360
[ 1193.847407][   T31]  schedule+0x165/0x360
[ 1193.851573][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1193.857092][   T31]  __mutex_lock+0x724/0xe80
[ 1193.861605][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1193.867265][   T31]  ? rfkill_fop_open+0x12d/0x820
[ 1193.872226][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1193.878256][   T31]  ? __raw_spin_lock_init+0x45/0x100
[ 1193.883579][   T31]  ? __init_waitqueue_head+0xa9/0x150
[ 1193.889019][   T31]  rfkill_fop_open+0x12d/0x820
[ 1193.893796][   T31]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1193.901709][   T31]  misc_open+0x2bc/0x330
[ 1193.906699][   T31]  chrdev_open+0x4cc/0x5e0
[ 1193.911165][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1193.916307][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1193.921265][   T31]  do_dentry_open+0xdf3/0x1970
[ 1193.926156][   T31]  vfs_open+0x3b/0x340
[ 1193.930240][   T31]  ? path_openat+0x2ecd/0x3830
[ 1193.935049][   T31]  path_openat+0x2ee5/0x3830
[ 1193.939777][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1193.944685][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1193.949742][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.955889][   T31]  do_filp_open+0x1fa/0x410
[ 1193.960412][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.965373][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1193.970422][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1193.975441][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1193.979791][   T31]  do_sys_openat2+0x121/0x1c0
[ 1193.984455][   T31]  ? __se_sys_futex+0x36f/0x400
[ 1193.989435][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1193.994735][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1193.999559][   T31]  __x64_sys_openat+0x138/0x170
[ 1194.004420][   T31]  do_syscall_64+0xfa/0x3b0
[ 1194.009097][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1194.014324][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.020444][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1194.025136][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.031163][   T31] RIP: 0033:0x7f6fca38e929
[ 1194.035746][   T31] RSP: 002b:00007f6fcb211038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1194.044175][   T31] RAX: ffffffffffffffda RBX: 00007f6fca5b6080 RCX: 00007f6fca38e929
[ 1194.052191][   T31] RDX: 0000000000000801 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1194.060349][   T31] RBP: 00007f6fca410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1194.068684][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1194.076812][   T31] R13: 0000000000000000 R14: 00007f6fca5b6080 R15: 00007fff8323efc8
[ 1194.084967][   T31]  </TASK>
[ 1194.089086][   T31] INFO: task syz.9.6346:23568 blocked for more than 144 seconds.
[ 1194.102339][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1194.110331][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1194.119558][   T31] task:syz.9.6346      state:D stack:28328 pid:23568 tgid:23554 ppid:21273  task_flags:0x400140 flags:0x00004004
[ 1194.131680][   T31] Call Trace:
[ 1194.134976][   T31]  <TASK>
[ 1194.138257][   T31]  __schedule+0x16f5/0x4d00
[ 1194.142792][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1194.148102][   T31]  ? security_file_open+0xb1/0x270
[ 1194.153234][   T31]  ? do_dentry_open+0x35e/0x1970
[ 1194.158293][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1194.163168][   T31]  ? schedule+0x165/0x360
[ 1194.167569][   T31]  ? __pfx___schedule+0x10/0x10
[ 1194.172449][   T31]  ? schedule+0x91/0x360
[ 1194.176792][   T31]  schedule+0x165/0x360
[ 1194.180949][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1194.186477][   T31]  __mutex_lock+0x724/0xe80
[ 1194.190994][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1194.195758][   T31]  ? misc_open+0x51/0x330
[ 1194.200120][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1194.205396][   T31]  misc_open+0x51/0x330
[ 1194.209589][   T31]  chrdev_open+0x4cc/0x5e0
[ 1194.214022][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1194.219065][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1194.224055][   T31]  do_dentry_open+0xdf3/0x1970
[ 1194.229167][   T31]  vfs_open+0x3b/0x340
[ 1194.233261][   T31]  ? path_openat+0x2ecd/0x3830
[ 1194.238127][   T31]  path_openat+0x2ee5/0x3830
[ 1194.242725][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1194.247692][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1194.252644][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.258824][   T31]  do_filp_open+0x1fa/0x410
