last executing test programs:

25m38.731688533s ago: executing program 32 (id=979):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4c8c41, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000) (async)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000)

18m49.447196578s ago: executing program 33 (id=3581):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)=0x81}) (async)
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)=0x81})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0010117, 0x0, 0x100000000}]})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r1, 0x0, 0x80402, 0x41) (async)
openat(r1, 0x0, 0x80402, 0x41)

14m46.446920285s ago: executing program 34 (id=5290):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) (async)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132})
ioctl$TUNSETGROUP(r3, 0x541b, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0x9e, 0x0, 0x51e8}]})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000180)=@arm64={0x17, 0x40, 0x6, '\x00', 0x7}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000180)=@arm64={0x17, 0x40, 0x6, '\x00', 0x7})
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) (async)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r5, 0x7a5, &(0x7f0000000180)={{@hyper}, 0x0, 0x3, 0x7})
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x3, 0x44, 0x5, 0xa}, {0x2, 0x2, 0x1, 0x7}, {0x7f, 0x41, 0x9, 0xfffffffe}]}) (async)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x3, 0x44, 0x5, 0xa}, {0x2, 0x2, 0x1, 0x7}, {0x7f, 0x41, 0x9, 0xfffffffe}]})
syz_open_dev$sndpcmc(&(0x7f00000000c0), 0x5, 0x40000)

13m23.699006826s ago: executing program 35 (id=5711):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x16)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240))
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)

10m40.154272635s ago: executing program 2 (id=6836):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r3, 0x4068aea3, &(0x7f00000000c0)={0xdf, 0x0, 0x10000})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4138ae84, &(0x7f0000000c40)=@x86={0xff, 0x8, 0x76, 0x0, 0x1d8f, 0x37, 0x8, 0x2, 0xb8, 0x8, 0xf9, 0x0, 0x0, 0x1, 0x2, 0x4, 0x1, 0x0, 0x42, '\x00', 0x7, 0x80000000})
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4140aecd, &(0x7f0000000000))
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r8, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0xda0, 0x0, 0x7}]})
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r8, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

10m38.578456404s ago: executing program 2 (id=6844):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/148, 0xc6)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg0\x00', 0x1})
ioctl$TUNGETVNETBE(r2, 0x8927, &(0x7f0000000000))
read$FUSE(r1, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40000005c1a82, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
read(r0, &(0x7f0000000100)=""/148, 0xc6) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082) (async)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg0\x00', 0x1}) (async)
ioctl$TUNGETVNETBE(r2, 0x8927, &(0x7f0000000000)) (async)
read$FUSE(r1, 0x0, 0x0) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40000005c1a82, 0x0) (async)
dup(r3) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0) (async)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600}) (async)

10m38.128072889s ago: executing program 2 (id=6846):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz1\x00', 0x3f})
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x51)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$evdev(&(0x7f0000000100), 0x72, 0x0)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f00000000c0)={0x51, 0x8009, 0xd, {0x2, 0x2}, {0x6, 0x8}, @cond=[{0xeeb, 0x405, 0x4, 0x3, 0x8, 0x2}, {0x2, 0x5, 0x5, 0x6, 0x6, 0x3b7e}]})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r3 = syz_open_dev$admmidi(&(0x7f0000000080), 0x7, 0x208002)
dup(r3)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x2d1, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x2d1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000080)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000280)={0x0, 0x0, r7})
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r8, &(0x7f0000000040)=0x140, 0x12)
r9 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r9, 0x40086409, &(0x7f0000000100))
openat(r4, 0x0, 0x80402, 0x41)

10m37.79945989s ago: executing program 2 (id=6850):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
r2 = syz_open_dev$sg(&(0x7f00000005c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_PROBE_HOST(r2, 0x5385, &(0x7f0000000140)={0x5b, ""/91})
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x9, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x10001, 0xfe, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x6}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x88081, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP(r5, 0x3b85, &(0x7f0000001140)={0x28, 0x2, r6, 0x0, &(0x7f0000000000)='p', 0xb6299679db8e922f, 0x2823})
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x7ff, 0x4080600})
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000001c0)={0x200, 0x3, 0x4, {0x4, @raw_data="2293f385af9979e99b43af3d80b0af656e1f8ebee0b146050ddc527553717142a6c148cd90a127fc564e89051ab53f780d473d88c5e6fe368590b70ab1e4f880e149d1e790df5e12f4a05552afd5af24bb537f213d5e1b9c60fe6ffa8f8b926c4dd01f7a547ef6aa3e53b7844992c2ddc94fe21840eb70579dd6f1a7b329ae29eb90d3202de237ba532a77e8da53dfe5480f5d7d97d49f991464e60f3f24b0d997c8ebfeb8d09fd49526b974c0865e33b8bc08d7fe71b0382177e45195dd3f918c20f31539c72897"}, 0x6})

10m37.53486366s ago: executing program 2 (id=6852):
r0 = syz_open_dev$video(&(0x7f0000005580), 0x7, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000002600), 0x200, 0x42)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r2, 0x40084149, &(0x7f0000002640)=0x4)
ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, &(0x7f0000002580)={r0})
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000140)={0x9, @output})
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r3, &(0x7f0000000100)=""/159, 0xfffffe5a)
preadv(r0, &(0x7f0000002440)=[{&(0x7f0000000080)=""/121, 0x79}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000002240)=""/130, 0x82}, {&(0x7f0000002300)=""/177, 0xb1}, {&(0x7f00000023c0)=""/76, 0x4c}], 0x6, 0x200, 0xb8a6)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f00000025c0), 0x5a9140, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r5, 0x6f000)
ioctl$BLKPG(r3, 0x1269, &(0x7f0000000000)={0x2, 0x0, 0x98, &(0x7f00000024c0)={0xf, 0xf, 0x4}})
mmap(&(0x7f0000501000/0x2000)=nil, 0x2000, 0x1000006, 0x13, r4, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

10m37.313785675s ago: executing program 2 (id=6855):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0xa000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'pimreg\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308003c5c980128876360864668f82ffdeefa000000000000ffd2acb165fe580cd568020031b87b348cb74136f366da0a9201880bddb7f4dbabae67ad762aa2c74e06f183be5138033889b2dc310fc936e8720fc0f5033893a7f620ee08c1bb6f272e086e6f91bbdfd1e8dc19c9ffe8132a01d18037a12abae79888e450d4ea4cb80feeb61f679ed48cd554ec1cb3d061289242940b8a7a2118fa21ea879ef99f446526115681a292a0e06d98c3f568c4e5413dd6960df6a5928b0d42f405c7bb8ac14a5ac071c16d3502f03b04d40a063f149f153de35d1092270f329841825e74c3e84a73c8fdf0e84154d01c86000000", @ANYRESOCT=r2, @ANYRES64=r1], 0xffdd) (async)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000000c0)={0x80a0000, 0x8083000, 0x80000000, 0x1, 0x8}) (async)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r9, 0xc0305710, &(0x7f0000000040)={0x1, 0xff, 0x1f})
r10 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r9, 0x0, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r10, 0x5100) (async)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000580)=ANY=[@ANYBLOB="01401cf86d0c84aac2ea355a00fdff000000007900000000000000000000000000000060655e5b7d4bf2bae1c7d343bb9822456330b94244e1337be3b9ffdb94090000000000007333473442ce21ae2d2c1cbaec1d102fd78907cef4a8f372241d2b803e0b81b17156b9a3b4761df36553cc4b2e860cef24175aaa32d74d904d5e0e1f7dcb3e5340ab068b87533b34bd28ca70d5cb643e1417a89ba33053cac03c70fb7be8d81644db5decfe9070eb8ba775a69cad923edbfccaf9d37577fd0044faf4f088af4e57c46274061f83cc5e66e7d445de39df347aea4ea161b1f268e89bbce8d88fd3d18d4a8771631c3ebdf34306beb286e8978427e35992971df2474459be339767cf9020a657e4e4d9da74"]) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0x0, 0x0, 0x8, 0xb, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x4, 0x10, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0xeeee8000, 0xc, 0x0, 0x7, 0x4, 0x5, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x10000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xf7, 0xdd, 0x8, 0x0, 0x4}, {0x2000, 0xdddd0000, 0x8, 0x6, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c, 0x7d}, {0x0, 0x5000, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x40}, {0xdddd0000, 0x0, 0xa, 0x6, 0x5, 0x0, 0xe8}, {0x0, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc, 0x26, 0x3, 0x10}, {0xf000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x7aa]})
r11 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x0, 0x810, r11, 0x7dfff000)

10m21.883151483s ago: executing program 36 (id=6855):
r0 = openat$kvm(0x0, &(0x7f0000000100), 0xa000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'pimreg\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308003c5c980128876360864668f82ffdeefa000000000000ffd2acb165fe580cd568020031b87b348cb74136f366da0a9201880bddb7f4dbabae67ad762aa2c74e06f183be5138033889b2dc310fc936e8720fc0f5033893a7f620ee08c1bb6f272e086e6f91bbdfd1e8dc19c9ffe8132a01d18037a12abae79888e450d4ea4cb80feeb61f679ed48cd554ec1cb3d061289242940b8a7a2118fa21ea879ef99f446526115681a292a0e06d98c3f568c4e5413dd6960df6a5928b0d42f405c7bb8ac14a5ac071c16d3502f03b04d40a063f149f153de35d1092270f329841825e74c3e84a73c8fdf0e84154d01c86000000", @ANYRESOCT=r2, @ANYRES64=r1], 0xffdd) (async)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000000c0)={0x80a0000, 0x8083000, 0x80000000, 0x1, 0x8}) (async)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r9, 0xc0305710, &(0x7f0000000040)={0x1, 0xff, 0x1f})
r10 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r9, 0x0, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r10, 0x5100) (async)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000580)=ANY=[@ANYBLOB="01401cf86d0c84aac2ea355a00fdff000000007900000000000000000000000000000060655e5b7d4bf2bae1c7d343bb9822456330b94244e1337be3b9ffdb94090000000000007333473442ce21ae2d2c1cbaec1d102fd78907cef4a8f372241d2b803e0b81b17156b9a3b4761df36553cc4b2e860cef24175aaa32d74d904d5e0e1f7dcb3e5340ab068b87533b34bd28ca70d5cb643e1417a89ba33053cac03c70fb7be8d81644db5decfe9070eb8ba775a69cad923edbfccaf9d37577fd0044faf4f088af4e57c46274061f83cc5e66e7d445de39df347aea4ea161b1f268e89bbce8d88fd3d18d4a8771631c3ebdf34306beb286e8978427e35992971df2474459be339767cf9020a657e4e4d9da74"]) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0x0, 0x0, 0x8, 0xb, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x4, 0x10, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0xeeee8000, 0xc, 0x0, 0x7, 0x4, 0x5, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x10000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xf7, 0xdd, 0x8, 0x0, 0x4}, {0x2000, 0xdddd0000, 0x8, 0x6, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c, 0x7d}, {0x0, 0x5000, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x40}, {0xdddd0000, 0x0, 0xa, 0x6, 0x5, 0x0, 0xe8}, {0x0, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc, 0x26, 0x3, 0x10}, {0xf000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x7aa]})
r11 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x0, 0x810, r11, 0x7dfff000)

10m15.61045657s ago: executing program 7 (id=6962):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x3e1ce000) (async)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000001c0)=0xe) (async)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000))
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

10m15.427230024s ago: executing program 7 (id=6963):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x40803, 0x0)
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000040)=0x3)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000080)={"d7e4584eb4d9d7724c58f185bcf41454b5cb40ceb56c41b9fe89a00d20124ca7", 0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
ioctl$NBD_SET_SIZE(r2, 0xab02, 0x27)
ioctl$SNDCTL_SEQ_RESETSAMPLES(r2, 0x40045109, &(0x7f0000000100)=0x9)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$BLKOPENZONE(r2, 0x40101286, &(0x7f0000000180)={0xffffffffffffffff, 0x1})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>r2, {0x7}}, './file0\x00'})
ioctl$NBD_SET_SIZE(r3, 0xab02, 0x4)
r4 = syz_open_dev$midi(&(0x7f0000000200), 0x7, 0x40000)
ioctl$FS_IOC_GETFSUUID(r0, 0x80111500, &(0x7f0000000240))
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000280)={"531a2e4f3283024631b388a67aecde5128e10125e0c11a8d1caa1287415d5071", r2})
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000002c0)={'\x00', 0x8, 0x1, 0x0, 0x75f, 0xfffffffffffffff8})
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r3, 0x810c5701, &(0x7f0000000340))
ioctl$SYNC_IOC_FILE_INFO(r3, 0xc0383e04, &(0x7f0000000780)={""/32, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
r5 = syz_open_dev$sndmidi(&(0x7f00000007c0), 0x6, 0x202000)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r5, 0x810c5701, &(0x7f0000000800))
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000940), 0x80240)
read(r6, &(0x7f0000000980)=""/217, 0xd9)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000a80), 0x181000, 0x0)
write$vhost_msg(r3, &(0x7f0000001b40)={0x1, {&(0x7f0000000ac0)=""/82, 0x52, &(0x7f0000000b40)=""/4096, 0x2, 0x3}}, 0x48)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r1, 0x80089419, &(0x7f0000001bc0))
ioctl$VIDIOC_STREAMON(r7, 0x40045612, &(0x7f0000001c00)=0xbeb3)
ioctl$CEC_RECEIVE(r7, 0xc0386106, &(0x7f0000001c40)={0x3, 0x1000, 0x7fffffff, 0x1, 0x6, 0xfffffffc, "477af36a8df0154874b3ebf8a172e539", 0x5, 0x7, 0x4, 0xf2, 0x1, 0x1, 0x6})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r3, 0xc08c5334, &(0x7f0000001c80)={0x5, 0x0, 0x0, 'queue1\x00', 0xfff})
write$vhost_msg_v2(r2, &(0x7f0000001e00)={0x2, 0x0, {&(0x7f0000001d40)=""/127, 0x7f, &(0x7f0000001dc0)=""/34, 0x3, 0x2}}, 0x48)
ioctl$KVM_SET_DEVICE_ATTR_vm(r7, 0x4018aee1, &(0x7f0000001ec0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000001e80)={0xffff, 0x8}})
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000001f00)=0x4)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r4, 0x810c5701, &(0x7f0000001f40))

10m14.484750977s ago: executing program 7 (id=6966):
r0 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f0000000040)) (async)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x40)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000000c0)=r1)
ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000100))
ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000140)={0xffffffd6, 0xffff, 0xe2e3, 0x80000000}) (async)
ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000000180)={0x0, 0xd7e1}) (async)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r2, 0x40305652, &(0x7f00000011c0)={0xc, 0x4, 0xff, 0x7, 0x3, 0x1, 0xff}) (async)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000001380)={0x3, 0x0, &(0x7f0000001200)=""/123, &(0x7f0000001280)=""/37, &(0x7f00000012c0)=""/142, 0x1000}) (async)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f00000013c0)={0x5, 0xbcf})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f0000001400)={0x7686, 0x0, 0x2018, 0xfdd, 0x6, {0x1, 0x8}, 0x1})
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000001440), 0x440c00, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x660c) (async)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x8) (async)
ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000001480)) (async)
r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000014c0), 0x1, 0x0)
write$tcp_congestion(r4, &(0x7f0000001500)='highspeed\x00', 0xa) (async)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4ed9afa0db510be0, 0x810, r2, 0x62117000) (async)
write$cgroup_int(r1, &(0x7f0000001540)=0x4, 0x12) (async)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000001580), 0x80000, 0x0)
lseek(r5, 0x2, 0x0)
syz_open_dev$dri(&(0x7f00000015c0), 0x1, 0x200000) (async)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000001600)={{0x1, 0x1, 0x18, <r6=>r1}, './file0\x00'})
ioctl$KVM_GET_REGS(r6, 0x8090ae81, &(0x7f0000001640)) (async)
ioctl$VIDIOC_STREAMOFF(r2, 0x40045613, &(0x7f0000001700)=0x2) (async)
syz_open_dev$vbi(&(0x7f0000001740), 0x1, 0x2)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001780), 0x8a02, 0x0) (async)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0xe8d)
ioctl$EVIOCSABS2F(r6, 0x401845ef, &(0x7f00000017c0)={0x6, 0x4, 0xca3, 0x3, 0x1, 0x7f})

10m14.302490731s ago: executing program 7 (id=6967):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x11, 0xffffffffffffffff, 0x8ecb0000)
r1 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x1)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r1, 0xc0385720, &(0x7f0000000000)={0x1})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x8000000000000000)

10m13.610605749s ago: executing program 7 (id=6968):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10)
ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000300)={0x160000000, 0x2, 0x0, [{0x2, 0x5, 0xef, 0x4, 0x4e, 0x0, 0x6, '\x00', 0x18000000000}, {0x1, 0x1a000000000, 0x8, 0x2c, 0x6, 0xc, 0x1, '\x00', 0x200}]})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e2e000c371303ed6a33fe86890df20e87"])
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000002c0)={0x2, 0x2, 0x2})
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0585609, &(0x7f0000000080)={0x6, 0x2, 0x0, 0x0, 0x3})
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8600, 0x0)
read(r3, &(0x7f00000001c0)=""/157, 0x9d)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10) (async)
ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000300)={0x160000000, 0x2, 0x0, [{0x2, 0x5, 0xef, 0x4, 0x4e, 0x0, 0x6, '\x00', 0x18000000000}, {0x1, 0x1a000000000, 0x8, 0x2c, 0x6, 0xc, 0x1, '\x00', 0x200}]}) (async)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$TUNSETTXFILTER(r2, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e2e000c371303ed6a33fe86890df20e87"]) (async)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000002c0)={0x2, 0x2, 0x2}) (async)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0585609, &(0x7f0000000080)={0x6, 0x2, 0x0, 0x0, 0x3}) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8600, 0x0) (async)
read(r3, &(0x7f00000001c0)=""/157, 0x9d) (async)

