program:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x50}}, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./bus\x00', 0x4812, &(0x7f00000001c0)=ANY=[], 0x1, 0x68b, &(0x7f0000000640)="$eJzs3c1vHGcdB/DvbDZONi2p2yZtQJVqNRIgIhI7VgrmQkAI5VChqhw4W4nTWNmkxdlWboWIw+u1h/4B5ZAL4oTEPVLhwAVuvSFzq4TEpRfMadGMZ9fr9UvWhOw65fOJZp5n5nnmmd/zm519i6wN8H/ryrk0H6TIlXOvrZbb6/fn2+v352/16kmOJVlLmkkaSYp/dbvdj5PLSdEfphgqd/hweeGNTz5b/3Rzq1kvVf/GfscNqfutDe1e6+2bSXKkLh/BtvGuPvJ4RT/yy0nO1iVM3NEk3W1+/Oen+y0DWrsdfXwsMQKPV7H5upn69bhvOjlR3+jl+4DeK29j/BGO5tiI/YbfQQAAAMCTZpTPwM9sZCOrxckxhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfC2tbv/9f1EujV59J0fv9/6l6X+r64fLywbo/eFxxAAAAAAAAAMBY/L1av7yRjazmZH/38Wr9SrU+Va2fyju5k6Ws5HxWs5hOOlnJXJLpgeGmVhc7nZW5EY68uP3Ibrd7t9NZufiQcI/VZevRZw4AAAAAAAAAn0M/y5WB//8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBDoEiObBYp7g3snk6jmeR4kqlyx1ry1179SfZg0gEAAADAGDyzkY2s5mRvu1vkVJIXqu8Ajued3E4ny+mknaVcq74X2PzU31i/P99evz9/q1x2jvudfx4ojGrEbH73sPuZz1Q9Wrn+bu+Yq3kr7VxLozqydKaOp9djKK57ZUzFt2sjRnatLsuZf1CXO9w90GT3csAvU6arjBzN9SxXOZqtYyuz8Wzvyux+hQ54dYbPNJdGP9hTQ2camkSd84NN7URdlvP51V45n4jhTFwcePS9sH/Ok6/84Xc/mq3rh2dKozlSl91q3dqZifmBTLw4SiZutG/fvHH9zrknLRM7zFaZON3fvpLv54c5l5m8npUs590sppOlzOR7VW2xvvjFwC2/R6Yub9t6/WGRTNWP0M2LdbCYXqmOPZnl/CBv5VqW8mr172Lm8o1cyqUsDFzh0/tf4equb+zxTNv9wq7Bn/1qXWkl+XVd7mrPhselzOuzA3kdfM6drtoG92xl6bkRsnTA16Pml+pKeY6f1+XhMJyJuYFMPL9/Jn5TPa3cad++uXJj8e3RTvfcB3WlvI9+eaieUsvHy3Plxaq2tj86yrbn+z2356tsO9U/rrGj7XS/rbpTi+aed+pU/R5u50gXq7YXd22br9rODLS1+m3n+++3ADj0TnztxFTrH62/tD5q/aJ1o/Xa8e8e++axl6Zy9I9Hv9WcPfLlxkvF7/NRfrr1+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjv3Xnv/ZuL7fbSylCl2+3e3aUpl3fr/HgrzYeEuqOSmb89VR7Q29NNv6n3c2ZjnMUXn07GnLE9K0eH97SSjOXs/+52u/WeYo8+v/3ToUlUtzbp6zXJyuSek4DxuNC59faFO++9//XlW4tvLr25dHvh0qWF2YVLr85fuL7cXprdXE86SuBx2HrRn3QkAAAAAAAAAAAAwKjG8ecEk54jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GS7ci7NBykyN3t+ttxevz/fLpdefatnM0kjSfGTpPg4uZzNJdMDwxV7nefD5YU3Pvls/dOtsZq9/o39jhvNWr1kJsmRzfLe/2q8q3W5r2K/KRT9GZYJO9tLHEzafwIAAP//FqwEKg==")
r1 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
ftruncate(r1, 0xee72)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
pwritev2(r2, &(0x7f0000001100)=[{&(0x7f0000001080)="08e9", 0xff86}], 0x1, 0x7000, 0x0, 0x3)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f000000b200)='/dev/comedi1\x00', 0x8040, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000850000001300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r5, 0x18000000000002a0, 0x12, 0x0, &(0x7f0000000240)="d2ff03076003008cb89e08f088a8acc05024", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)=@newtaction={0x1c4, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x1b0, 0x1, [@m_mirred={0x1ac, 0x4, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xfffff7e8}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000}, 0x1, r8}}]}, {0x13f, 