[ 1194.263338][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1194.268261][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1194.273342][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1194.278369][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1194.282718][   T31]  do_sys_openat2+0x121/0x1c0
[ 1194.287463][   T31]  ? __se_sys_futex+0x36f/0x400
[ 1194.292325][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1194.297829][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1194.302606][   T31]  __x64_sys_openat+0x138/0x170
[ 1194.307500][   T31]  do_syscall_64+0xfa/0x3b0
[ 1194.312010][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1194.317295][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.323486][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1194.328240][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.334194][   T31] RIP: 0033:0x7f6fca38e929
[ 1194.338666][   T31] RSP: 002b:00007f6fcb1cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1194.347179][   T31] RAX: ffffffffffffffda RBX: 00007f6fca5b6240 RCX: 00007f6fca38e929
[ 1194.355205][   T31] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1194.363192][   T31] RBP: 00007f6fca410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1194.371211][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1194.379305][   T31] R13: 0000000000000000 R14: 00007f6fca5b6240 R15: 00007fff8323efc8
[ 1194.387360][   T31]  </TASK>
[ 1194.390413][   T31] INFO: task syz.1.6347:23563 blocked for more than 145 seconds.
[ 1194.398156][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1194.405835][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1194.414497][   T31] task:syz.1.6347      state:D stack:27032 pid:23563 tgid:23561 ppid:21286  task_flags:0x400040 flags:0x00004004
[ 1194.426495][   T31] Call Trace:
[ 1194.429791][   T31]  <TASK>
[ 1194.432735][   T31]  __schedule+0x16f5/0x4d00
[ 1194.437321][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1194.442263][   T31]  ? security_file_open+0xb1/0x270
[ 1194.447446][   T31]  ? do_dentry_open+0x35e/0x1970
[ 1194.452409][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1194.457470][   T31]  ? schedule+0x165/0x360
[ 1194.461828][   T31]  ? __pfx___schedule+0x10/0x10
[ 1194.466965][   T31]  ? schedule+0x91/0x360
[ 1194.471225][   T31]  schedule+0x165/0x360
[ 1194.475434][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1194.480900][   T31]  __mutex_lock+0x724/0xe80
[ 1194.485523][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1194.490221][   T31]  ? misc_open+0x51/0x330
[ 1194.494573][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1194.499663][   T31]  misc_open+0x51/0x330
[ 1194.503833][   T31]  chrdev_open+0x4cc/0x5e0
[ 1194.508390][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1194.513347][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1194.518341][   T31]  do_dentry_open+0xdf3/0x1970
[ 1194.523117][   T31]  vfs_open+0x3b/0x340
[ 1194.527291][   T31]  ? path_openat+0x2ecd/0x3830
[ 1194.532063][   T31]  path_openat+0x2ee5/0x3830
[ 1194.536874][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1194.541779][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1194.546825][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.552913][   T31]  do_filp_open+0x1fa/0x410
[ 1194.557531][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1194.562387][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1194.567522][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1194.572399][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1194.576812][   T31]  do_sys_openat2+0x121/0x1c0
[ 1194.581522][   T31]  ? __se_sys_futex+0x36f/0x400
[ 1194.586527][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1194.591742][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1194.597795][   T31]  __x64_sys_openat+0x138/0x170
[ 1194.602680][   T31]  do_syscall_64+0xfa/0x3b0
[ 1194.607315][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.613403][   T31]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1194.619806][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1194.624510][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.630520][   T31] RIP: 0033:0x7ff10378e929
[ 1194.634947][   T31] RSP: 002b:00007ff1046ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1194.643452][   T31] RAX: ffffffffffffffda RBX: 00007ff1039b6080 RCX: 00007ff10378e929
[ 1194.651543][   T31] RDX: 0000000000000000 RSI: 0000200000000240 RDI: ffffffffffffff9c
[ 1194.659598][   T31] RBP: 00007ff103810b39 R08: 0000000000000000 R09: 0000000000000000
[ 1194.668553][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1194.676679][   T31] R13: 0000000000000000 R14: 00007ff1039b6080 R15: 00007ffe8efbf218
[ 1194.684672][   T31]  </TASK>
[ 1194.688043][   T31] INFO: task syz-executor:24055 blocked for more than 145 seconds.