10m12.993651117s ago: executing program 7 (id=6972):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1a) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0) (async)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000440)={r1, 0x2000, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}}) (async)
ioctl$LOOP_CHANGE_FD(r2, 0x4c09, r1) (async)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r3, &(0x7f0000000100)=""/159, 0xfffffe5a)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r4, 0x0, 0x80402, 0x41)

9m57.625226623s ago: executing program 37 (id=6972):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1a) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0) (async)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000440)={r1, 0x2000, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}}) (async)
ioctl$LOOP_CHANGE_FD(r2, 0x4c09, r1) (async)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r3, &(0x7f0000000100)=""/159, 0xfffffe5a)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r4, 0x0, 0x80402, 0x41)

5m3.086359517s ago: executing program 9 (id=8824):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008302"])
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2881, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r10, 0x4140aecd, &(0x7f0000000dc0)={{0x1, 0x0, 0x80, {0x4000, 0xf000, 0x1}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca02000000000000008b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd96dba8d84c65c2bef91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4515a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bf4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e446401803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db43029d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efe0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6d3b0498a95377451bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f81c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629fa4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809373c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x3, 0x6, 0x3, 0xffffffffffffffff, 0x2004c8, 0x0, 0x0, 0x7ffffffffffffffa, 0x0, 0x0, 0x8020000000, 0x6011, 0x0, 0x5], 0x6000, 0x12002})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
close(r1)
close(r0)
r11 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r11, &(0x7f0000000100)=""/159, 0xfffffe5a)
r12 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000743000/0x2000)=nil, 0x2000, 0x1000006, 0x110, r12, 0xdcc8000)
write(r0, &(0x7f0000000400)="6bf94430d6f40d7a42200404a854b10c69810766a51499099006893186b0f9ddb361e13805c2b341a35004a75556f8d698c43c0c5c5b4c4a5e6ee835737cd171c7a6023ac84a13b6fde4ef9edd7a60d7713a35274badd33818bc86e7dae0ebf5c59b5fd515b01d8e2976a8c31664797e01cec08fe954d1894bacd5a1dc781c8c700c39c35aeffb75ec22712954aef419f1523e4946b52f5a3e24d526525efe400f6b6b07646ab0c8978be99769b15134c33e3b85ef86c1180b1036b2a97b032ca40b7f3b9d5fecc3bc6518cecc29a411ef1fc2de82d06d19b79f933d8998cab0434f7e077dd40b1fee8b57a9fd6a54cbc5e6a1962cd9460ede89574a634ccf2a95d16aa39ad2340b8793fe32161878c575bb3974ce9e3923ee7c1f48da4db97db95ca32ebf7152bd9afdb1364a43851a75c1a7701f0f4b1a7fff6c863da9ef04a3f6d5ce27fa37a6472fb3409121b5aabd47a1bba202655934313875068debf7e4cfaaad9e569633c65c4410c1bea3a7b0cec99343a37914197e09e59f558c6be92a4325ed7fa3c62e47238111291ff8887563bda4d452317969e5f46f06d51b5abeafc818052d52a966a8736cd961671791582a5c511a0ce2a85ea4e306303c2a4c61d6e6c3903945bec825672045f32d9b1088b50110ea4e2c0a6f0446b2d3d247ceb701e95ebd91907c8e3998f5ecf137974bca1ec8ee16b3d74b6dbdd85874866c9d9590bba63b6027500510e4ff573715e3036ac404b5568b7b3a23d2e3f20e316dd5e9938b7b95506d57af0eae0eaf2dcd86b6bb5e34766e7bea054dabf86722a6a7f0b5c9d242dc629d75456d074bc10cdee34c34821b847bbd5b1820a4017777afb07da77a3836e1cab89a5578eb3550c2375f2739508ecac1ba9c57099207cf55f7e51d651d265f3c982b252f2536a08039c90134177c96fee29be69e8ab02c07b78b4f166908c36ed0dd47568fe6fa75ec3e450e304e825457cf260276666ddb79e043828a6c75095d85320aeadc4a2bb84cdbe51a5fa49e83adb500665e6b78b076fc0dbf565e1ef860a4261091146c30449ce267b7ceed38d904585d3efbb57ae6607a004b41fdbff29c97b00c5b2456a8c7b67113d1cc083c890ad672b342f02e816acd2457a4df35c102b5edb43d43024a2b0fd2d905216052fd8cb6aaa292d5a9e98b206be63fd1139199fe4f80eefe9353298c3fae6ca0da3f72ee5bde13eed4c7804e9b9336218ddbdd754616e9d36b239a81112e833553b21c19f5c114f5fa24eb87d90e46d51118b00226dea112641cd2a364082c9ccf1b05f45d9bb8df1130e8570db7b38d582d4045532f6c11bf814ede0e515ac8c116003d85510c2004a253410f41f7ff80f5cc0aaa11548ef9c28c6f0ccb95c86e5c4e10c9c9cf7f7a23099c71cebd7b362b6324023fcae2f065f3b3c664f414ba63d5d8aa1a9a83ee038ada24a84ea0f096b1879a4dcf86c908d8a42e472efb1de8f887f31fb490ee857f977af211fc6a241b5f27b453da7cae743d289e57b30809d16def9e9c0093dba79d0c72fa0e518a94d781c86b80ec5dc1d78d29bf974699fd3693df3c953af47a7a914f936bf7115455f2c6a317a32a53fb89bf6519149c0d4b4b2fa9754f017307d8c13d314303dfe9a0ab7c722970936771de5bf1cd793b57aa16936ae4a6f83440d94e99a31adc11d240e7ec612db5631569d0d33159a5b8f503ac148bf8b730a9c6ebaf41ad4c50ffbcb1335954301d03cadd4e0812fc9c5fa2f771f416e8ebaba4f6baf79493ef900393d0b392a0a09a5469a31ac1dc902bbacb19f8596db62197423b6a4a4ad04e9658df921e520d2f7c7775a267fc1f62142d130953744ead8ccc600607c543b3ac6b907609e52335fea0c7fcd18386d8d82a4fe83c05d35c21fefbd9199ae5da1fe339e3fa93768b454bff67aec9908cfbafcbfbeca802d44c1c5b2ff6a6595bea88034cac074c479a8c1d76ce840898e2f42582714faaa069f5271cc98ac2898e32f4a05ed34d0dfa21902fcfba8a8c3380265cb490fe4db0b06e8366788ad8981527bd0e3337e3ad7928d8160938f0e52fbbb3e27b50f64b8b5daf0ecfebcedfd718382679c95f2cfc3e625dc7411213b2ab5845dc092b49a0ef67b815237a00b45b8ec6ba4cf4d740c6d6fd88f18a49e2a4009ce9ad584ee1c1d15a072fbf98cb8a9a46387c077b5f04526a87cf225ab65d81e560614f277bf76b6f71a730b6a326d696c2811943543abd55178e0d822be6b47fa556f1f37ad6f360f686c6a2ba1ab5dcefcc375035b95eaff1440074a3d13d6ed5b71ed9e53c95183664dd5c8279d4d490d74902473944287d9a78107b7688cb44823e5997f742912eabbcebbd71d3f7af7849f71cfd30ed377961258fc6cf47fce0c00809731ac4a73b53f7b46c831e8b1e280c48f608809d0c6a142e501c3889c4877618713a2d6bfbff93fdd3e606de04105b649ffabd5a1a1b78542619ac2d528a9c5e3f42424767ec8f86db1cebac4de8873b6e69a210bf3a0d6b990286fbfb264270e4e1b30e5a32723544d1b5fffe172822131b7712fc336cad57835277e143f32ba0b19ebb868cd38e10b2b202632c2d75830a670bd1492828973dbf816e2510fe4cce5144a891a052df78542040ab5a979497cff0224091bcb27423921163798b9f03a88040db595435f08f7b0534954f88a4923798780a708ccc49223e6316634e40096b3046e4a0f1806dee7a80de2093c9c5180684e63ba5add9ca0b9948f3f516cad21199445f72c162bd87250c087122e354333703c3af592c205f6b446877ecafdaf9f7f3187afd2384d05f14948f3fbe3504ddf4b87f4435b17e6d058380698580e3a94d6df485edfa3b4dac2d8d0ffcccd39b6db5e38faceafafe99f6bed5e22de8584f3529a736bedea89f6b49faeaecfe40612de9274d06f64aa286d221eb62e1dc0a85e67efc1cd60e3f318efe78e0cd9a3e7ee7568ebc2eaccc1cdd3c1f8b85d2fd84b65ef70c764565d7d5495742cef17444537b6202788e8c1c68ef9effb0ba0c1c57f9aca09a8dc37dde0a8a78a29b92b6d51b50f1cb2caf8dbaf7153a684f1c3146228fca3c82b75121a3589878b371ca557125c4e06dfbb414f4bf4bdea93e01f0819ca5015ccf0151a5080ed2863d159ce0971adb610b489d8958483190ba7c9783e9036a62b37daca06a4953097269a14541a6c329f60cd6206e6af1f09a658c77f3adfb768a03b36da0ffe10938143c3c81cdba43571f4752b6371fca4fda39011acb1307478ffe3f72ee98fd86a0516230fb4655c110a57666e5eb923d3414f005511652ae42818f7c067e5a30319f92ab4fa6726c7f73d045e0cd5d20199ad303dca5b5e83b867f4cdfc5933d96863d59f332b9b64ab88857b1754027b916087b6119a1b09f38df029b321d68649faa708ee38db9632e7dc510047529a269881db41ef8a233972203e7839078b46e05a4fdef4c80031f72e7012a19055043a991666f3b058f4ce4e5e18c7065f1761414ae097be86e05fa2549ea2bda72062c5c9c4e71b093ed30c1f1c03c004648e1a5286680c501beb60b9b9037aa64ea0f34bc27a14a8ad59c3974eed82b40126641ff474369801a7d40b2992568abd59ff908f3c74bc8422ba6ea6f228efe3365227a36576fbf7cae1a6be58b15019d75e6005a5be9505064ac6bc2df4abd7949a284bf1cd52fab070f5fafccc724b78c8ce79c52a0fa8e709c187b3b1204a847bdfddb3eaba71068ad343715c9673ebcfc389bd1240045a27556f2d76e10e0630f71abbc2882c12442e3773da34ee29cc6469c22bf4761a75d93ab42f310f9f7444c61eb157f6fb7ae89b981142f1266111a435523554d76b5b6f39f5e58cca6ab0af4fc576d7febe3959c998dbdea22b4af3bccf8c6798f72c8e47ce2b08d561e28c9fdfe6b8b026b2a41dd6d4669d8ace1aa1ed1e7a4174f844e0101ffd50fd3142922565f7e95e8181d2dda1cc1af0b435b1645bb25228c1338d63b058b6db9d56aff10e9529a73d87a299e26811d698cdcead41b5fe6f76d7558f5b646df1caa2a5167bf71bece9e5b5d45d7346df79dfa4920889d4c06f068e8e00360385a472af372e84c45a7bce3ca154c05c312d00522cdaae682564531beb61bc96eb7438d5ce2ca77ac8761e8300b8200e6b526c45afea9123d2bc03da76f42e18eeb6db908a23317a6882bf0cb5c8de4fcd4ea0149269cffbc96731df7189b6d6c5944d3faa0dbdea4282af61a5874614707c4aca59c904d818716b305fd2c675bb0973cf42f27433ea0773d0d1f4b38ab0a3c206b31968d8eeaefbbb991db4c0dd59c2e2a22f1598c18799e535245a86675434f2eb2a34363767488831e5030d65d14be43854ab54b6b773f13494132e80908471a92fd1a138c34147a70e7072745d00da2eb93d26b8188a41fbcdfc57a9b434b75dc3d5baa32bd76869d573d766c3ee164c93a06ddfea016d193b6a35a414e0e76bbb414f32f17de71c849b2283d492874e1495901ee3cd047bf5390b06f129e76ad322e23174a4133ed85cca36a74429989aab0229dda8c04cc26ce6d7588bf590331a3b4bf036603d005d5a2faaf28adf03604acf1ce89e65e57586aa4f415f8fae57e53fb1b01652a39d870b9b381d4285eb59064fe535653e0c92ea24dbafc3c91cea1d24bba311e18437df76b2836eba14d3c18a370d0e8a4425e2819f152806f680f420b19fcac1eeb53716a40a79c318e27f9130d16400973e48599e0b60afeda28134ff321c3d7975010d30646861e00853dcd1281c1d9bfb308efefdf8990aa21f0cf89a61e91ef998ec565a2d45bd243c350eb51a25f0649b9c854261fef5d93f1377651d61f235d30ab4d1f5f0d4f88cbaa407d974a661bb41934fd904130506e6394c6fd0632ac5a9a6406361ef0fdc172a7860b22f2c34065be632226f7b71306c36d082d5f29b5a07b324150764b70a2ce7b4fd5c8e773ffd1f658d7b95bf2228d3f0127c610ad3151f8c2719206b5e34b0de72b1f8d967d0d807e3a9ce051a2a6c298346eb59b5b555c30533857ccc31716be02141767f9b54ed2ea5de4b0359a896b56109ba2fc13922e5f14913a392571700d66f3181d0fdc37eab2153dad180b42a864247cc28e10dd4d3d7a9f515d126dfb83a28d313e37dc13adea74f986a45d0ee6954f371a11d1e21dc39b8e23dcebc6f865dcdef4174517bf49b84cd409a2d335645d770cd971d53ac90b304ac09209082d6577c6e01c7a21dbbde025b0659f71acecc2bb209062acb1d9138351a5c381ceefa60f404392c923bb38f945dd48995f0121c9879d2904f55729d75723ac88a177c41637e65643a6624f1497c501fe05319b73b340b1d8a798c36a4d9392d735234ca8fe2af194a950f6163993b4ce8902d917972b2f5d39bbdea773e967a2e43d5ab5598dd308f85a32c6e71b93a50fc790a7a584d6974eb2391cf8e0c4c0b590b8f40e78acb30fac3c9e50ab497e1fa699f2383aed7b171491046beb0cd6067136becaa2acee0fc659827c2bb1797b0eb5672ad82a50c58de5c96f49a06c0fae41899b813af25fcfb48ad0fbd71a6acf1c859148d33fb85cc662141315b7bafd3e2e17d74bfe4e18fe520d972a5919006cbd4cfe1cff5fa9cf62e68924527a9cdba244b03a849c8162b9a1e2945c10935548e39b16d68c74a6899ba4e49252285648e877fabdf62dce7aae764709b84dc5e3764535de0f50a3cdabe12b1db31e659804f4700246", 0x1000)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)

5m0.160575543s ago: executing program 9 (id=8832):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/vmcoreinfo', 0x0, 0x0)
read$dsp(r0, &(0x7f0000000000)=""/110, 0x6e)
ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f00000001c0)=""/154)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)

4m59.239356572s ago: executing program 9 (id=8840):
read(0xffffffffffffffff, &(0x7f0000000100)=""/159, 0xfffffe5a)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r0, 0x0, 0x80402, 0x41)

4m59.026666404s ago: executing program 9 (id=8841):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000fa5000/0x4000)=nil, 0x4000, 0x1000006, 0x13, 0xffffffffffffffff, 0x13637000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

4m58.915478653s ago: executing program 9 (id=8842):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x28200, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f0000000080)={0x3, 0x4})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

4m58.174516559s ago: executing program 9 (id=8844):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x400}) (async)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000000)={0x80, 0x4, 0x4, 0xe05, 0xe3, 0x80}) (async)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_S390_VCPU_FAULT(r5, 0x4008ae52, &(0x7f0000000280)=0x3ff) (async)
read$FUSE(r2, &(0x7f00000014c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4, {<r7=>0xee01, 0xffffffffffffffff}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0xee00, <r8=>0x0}}, './file0\x00'})
write$FUSE_CREATE_OPEN(r2, &(0x7f00000001c0)={0xa0, 0x0, r6, {{0x5, 0x3, 0x100000000, 0x120000, 0x918f, 0x40, {0x0, 0x3, 0x10, 0x5, 0x8, 0xfffffffffffff10c, 0x8, 0x7, 0x7, 0x2000, 0xfff, r7, r8, 0x36f, 0x3}}, {0x0, 0x11}}}, 0xa0)