0x6, "c7fd1533d1d5a5969585f29f614db544ffa4a33ed8cee3d806ffb841f67cf3a039c9054a2643faa9eb90f83d653800e184ee250be741cb375f65c92f0df41a390df97568c7fecdb4a3908c2daeb68f5a2d1bc483a9203ec909e539d2fe2ab0a3dd7d4dbd51645948b7304e68b2c24b34d8ebeac4c99483258e95293a995e07a4b473399927ec21adbeab49636112ac55e7bbc9b808bd285531d6538b76996c72bf4813605e095b8cf441521c565c2ac99f58d673fdd7afb4198f8f4218d702d117ecbb3650dfb012112df04f957dcb59e4b76c16fa9ea6b714d78cd91e8f160be7e162bd381d54a0aba07f790c2a2cc5cb68021a3db4fb92c2e86ec4b234b24e5f85e97b2474a630f134222a92aeb467979751e1fad782d5edf94c7e7b6ca967ea46fbf399f7ba7e91189390e46165863974dbb4e115325eb172b5"}, {0xc}, {0xc}}}]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(twofish-asm)\x00'}, 0x58)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000004, 0x10, r6, 0x5e6dd000)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f0000000100)={'pcl818\x00', [0xd, 0x2, 0x3, 0x80000001, 0xfffffffb, 0x6f8, 0x4d7, 0x0, 0xffffffff, 0x4, 0x0, 0x401, 0x3, 0x8001, 0x9, 0x2, 0xa, 0xd, 0x0, 0x5, 0x8008, 0x40000010, 0xfe, 0x6, 0x54, 0x3, 0x8, 0xd308, 0x10001, 0x8, 0x1]})

[   74.830505][ T4680] Bluetooth: hci0: command tx timeout
[   74.948615][ T5335] loop0: detected capacity change from 0 to 1024
[   75.026240][ T5335] hfsplus: xattr searching failed
[   75.045308][ T5335] hfsplus: xattr searching failed
[   75.063010][ T5335] hfsplus: xattr searching failed
[   75.140564][ T5336] comedi comedi1: pcl818: I/O port conflict (0xd,16)
[   75.143585][ T5336] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN NOPTI
[   75.148684][ T5336] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[   75.152309][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.156336][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.160898][ T5336] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[   75.163420][ T5336] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 19 ba 6c f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 f8 b9 6c f9 4d 8b 24 24 48 83 c3
[   75.171708][ T5336] RSP: 0018:ffffc9000d4ff9d8 EFLAGS: 00010206
[   75.174273][ T5336] RAX: 0000000000000005 RBX: ffff88801fffbc00 RCX: 0000000000100000
[   75.177655][ T5336] RDX: ffffc90020802000 RSI: 000000000000093b RDI: 000000000000093c
[   75.180969][ T5336] RBP: 0000000000000001 R08: ffff88803e82892f R09: 1ffff11007d05125
[   75.184357][ T5336] R10: dffffc0000000000 R11: ffffffff88bbfdf0 R12: 0000000000000028
[   75.187796][ T5336] R13: dffffc0000000000 R14: ffff88803e828800 R15: dffffc0000000000
[   75.191340][ T5336] FS:  00007fc134ff56c0(0000) GS:ffff88808d683000(0000) knlGS:0000000000000000
[   75.195167][ T5336] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.198222][ T5336] CR2: 00007f949548b6b0 CR3: 000000001fefc000 CR4: 0000000000352ef0
[   75.201831][ T5336] Call Trace:
[   75.203359][ T5336]  <TASK>
[   75.204700][ T5336]  pcl818_detach+0x66/0xd0
[   75.206658][ T5336]  comedi_device_detach_locked+0x178/0x750