[ 1194.697778][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1194.705581][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1194.714358][   T31] task:syz-executor    state:D stack:28008 pid:24055 tgid:24055 ppid:1      task_flags:0x400040 flags:0x00004000
[ 1194.726515][   T31] Call Trace:
[ 1194.729805][   T31]  <TASK>
[ 1194.732733][   T31]  __schedule+0x16f5/0x4d00
[ 1194.737331][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1194.742289][   T31]  ? security_file_open+0xb1/0x270
[ 1194.747486][   T31]  ? do_dentry_open+0x35e/0x1970
[ 1194.752467][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1194.757389][   T31]  ? schedule+0x165/0x360
[ 1194.761732][   T31]  ? __pfx___schedule+0x10/0x10
[ 1194.766712][   T31]  ? schedule+0x91/0x360
[ 1194.770988][   T31]  schedule+0x165/0x360
[ 1194.775416][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1194.780891][   T31]  __mutex_lock+0x724/0xe80
[ 1194.785458][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1194.790145][   T31]  ? misc_open+0x51/0x330
[ 1194.794470][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1194.799814][   T31]  misc_open+0x51/0x330
[ 1194.803990][   T31]  chrdev_open+0x4cc/0x5e0
[ 1194.808579][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1194.813531][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1194.818506][   T31]  do_dentry_open+0xdf3/0x1970
[ 1194.823294][   T31]  vfs_open+0x3b/0x340
[ 1194.827479][   T31]  ? path_openat+0x2ecd/0x3830
[ 1194.832273][   T31]  path_openat+0x2ee5/0x3830
[ 1194.836936][   T31]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1194.842438][   T31]  ? count_memcg_event_mm+0x21/0x260
[ 1194.847831][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1194.852783][   T31]  ? __pfx___up_read+0x10/0x10
[ 1194.857932][   T31]  ? do_user_addr_fault+0xbc1/0x1390
[ 1194.863260][   T31]  do_filp_open+0x1fa/0x410
[ 1194.867896][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1194.872768][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1194.877885][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1194.882750][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1194.887177][   T31]  do_sys_openat2+0x121/0x1c0
[ 1194.891879][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1194.897163][   T31]  ? fd_install+0x97/0x540
[ 1194.901600][   T31]  ? fd_install+0x30d/0x540
[ 1194.906224][   T31]  __x64_sys_openat+0x138/0x170
[ 1194.911107][   T31]  do_syscall_64+0xfa/0x3b0
[ 1194.915999][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1194.921228][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.927366][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1194.932050][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.938120][   T31] RIP: 0033:0x7fee1b58d211
[ 1194.942541][   T31] RSP: 002b:00007ffd00150100 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1194.951053][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fee1b58d211
[ 1194.959158][   T31] RDX: 0000000000000002 RSI: 00007fee1b611506 RDI: 00000000ffffff9c
[ 1194.967242][   T31] RBP: 00007fee1b611506 R08: 0000000000000000 R09: 00007fee1c2ed6c0
[ 1194.975302][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[ 1194.983300][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1194.991375][   T31]  </TASK>
[ 1194.994409][   T31] INFO: task syz-executor:24057 blocked for more than 145 seconds.