4m42.860819637s ago: executing program 38 (id=8844):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x400}) (async)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000000)={0x80, 0x4, 0x4, 0xe05, 0xe3, 0x80}) (async)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_S390_VCPU_FAULT(r5, 0x4008ae52, &(0x7f0000000280)=0x3ff) (async)
read$FUSE(r2, &(0x7f00000014c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4, {<r7=>0xee01, 0xffffffffffffffff}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0xee00, <r8=>0x0}}, './file0\x00'})
write$FUSE_CREATE_OPEN(r2, &(0x7f00000001c0)={0xa0, 0x0, r6, {{0x5, 0x3, 0x100000000, 0x120000, 0x918f, 0x40, {0x0, 0x3, 0x10, 0x5, 0x8, 0xfffffffffffff10c, 0x8, 0x7, 0x7, 0x2000, 0xfff, r7, r8, 0x36f, 0x3}}, {0x0, 0x11}}}, 0xa0)

2m35.690372391s ago: executing program 1 (id=9474):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x141201)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x41045508, 0xffffffffffffffff)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000e40)={0x0, 0x1, &(0x7f0000000b40)=[0x18], 0x0, 0x0}) (async)
ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000e40)={0x0, 0x1, &(0x7f0000000b40)=[0x18], 0x0, 0x0})
openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae09, &(0x7f0000000300))
dup(0xffffffffffffffff)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40001, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40001, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000000)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r3=>0x0})
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x9, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f00000000c0)={0x7fff, 0xd, 0x3, "134600cea4dd512d97d4188cbf770637bc747721f37af54dd1dc03030096c337", 0x35323645})
r5 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r2, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r3, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r3, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x80000001}) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r3, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x80000001})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r3})

2m35.452928244s ago: executing program 1 (id=9476):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0xd9c48000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

2m35.130488692s ago: executing program 1 (id=9478):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2)
r1 = dup(r0)
read(r1, &(0x7f0000000040), 0x0)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000000)={0xf0f046})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, 0x0) (async)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x201, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x201, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x187, 0x0, 0x1}]})
ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7) (async)
ioctl$KVM_RESET_DIRTY_RINGS(r5, 0xaec7)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r1, 0x0, 0x181502, 0x41)

2m34.736564522s ago: executing program 1 (id=9480):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000400)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000240)={0x3, 0x0, [{0xeeee0000, 0x25, &(0x7f0000000080)=""/37}, {0x5000, 0x0, &(0x7f00000000c0)}, {0x10000, 0x2, &(0x7f0000000200)=""/2}]})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000500))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r6, 0x4188aea7, &(0x7f0000000000)={0x2, 0x0, [{0x7}]})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r7, 0x0, 0x80402, 0x41)

2m34.234933269s ago: executing program 1 (id=9485):
r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.write_iops_device\x00', 0x2, 0x0)
ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000080)={0x0, 0x40, [0x7, 0x80, 0x5, 0x7], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r1, 0xf507, 0x0) (async)
ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000100)) (async)
ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000140)=0x5)
ioctl$SNDCTL_SEQ_THRESHOLD(0xffffffffffffffff, 0x4004510d, &(0x7f0000000180)=0x9) (async)
ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0xffc0, 0x644}, {0x0, 0x8}]}) (async)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000240)={0x0, 0x0, 0x9, 0x0, '\x00', [{0x8, 0xec, 0x3, 0x1, 0x400, 0x4e}, {0x1, 0x8000, 0x5, 0x1, 0xffffffff, 0x200000}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
ioctl$EVIOCSABS20(0xffffffffffffffff, 0x401845e0, &(0x7f0000000540)={0x1, 0x7, 0x5, 0x4, 0x0, 0x6})
ioctl$GIO_FONT(r1, 0x4b60, &(0x7f0000000580)=""/230)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f00000006c0)=0x18000000) (async)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000700)={0x1, 0x2, 0x7}) (async)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000740)={0x1, 0x5d, 0x7c6cba7c, 0x4080, <r3=>0xffffffffffffffff})
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000780))
ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f00000007c0)={0x2, 0xe9, 0x9c57, 0x8, 0x5, 0x4}) (async)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000800)={0x4, 0x80, 0x0, 0xf7, 0x0, "6074f0e720d59923af018b7e0b6c2dc40d3acb"}) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000840)={{0x1, 0x1, 0x18, <r4=>r3, {0xee00, 0xee01}}, './file0\x00'})
ioctl$USBDEVFS_REAPURB(r4, 0x4008550c, &(0x7f0000000880))
ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000008c0)=<r5=>0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000900)={0x1, 0xfaa}) (async)
close(r0) (async)
ioctl$TIOCSPGRP(r2, 0x5410, &(0x7f0000000940)=r5) (async)
r6 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000980)='/proc/sys/fs/binfmt_misc/syz2\x00', 0x2, 0x0)
r7 = dup2(r6, 0xffffffffffffffff)
openat$cgroup_ro(r7, &(0x7f00000009c0)='memory.swap.current\x00', 0x0, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) (async)
ioctl$EVIOCSABS2F(r7, 0x401845ef, &(0x7f0000000a00)={0x1, 0x80000001, 0xb, 0x0, 0x3, 0x2})
ioctl$TIOCGLCKTRMIOS(r7, 0x5456, &(0x7f0000000a40)={0x40, 0x7fffffff, 0x89, 0x3, 0x1, "0b1f210ad93a21ab765d696e938d813b6316a3"})

2m34.131719397s ago: executing program 1 (id=9486):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGPKT(r0, 0x40045436, 0x0)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000240))
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x12, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x3, 0x17, 0x2804, 0x5, 0x722, 0xe52, 0x40007, 0xa, 0x2e, 0x8, {0xffff945a, 0xfffffffd}, 0x3, 0xf0}})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x23939904284bff71, 0x0, 0x40, 0x1, 0x0, 0x9, 0x0, 0x0, 0x5})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r3, 0xc0a85352, &(0x7f0000000440)={{0x7, 0xb}, 'port0\x00', 0x60, 0x40400, 0x1000, 0x6, 0x0, 0x4, 0xffff, 0x0, 0x0, 0x62})
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000180)=""/128, 0x80}], 0x1, 0x0, 0x0)
preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
ioctl$UI_DEV_DESTROY(r5, 0x5502)
syz_open_dev$ttys(0xc, 0x2, 0x0) (async)
ioctl$TIOCGPKT(r0, 0x40045436, 0x0) (async)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000240)) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) (async)
ioctl$VIDIOC_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x12, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x3, 0x17, 0x2804, 0x5, 0x722, 0xe52, 0x40007, 0xa, 0x2e, 0x8, {0xffff945a, 0xfffffffd}, 0x3, 0xf0}}) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) (async)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x23939904284bff71, 0x0, 0x40, 0x1, 0x0, 0x9, 0x0, 0x0, 0x5}) (async)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r3, 0xc0a85352, &(0x7f0000000440)={{0x7, 0xb}, 'port0\x00', 0x60, 0x40400, 0x1000, 0x6, 0x0, 0x4, 0xffff, 0x0, 0x0, 0x62}) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) (async)
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000180)=""/128, 0x80}], 0x1, 0x0, 0x0) (async)
preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0) (async)
ioctl$UI_DEV_DESTROY(r5, 0x5502) (async)

2m18.624865726s ago: executing program 39 (id=9486):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGPKT(r0, 0x40045436, 0x0)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000240))
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x12, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x3, 0x17, 0x2804, 0x5, 0x722, 0xe52, 0x40007, 0xa, 0x2e, 0x8, {0xffff945a, 0xfffffffd}, 0x3, 0xf0}})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x23939904284bff71, 0x0, 0x40, 0x1, 0x0, 0x9, 0x0, 0x0, 0x5})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r3, 0xc0a85352, &(0x7f0000000440)={{0x7, 0xb}, 'port0\x00', 0x60, 0x40400, 0x1000, 0x6, 0x0, 0x4, 0xffff, 0x0, 0x0, 0x62})
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000180)=""/128, 0x80}], 0x1, 0x0, 0x0)
preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
ioctl$UI_DEV_DESTROY(r5, 0x5502)
syz_open_dev$ttys(0xc, 0x2, 0x0) (async)
ioctl$TIOCGPKT(r0, 0x40045436, 0x0) (async)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000240)) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) (async)
ioctl$VIDIOC_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x12, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x3, 0x17, 0x2804, 0x5, 0x722, 0xe52, 0x40007, 0xa, 0x2e, 0x8, {0xffff945a, 0xfffffffd}, 0x3, 0xf0}}) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) (async)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x23939904284bff71, 0x0, 0x40, 0x1, 0x0, 0x9, 0x0, 0x0, 0x5}) (async)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r3, 0xc0a85352, &(0x7f0000000440)={{0x7, 0xb}, 'port0\x00', 0x60, 0x40400, 0x1000, 0x6, 0x0, 0x4, 0xffff, 0x0, 0x0, 0x62}) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) (async)
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000180)=""/128, 0x80}], 0x1, 0x0, 0x0) (async)
preadv(r2, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0) (async)
ioctl$UI_DEV_DESTROY(r5, 0x5502) (async)

1m31.169711047s ago: executing program 3 (id=9770):
read(0xffffffffffffffff, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0x15, 0x2000000, <r1=>0x0})
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x80200, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000280)=0x4) (async)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000080)=0x7f) (async)
mmap$dsp(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1, 0x13, r4, 0x0) (async)
r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000180)={0x1, @pix_mp={0x0, 0x0, 0x32525942}}) (async)
ioctl$PPPIOCSMRU1(r3, 0x40047452, 0x0) (async)
write$sndseq(r2, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x7}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}], 0x70) (async)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f00000002c0)={0x48, 0x7, r2, 0x0, 0x30001, 0x0, 0x0, 0x125c96, 0x1ce096}) (async)
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000280)={0x18, r1})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000340)={0x4, @time={0x80000000, 0x4}, 0x82, {0x9, 0x8}, 0xdf, 0x0, 0x6})
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x40007, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000040)={0xf0f080, 0x1})
r7 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
preadv(r7, &(0x7f0000000080)=[{&(0x7f0000000180)=""/207, 0xcf}], 0x1, 0xfffffffb, 0x7) (async)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x33c, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r8, 0xc100565c, &(0x7f0000000080)={0x2, 0x1, 0x4, {0x2, @vbi={0x9, 0x1, 0x1, 0xb5315258, [0x5, 0xfffff1dd], [0x6, 0x596], 0x2}}})
ioctl$IOMMU_DESTROY$ioas(r2, 0x3b80, &(0x7f0000000380)={0x8, r1}) (async)
ioctl$PTP_EXTTS_REQUEST2(r2, 0x40103d0b, &(0x7f0000000000)={0x8, 0xb}) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0) (async)
r9 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r9, &(0x7f00000001c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000001140)=""/5, 0x5}}, 0x120) (async)
r10 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r10, 0x0)
read(r9, &(0x7f00000000c0)=""/51, 0xd)

1m30.540294292s ago: executing program 3 (id=9775):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r1, 0x0, 0x0) (async)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2) (async)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000200)=0xa0000) (async)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r4, 0x7a9, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x110, r3, 0x0) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0) (async)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d370987f70e06d038e7ff7fc6e5539b0d650e8b089b3f353b6c090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006) (async)
r7 = syz_open_dev$video4linux(&(0x7f0000000000), 0x8f, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r7, 0xc0585605, &(0x7f0000000100)={0x1, 0x0, {0x0, 0x0, 0x3010}}) (async)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r9, 0x0) (async)
r10 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r10, 0xc014563b, &(0x7f0000000080)={0x5}) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) (async)
write$sndseq(r8, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) (async)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600}) (async)
ioctl$VIDIOC_TRY_ENCODER_CMD(r7, 0xc028564e, &(0x7f0000000280)={0x1, 0x0, [0x3ff, 0x80000001, 0x7f, 0x1, 0xfffffff9, 0x0, 0x4, 0x2]})

1m30.169237456s ago: executing program 3 (id=9779):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r2, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m29.165288791s ago: executing program 3 (id=9787):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x41)
write$UHID_CREATE2(r1, 0x0, 0x162)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r2, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m27.509600725s ago: executing program 3 (id=9797):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
dup(0xffffffffffffffff)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000910000400eca"]) (async)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000910000400eca"])
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r5=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r5, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r5, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r5})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

1m26.966173465s ago: executing program 3 (id=9802):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
openat$vimc2(0xffffff9c, &(0x7f0000000500), 0x2, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0xe6, 0x1, {0x6, 0x2, 0x140000001, 0x1, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
syz_open_dev$swradio(&(0x7f00000001c0), 0x1, 0x2)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000300)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x80001)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r6, 0x9, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, <r7=>0x0], &(0x7f0000000040), 0x2, r5})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r5], &(0x7f0000000180)=[0x7], &(0x7f0000000280)=[r7, r7], &(0x7f0000000040)=[0x0]})
preadv(r3, &(0x7f0000000200)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0xd544, 0x1000)
read$FUSE(r2, 0x0, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r9 = dup(r8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r9, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r9, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1m11.910775393s ago: executing program 40 (id=9802):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
openat$vimc2(0xffffff9c, &(0x7f0000000500), 0x2, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0xe6, 0x1, {0x6, 0x2, 0x140000001, 0x1, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
syz_open_dev$swradio(&(0x7f00000001c0), 0x1, 0x2)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000300)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x80001)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r6, 0x9, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, <r7=>0x0], &(0x7f0000000040), 0x2, r5})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r5], &(0x7f0000000180)=[0x7], &(0x7f0000000280)=[r7, r7], &(0x7f0000000040)=[0x0]})
preadv(r3, &(0x7f0000000200)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0xd544, 0x1000)
read$FUSE(r2, 0x0, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r9 = dup(r8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r9, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r9, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

37.324535211s ago: executing program 0 (id=10054):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000000), 0x3, 0x200640)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f00000003c0)={0x1, 0x0, [{0x28a, 0x0, 0x3}]})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
syz_open_dev$sndmidi(&(0x7f0000000000), 0x3, 0x200640) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f00000003c0)={0x1, 0x0, [{0x28a, 0x0, 0x3}]}) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000) (async)

37.006397071s ago: executing program 0 (id=10056):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000910000400e"])
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r4, 0x0, 0x0)
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000080)={0x10001})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

36.488973967s ago: executing program 0 (id=10059):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0) (rerun: 32)
syz_open_dev$sg(&(0x7f0000001180), 0xf474, 0x4800) (async, rerun: 64)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) (rerun: 64)
dup2(r1, r0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0x2000)=nil, 0x930, 0x1000009, 0x16831, 0xffffffffffffffff, 0x0) (async)
openat$dsp(0xffffffffffffff9c, &(0x7f0000002440), 0x82000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xc0800, 0x0) (async, rerun: 64)
r2 = openat$binfmt_format(0xffffff9c, &(0x7f0000000240)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) (async, rerun: 64)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB='-'], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
write$binfmt_format(r2, &(0x7f0000000000)='0\x00', 0x2)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/reserved_size', 0x141a82, 0x1c4) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r5, 0x0) (async)
write$cgroup_int(r4, &(0x7f0000000040)=0x900, 0x12)

35.986072909s ago: executing program 0 (id=10064):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x129600, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r2, 0x0, 0x80402, 0x41)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000380), 0x1, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x0)
ioctl$SG_SCSI_RESET(r4, 0x2283, 0x1000000000000)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000003c0)={0x0, 0x0, 0x5, 0x7ff})
read(r0, &(0x7f0000000100)=""/160, 0xa0)

35.550537132s ago: executing program 0 (id=10066):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pwritev(r0, &(0x7f0000000b00)=[{&(0x7f0000000100)="010000005cc135121e58e6d23b58765bc592fd71b19c05d42faf337052402ce7f05b0cc598bdfa5c764d4fa7d4851146c45fa801224f584e25daa2c6e13e0e3002f50b275e280221a9972639c4820848a2c97e2ae425e574fcb6f40a392cd788af17c0e9b4a21e623aea4797da0593", 0x4}, {0x0, 0xffffff56}, {&(0x7f0000000000)="ba70de013ead54a64ba4716a32cd38f5f539bb66d45ddb4badcba263146f9e4ff7c8b44b1f3eed131a11f36af74202eb7d1b1314ae7c8ddaafb1199c8a", 0x11}, {&(0x7f00000003c0)="f57cac9ffd4700badc6f0a862276f904d7f173aff011bca7f204f01fc8d551a8c4912c52f8281998be20ede3b8cb4af86a03f07b55823d63e4be7c68c1a973402bd10f74659b91fdfceb4617364fa5ee3fc735f750b54c5a05ebf2e6419c880cbdccd64016ed0a2f21519135b6ad46a6a67f8cd5f8191f8bea6e0398be33491b45d8c8922e8829477fc32df1eef918d5876ff78b89a1"}, {&(0x7f0000000900)="46ddb7fd40427f94dc1189b126d3279ed02b384683089250450253381cd9f37192334acdb9f101c444626fd406180e0594677bfde9846ff6c3eead32a65a8efdca4d8f86a7858568b9b728714dcd307c27fa7b89fe3cf5dc4241d0679a06609e843c9b610d835f9cf1354538abfc5288fbf696fa6b8a1a23c87f1271c28172ef1e492d256d1d88a309da9bec024144a813b7d1e80eb03d4b6b349c81bd6b22e238586fb3a3902b69e4d83e2b253cfaff084aad228bff8a64b4", 0xfffffffffffffde8}, {&(0x7f00000009c0)="109b1e79f7a55e366b53aa93fc651d77f43258dc13f88b87d61f8b230fa0d0b370d1c48622c360f2c91e2576546df4a97f90b3dadead089e70212f8a94fdb29fb0b18c40474295843fd7d65f80e4d313db30fb2e1fbac29fb11856"}, {&(0x7f0000000a40)="40b991110b7c2b4e17b03ddde889d90ac678cb761cd90c77b88f02941e45672d33d215e3c2908c8e3ffcbfe0a53d950bbd72f5aa203a605fec8a5138ae1cbea0aaf340412f5d57f24df6bef999a9443e96d271eb501cfae463825ab9d62bbfc9728f715bbc3c65bbf258834a9ab31d86547142a5cf8eed870565959e1565e34df6cdc6107afd7138be9ee3f5d3b929a2aec38d"}], 0x3, 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8600, 0x0)
read(r1, &(0x7f00000001c0)=""/157, 0x9d)