[   75.209205][ T5336]  comedi_device_attach+0x5d4/0x720
[   75.211391][ T5336]  comedi_unlocked_ioctl+0x5ff/0x1020
[   75.213522][ T5336]  ? kasan_quarantine_put+0xdd/0x220
[   75.215772][ T5336]  ? lockdep_hardirqs_on+0x98/0x140
[   75.218247][ T5336]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.221101][ T5336]  ? do_futex+0x333/0x420
[   75.222819][ T5336]  ? __fget_files+0x2a/0x420
[   75.224514][ T5336]  ? __fget_files+0x3a0/0x420
[   75.226342][ T5336]  ? __fget_files+0x2a/0x420
[   75.228084][ T5336]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.230136][ T5336]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.232519][ T5336]  __se_sys_ioctl+0xfc/0x170
[   75.234417][ T5336]  do_syscall_64+0xfa/0xf80
[   75.236268][ T5336]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.238804][ T5336]  ? clear_bhb_loop+0x60/0xb0
[   75.240776][ T5336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.243195][ T5336] RIP: 0033:0x7fc138b8f7c9
[   75.245103][ T5336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.252998][ T5336] RSP: 002b:00007fc134ff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.256563][ T5336] RAX: ffffffffffffffda RBX: 00007fc138de6090 RCX: 00007fc138b8f7c9
[   75.259889][ T5336] RDX: 0000200000000100 RSI: 0000000040946400 RDI: 0000000000000007
[   75.262990][ T5336] RBP: 00007fc138c13f91 R08: 0000000000000000 R09: 0000000000000000
[   75.266213][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.269593][ T5336] R13: 00007fc138de6128 R14: 00007fc138de6090 R15: 00007ffc11c237b8
[   75.272972][ T5336]  </TASK>
[   75.274236][ T5336] Modules linked in:
[   75.276240][ T5336] ---[ end trace 0000000000000000 ]---
[   75.302393][ T5336] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[   75.310693][ T5336] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 19 ba 6c f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 f8 b9 6c f9 4d 8b 24 24 48 83 c3
[   75.318715][ T5336] RSP: 0018:ffffc9000d4ff9d8 EFLAGS: 00010206
[   75.330662][ T5336] RAX: 0000000000000005 RBX: ffff88801fffbc00 RCX: 0000000000100000
[   75.333768][ T5336] RDX: ffffc90020802000 RSI: 000000000000093b RDI: 000000000000093c
[   75.336752][ T5336] RBP: 0000000000000001 R08: ffff88803e82892f R09: 1ffff11007d05125
[   75.360168][ T5336] R10: dffffc0000000000 R11: ffffffff88bbfdf0 R12: 0000000000000028
[   75.379376][ T5336] R13: dffffc0000000000 R14: ffff88803e828800 R15: dffffc0000000000
[   75.389556][ T5336] FS:  00007fc134ff56c0(0000) GS:ffff88808d683000(0000) knlGS:0000000000000000
[   75.399706][ T5336] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.404285][ T5336] CR2: 00007fe44b83d43c CR3: 000000001fefc000 CR4: 0000000000352ef0
[   75.421464][ T5336] Kernel panic - not syncing: Fatal exception
[   75.424382][ T5336] Kernel Offset: disabled
[   75.426226][ T5336] Rebooting in 86400 seconds..