[ 1195.002444][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1195.010125][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1195.018968][   T31] task:syz-executor    state:D stack:28008 pid:24057 tgid:24057 ppid:1      task_flags:0x400040 flags:0x00004000
[ 1195.031172][   T31] Call Trace:
[ 1195.034444][   T31]  <TASK>
[ 1195.037417][   T31]  __schedule+0x16f5/0x4d00
[ 1195.041937][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1195.046968][   T31]  ? security_file_open+0xb1/0x270
[ 1195.052091][   T31]  ? do_dentry_open+0x35e/0x1970
[ 1195.057141][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1195.062019][   T31]  ? schedule+0x165/0x360
[ 1195.066445][   T31]  ? __pfx___schedule+0x10/0x10
[ 1195.071318][   T31]  ? schedule+0x91/0x360
[ 1195.075623][   T31]  schedule+0x165/0x360
[ 1195.079791][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1195.085336][   T31]  __mutex_lock+0x724/0xe80
[ 1195.089974][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1195.094678][   T31]  ? misc_open+0x51/0x330
[ 1195.099154][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1195.104230][   T31]  misc_open+0x51/0x330
[ 1195.108581][   T31]  chrdev_open+0x4cc/0x5e0
[ 1195.113065][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1195.118107][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1195.123057][   T31]  do_dentry_open+0xdf3/0x1970
[ 1195.127910][   T31]  vfs_open+0x3b/0x340
[ 1195.131984][   T31]  ? path_openat+0x2ecd/0x3830
[ 1195.137138][   T31]  path_openat+0x2ee5/0x3830
[ 1195.141750][   T31]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1195.147302][   T31]  ? count_memcg_event_mm+0x21/0x260
[ 1195.152601][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1195.157602][   T31]  ? __pfx___up_read+0x10/0x10
[ 1195.162371][   T31]  ? do_user_addr_fault+0xbc1/0x1390
[ 1195.167787][   T31]  do_filp_open+0x1fa/0x410
[ 1195.172313][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1195.177240][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1195.182315][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1195.187262][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1195.191615][   T31]  do_sys_openat2+0x121/0x1c0
[ 1195.196357][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1195.201574][   T31]  ? fd_install+0x97/0x540
[ 1195.206088][   T31]  ? fd_install+0x30d/0x540
[ 1195.210640][   T31]  __x64_sys_openat+0x138/0x170
[ 1195.215597][   T31]  do_syscall_64+0xfa/0x3b0
[ 1195.220141][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1195.225450][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.231621][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1195.236399][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.242308][   T31] RIP: 0033:0x7fa26ab8d211
[ 1195.247050][   T31] RSP: 002b:00007ffc492dce10 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1195.255813][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa26ab8d211
[ 1195.263819][   T31] RDX: 0000000000000002 RSI: 00007fa26ac11506 RDI: 00000000ffffff9c
[ 1195.271877][   T31] RBP: 00007fa26ac11506 R08: 0000000000000000 R09: 00007fa26b8ed6c0
[ 1195.279901][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[ 1195.287954][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1195.295973][   T31]  </TASK>
[ 1195.298991][   T31] INFO: task syz-executor:24091 blocked for more than 146 seconds.