35.320894495s ago: executing program 0 (id=10068):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'veth1_vlan\x00', 0x5})
ioctl$TUNSETPERSIST(r1, 0x400454c9, 0x1)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
read$rfkill(r2, &(0x7f00000000c0), 0x4)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_REINJECT_CONTROL(r5, 0xae71, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
close(0xffffffffffffffff)
r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x512a4c2b})
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r7, 0x40045532, &(0x7f0000000040)=0x7)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
r9 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r9, 0xc0884113, &(0x7f0000000080)={0x1, 0xfffffffa, 0x0, 0x8, 0x8000, 0x7, 0x1, 0xfffffffffffffe00, 0x0, 0x1, 0xfffffffe, 0x2})
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r2, 0xc1004111, &(0x7f0000000300)={0xf5, [0xffffffff, 0x7fffffff, 0x101], [{0xd, 0xd, 0x1, 0x0, 0x0, 0x1}, {0x2, 0x4, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x3, 0x8001, 0x1, 0x1, 0x1}, {0x0, 0x401, 0x0, 0x1, 0x0, 0x1}, {0x1, 0x71de5789, 0x1, 0x1, 0x0, 0x1}, {0x1ff, 0x1, 0x1, 0x1, 0x1, 0x1}, {0x0, 0x7, 0x1, 0x0, 0x0, 0x1}, {0x8, 0xfffffffd, 0x0, 0x0, 0x1}, {0x5, 0x3}, {0x1, 0x8}, {0x6, 0x1, 0x0, 0x0, 0x1, 0x1}], 0x2})
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x2a382)
close(0x3)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

20.15911949s ago: executing program 41 (id=10068):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'veth1_vlan\x00', 0x5})
ioctl$TUNSETPERSIST(r1, 0x400454c9, 0x1)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
read$rfkill(r2, &(0x7f00000000c0), 0x4)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_REINJECT_CONTROL(r5, 0xae71, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
close(0xffffffffffffffff)
r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x512a4c2b})
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r7, 0x40045532, &(0x7f0000000040)=0x7)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
r9 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r9, 0xc0884113, &(0x7f0000000080)={0x1, 0xfffffffa, 0x0, 0x8, 0x8000, 0x7, 0x1, 0xfffffffffffffe00, 0x0, 0x1, 0xfffffffe, 0x2})
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r2, 0xc1004111, &(0x7f0000000300)={0xf5, [0xffffffff, 0x7fffffff, 0x101], [{0xd, 0xd, 0x1, 0x0, 0x0, 0x1}, {0x2, 0x4, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x3, 0x8001, 0x1, 0x1, 0x1}, {0x0, 0x401, 0x0, 0x1, 0x0, 0x1}, {0x1, 0x71de5789, 0x1, 0x1, 0x0, 0x1}, {0x1ff, 0x1, 0x1, 0x1, 0x1, 0x1}, {0x0, 0x7, 0x1, 0x0, 0x0, 0x1}, {0x8, 0xfffffffd, 0x0, 0x0, 0x1}, {0x5, 0x3}, {0x1, 0x8}, {0x6, 0x1, 0x0, 0x0, 0x1, 0x1}], 0x2})
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x2a382)
close(0x3)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

7.704769399s ago: executing program 8 (id=10269):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r3, 0x0, <r4=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r2, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20ffa000})
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r5, 0x227a, &(0x7f0000000040))
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082) (async)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0x19}) (async)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000}) (async)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r3, 0x0, 0xffffffffffffffff, 0x1}) (async)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r2, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20ffa000}) (async)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) (async)
ioctl$SG_SET_RESERVED_SIZE(r5, 0x227a, &(0x7f0000000040)) (async)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async)
read$FUSE(r1, 0x0, 0x0) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (async)
dup(r6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0) (async)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600}) (async)

7.201992122s ago: executing program 8 (id=10275):
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x40)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x1a)
r1 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000100)={&(0x7f0000000080), &(0x7f00000000c0)=""/20, 0x14})
r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0x200000, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r2, 0x80045515, &(0x7f0000000180)={0x7})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400})
ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000280)={&(0x7f0000000200), &(0x7f0000000240)=""/13, 0xd})
ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f00000002c0)={'veth1_vlan\x00'})
r3 = syz_open_dev$video4linux(&(0x7f0000000300), 0x80000001, 0x40)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000400)={0x80, 0x12, 0x4, 0x5, 0x9c, 0x9, &(0x7f0000000340)="9411097e34be35e3e221a2c1e551bf207e74addb7392a063442a3ab737d1835405ef568542c4988a2148c032c765bb3d9a68a0c6ae7544a01e521792c78eb96ee19e76ff7774fdac178f84b23047997af5049eee408d94a6abd4029203e02af6217b4ead0d228027a11a6794e4108ed4bf3f7cf150507916cd35d2ad54612907ebaa29e16be6888b563053ebe2f54fffb31c8db7ce2754d42e322d7e"})
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000440))
ioctl$SG_SET_KEEP_ORPHAN(r2, 0x2287, &(0x7f0000000480)=0x7f)
ioctl$USBDEVFS_WAIT_FOR_RESUME(r2, 0x5523)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000004c0), 0x101000, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
preadv(r5, &(0x7f0000000c40)=[{&(0x7f0000000540)=""/147, 0x93}, {&(0x7f0000000600)=""/215, 0xd7}, {&(0x7f0000000700)=""/234, 0xea}, {&(0x7f0000000800)=""/114, 0x72}, {&(0x7f0000000880)=""/249, 0xf9}, {&(0x7f0000000980)=""/113, 0x71}, {&(0x7f0000000a00)=""/88, 0x58}, {&(0x7f0000000a80)=""/129, 0x81}, {&(0x7f0000000b40)=""/201, 0xc9}], 0x9, 0x7, 0xfff)
ioctl$VHOST_VDPA_GET_VQS_COUNT(r2, 0x8004af80, &(0x7f0000000d00))
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000d40)=<r6=>0xffffffffffffffff)
ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0205649, &(0x7f0000000dc0)={0xf000000, 0x7, 0x4, r6, 0x0, &(0x7f0000000d80)={0x990a68, 0xfffffff9, '\x00', @value64=0x4}})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000e00)={<r7=>r6, 0x7ff, 0x3, 0xfffffffffffff801})
ioctl$SG_GET_NUM_WAITING(r4, 0x227d, &(0x7f0000000e40))
ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000e80)={'veth0_to_bridge\x00', 0x200})
ioctl$FIGETBSZ(r5, 0x2, &(0x7f0000000ec0))
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000f80)={0x0, 0x6, 0x0, r7, 0x0, &(0x7f0000000f40)={0xa00001, 0x7fff, '\x00', @p_u8=&(0x7f0000000f00)=0xb}})
openat$cgroup_procs(r7, &(0x7f0000000fc0)='tasks\x00', 0x2, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001000), 0x18200, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r8, 0x40309410, &(0x7f0000001040)={0xde, 0x8, 0x1, 0x9, 0x2, [0x3, 0x20, 0x1, 0x2]})
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r4, 0x40505331, &(0x7f0000001080)={{0x47, 0x6}, {0x83, 0x3}, 0x7, 0x0, 0x6})
openat$cgroup_type(r4, &(0x7f0000001100), 0x2, 0x0)

6.178592589s ago: executing program 8 (id=10280):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8600, 0x0)
read(r0, &(0x7f00000001c0)=""/157, 0x9d)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000001180))
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x12, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000080)=0x3)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f00000000c0)={&(0x7f0000000400)=""/213, 0xd5, 0xfffffffa, 0x5})
write$cgroup_int(r2, &(0x7f0000000340)=0x4, 0x12)
write$UHID_CREATE(r2, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0x0, 0x0, 0x0, 0xb, 0x1, 0x4, 0x3}}, 0x120)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000040)={0x8, 0x3})

5.934686757s ago: executing program 8 (id=10283):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
write$cgroup_pid(r0, &(0x7f0000000000), 0x12)
ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000100)={{}, 0x6})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000140)={0x0, 0x9})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0], 0x1, 0x0, 0x0, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGSERIAL(r4, 0x541e, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
write$cgroup_int(r1, &(0x7f0000000040)=0x900, 0x12)
ioctl$SG_SET_FORCE_PACK_ID(r3, 0x227b, &(0x7f0000000000))

5.411917875s ago: executing program 8 (id=10285):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xffffffffffffffda, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x4, 0x1, {0x6, 0x7, 0x100000005, 0x400000000000000, 0xcb, 0x5, 0x101, 0x47, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

4.675050191s ago: executing program 5 (id=10287):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x42c400, 0x0)
dup(0xffffffffffffffff)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x8000000})
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r3, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "950e086e0000000000000010000000040100"})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000500)={0x28, 0x6, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x80000001})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r2})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

4.669925374s ago: executing program 8 (id=10288):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000007a80), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000500)={"a0453822", 0x0, 0x6, 0x2, 0x0, 0x0, "3377f877c734c4f928875ab8db00", "000100", "0200", "be4d22a4", ["c38600008000080000e6fc00", "51f3541a910080ffffcb3a10", "2ce50f8a285d9500c522afe1"]})
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r1, 0x4068aea3, &(0x7f0000000000)) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x87be6d950ac8e63e, 0xffffffffffffffff, 0x0) (async)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) (async)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000789000/0x2000)=nil, r3, 0x100000c, 0x10, r4, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mmap(&(0x7f0000789000/0x3000)=nil, 0x3000, 0x5a051feb1f984a1d, 0x202812, r5, 0x98346000)

3.538619797s ago: executing program 6 (id=10289):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000080)={0x80, 0x2, 0xc8, 0x40})
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x1, 0x0, 0x5})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)

2.900805765s ago: executing program 5 (id=10291):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async, rerun: 64)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (rerun: 64)
mmap(&(0x7f000085d000/0x4000)=nil, 0x4000, 0x3000004, 0x20000000ec071, r0, 0x1000000000000000) (async)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000200)={0x4376ea830d56d49d}) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r6 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
mmap(&(0x7f0000a22000/0x1000)=nil, 0x1000, 0x2, 0x110, r6, 0x96923000) (async)
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x5)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"]) (async)
mmap$usbfs(&(0x7f00002e4000/0x1000)=nil, 0x1000, 0x2, 0x4000010, r1, 0x4)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r10=>0x0}) (async)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f00000002c0)={0x1, 0x7fffffff, 0x2, 0x5, 0x1ff, 0x81})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r10, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r9, 0x0, <r11=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r11, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x38c5f2})
ioctl$IOMMU_IOAS_UNMAP$ALL(r8, 0x3b86, &(0x7f0000000080)={0x18, r9}) (async)
openat(r1, 0x0, 0x840, 0x2)

2.526548459s ago: executing program 4 (id=10292):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x8000001})
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r4 = syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
ioctl$int_in(r4, 0x5452, &(0x7f0000001840)=0x5d4)
ioctl$TCSETSW(r3, 0x5403, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000440)=0xb)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

2.447025018s ago: executing program 5 (id=10293):
r0 = syz_open_dev$ndb(&(0x7f0000001f40), 0x0, 0x41)
ioctl$BLKSECDISCARD(r0, 0x127d, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007) (async)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async, rerun: 32)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0) (rerun: 32)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r3, 0x40345410, &(0x7f00000004c0)={{0x3, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xfffffffffffffffd}) (async)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x80605414, 0xffffffffffffffff)
r4 = dup(r2)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b37090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f383b6c090890e0879b0a0ac6e70a9b3361959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) (async, rerun: 64)
openat(r4, &(0x7f0000000000)='./file0\x00', 0x165400, 0x90) (rerun: 64)
openat$iommufd(0xffffffffffffff9c, 0xfffffffffffffffe, 0x101200, 0x0)

2.00463701s ago: executing program 6 (id=10294):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async, rerun: 64)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (rerun: 64)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000500), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}}) (async)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000780)={0x5, 0x20000006, 0x11080, 0x0, 0x4})
read$FUSE(r1, 0x0, 0x0) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r5, 0x4b52, &(0x7f0000000040)={0xfa, &(0x7f0000000000)=[{}]})
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000040)={0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, 0xffffffffffffffff, 0x0) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r6, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x5, "90737f0000ffffffffffffffff1e277fffffeb"}) (async)
r7 = dup(r6)
ioctl$TCSETAF(r7, 0x5408, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x82fa, 0x0, '\x00U\x00'})
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000100)=0xff)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1.938436038s ago: executing program 4 (id=10295):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000001c0))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f00000000c0))
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
mmap(&(0x7f0000788000/0x2000)=nil, 0x2000, 0x2000001, 0x10, r4, 0x67ef6000)
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000)

1.878818767s ago: executing program 5 (id=10296):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0xf)
ioctl$TCFLSH(r3, 0x540b, 0x0)
ioctl$TIOCL_SCROLLCONSOLE(r2, 0x541c, &(0x7f0000000000)={0xd, 0x1})
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "080005000000000078efe78ea700"})
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000007, 0x40010, r2, 0x3c000)

1.539620715s ago: executing program 6 (id=10297):
r0 = syz_open_dev$video4linux(&(0x7f0000001880), 0x5, 0x800)
ioctl$VIDIOC_SUBDEV_G_EDID(r0, 0xc0285628, &(0x7f0000001900)={0x0, 0x0, 0x6, '\x00', 0x0})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x8600, 0x0)
read(r1, &(0x7f00000001c0)=""/157, 0x9d)

1.538396785s ago: executing program 4 (id=10298):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f00000006c0)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
read$FUSE(r1, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000880), 0x1, 0x101001)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, 0x30, 0x0, @in6={0xa, 0x4e23, 0x1, @loopback, 0x5}, @ib={0x1b, 0x0, 0xc, {"7d735931001016095e000303ff010001"}, 0x4}}}, 0x118)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000180)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000240)=[0x0, 0x0, <r6=>0x0], &(0x7f00000001c0), 0x3, r5, 0xeeeeeeee})
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000840)={0x0, 0x1, &(0x7f00000003c0)=[r5], &(0x7f0000000180), &(0x7f0000000400)=[r6], &(0x7f0000000280), 0x0, 0x3ff})
r7 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
r8 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r8, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time={0xffff, 0xa5}, {}, {}, @connect={{0x2, 0x3}, {0x3}}}, {0x0, 0x0, 0x0, 0x0, @time={0x2, 0x2}, {0x0, 0x8}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {0x0, 0xfe}, {}, @connect={{}, {0x0, 0x5}}}], 0x70)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f0000000000)={0x7})

1.370518592s ago: executing program 5 (id=10299):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_REPLACE_IOAS(r0, 0x3ba0, &(0x7f0000000440)={0x48, 0xb, r1})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
read$FUSE(r2, &(0x7f0000002140)={0x2020, 0x0, <r3=>0x0}, 0x2020)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f0000000200)={0x8, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
write$FUSE_DIRENT(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="30007b25ca660000", @ANYRES64=r3, @ANYBLOB="06000000000000000800000000000000020000006e"], 0x30)
pwritev(r1, &(0x7f0000004440)=[{&(0x7f0000000140)="4116ed7278f71532ccbd40b52f90861941157d649cf7732778320a9d8f293b7730aa90a1384a31e55ce3c0db26aa33c28e4edc56beebd76961ff544e66f249369b83d48095369dde64adcbb7024863f8f3e1", 0x52}, {&(0x7f0000000200)="39451ce2bdbea72f19db8052c335ec9d99a3f4de7f9e90e82cb67ec2402360f7ad26a569eb51f6a31459af3aa476430ba469ced15d41a59d7dda1933e21bfc4606342e620749537265f22b6a865b7eaeeb0584", 0x53}, {&(0x7f0000004180)="4f935b2410baef09cf5479b80ff99170a8cb4c878920d8b1bdf6494ac54c524eee198338b62b72bef6a398abcf156fe46bc32d59541b429a8d1853047528d78af6ea5c228c", 0x45}, {&(0x7f0000004200)="8c72cf64aaee19cbb1df1a6ee9efdcc04e55fb2ba4e409ea4a78318e1aeb67c823021a44c188e96bc872e34acda305ee3fb9391bda0b643687f54e2ab30cb392088a1104c15c913ef6fdc2cdfb8fe5141677f6718960155d5767df868721", 0x5e}, {&(0x7f0000000380)="ed7ec6edb55f0a72dc1a0b8651da82c1655e7d1cf11e850d1fe49be41ed643fec1791d85ca2cc422c9959f1c7310491251c9f69a99b7a4c4d3d27d5a4e2d0ab243538882b7c7d5784c2ec5e2772dd0214bae39093c1587071de6ded31c491ecd46796bc86065fe7efa49213b4ba34d5094b624ac7c2ea60c7908839e14ad1cfe1a83bd46a7b98b0b2775c40d6a8e6928dd52afe0c54a82b2081e576587eee6ae81949e6544126634", 0xa8}, {&(0x7f0000004340)="464d8679371d2d2919b87eceb1e3d4571745e8ea6fb3a73473fd9bf61562f6051af5b869656085661f69277a6fdb72dfe62a7f88f25079be27369f4846d0003d2f00302016e65debf50e1d5e14815db7bd58b45ad34420f0f912bd503a77c1f2d28584ea51aacac6cd25a9c9843e4432c89d0f1e319002b192abf6143a0362334d9cce3f1eb8d98596b8d5c9534c050dd0c703b2825d82afcf71153c0ebe2e580ca92b83c99d1abce9810b153c6a966461664cae6657e98d9eb707cd8a4f81dfd2b4c0eb71078c964e851f0c2d98d5c974ff808febea37ab022b1abe8f39308646de380e14ab41292731f9af2f1f8124ffb2e1d275cd4720813d06", 0xfb}, {&(0x7f0000000000)="e2378b48a3eb2cb4b6c2006c8d66d89a701166cca805282223b142c6fdcd620c07e412064eb73fe96bb72e056d44c2", 0x2f}], 0x7, 0x2, 0x9)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000080)={0xa0, 0x0, r3, {{0x1, 0x1, 0x100000000, 0x2, 0x7fffffff, 0x0, {0x5, 0x7, 0xfffffffffffffffa, 0xfffffffffffffff8, 0x0, 0x4b, 0x2, 0x0, 0x3, 0x2000, 0x5, 0xffffffffffffffff, 0x0, 0x2, 0x3}}, {0x0, 0x1}}}, 0xa0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3)
r8 = dup(r7)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x636200, 0x0)
ioctl$PPPIOCGIDLE32(r9, 0x8008743f, &(0x7f0000000340))
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000d004"])
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

1.320777672s ago: executing program 6 (id=10300):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x100)
ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(0xffffffffffffffff, 0xc0389424, &(0x7f0000000200)={0x7a0243b, 0x20, '\x00', 0x1, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0]})
ioctl$CEC_TRANSMIT(r5, 0xc0386105, &(0x7f00000002c0)={0x7, 0x9, 0x2, 0x0, 0x4, 0x9, "2af8d9f7b163121cf016148eaa7c593f", 0xfb, 0x5, 0x3, 0x6, 0x3, 0x9a, 0x80})
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_test', 0x149a82, 0x0)
openat$cgroup_int(r4, &(0x7f0000000240)='io.max\x00', 0x2, 0x0)
read$dsp(r6, &(0x7f00000004c0)=""/201, 0xc9)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000480)={0xfe400000, 0xf020, 0x1, 'queue0\x00', 0x41})
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1.207257479s ago: executing program 4 (id=10301):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x100b, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000740)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}], 0x0, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
openat(r3, 0x0, 0x80402, 0x41)

1.026606113s ago: executing program 5 (id=10302):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000001c0)={0x40001, 0x0, [0xffffffff7fffffff, 0x200000, 0x40, 0x400, 0x0, 0x3, 0x3, 0x10001]})
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000030c0), 0x82200, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000003100)=0x3)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x7f, 0x2})
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r3, 0x0, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001980)={0xb, {"a2e3ad214fc752f9182909094bf70e0dd038e7ff7fc6e5539b324c078b089b32353b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5d50300d074c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r7 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

1.02171577s ago: executing program 6 (id=10303):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100"/24])
r3 = dup(0xffffffffffffffff)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000740)={"e78b7cf8b66effa63c17fd07256f1f4791324e3b5539c73f599ee45622883cb42690a895b70ca6fa52c9c467af5e836436c377cbfa817cf79ceee1e679657073b29a1d3423ea28b5b8bfba5089d413ec13791d738df6f511a20fac70fe56e8f875db20aa7223c4f1e057e41aae32d8e655a0ca656218d65b81c53a3dd03a58eb81632567826d8df761ef4a9eb21d5b4e5258070c4337412808ac629574df733e2b3b392091a31106fe2c9ef034ba27eb0db37afa52a4d315d78a9f30d9699d654f57b6852a3b768daff1fa0e6a46c8af23bebf7e4c14e66f2a0222d255590cb097496a80c0b087772e40f1ad61831a16dc4d748f1888aeb9fe4b24373447c41d9a085b83aa22e54fb00d5a599fa1057621491954a0a990e567a69a9d1741d8bbf8daff841bc036c6721ac60687df21aa4f6139b60838371c3f63258668bebd53e91b9dccc445155b10f367121a35bc68594e4acf1a78572b98322f30cfebc7f4be04625ccf593941caa9e9bd43a580250c40564b76123cffe26dba0a90980b40cf103ee9c51636e9506573317428a7e7cc35653ebcbd10dc34d8564325b84be120cacf9e0485f70dbb8b88a66388067a9433b10ac087d94820caa1d86f740cd9941f30dc5b1c62b747dcf5f22915d928fc5b9784da8ffa8127c7226d560aa9c24441a7a6144c08c856d0f959f031dd6e56fc04b0983e081f1c2fd927a03090eb8df71fdc732eb2a958de118d9979cac2be0477f45b26a85b1d4f03cbec7863cd1e73caf163bf8f26fa86c6bb8cfcced6aa56936cde1337d609e1e7c4bd622269a3976c69a278179eba011088d447b10727e26d136d28864507b9d30166e478a4f4d647003e1a1e9343963954a0ef3358260d40b895979992e0afff0c45805aa6b6b4d50d571d0d8fc9a7d46a6914fc410346db396a410ed2d8324bed96e49c5a81e96a8928e472c99bef28e01838a55f5b3d3d5c95f996991c68fc86fc4b807b56b4de242e8579b99f05e5500a485a62795e8492f43277e47c821ac62d82005a8b22c21af267875c717265d58ab258fc1a4b4deade55751174b8666e38637009a98f1c9554a945074bba1f0de1c81b9e9e08f1728047448934f70feaf636df191a748aa230d1b4574c175e6d11b427868cddf116064a2eba291c581c1498ac651f14d6531c658a6516fb8f4847d878ffb6172784f1513115e9de3844d099644b0f8265183653773652611372a36b5b9aee0d2be8a9ceff8539de33519678aa2b3226915b79cb5e0baca6b587ec672aa908f06ade468f394cf2ee2d3d282667e55ca013a07e7f9d1ec540446622534df6a9ccb984017f100bfbcb20f8cbdf2c6463bd9a0db6ce3b604306253f2c7d708dbbac0055366a845b275a1076e815882972b8474aa92a1cc84aefb38fefd469cc90f1607fd70244bc34c8b68a8ed59378"})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r6=>0x0})
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f00000002c0)={@my=0x0, 0x1})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r7, 0x7ab, &(0x7f00000000c0)={&(0x7f0000000740)={{@my=0x0, 0x3ff}, {@any, 0x40}, 0x400, "3fa341ddb8e7e16df8cf3c297d6391080a64bde76fe672ca603d7161901bd57bcff5f6c63c904c74a8868f579165de4dffdb261e06b2f609000000df93ab57b7454c1c9ba67814d7296e1f9ac85f38f420fd6a874b24b7714fbf1338d9aeb028599c3f8c5be09300e2fc4759258551f66162a924e37b25edf953a8851335f7f81aa08dc182eb1b07bcbf075aac82ca4e0410331570f0b98115777e729b965d58129e1b29a8b3cb2fce665449f7e84bb0a3302538f064664094ba230a663333836d857fd922a32ef1ef4e442a1b702b8f5e091441d12e5432f5528ca1a0fd7402772e6749bbd6fa2ca72fca2f92199266972ee634378a5e3d7294ff148225b49165955b94a0ae99ddf11d91030c60607abea6cd167604597d3d642930e49f063d5c425142d98ccf0869ade3cd115e833b47869b6c2c56fdc953d0f4241f944afb077f7c3d6cc445d74e56736382d696eec2e0eacc498903e8db15d7bd828c18a030ef79f20add55729d8b335f26ea8c1c1858a6bccd0214e9e3c1d1b93f7b1e5adc24b99ee4ca15757cd736df1f282c19c8cb72bbffa503207f5cdb33bfabbf2afc1cc3500c304c6bb2040a0611b29031dd5f1f0f8362abbef4e2479588dd3629b77952cc728a85f0138d7076b095f98ef49878222058506dc89980c8b3be4d916239fef8b64b775f26111864e33b90325d0ecf7030f3add836389fbc1b709b22450b20f4d9f5150211ba5109c1d02caee7163b6e4376e7892c8ecb6d86125333a6caff4396ab57993c1e3813b50fdde148894d80d44fe588767d89dbd0686d44ff3f11d98eaf24a25835e3b8ad80e0375ae6e5e9d41865bbb715991eec6cecd59204bea3bc2af6fbb7183e542014952205edd6e8d87da8b6af0eedc37afb655b110e1ee24d1977bc6f7219621f1ec81e350342bf51dabf5b8640b7c98a77e07265e5661934137d2d8f9ef7a393f8a0df2766a30e75c3a19c2ac63ce3b5c2dbeacd1cec7bf017638ebb3c3c6d1ad9d3978c609e364897777e43bb1284aca78e142e815afb0e3c600d2ccff42d4a7e0c52a2964f6ee96fcc8dd7a584b3fb4193a2d178387823fb237c3f8a8297a567203f536a4310584036aabd35c4b73df453993466ef5d127168d6d870b8e7ddb1a1b23dba0cd071eadd4cebc8c0d91129115410b0d20856cf7c8db740ad1bf463cf0573e5734963eded9636574a66de621146cdb67a86976ef556d94919a67f4de6aa7b601a35a815a83460e14823f32652f1655630b075a785116392dbfe22fe36ade2ad7b4a394ae3ca8c649738f66a1ad09db141af8496b20db2f9a4399f2166a35250b2b0a237fb5943665b7a2fab99d0cea159adebca363e285d2563cd41def34274d9b97d0400464f8cf67ce93834afbc45ff83005e0cf356799a32add8c156dfa13d59a1125de06a0703b3d909a809"}, 0x418, 0xffffff90})
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000240)={0xc})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r6, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r5, 0x3ba0, &(0x7f0000000080)={0x48, 0x8, r8, 0x0, 0x81, 0x5, &(0x7f0000000700)="85653f4534", 0x4})
r9 = syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2)
preadv(r9, &(0x7f0000000080)=[{&(0x7f0000000100)=""/192, 0xc0}], 0x9, 0x0, 0x0)
r10 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r10, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r11=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r10, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r11, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r10, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r11, 0x0, <r12=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r10, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r12, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b, 0x200000000000})
r13 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f0000000280)=@attr_other={0x0, 0xffff, 0x80, &(0x7f0000000200)=0x3})
ioctl$IOMMU_IOAS_ALLOC(r13, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r14=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r13, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r14, 0x0, 0x97, 0x8000000})
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)

835.984183ms ago: executing program 4 (id=10304):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0x4000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

414.477786ms ago: executing program 6 (id=10305):
r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0), 0x83000, 0x0)
ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000100))
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000200), 0x10d200, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc4c85512, &(0x7f0000000780)={{0x5, 0x0, 0x0, 0x0, 'syz1\x00'}})
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r5, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f00000001c0)=0x9)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000280)=0xb3)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000100)=0x9)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000180)=0x1)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000480)={0x18, 0x0, &(0x7f0000000000)=[@clear_death={0x400c630e}, @release], 0x0, 0x0, 0x0})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000001c0)=0x19)
ioctl$TCSETS(r6, 0x404c4701, &(0x7f0000000040)={0xdd35, 0x0, 0x0, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x68, 0x0, &(0x7f00000005c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000400)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r2}, @fda={0x66646185, 0x5, 0x0, 0x27}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}}, @exit_looper, @request_death={0x400c630e, 0x2}, @increfs={0x40046304, 0x1}], 0xa7, 0x0, &(0x7f0000000640)="139e160600ccb0840e216e1bb254da22dce6851b6524c276c35cd94cc69fba773dbb6c1d2bedff3d18af931c1724524e623f0148506e01df16b9feaa7f1adcea8ab3d38604a2e06df60dfc91470a292a1a8630740e876f1ea99364369512fb369c53c8cf9527180837c39522ab1c913b629934d17970940be3a4bdf824173dac16e738f120a280c3eda561e80981a1da63a7895196ae3689da8a65ea473acda727cbc7829b1ab8"})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
read(r7, &(0x7f00000004c0)=""/246, 0xf6)
preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007)

0s ago: executing program 4 (id=10306):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a) (async)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0) (async)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x2, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0) (async, rerun: 64)
read$FUSE(r1, 0x0, 0x0) (async, rerun: 64)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) (async)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
close(0x3) (async)
syz_open_dev$sg(&(0x7f0000000080), 0xf9ba, 0x14b082) (async)
write$FUSE_DIRENT(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="30007b25ca660000", @ANYRES64, @ANYBLOB="06000000000000000800000000000000020000006e"], 0x30) (async, rerun: 32)
r4 = dup(r2) (rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0) (async)
r5 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001ff, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0xfffffff8, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x3, 0x14, 0xfffd}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x20007, 0x0}) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x801, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
r6 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r6, 0xc0287c02, &(0x7f0000000300)={0x80000000, 0x0, &(0x7f0000000480)=[{{}, {<r7=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r6, 0xc0287c02, &(0x7f0000000280)={r7, 0x0, &(0x7f0000000200)=[{{<r8=>0x80000000, <r9=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r6, 0xc0347c03, &(0x7f0000000400)={{0x80000000, r9}, {r8}})
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

kernel console output (not intermixed with test programs):