[ 1195.306956][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1195.314609][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1195.323371][   T31] task:syz-executor    state:D stack:28008 pid:24091 tgid:24091 ppid:1      task_flags:0x400040 flags:0x00004000
[ 1195.335507][   T31] Call Trace:
[ 1195.338800][   T31]  <TASK>
[ 1195.341724][   T31]  __schedule+0x16f5/0x4d00
[ 1195.346298][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1195.351256][   T31]  ? security_file_open+0xb1/0x270
[ 1195.356640][   T31]  ? do_dentry_open+0x35e/0x1970
[ 1195.361605][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1195.366630][   T31]  ? schedule+0x165/0x360
[ 1195.370974][   T31]  ? __pfx___schedule+0x10/0x10
[ 1195.375921][   T31]  ? schedule+0x91/0x360
[ 1195.380191][   T31]  schedule+0x165/0x360
[ 1195.384357][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1195.389862][   T31]  __mutex_lock+0x724/0xe80
[ 1195.394375][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1195.399125][   T31]  ? misc_open+0x51/0x330
[ 1195.403467][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1195.408593][   T31]  misc_open+0x51/0x330
[ 1195.412766][   T31]  chrdev_open+0x4cc/0x5e0
[ 1195.417496][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1195.422462][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1195.427483][   T31]  do_dentry_open+0xdf3/0x1970
[ 1195.432261][   T31]  vfs_open+0x3b/0x340
[ 1195.436396][   T31]  ? path_openat+0x2ecd/0x3830
[ 1195.441168][   T31]  path_openat+0x2ee5/0x3830
[ 1195.445813][   T31]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1195.451284][   T31]  ? count_memcg_event_mm+0x21/0x260
[ 1195.456647][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1195.461593][   T31]  ? __pfx___up_read+0x10/0x10
[ 1195.466465][   T31]  ? do_user_addr_fault+0xbc1/0x1390
[ 1195.471774][   T31]  do_filp_open+0x1fa/0x410
[ 1195.476734][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1195.481651][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1195.486887][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1195.491757][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1195.496282][   T31]  do_sys_openat2+0x121/0x1c0
[ 1195.500987][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1195.506261][   T31]  ? fd_install+0x97/0x540
[ 1195.510704][   T31]  ? fd_install+0x30d/0x540
[ 1195.515306][   T31]  __x64_sys_openat+0x138/0x170
[ 1195.520171][   T31]  do_syscall_64+0xfa/0x3b0
[ 1195.524662][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1195.529941][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.536078][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1195.540785][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.546859][   T31] RIP: 0033:0x7fe8e078d211
[ 1195.551292][   T31] RSP: 002b:00007ffced0248d0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1195.559790][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fe8e078d211
[ 1195.567818][   T31] RDX: 0000000000000002 RSI: 00007fe8e0811506 RDI: 00000000ffffff9c
[ 1195.579480][   T31] RBP: 00007fe8e0811506 R08: 0000000000000000 R09: 00007fe8e14ed6c0
[ 1195.590418][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[ 1195.598491][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1195.606546][   T31]  </TASK>
[ 1195.609568][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[ 1195.618665][   T31] INFO: task syz-executor:24092 blocked for more than 146 seconds.
[ 1195.626611][   T31]       Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0
[ 1195.634269][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1195.643051][   T31] task:syz-executor    state:D stack:28008 pid:24092 tgid:24092 ppid:1      task_flags:0x400040 flags:0x00004000
[ 1195.655084][   T31] Call Trace:
[ 1195.658514][   T31]  <TASK>
[ 1195.661459][   T31]  __schedule+0x16f5/0x4d00
[ 1195.666266][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1195.671294][   T31]  ? security_file_open+0xb1/0x270
[ 1195.676494][   T31]  ? do_dentry_open+0x35e/0x1970
[ 1195.681443][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1195.686338][   T31]  ? schedule+0x165/0x360
[ 1195.690684][   T31]  ? __pfx___schedule+0x10/0x10
[ 1195.695963][   T31]  ? schedule+0x91/0x360
[ 1195.700245][   T31]  schedule+0x165/0x360
[ 1195.704419][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1195.709972][   T31]  __mutex_lock+0x724/0xe80
[ 1195.714482][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1195.719231][   T31]  ? misc_open+0x51/0x330