tl: invalid path supplied for cmd(0xc018937e)
[ 1376.508847][T32536] loop8: detected capacity change from 0 to 7
[ 1376.522971][T32536] Dev loop8: unable to read RDB block 7
[ 1376.529964][T32536]  loop8: unable to read partition table
[ 1376.544244][T32536] loop8: partition table beyond EOD, truncated
[ 1376.560238][T32536] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[ 1376.595737][T32536] vivid-000: =================  START STATUS  =================
[ 1376.603689][T32536] vivid-000: Enable Output Cropping: true
[ 1376.613610][T32536] vivid-000: Enable Output Composing: true
[ 1376.649465][T32536] vivid-000: Enable Output Scaler: false
[ 1376.665119][T32536] vivid-000: Tx RGB Quantization Range: Automatic
[ 1376.689663][T32536] vivid-000: Transmit Mode: HDMI
[ 1376.703066][T32536] vivid-000: Hotplug Present: 0x00000000
[ 1376.720634][T32536] vivid-000: RxSense Present: 0x00000000
[ 1376.744203][T32536] vivid-000: EDID Present: 0x00000000
[ 1376.759302][T32536] vivid-000: ==================  END STATUS  ==================
[ 1376.772876][ T5206] Dev loop8: unable to read RDB block 7
[ 1376.780001][ T5206]  loop8: unable to read partition table
[ 1376.786832][ T5206] loop8: partition table beyond EOD, truncated
[ 1377.319267][T32571] vivid-000: disconnect
[ 1377.522969][T32569] vivid-000: reconnect
[ 1378.097096][T32612] loop6: detected capacity change from 0 to 524287999
[ 1378.181800][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[ 1378.191319][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[ 1378.199836][    C1] Buffer I/O error on dev loop6, logical block 1, lost async page write
[ 1381.154409][T32748] relay: one or more items not logged [item size (48) > sub-buffer size (6)]
[ 1384.929571][  T428] hub 6-0:1.0: USB hub found
[ 1384.949438][  T428] hub 6-0:1.0: 1 port detected
[ 1386.194926][  T478] CUSE: DEVNAME unspecified
[ 1386.695899][  T505] syz.9.8125: attempt to access beyond end of device
[ 1386.695899][  T505] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1387.286377][  T531] CUSE: unknown device info ""
[ 1387.291475][  T531] CUSE: DEVNAME unspecified
[ 1387.696184][  T543] ALSA: mixer_oss: invalid OSS volume ''
[ 1388.794194][T16180] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1388.800974][ T5839] Bluetooth: hci4: command 0x1003 tx timeout
[ 1389.825829][  T663] syz.6.8156: attempt to access beyond end of device
[ 1389.825829][  T663] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1389.826699][   T30] audit: type=1400 audit(1750329773.757:48): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name="/proc/thread-self/attr/current" pid=662 comm="syz.1.8157"
[ 1389.965328][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1389.972837][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.043876][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.051507][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.082544][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.115358][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.122857][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.161150][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.173871][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.191602][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.205176][  T671] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1390.213249][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.231216][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.244271][  T666] input: syz0 as /devices/virtual/input/input322
[ 1390.282707][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.321548][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.335527][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.397619][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.407765][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.443858][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.462404][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.489362][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.517474][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.532874][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.550380][  T687] loop4: detected capacity change from 0 to 7
[ 1390.560215][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.573772][  T687] Dev loop4: unable to read RDB block 7
[ 1390.579548][  T687]  loop4: unable to read partition table
[ 1390.587232][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.596768][  T687] loop4: partition table beyond EOD, truncated
[ 1390.603026][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.614608][  T687] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1390.635548][    C0] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[ 1390.638447][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.645045][    C0] Buffer I/O error on dev loop4, logical block 0, lost async page write
[ 1390.668040][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.687705][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.698795][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.710020][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.720574][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.749518][ T5848] hid-generic 0008:0000:0000.0010: unknown main item tag 0x0
[ 1390.766482][ T5848] hid-generic 0008:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1390.976292][  T708] fido_id[708]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1390.991548][  T716] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1391.061047][  T716] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1391.261398][  T743] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1392.776553][  T821] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1394.086710][  T867] loop6: detected capacity change from 0 to 4194303
[ 1394.106979][  T869] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1394.149211][    C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[ 1394.158780][    C0] Buffer I/O error on dev loop6, logical block 0, lost async page write
[ 1394.189529][    C0] I/O error, dev loop6, sector 8 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[ 1394.199054][    C0] Buffer I/O error on dev loop6, logical block 1, lost async page write
[ 1394.208075][    C1] I/O error, dev loop6, sector 8 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[ 1394.217576][    C1] Buffer I/O error on dev loop6, logical block 1, lost async page write
[ 1395.411268][  T934] random: crng reseeded on system resumption
[ 1395.887706][  T977] binder: 976:977 ioctl 40047211 200000000b80 returned -22
[ 1396.597526][ T1092] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1397.866731][ T1189] binder: 1187:1189 ioctl c00c6211 0 returned -14
[ 1398.929964][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.929964][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.935726][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.935726][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.936721][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.936721][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.940193][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.940193][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.942160][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.942160][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.945331][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.945331][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.949217][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.949217][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.953216][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.953216][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1398.953740][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1398.953740][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1399.138773][ T1276] syz.6.8236: attempt to access beyond end of device
[ 1399.138773][ T1276] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1400.125542][ T1407] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1400.163415][ T1407] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1400.264911][ T1429] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1400.272933][ T1428] hub 1-0:1.0: USB hub found
[ 1400.284686][ T1428] hub 1-0:1.0: 1 port detected
[ 1400.462076][ T1444] No buffer was provided with the request
[ 1400.851506][ T1451] ALSA: seq fatal error: cannot create timer (-19)
[ 1400.861251][   T30] audit: type=1800 audit(1750329784.787:49): pid=1460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.8253" name="dmabuf" dev="dmabuf" ino=61 res=0 errno=0
[ 1401.392155][ T1490] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1401.414719][ T1490] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1402.825818][ T1554] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1402.877068][ T1554] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1406.535223][ T1687] vivid-000: =================  START STATUS  =================
[ 1406.555471][ T1687] vivid-000: Test Pattern: 100% Colorbar
[ 1406.570564][ T1687] vivid-000: Fill Percentage of Frame: 4
[ 1406.579352][ T1687] vivid-000: Horizontal Movement: Move Left Slow
[ 1406.590825][ T1687] vivid-000: Vertical Movement: Move Up Slow
[ 1406.604617][ T1687] vivid-000: OSD Text Mode: Counters Only
[ 1406.611762][ T1687] vivid-000: Show Border: true
[ 1406.620854][ T1687] vivid-000: Show Square: true
[ 1406.629286][ T1687] vivid-000: Sensor Flipped Horizontally: true
[ 1406.664391][ T1687] vivid-000: Sensor Flipped Vertically: true
[ 1406.678774][ T1687] vivid-000: Insert SAV Code in Image: true
[ 1406.692800][ T1687] vivid-000: Insert EAV Code in Image: false
[ 1406.704902][ T1687] vivid-000: Insert Video Guard Band: true
[ 1406.729854][ T1687] vivid-000: Reduced Framerate: true
[ 1406.736819][ T1687] vivid-000: HDMI 000-0 Is Connected To: None
[ 1406.743129][ T1687] vivid-000: S-Video 000-0 Is Connected To: None
[ 1406.750176][ T1687] vivid-000: Enable Capture Cropping: true
[ 1406.756689][ T1687] vivid-000: Enable Capture Composing: false
[ 1406.764449][ T1687] vivid-000: Enable Capture Scaler: false
[ 1406.770395][ T1687] vivid-000: Timestamp Source: Start of Exposure
[ 1406.777351][ T1687] vivid-000: Colorspace: SMPTE 170M
[ 1406.782838][ T1687] vivid-000: Transfer Function: sRGB
[ 1406.843066][ T1687] vivid-000: Y'CbCr Encoding: ITU-R 601
[ 1406.849778][ T1687] vivid-000: HSV Encoding: Hue 0-256
[ 1406.855603][ T1687] vivid-000: Quantization: Limited Range
[ 1406.861489][ T1687] vivid-000: Apply Alpha To Red Only: true
[ 1406.869338][ T1687] vivid-000: Standard Aspect Ratio: 14x9
[ 1406.876949][ T1687] vivid-000: DV Timings Signal Mode: Out of Range inactive
[ 1406.890272][ T1687] vivid-000: DV Timings: 4096x2160p60 inactive
[ 1406.899027][ T1687] vivid-000: DV Timings Aspect Ratio: 14x9
[ 1406.907430][ T1687] vivid-000: Maximum EDID Blocks: 256
[ 1406.912989][ T1687] vivid-000: Limited RGB Range (16-235): false
[ 1406.919906][ T1687] vivid-000: Rx RGB Quantization Range: RGB Full Range (0-255)
[ 1406.927885][ T1687] vivid-000: Power Present: 0x00000000
[ 1406.933621][ T1687] tpg source WxH: 720x576 (Y'CbCr)
[ 1406.941264][ T1687] tpg field: 4
[ 1406.947384][ T1687] tpg crop: (0,0)/16x16
[ 1406.951653][ T1687] tpg compose: (0,0)/16x16
[ 1406.962142][ T1687] tpg colorspace: 9
[ 1406.968871][ T1687] tpg transfer function: 2/2
[ 1406.973576][ T1687] tpg Y'CbCr encoding: 1/1
[ 1406.978248][ T1687] tpg quantization: 2/2
[ 1406.982516][ T1687] tpg RGB range: 0/2
[ 1406.986750][ T1687] vivid-000: ==================  END STATUS  ==================
[ 1407.677205][ T1729] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1407.748405][ T1729] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1408.027482][ T1742] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1408.089562][ T1747] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1408.460603][ T1757] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1408.600161][ T1763] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1410.082216][ T1821] bio_check_eod: 23 callbacks suppressed
[ 1410.082238][ T1821] syz.9.8313: attempt to access beyond end of device
[ 1410.082238][ T1821] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1410.542886][ T1834] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1412.055039][ T1879] syz.9.8324: attempt to access beyond end of device
[ 1412.055039][ T1879] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1412.553568][ T1892] vivid-002: disconnect
[ 1413.024862][ T1891] vivid-002: reconnect
[ 1413.397552][ T1912] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1413.673035][ T1922] usb usb1: usbfs: interface 0 claimed by hub while 'syz.8.8333' sets config #1
[ 1414.495324][ T1937] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1414.555527][ T1937] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1414.809084][ T1964] [U] ^R
[ 1415.187090][ T1986] input: syz1 as /devices/virtual/input/input325
[ 1415.725220][   T30] audit: type=1400 audit(1750329799.647:50): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=1999 comm="syz.1.8346"
[ 1417.813894][   T30] audit: type=1400 audit(1750329801.737:51): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=2054 comm="syz.1.8358"
[ 1417.832897][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1417.873758][ T2058] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1418.836773][   T30] audit: type=1400 audit(1750329802.767:52): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=2092 comm="syz.1.8366"
[ 1419.272580][ T2104] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1419.318341][ T2109] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1420.299100][ T2144] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1423.124931][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.131314][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.289488][ T2239] binder: 2236:2239 ioctl 400c620e 9999999999999999 returned -14
[ 1423.503569][ T2253] nvme_fabrics: unknown parameter or missing value '0x0000000000000005' in ctrl creation request
[ 1424.367211][ T2283] sp0: Synchronizing with TNC
[ 1424.432301][ T2283] Bluetooth: hci4: Frame reassembly failed (-90)
[ 1424.446558][ T2283] program syz.1.8407 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1424.867576][ T2304] input: syz1 as /devices/virtual/input/input327
[ 1425.943597][ T2342] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1425.972729][ T2342] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1426.474041][T16180] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1426.474055][ T5839] Bluetooth: hci4: command 0x1003 tx timeout
[ 1426.544472][ T2282] [U] è
[ 1428.809618][ T2445] CUSE: info not properly terminated
[ 1430.921379][ T2488] tty tty37: ldisc open failed (-12), clearing slot 36
[ 1432.452670][ T2571] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1432.693040][ T2585] dlm: no locking on control device
[ 1432.712871][ T2585] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1432.763592][ T2585] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1435.058363][ T2692] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1435.898181][ T2722] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1436.473601][ T2763] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1437.162383][ T2783] program syz.6.8493 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1437.173069][ T2783] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1438.554019][ T2763] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1438.560445][T16180] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1439.423069][ T2763] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1439.432498][ T2763] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1439.438911][ T2763] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1439.965108][T24503] hid-generic 0000:0000:0000.0011: unknown main item tag 0x4
[ 1439.982778][T24503] hid-generic 0000:0000:0000.0011: unknown main item tag 0x2
[ 1440.003292][T24503] hid-generic 0000:0000:0000.0011: unknown main item tag 0x3
[ 1440.026018][T24503] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1440.246888][ T2858] fido_id[2858]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1440.644967][T16180] Bluetooth: hci3: command 0x0406 tx timeout
[ 1440.689105][ T2885] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1441.155332][ T2900] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1441.233669][ T2908] usb usb8: usbfs: process 2908 (syz.8.8504) did not claim interface 0 before use
[ 1441.420725][ T2918] kvm: kvm [2915]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x4000000000000001
[ 1441.440163][T16180] Bluetooth: hci1: command 0x0406 tx timeout
[ 1441.523990][T16180] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1445.119849][ T3028] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1446.274250][ T3060] relay: one or more items not logged [item size (64) > sub-buffer size (6)]
[ 1446.713453][ T5907] hid (null): global environment stack underflow
[ 1446.741490][ T5907] hid (null): unknown global tag 0xe
[ 1446.761715][ T5907] hid (null): unknown global tag 0xc2
[ 1446.788115][ T5907] hid-generic 0005:0000:8000.0012: reserved main item tag 0xe
[ 1446.801209][ T5907] hid-generic 0005:0000:8000.0012: global environment stack underflow
[ 1446.830615][ T5907] hid-generic 0005:0000:8000.0012: item 0 4 1 11 parsing failed
[ 1446.847268][ T5907] hid-generic 0005:0000:8000.0012: probe with driver hid-generic failed with error -22
[ 1447.140252][ T3087] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1447.738100][ T3107] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1448.152532][ T3126] binder: 3123:3126 ioctl c0306201 200000000300 returned -22
[ 1448.183474][ T3130] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1449.317747][ T3170] loop6: detected capacity change from 0 to 63
[ 1449.370644][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.420151][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.460910][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.532656][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.563423][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.582917][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.603653][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.623349][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.650515][T26659] ldm_validate_partition_table(): Disk read failed.
[ 1449.673709][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.701722][T26659] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1449.719746][T26659] Dev loop6: unable to read RDB block 0
[ 1449.737423][T26659]  loop6: unable to read partition table
[ 1449.754850][ T3170] ldm_validate_partition_table(): Disk read failed.
[ 1449.765523][ T3170] Dev loop6: unable to read RDB block 0
[ 1449.834749][ T3170]  loop6: unable to read partition table
[ 1449.840733][ T3170] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1450.038436][ T3199] CUSE: info not properly terminated
[ 1450.085259][ T3199] CUSE: info not properly terminated
[ 1450.136625][ T3199] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1450.752879][ T3223] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1451.620155][ T3251] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1452.804403][T16180] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1452.811233][ T5839] Bluetooth: hci4: command 0x1003 tx timeout
[ 1452.996023][ T3297] input: syz0 as /devices/virtual/input/input331
[ 1453.231710][ T3309] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1454.108806][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1454.677071][ T3366] syz.6.8587: attempt to access beyond end of device
[ 1454.677071][ T3366] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1454.841119][ T3375] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1456.154856][ T5839] Bluetooth: hci4: command 0x1003 tx timeout
[ 1456.155891][T16180] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1456.225170][ T3415] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1457.430521][ T3454] binder: 3452:3454 ioctl c0306201 2000000003c0 returned -22
[ 1457.559181][ T3454] input: syz1 as /devices/virtual/input/input332
[ 1457.631696][ T3462] mkiss: ax0: crc mode is auto.
[ 1458.563194][ T3481] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1458.754654][ T3493] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1458.885494][ T3495] input: syz1 as /devices/virtual/input/input333
[ 1459.799912][ T3544] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1460.606533][ T3574] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1462.246718][ T3635] input: syz1 as /devices/virtual/input/input334
[ 1463.174766][ T3658] program syz.9.8637 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1463.841330][ T3683] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.8639' sets config #1
[ 1464.729451][ T3718] mkiss: ax0: crc mode is auto.
[ 1465.013498][ T3732] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1465.033028][ T3731] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 1465.807606][ T3763] input: syz0 as /devices/virtual/input/input337
[ 1465.899435][ T3768] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1467.526127][ T3838] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1468.285958][ T3860] CUSE: info not properly terminated
[ 1468.947926][ T3885] CUSE: DEVNAME unspecified
[ 1469.047481][ T5848] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[ 1469.061857][ T5848] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1469.256677][ T3898] fido_id[3898]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1470.958989][ T3946] syz.6.8692: attempt to access beyond end of device
[ 1470.958989][ T3946] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1471.003525][ T3948] syz.6.8692: attempt to access beyond end of device
[ 1471.003525][ T3948] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1471.060312][ T3956] syz.1.8694: attempt to access beyond end of device
[ 1471.060312][ T3956] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1472.467044][ T4014] input: syz1 as /devices/virtual/input/input338
[ 1473.813215][ T4057] vivid-004: disconnect
[ 1474.670833][ T4054] vivid-004: reconnect
[ 1475.710148][ T4100] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1475.751196][ T4100] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1476.039322][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1476.054515][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1476.071292][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1476.091234][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1476.101474][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1476.195888][ T4124] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1476.741396][ T4150] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1477.028347][ T3463] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1477.583681][ T3463] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1477.913493][ T4213] binder: 4212:4213 ioctl 40046205 0 returned -22
[ 1478.154613][ T5839] Bluetooth: hci4: command tx timeout
[ 1478.253372][ T3463] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1478.323373][ T4216] can0: slcan on ptm0.
[ 1478.374959][ T4265] binder: 4212:4265 ioctl c0306201 0 returned -14
[ 1478.424946][ T4220] binder: 4212:4220 ioctl c0306201 0 returned -14
[ 1478.500161][ T4265] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1478.555323][ T4215] can0 (unregistered): slcan off ptm0.
[ 1478.649009][ T3463] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1478.708392][ T4115] chnl_net:caif_netlink_parms(): no params data found
[ 1478.877867][ T4346] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1478.905826][ T4346] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1479.289701][   T30] audit: type=1400 audit(1750329863.217:53): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=4397 comm="syz.6.8745"
[ 1479.415898][ T4115] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1479.431396][ T4115] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.461912][ T4115] bridge_slave_0: entered allmulticast mode
[ 1479.497703][ T4115] bridge_slave_0: entered promiscuous mode
[ 1479.618460][ T4115] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1479.654561][ T4115] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.677089][ T4115] bridge_slave_1: entered allmulticast mode
[ 1479.705930][ T4115] bridge_slave_1: entered promiscuous mode
[ 1479.914843][ T4420] ALSA: mixer_oss: invalid OSS volume ''
[ 1480.007719][ T4115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1480.155757][ T4473] binder: 4459:4473 ioctl c0306201 2000000003c0 returned -14
[ 1480.234245][ T5839] Bluetooth: hci4: command tx timeout
[ 1480.339028][ T4115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1480.796317][ T3463] bridge_slave_1: left allmulticast mode
[ 1480.802046][ T3463] bridge_slave_1: left promiscuous mode
[ 1480.824752][ T3463] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1480.908209][ T3463] bridge_slave_0: left allmulticast mode
[ 1480.935516][ T3463] bridge_slave_0: left promiscuous mode
[ 1480.941536][ T3463] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1481.529556][ T4525] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1482.314072][ T5839] Bluetooth: hci4: command tx timeout
[ 1482.440835][ T4547] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1483.195177][ T3463] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1483.285768][ T3463] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1483.356987][ T3463] bond0 (unregistering): Released all slaves
[ 1483.401670][ T4115] team0: Port device team_slave_0 added
[ 1483.469175][ T4544] tap0: tun_chr_ioctl cmd 1074025680
[ 1483.490904][ T4115] team0: Port device team_slave_1 added
[ 1484.394088][ T5839] Bluetooth: hci4: command tx timeout
[ 1484.458757][ T4609] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1484.499795][ T4609] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1484.546377][ T4115] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1484.553569][ T4115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1484.564918][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.586194][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.606815][ T4115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1484.621650][ T4115] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1484.628879][ T4115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1484.655518][ T4115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1484.804065][ T4631] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1485.638870][ T4115] hsr_slave_0: entered promiscuous mode
[ 1485.648726][ T4115] hsr_slave_1: entered promiscuous mode
[ 1485.649568][ T4115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1485.649592][ T4115] Cannot create hsr debugfs directory
[ 1486.161868][ T4815] vivid-003: disconnect
[ 1486.246740][ T3463] hsr_slave_0: left promiscuous mode
[ 1486.306412][ T3463] hsr_slave_1: left promiscuous mode
[ 1486.307248][ T3463] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1486.307312][ T3463] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1486.336492][ T3463] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1486.336529][ T3463] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1486.430399][ T3463] veth1_macvtap: left promiscuous mode
[ 1486.430501][ T3463] veth0_macvtap: left promiscuous mode
[ 1486.430721][ T3463] veth1_vlan: left promiscuous mode
[ 1486.430888][ T3463] veth0_vlan: left promiscuous mode
[ 1486.864956][ T4807] vivid-003: reconnect
[ 1487.505435][ T4857] usb usb8: usbfs: process 4857 (syz.9.8773) did not claim interface 32 before use
[ 1488.324758][ T4855] Falling back ldisc for ptm0.
[ 1488.425728][ T4891] syz.8.8778: attempt to access beyond end of device
[ 1488.425728][ T4891] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1489.516022][ T3463] team0 (unregistering): Port device team_slave_1 removed
[ 1489.847472][ T4923] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1490.125698][ T3463] team0 (unregistering): Port device team_slave_0 removed
[ 1490.221523][ T4938] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1490.296560][ T4939] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1491.857563][ T4976] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1494.498393][ T5067] QAT: Device 6 not found
[ 1494.517975][ T5071] QAT: Device 234 not found
[ 1494.600587][ T5061] sp0: Synchronizing with TNC
[ 1495.377503][ T5138] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1496.799616][ T4115] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1496.861031][ T4115] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1496.921857][ T4115] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1497.023088][ T4115] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1497.069798][ T5182] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1497.079593][ T5182] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1497.089063][ T5182] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1497.096145][ T5182] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1497.104624][ T5182] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1497.297715][ T5182] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1497.317828][ T4115] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1497.386387][ T4115] 8021q: adding VLAN 0 to HW filter on device team0
[ 1497.432427][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1497.439679][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1497.472120][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1497.479414][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1497.552475][ T5232] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1498.343704][ T4115] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1498.474281][ T5839] Bluetooth: hci3: command 0x0406 tx timeout
[ 1498.651190][ T4115] veth0_vlan: entered promiscuous mode
[ 1498.715381][ T4115] veth1_vlan: entered promiscuous mode
[ 1498.840573][ T4115] veth0_macvtap: entered promiscuous mode
[ 1498.893700][ T4115] veth1_macvtap: entered promiscuous mode
[ 1498.968138][ T4115] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1499.032780][ T4115] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1499.079664][ T4115] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1499.115810][ T5839] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1499.122037][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1499.128283][T16180] Bluetooth: hci1: command 0x0406 tx timeout
[ 1499.143849][ T4115] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1499.163829][ T4115] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1499.172601][ T4115] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1499.642434][T24062] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1499.688741][T24062] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1499.800966][ T3995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1499.827820][ T3995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1501.194466][ T5839] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1501.766540][ T5365] binder: 5362:5365 ioctl c0306201 0 returned -14
[ 1501.779044][ T5365] binder: 5362:5365 ioctl c0306201 2000000000c0 returned -11
[ 1502.246843][ T5395] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1502.293065][T24062] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1503.274335][T16180] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1504.314289][T16180] Bluetooth: hci0: command 0x1003 tx timeout
[ 1504.322512][ T5839] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1505.111020][ T5474] usb usb8: usbfs: process 5474 (syz.8.8850) did not claim interface 0 before use
[ 1505.910760][ T5907] hid-generic 0000:0000:0000.0014: item fetching failed at offset 0/1
[ 1505.931435][ T5907] hid-generic 0000:0000:0000.0014: probe with driver hid-generic failed with error -22
[ 1506.886770][ T5534] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 1507.241517][ T5546] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1507.701993][ T5571] sp0: Synchronizing with TNC
[ 1507.979646][ T5588] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[ 1507.992531][ T3463] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1509.095509][ T5630] program syz.1.8875 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1509.110726][ T5630] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1509.111629][ T5633] binder: 5632:5633 ioctl 40046205 0 returned -22
[ 1509.142385][ T5633] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1510.004225][T16180] Bluetooth: hci0: command 0x1003 tx timeout
[ 1510.012312][ T5839] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1511.408749][ T5696] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1512.331780][ T5745] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1514.066639][ T5808] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1514.259977][ T5821] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1514.272185][ T5821] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1514.523926][ T5840] sp0: Synchronizing with TNC
[ 1514.570637][ T5838] [U] è
[ 1514.816416][ T5846] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1515.351385][ T5880] program syz.6.8920 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1519.010057][ T5989] random: crng reseeded on system resumption
[ 1519.826569][T16180] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1519.836337][T16180] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1519.857920][T16180] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1519.866987][T16180] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1519.878337][T16180] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1521.320822][ T6005] chnl_net:caif_netlink_parms(): no params data found
[ 1521.916009][T16180] Bluetooth: hci0: command tx timeout
[ 1522.496911][ T6005] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1522.522390][ T6005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1522.541274][ T6005] bridge_slave_0: entered allmulticast mode
[ 1522.580020][ T6005] bridge_slave_0: entered promiscuous mode
[ 1522.589555][ T6005] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1522.598085][ T6005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1522.605787][ T6005] bridge_slave_1: entered allmulticast mode
[ 1522.614342][ T6005] bridge_slave_1: entered promiscuous mode
[ 1522.857686][ T6005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1522.886056][ T6005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1522.925147][ T6272] vivid-003: disconnect
[ 1522.938993][ T6272] usb usb1: usbfs: process 6272 (syz.1.8949) did not claim interface 19 before use
[ 1523.112655][ T6005] team0: Port device team_slave_0 added
[ 1523.127093][ T6005] team0: Port device team_slave_1 added
[ 1523.306919][ T6005] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1523.324282][ T6005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1523.351416][ T6005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1523.367909][ T6005] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1523.376112][ T6005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1523.407542][ T6005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1523.496005][ T6347] snd_aloop snd_aloop.0: control 3:5:0:syz1:12 is already present
[ 1523.650468][ T6354] usb usb1: usbfs: process 6354 (syz.8.8957) did not claim interface 0 before use
[ 1523.738941][ T6264] vivid-003: reconnect
[ 1523.838542][ T6005] hsr_slave_0: entered promiscuous mode
[ 1523.855320][ T6005] hsr_slave_1: entered promiscuous mode
[ 1523.874578][ T6005] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1523.892925][ T6005] Cannot create hsr debugfs directory
[ 1524.005151][T16180] Bluetooth: hci0: command tx timeout
[ 1526.042281][ T6505] syz.8.8965: attempt to access beyond end of device
[ 1526.042281][ T6505] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1526.084499][T16180] Bluetooth: hci0: command tx timeout
[ 1527.532318][ T6564] binder: 6563:6564 ioctl c018620c 200000000000 returned -22
[ 1527.643565][ T6573] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1528.175536][T16180] Bluetooth: hci0: command tx timeout
[ 1528.423463][ T6005] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1528.532567][ T6005] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1528.633093][ T6005] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1528.688677][ T6005] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1529.129272][ T6005] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1529.318049][ T6005] 8021q: adding VLAN 0 to HW filter on device team0
[ 1529.427115][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1529.434385][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1529.563523][ T2071] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1529.570805][ T2071] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1529.608196][ T6631] loop6: detected capacity change from 0 to 524287999
[ 1529.711876][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1529.748462][ T6631] buffer_io_error: 27 callbacks suppressed
[ 1529.748483][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1529.821444][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1529.841247][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1529.852560][ T6655] usb usb8: usbfs: process 6655 (syz.8.8981) did not claim interface 0 before use
[ 1529.878690][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1529.953969][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1529.991603][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1530.013233][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1530.042531][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1530.089042][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1530.126308][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1530.172004][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1530.191160][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1530.235645][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1530.267053][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1530.334255][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1530.382871][ T6631] ldm_validate_partition_table(): Disk read failed.
[ 1530.469711][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1530.536687][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1530.581429][ T6631] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1530.609196][ T6005] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1530.626032][ T6631] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1530.658778][ T6631] Dev loop6: unable to read RDB block 0
[ 1530.675514][ T6631]  loop6: unable to read partition table
[ 1530.703264][ T6631] loop_reread_partitions: partition scan of loop6 (ÿŸ¾‚³˜±Ä6�tPΪŔ±³×AÝÁ¬8ï*V^ñè3c) failed (rc=-5)
[ 1530.733784][ T6005] veth0_vlan: entered promiscuous mode
[ 1530.773038][ T6005] veth1_vlan: entered promiscuous mode
[ 1530.930868][ T6005] veth0_macvtap: entered promiscuous mode
[ 1530.984676][ T6005] veth1_macvtap: entered promiscuous mode
[ 1531.022946][ T6005] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1531.086336][ T6005] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1531.139513][ T6005] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1531.184397][ T6005] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1531.193167][ T6005] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1531.233971][ T6005] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1531.632333][ T6701] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1531.974141][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1531.992406][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1532.290808][ T3995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1532.314269][ T3995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1532.841814][ T6759] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1533.246264][ T6777] syz.6.8994: attempt to access beyond end of device
[ 1533.246264][ T6777] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1533.562516][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1534.351364][ T6809] sysfs: cannot create duplicate filename '/devices/virtual/tty/gsmtty1'
[ 1534.369807][ T6809] CPU: 0 UID: 0 PID: 6809 Comm: syz.1.8998 Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) 
[ 1534.369837][ T6809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1534.369848][ T6809] Call Trace:
[ 1534.369857][ T6809]  <TASK>
[ 1534.369865][ T6809]  dump_stack_lvl+0x189/0x250
[ 1534.369894][ T6809]  ? kernfs_path_from_node+0x2c/0x260
[ 1534.369917][ T6809]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1534.369939][ T6809]  ? __pfx__printk+0x10/0x10
[ 1534.369964][ T6809]  ? kernfs_path_from_node+0x2c/0x260
[ 1534.369982][ T6809]  ? kernfs_path_from_node+0x2c/0x260
[ 1534.370002][ T6809]  ? kernfs_path_from_node+0x22c/0x260
[ 1534.370019][ T6809]  ? kernfs_path_from_node+0x2c/0x260
[ 1534.370040][ T6809]  sysfs_create_dir_ns+0x259/0x280
[ 1534.370072][ T6809]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1534.370103][ T6809]  ? do_raw_spin_unlock+0x122/0x240
[ 1534.370135][ T6809]  kobject_add_internal+0x59f/0xb40
[ 1534.370168][ T6809]  kobject_add+0x155/0x220
[ 1534.370195][ T6809]  ? __pfx_kobject_add+0x10/0x10
[ 1534.370217][ T6809]  ? do_raw_spin_unlock+0x122/0x240
[ 1534.370248][ T6809]  ? get_device_parent+0x366/0x3a0
[ 1534.370274][ T6809]  device_add+0x408/0xb50
[ 1534.370301][ T6809]  tty_register_device_attr+0x3fe/0x8f0
[ 1534.370333][ T6809]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1534.370364][ T6809]  ? tty_port_init+0x136/0x1a0
[ 1534.370385][ T6809]  ? gsm_dlci_alloc+0x32a/0x640
[ 1534.370409][ T6809]  gsm_activate_mux+0x110/0x2a0
[ 1534.370435][ T6809]  gsmld_ioctl+0x1261/0x1870
[ 1534.370466][ T6809]  ? __pfx_gsmld_ioctl+0x10/0x10
[ 1534.370496][ T6809]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[ 1534.370537][ T6809]  ? __pfx_gsmld_ioctl+0x10/0x10
[ 1534.370554][ T6809]  tty_ioctl+0x9c6/0xde0
[ 1534.370572][ T6809]  ? __pfx_tty_ioctl+0x10/0x10
[ 1534.370589][ T6809]  __se_sys_ioctl+0xfc/0x170
[ 1534.370612][ T6809]  do_syscall_64+0xfa/0x3b0
[ 1534.370628][ T6809]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1534.370654][ T6809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1534.370671][ T6809]  ? clear_bhb_loop+0x60/0xb0
[ 1534.370693][ T6809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1534.370710][ T6809] RIP: 0033:0x7fb60d58e929
[ 1534.370726][ T6809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1534.370742][ T6809] RSP: 002b:00007fb60b3b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1534.370762][ T6809] RAX: ffffffffffffffda RBX: 00007fb60d7b6160 RCX: 00007fb60d58e929
[ 1534.370775][ T6809] RDX: 0000200000000040 RSI: 00000000404c4701 RDI: 0000000000000007
[ 1534.370795][ T6809] RBP: 00007fb60d610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1534.370807][ T6809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1534.370818][ T6809] R13: 0000000000000001 R14: 00007fb60d7b6160 R15: 00007fffa433abd8
[ 1534.370849][ T6809]  </TASK>
[ 1534.370877][ T6809] kobject: kobject_add_internal failed for gsmtty1 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1534.642656][ T6823] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1535.596308][ T5839] Bluetooth: hci5: command 0xfc11 tx timeout
[ 1535.603692][T16180] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[ 1535.829448][ T6967] can0: slcan on pty36.
[ 1536.126690][ T6967] can0 (unregistered): slcan off pty36.
[ 1537.250421][ T7031] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1537.926780][ T7051] [U] ^C
[ 1538.205232][ T7061] CUSE: info not properly terminated
[ 1539.274057][ T5839] Bluetooth: hci5: command 0x1003 tx timeout
[ 1539.281442][T16180] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1539.945996][ T7122] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1540.029410][ T7122] sp0: Synchronizing with TNC
[ 1540.220663][ T7137] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1543.225902][ T7252] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1545.180227][ T7328] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1546.006856][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.013256][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1547.383113][ T7414] sp0: Synchronizing with TNC
[ 1547.698906][ T7413] [U] è
[ 1548.951940][ T7469] can0: slcan on ptm0.
[ 1549.134501][ T7465] can0 (unregistered): slcan off ptm0.
[ 1549.204876][ T7489] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1549.212487][ T7488] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1549.659583][ T7511] dlm: no locking on control device
[ 1553.175481][ T7653] binder: 7652:7653 ioctl c0306201 200000000500 returned -22
[ 1553.302989][ T7662] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1553.666604][ T7680] input: syz0 as /devices/virtual/input/input346
[ 1553.741615][   T36] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 1
[ 1553.764812][ T2071] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1555.000577][ T7713] syz.3.9105: attempt to access beyond end of device
[ 1555.000577][ T7713] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1555.754747][ T5839] Bluetooth: hci5: command 0x1003 tx timeout
[ 1555.761367][T16180] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1556.026997][ T7756] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 1557.152094][ T7786] binder: 7785:7786 ioctl c0306201 200000000540 returned -22
[ 1558.473361][ T7843] [U] 
[ 1558.852316][ T7855] syz.8.9127: attempt to access beyond end of device
[ 1558.852316][ T7855] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1559.555254][ T7863] loop6: detected capacity change from 0 to 524287999
[ 1559.759054][ T7881] program syz.3.9130 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1562.017631][ T7975] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1562.698400][ T8010] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1564.962314][ T8095] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1565.018746][ T8099] blktrace: Concurrent blktraces are not allowed on nullb0
[ 1565.819201][ T8128] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1568.460090][ T8185] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1568.469563][ T8185] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1568.475955][ T8185] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1568.482160][ T8185] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1568.488512][ T8185] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1568.494635][ T8185] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1568.578807][ T8185] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1569.761416][T16180] Bluetooth: hci3: command 0x0406 tx timeout
[ 1570.049743][ T8255] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1570.483873][T16180] Bluetooth: hci1: command 0x0406 tx timeout
[ 1570.554265][T16180] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1570.554405][T22668] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1570.563827][ T5839] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1571.044788][ T8310] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1572.530694][ T8356] loop6: detected capacity change from 0 to 524287999
[ 1572.633868][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1574.713846][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1575.030062][ T8430] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1575.252323][ T8444] syz.3.9226: attempt to access beyond end of device
[ 1575.252323][ T8444] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1575.444083][ T8457] input: syz0 as /devices/virtual/input/input351
[ 1575.748956][ T8472] kvm: kvm [8467]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010006) = 0xaf
[ 1576.908791][T22668] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1576.929176][T22668] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1576.930098][T22668] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1576.931275][T22668] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1576.932089][T22668] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1577.181543][ T8503] binder: 8502:8503 ioctl c018620c 200000000640 returned -22
[ 1577.521720][ T8527] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1578.021384][ T8608] input: syz0 as /devices/virtual/input/input352
[ 1578.111985][  T191] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1578.526601][  T191] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1578.659110][ T8479] chnl_net:caif_netlink_parms(): no params data found
[ 1578.918336][  T191] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1579.037987][T22668] Bluetooth: hci5: command tx timeout
[ 1579.352594][  T191] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1579.918816][ T8479] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1579.926708][ T8479] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1579.945654][ T8479] bridge_slave_0: entered allmulticast mode