[ 1195.723571][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1195.728703][   T31]  misc_open+0x51/0x330
[ 1195.732887][   T31]  chrdev_open+0x4cc/0x5e0
[ 1195.737545][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1195.742483][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1195.747750][   T31]  do_dentry_open+0xdf3/0x1970
[ 1195.752538][   T31]  vfs_open+0x3b/0x340
[ 1195.756688][   T31]  ? path_openat+0x2ecd/0x3830
[ 1195.761482][   T31]  path_openat+0x2ee5/0x3830
[ 1195.766167][   T31]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1195.771648][   T31]  ? count_memcg_event_mm+0x21/0x260
[ 1195.777023][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1195.781976][   T31]  ? __pfx___up_read+0x10/0x10
[ 1195.786827][   T31]  ? do_user_addr_fault+0xbc1/0x1390
[ 1195.792133][   T31]  do_filp_open+0x1fa/0x410
[ 1195.796726][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1195.801593][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1195.806926][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1195.811793][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1195.816930][   T31]  do_sys_openat2+0x121/0x1c0
[ 1195.821639][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1195.829121][   T31]  ? fd_install+0x97/0x540
[ 1195.833564][   T31]  ? fd_install+0x30d/0x540
[ 1195.838113][   T31]  __x64_sys_openat+0x138/0x170
[ 1195.842976][   T31]  do_syscall_64+0xfa/0x3b0
[ 1195.848420][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1195.853640][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.859777][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1195.864485][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.870472][   T31] RIP: 0033:0x7f331e38d211
[ 1195.874911][   T31] RSP: 002b:00007ffc38d846c0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1195.883502][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f331e38d211
[ 1195.891714][   T31] RDX: 0000000000000002 RSI: 00007f331e411506 RDI: 00000000ffffff9c
[ 1195.901396][   T31] RBP: 00007f331e411506 R08: 0000000000000000 R09: 00007f331f0ed6c0
[ 1195.909715][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[ 1195.918060][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1195.926555][   T31]  </TASK>
[ 1195.929596][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[ 1195.938799][   T31] 
[ 1195.938799][   T31] Showing all locks held in the system:
[ 1195.946614][   T31] 1 lock held by khungtaskd/31:
[ 1195.951480][   T31]  #0: ffffffff8e33eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1195.961551][   T31] 4 locks held by kworker/u8:10/3030:
[ 1195.966970][   T31]  #0: ffff88801b6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1195.978068][   T31]  #1: ffffc9000c41fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1195.988825][   T31]  #2: ffffffff8f7159d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[ 1195.998216][   T31]  #3: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 1196.008467][   T31] 2 locks held by getty/5605:
[ 1196.013190][   T31]  #0: ffff888030a3d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1196.023070][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1196.033740][   T31] 3 locks held by kworker/0:5/22283:
[ 1196.040193][   T31]  #0: ffff88801a880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1196.051263][   T31]  #1: ffffc90010ad7bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1196.065145][   T31]  #2: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 1196.076671][   T31] 2 locks held by syz.2.6342/23479:
[ 1196.081884][   T31]  #0: ffff88804e127100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 1196.091783][   T31]  #1: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 1196.101946][   T31] 2 locks held by syz.0.6345/23520:
[ 1196.107191][   T31]  #0: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x191/0x570
[ 1196.117380][   T31]  #1: ffff88804e127100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 1196.127158][   T31] 2 locks held by syz.9.6346/23558:
[ 1196.132356][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.141330][   T31]  #1: ffffffff8f9fd5a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x12d/0x820
[ 1196.151439][   T31] 1 lock held by syz.9.6346/23568:
[ 1196.156821][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.166507][   T31] 1 lock held by syz.1.6347/23563:
[ 1196.171642][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.180293][   T31] 1 lock held by syz-executor/24055:
[ 1196.185653][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.194138][   T31] 1 lock held by syz-executor/24057:
[ 1196.199454][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.208093][   T31] 1 lock held by syz-executor/24091:
[ 1196.213385][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.221938][   T31] 1 lock held by syz-executor/24092:
[ 1196.227287][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.235870][   T31] 1 lock held by syz-executor/25825:
[ 1196.241155][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.249661][   T31] 1 lock held by syz-executor/25826:
[ 1196.254941][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.263443][   T31] 1 lock held by syz-executor/25836:
[ 1196.268786][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.277380][   T31] 1 lock held by syz-executor/25837:
[ 1196.282680][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.291462][   T31] 1 lock held by syz-executor/25882:
[ 1196.297082][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.305870][   T31] 1 lock held by syz-executor/25883:
[ 1196.311172][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.319792][   T31] 1 lock held by syz-executor/25886:
[ 1196.325093][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.334128][   T31] 1 lock held by syz-executor/25887:
[ 1196.340884][   T31]  #0: ffffffff8ebd4788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1196.349476][   T31] 
[ 1196.351838][   T31] =============================================
[ 1196.351838][   T31] 
[ 1196.360572][   T31] NMI backtrace for cpu 1
[ 1196.360588][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 1196.360610][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1196.360621][   T31] Call Trace:
[ 1196.360629][   T31]  <TASK>
[ 1196.360637][   T31]  dump_stack_lvl+0x189/0x250
[ 1196.360660][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 1196.360684][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1196.360702][   T31]  ? __pfx__printk+0x10/0x10
[ 1196.360733][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1196.360758][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1196.360777][   T31]  ? _printk+0xcf/0x120
[ 1196.360800][   T31]  ? __pfx__printk+0x10/0x10
[ 1196.360821][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1196.360847][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1196.360870][   T31]  watchdog+0xfee/0x1030
[ 1196.360890][   T31]  ? watchdog+0x1de/0x1030
[ 1196.360914][   T31]  kthread+0x70e/0x8a0
[ 1196.360939][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1196.360955][   T31]  ? __pfx_kthread+0x10/0x10
[ 1196.360978][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1196.361000][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1196.361022][   T31]  ? __pfx_kthread+0x10/0x10
[ 1196.361052][   T31]  ret_from_fork+0x3f9/0x770
[ 1196.361073][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1196.361097][   T31]  ? __switch_to_asm+0x39/0x70
[ 1196.361116][   T31]  ? __switch_to_asm+0x33/0x70
[ 1196.361134][   T31]  ? __pfx_kthread+0x10/0x10
[ 1196.361157][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1196.361190][   T31]  </TASK>
[ 1196.361197][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1196.518725][    C0] NMI backtrace for cpu 0
[ 1196.518740][    C0] CPU: 0 UID: 0 PID: 5504 Comm: dhcpcd Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 1196.518759][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1196.518769][    C0] RIP: 0010:unix_write_space+0xe3/0x470
[ 1196.518796][    C0] Code: e8 e2 74 82 f7 48 bb 00 00 00 00 00 fc ff df 4d 8d 7e 12 4c 89 f8 48 c1 e8 03 0f b6 04 18 84 c0 0f 85 32 03 00 00 41 0f b6 2f <bf> 0a 00 00 00 89 ee e8 51 77 a4 f7 83 fd 0a 75 0a e8 47 74 a4 f7
[ 1196.518809][    C0] RSP: 0018:ffffc900034377c8 EFLAGS: 00000246
[ 1196.518823][    C0] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffff88802e339e00
[ 1196.518835][    C0] RDX: 0000000000000000 RSI: ffffffff8be41860 RDI: ffffffff8be41820
[ 1196.518846][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8a1c2733
[ 1196.518856][    C0] R10: dffffc0000000000 R11: ffffffff8a1c2710 R12: 0000000000000501
[ 1196.518868][    C0] R13: ffffffff8a1c2733 R14: ffff8880338e5ac0 R15: ffff8880338e5ad2
[ 1196.518879][    C0] FS:  00007efd28ef3740(0000) GS:ffff888125a1c000(0000) knlGS:0000000000000000
[ 1196.518893][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1196.518904][    C0] CR2: 000055826b84d168 CR3: 0000000034ada000 CR4: 00000000003526f0
[ 1196.518918][    C0] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000002
[ 1196.518927][    C0] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1196.518937][    C0] Call Trace:
[ 1196.518944][    C0]  <TASK>
[ 1196.518952][    C0]  sock_wfree+0x1d0/0x7a0
[ 1196.518975][    C0]  unix_destruct_scm+0x150/0x1a0
[ 1196.518994][    C0]  ? __pfx_unix_destruct_scm+0x10/0x10
[ 1196.519012][    C0]  ? __skb_try_recv_datagram+0x3da/0x4e0
[ 1196.519041][    C0]  ? __pfx_scm_recv_unix+0x10/0x10
[ 1196.519057][    C0]  skb_release_head_state+0x101/0x250
[ 1196.519076][    C0]  consume_skb+0x60/0xf0
[ 1196.519092][    C0]  __unix_dgram_recvmsg+0xa25/0xde0
[ 1196.519114][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[ 1196.519131][    C0]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1196.519150][    C0]  ? aa_file_perm+0x3e7/0xed0
[ 1196.519169][    C0]  ? unix_seqpacket_recvmsg+0x106/0x150
[ 1196.519188][    C0]  ? __pfx_unix_seqpacket_recvmsg+0x10/0x10
[ 1196.519207][    C0]  sock_recvmsg+0x229/0x270
[ 1196.519223][    C0]  sock_read_iter+0x231/0x2f0
[ 1196.519244][    C0]  ? __pfx_sock_read_iter+0x10/0x10
[ 1196.519267][    C0]  ? bpf_lsm_file_permission+0x9/0x20
[ 1196.519282][    C0]  ? security_file_permission+0x75/0x290
[ 1196.519305][    C0]  vfs_read+0x4cd/0x980
[ 1196.519325][    C0]  ? __pfx_vfs_read+0x10/0x10
[ 1196.519346][    C0]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 1196.519370][    C0]  ksys_read+0x145/0x250
[ 1196.519388][    C0]  ? __pfx_ksys_read+0x10/0x10
[ 1196.519403][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1196.519422][    C0]  ? do_syscall_64+0xbe/0x3b0
[ 1196.519444][    C0]  do_syscall_64+0xfa/0x3b0
[ 1196.519457][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1196.519477][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.519491][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 1196.519508][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.519521][    C0] RIP: 0033:0x7efd28f7d407
[ 1196.519534][    C0] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 1196.519546][    C0] RSP: 002b:00007ffc2edbef50 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[ 1196.519562][    C0] RAX: ffffffffffffffda RBX: 00007efd28ef3740 RCX: 00007efd28f7d407
[ 1196.519573][    C0] RDX: 00000000000100e0 RSI: 00007ffc2edbeff0 RDI: 000000000000000b
[ 1196.519583][    C0] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 1196.519592][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffc2edcf1d0
[ 1196.519603][    C0] R13: 00007ffc2edcf1d0 R14: 00007ffc2edbeff0 R15: 00007ffc2edcf1c0
[ 1196.519621][    C0]  </TASK>
[ 1196.519735][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1196.895273][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00158-g5c8013ae2e86 #0 PREEMPT(full) 
[ 1196.907065][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1196.917109][   T31] Call Trace:
[ 1196.920378][   T31]  <TASK>
[ 1196.923297][   T31]  dump_stack_lvl+0x99/0x250
[ 1196.927888][   T31]  ? __asan_memcpy+0x40/0x70
[ 1196.932557][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1196.937748][   T31]  ? __pfx__printk+0x10/0x10
[ 1196.942337][   T31]  panic+0x2db/0x790
[ 1196.946224][   T31]  ? __pfx_panic+0x10/0x10
[ 1196.950633][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 1196.956440][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1196.961815][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 1196.967964][   T31]  watchdog+0x102d/0x1030
[ 1196.972284][   T31]  ? watchdog+0x1de/0x1030
[ 1196.976697][   T31]  kthread+0x70e/0x8a0
[ 1196.980762][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1196.985426][   T31]  ? __pfx_kthread+0x10/0x10
[ 1196.990008][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1196.995201][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1197.000394][   T31]  ? __pfx_kthread+0x10/0x10
[ 1197.004976][   T31]  ret_from_fork+0x3f9/0x770
[ 1197.009557][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1197.014677][   T31]  ? __switch_to_asm+0x39/0x70
[ 1197.019446][   T31]  ? __switch_to_asm+0x33/0x70
[ 1197.024209][   T31]  ? __pfx_kthread+0x10/0x10
[ 1197.028805][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1197.033574][   T31]  </TASK>
[ 1197.036832][   T31] Kernel Offset: disabled
[ 1197.041155][   T31] Rebooting in 86400 seconds..