[ 1579.951214][ T8713] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1579.958409][ T8479] bridge_slave_0: entered promiscuous mode
[ 1580.186016][ T8479] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1580.193214][ T8479] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1580.202351][ T8479] bridge_slave_1: entered allmulticast mode
[ 1580.210515][ T8479] bridge_slave_1: entered promiscuous mode
[ 1580.257686][ T8733] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1580.277852][ T8733] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1580.490173][ T8479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1580.532919][ T8479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1580.978028][ T8479] team0: Port device team_slave_0 added
[ 1581.124443][T22668] Bluetooth: hci5: command tx timeout
[ 1581.309644][ T8816] ALSA: seq fatal error: cannot create timer (-22)
[ 1581.472798][ T8479] team0: Port device team_slave_1 added
[ 1582.407042][  T191] bridge_slave_1: left allmulticast mode
[ 1582.423070][  T191] bridge_slave_1: left promiscuous mode
[ 1582.443533][  T191] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1582.537737][  T191] bridge_slave_0: left allmulticast mode
[ 1582.543484][  T191] bridge_slave_0: left promiscuous mode
[ 1582.574938][  T191] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1582.659355][ T8867] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1583.018143][ T8890] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1583.194758][T22668] Bluetooth: hci5: command tx timeout
[ 1583.506266][ T8911] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1584.448467][ T8910] tty tty23: ldisc open failed (-12), clearing slot 22
[ 1584.905526][  T191] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1585.007184][  T191] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1585.046857][  T191] bond0 (unregistering): Released all slaves
[ 1585.129560][ T8479] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1585.129580][ T8479] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1585.129631][ T8479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1585.131900][ T8479] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1585.131916][ T8479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1585.131953][ T8479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1585.284950][T22668] Bluetooth: hci5: command tx timeout
[ 1585.310931][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1585.357003][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1586.391637][ T8479] hsr_slave_0: entered promiscuous mode
[ 1586.425137][ T8479] hsr_slave_1: entered promiscuous mode
[ 1586.439154][ T8479] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1586.450936][ T8479] Cannot create hsr debugfs directory
[ 1587.740030][ T9126] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1587.781920][  T191] hsr_slave_0: left promiscuous mode
[ 1587.849098][  T191] hsr_slave_1: left promiscuous mode
[ 1587.868663][  T191] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1587.885345][  T191] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1588.007451][  T191] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1588.034275][  T191] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1588.342347][  T191] veth1_macvtap: left promiscuous mode
[ 1588.364608][  T191] veth0_macvtap: left promiscuous mode
[ 1588.388263][  T191] veth1_vlan: left promiscuous mode
[ 1588.404706][  T191] veth0_vlan: left promiscuous mode
[ 1589.514500][ T5839] Bluetooth: hci5: command 0x0405 tx timeout
[ 1590.641827][ T9325] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1591.347570][  T191] team0 (unregistering): Port device team_slave_1 removed
[ 1591.625348][  T191] team0 (unregistering): Port device team_slave_0 removed
[ 1593.795203][ T9379] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1594.658069][ T9426] binder: 9425:9426 ioctl c0306201 2000000001c0 returned -22
[ 1596.056187][ T9484] hub 6-0:1.0: USB hub found
[ 1596.063227][ T9484] hub 6-0:1.0: 1 port detected
[ 1597.394384][ T8479] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1597.454402][ T8479] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1597.499909][ T8479] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1597.755444][ T8479] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1597.784988][ T9570] nvme_fabrics: missing parameter 'transport=%s'
[ 1597.785021][ T9570] nvme_fabrics: missing parameter 'nqn=%s'
[ 1598.128156][ T8479] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1598.150699][ T9586] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1598.210982][ T8479] 8021q: adding VLAN 0 to HW filter on device team0
[ 1598.232344][ T9584] cgroup: fork rejected by pids controller in /syz6
[ 1598.283723][  T191] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1598.290968][  T191] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1598.336075][  T191] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1598.343321][  T191] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1598.348547][ T9623] input: syz0 as /devices/virtual/input/input356
[ 1600.160658][ T3995] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.339801][ T8479] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1600.549062][ T3995] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.728485][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1600.742908][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1600.752923][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1600.765939][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1600.779082][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1600.969546][ T3995] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1601.487596][ T3995] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1602.010071][ T8479] veth0_vlan: entered promiscuous mode
[ 1602.121207][ T8479] veth1_vlan: entered promiscuous mode
[ 1602.365660][ T8479] veth0_macvtap: entered promiscuous mode
[ 1602.383774][ T8479] veth1_macvtap: entered promiscuous mode
[ 1602.681843][ T8479] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1602.763648][ T3995] bridge_slave_1: left allmulticast mode
[ 1602.827500][ T3995] bridge_slave_1: left promiscuous mode
[ 1602.864683][ T3995] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1602.874421][T22668] Bluetooth: hci2: command tx timeout
[ 1603.013464][ T3995] bridge_slave_0: left allmulticast mode
[ 1603.038057][ T3995] bridge_slave_0: left promiscuous mode
[ 1603.056265][ T3995] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1604.954105][T22668] Bluetooth: hci2: command tx timeout
[ 1605.098749][ T3995] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1605.186887][ T3995] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1605.245891][ T3995] bond0 (unregistering): Released all slaves
[ 1605.509968][ T8479] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1605.519071][ T9781] chnl_net:caif_netlink_parms(): no params data found
[ 1606.565784][ T8479] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1606.574722][ T8479] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1606.583443][ T8479] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1606.592727][ T8479] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1606.762058][T10008] program syz.1.9335 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1606.904752][T10029] input: syz0 as /devices/virtual/input/input357
[ 1607.035172][T22668] Bluetooth: hci2: command tx timeout
[ 1607.409522][T10057] program syz.3.9340 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1607.419236][T10057] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1607.440459][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.451782][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.004091][ T3995] hsr_slave_0: left promiscuous mode
[ 1608.046499][ T3995] hsr_slave_1: left promiscuous mode
[ 1608.065301][ T3995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1608.072827][ T3995] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1608.135188][ T3995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1608.142673][ T3995] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1608.310914][ T3995] veth1_macvtap: left promiscuous mode
[ 1608.325109][ T3995] veth0_macvtap: left promiscuous mode
[ 1608.330855][ T3995] veth1_vlan: left promiscuous mode
[ 1608.336766][ T3995] veth0_vlan: left promiscuous mode
[ 1609.115806][T22668] Bluetooth: hci2: command tx timeout
[ 1610.787349][ T3995] team0 (unregistering): Port device team_slave_1 removed
[ 1611.035113][ T3995] team0 (unregistering): Port device team_slave_0 removed
[ 1613.536275][ T9781] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1613.543397][ T9781] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1613.555864][ T9781] bridge_slave_0: entered allmulticast mode
[ 1613.565980][ T9781] bridge_slave_0: entered promiscuous mode
[ 1613.648688][ T9781] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1613.673372][ T9781] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1613.693441][ T9781] bridge_slave_1: entered allmulticast mode
[ 1613.702344][ T9781] bridge_slave_1: entered promiscuous mode
[ 1613.907978][T10194] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1613.977356][T10126] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1613.983326][T10126] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1614.016053][ T9781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1614.030324][ T9781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1614.473505][T10126] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1614.497753][T10126] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1614.745877][ T9781] team0: Port device team_slave_0 added
[ 1615.020091][T10126] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1615.026307][T10126] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1615.057525][ T9781] team0: Port device team_slave_1 added
[ 1615.622991][ T9781] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1615.631632][T10126] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1615.637829][ T9781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1615.664103][T10126] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1615.669221][ T9781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1615.709085][ T9781] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1615.717412][ T9781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1615.745453][ T9781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1615.896403][T10126] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1615.902373][T10126] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1616.016261][ T9781] hsr_slave_0: entered promiscuous mode
[ 1616.030403][ T9781] hsr_slave_1: entered promiscuous mode
[ 1616.053459][ T9781] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1616.061617][ T9781] Cannot create hsr debugfs directory
[ 1616.727342][T10407] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1617.571027][  T191] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1617.847046][T10536] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1618.019219][  T191] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1618.331643][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1618.346130][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1618.354392][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1618.367257][  T191] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1618.380572][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1618.391369][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1618.411821][T22668] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1618.456872][T22668] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1618.465605][T22668] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1618.481838][T22668] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1618.505658][T22668] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1618.858797][  T191] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1619.653420][T10702] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1620.130464][  T191] bridge_slave_1: left allmulticast mode
[ 1620.153467][  T191] bridge_slave_1: left promiscuous mode
[ 1620.168134][  T191] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1620.295731][  T191] bridge_slave_0: left allmulticast mode
[ 1620.301450][  T191] bridge_slave_0: left promiscuous mode
[ 1620.311726][  T191] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1620.554179][ T5839] Bluetooth: hci3: command tx timeout
[ 1621.160639][T10810] Falling back ldisc for ptm0.
[ 1622.495070][  T191] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1622.575318][  T191] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1622.634235][ T5839] Bluetooth: hci3: command tx timeout
[ 1622.640808][  T191] bond0 (unregistering): Released all slaves
[ 1623.226636][T10604] chnl_net:caif_netlink_parms(): no params data found
[ 1623.539177][  T191] hsr_slave_0: left promiscuous mode
[ 1623.604005][  T191] hsr_slave_1: left promiscuous mode
[ 1623.610403][  T191] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1623.618396][  T191] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1623.669945][  T191] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1623.679822][  T191] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1623.771640][  T191] veth1_macvtap: left promiscuous mode
[ 1623.777310][  T191] veth0_macvtap: left promiscuous mode
[ 1623.782947][  T191] veth1_vlan: left promiscuous mode
[ 1623.788396][  T191] veth0_vlan: left promiscuous mode
[ 1624.713899][ T5839] Bluetooth: hci3: command tx timeout
[ 1624.750229][T10896] binder: 10895:10896 ioctl 400c620e 2000000014c0 returned -22
[ 1626.054522][   T30] audit: type=1400 audit(1750330009.977:54): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=10918 comm="syz.1.9392"
[ 1626.304542][  T191] team0 (unregistering): Port device team_slave_1 removed
[ 1626.555799][  T191] team0 (unregistering): Port device team_slave_0 removed
[ 1626.794446][ T5839] Bluetooth: hci3: command tx timeout
[ 1627.558982][T10953] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1628.521964][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1629.943850][ T9781] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1630.242081][ T9781] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1630.308342][ T9781] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1630.339346][T10604] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1630.353897][T10604] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1630.361113][T10604] bridge_slave_0: entered allmulticast mode
[ 1630.376188][T10604] bridge_slave_0: entered promiscuous mode
[ 1630.395390][T10604] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1630.402566][T10604] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1630.411826][T10604] bridge_slave_1: entered allmulticast mode
[ 1630.420341][T10604] bridge_slave_1: entered promiscuous mode
[ 1630.427897][ T9781] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1630.555132][T22668] Bluetooth: hci5: command 0x1003 tx timeout
[ 1630.562497][ T5839] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1630.839729][T10604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1630.904869][T10604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1631.469701][T10604] team0: Port device team_slave_0 added
[ 1631.487914][T10604] team0: Port device team_slave_1 added
[ 1631.968171][T10604] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1631.975543][T10604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1632.002878][T10604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1632.048045][T10604] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1632.063488][T10604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1632.101000][T10604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1632.191281][   T30] audit: type=1800 audit(1750330016.117:55): pid=11215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9411" name="dmabuf" dev="dmabuf" ino=67 res=0 errno=0
[ 1632.466098][T10604] hsr_slave_0: entered promiscuous mode
[ 1632.472908][T10604] hsr_slave_1: entered promiscuous mode
[ 1632.535204][T10604] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1632.542977][T10604] Cannot create hsr debugfs directory
[ 1632.687042][T11268] syz.3.9414: attempt to access beyond end of device
[ 1632.687042][T11268] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1632.831283][   T30] audit: type=1804 audit(1750330016.747:56): pid=11277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.9413" name="/newroot/190/cgroup.controllers" dev="tmpfs" ino=985 res=1 errno=0
[ 1632.853672][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1632.864265][   T30] audit: type=1800 audit(1750330016.757:57): pid=11277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9413" name="cgroup.controllers" dev="tmpfs" ino=985 res=0 errno=0
[ 1632.885929][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1632.955019][T11281] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1633.536003][ T9781] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1634.228878][ T9781] 8021q: adding VLAN 0 to HW filter on device team0
[ 1634.281704][  T191] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1634.288970][  T191] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1634.312722][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1634.319995][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1635.346695][T10604] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1635.441421][T10604] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1635.554444][T10604] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1635.616504][T10604] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1635.731903][ T9781] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1635.989470][T10604] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1636.080930][T10604] 8021q: adding VLAN 0 to HW filter on device team0
[ 1636.102130][T24062] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1636.109370][T24062] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1636.189276][T13361] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1636.196713][T13361] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1636.335108][T10604] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1636.769936][ T9781] veth0_vlan: entered promiscuous mode
[ 1636.816046][ T9781] veth1_vlan: entered promiscuous mode
[ 1636.964316][ T9781] veth0_macvtap: entered promiscuous mode
[ 1637.003568][ T9781] veth1_macvtap: entered promiscuous mode
[ 1637.097639][ T9781] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1637.119608][ T9781] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1637.198640][ T9781] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1637.227284][ T9781] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1637.245567][ T9781] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1637.274079][ T9781] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1637.331222][T10604] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1637.733481][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1637.747573][    T9] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1637.782029][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1637.790411][    T9] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1637.813019][    T9] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1637.835435][ T3995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1637.855760][    T9] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1637.869012][ T3995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1637.884704][    T9] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1637.919238][    T9] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1638.147017][T11520] fido_id[11520]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1638.501400][T10604] veth0_vlan: entered promiscuous mode
[ 1638.552230][T10604] veth1_vlan: entered promiscuous mode
[ 1638.693652][T10604] veth0_macvtap: entered promiscuous mode
[ 1638.737179][T10604] veth1_macvtap: entered promiscuous mode
[ 1638.818083][T10604] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1638.893448][T10604] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1638.973346][T10604] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1639.005758][T10604] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1639.034681][T10604] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1639.064756][T10604] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1639.414839][T13361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1639.453739][T13361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1639.802613][T13361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1639.821583][T13361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1640.525863][T11658] sp0: Synchronizing with TNC
[ 1642.563576][T11708] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1642.929855][T11727] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1643.858355][T11770] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1644.471532][   T30] audit: type=1400 audit(1750330028.397:58): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=11780 comm="syz.1.9461"
[ 1644.473402][   T30] audit: type=1400 audit(1750330028.397:59): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name="threaded" pid=11780 comm="syz.1.9461"
[ 1645.012232][T11797] syz.6.9463: attempt to access beyond end of device
[ 1645.012232][T11797] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1645.393974][T11822] input: syz0 as /devices/virtual/input/input360
[ 1646.042648][T11851] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1646.053951][T11850] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1646.225541][T11853] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1647.011633][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1647.012000][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1647.012354][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1647.012712][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1647.012731][ T5848] rtc rtc0: __rtc_set_alarm: err=-22
[ 1648.068387][T11938] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1648.315101][T11950] can0: slcan on ptm0.
[ 1648.434423][T11949] can0 (unregistered): slcan off ptm0.
[ 1648.469924][T11962] random: crng reseeded on system resumption
[ 1649.126598][T11981] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1649.856509][T12020] input: syz0 as /devices/virtual/input/input364
[ 1649.940405][T12026] kvm: kvm [12025]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0x7fffffffffffffff
[ 1651.051977][T12067] [U] ^C
[ 1651.482429][   T30] audit: type=1800 audit(1750330035.407:60): pid=12089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.9507" name="memory.events" dev="tmpfs" ino=142 res=0 errno=0
[ 1653.476963][T12155] CUSE: info not properly terminated
[ 1654.617499][T12182] can0: slcan on ptm0.
[ 1655.636356][T12177] can0 (unregistered): slcan off ptm0.
[ 1661.185251][T12338] mkiss: ax0: crc mode is auto.
[ 1661.862847][T12362] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1662.581900][T12393] CUSE: DEVNAME unspecified
[ 1663.649183][T12414] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1663.710850][T22668] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1663.721664][T22668] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1663.731740][T22668] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1663.742775][T22668] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1663.754044][T22668] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1664.171790][T12516] usb usb8: usbfs: process 12516 (syz.3.9560) did not claim interface 0 before use
[ 1664.232849][T12465] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1664.245661][T12418] chnl_net:caif_netlink_parms(): no params data found
[ 1664.777825][T12418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1664.806506][T12418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1664.829367][T12418] bridge_slave_0: entered allmulticast mode
[ 1664.845073][T12418] bridge_slave_0: entered promiscuous mode
[ 1664.864978][T12418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1664.872183][T12418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1664.881009][T12418] bridge_slave_1: entered allmulticast mode
[ 1664.906328][T12418] bridge_slave_1: entered promiscuous mode
[ 1665.210227][T12418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1665.298815][T12418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1665.563036][T12418] team0: Port device team_slave_0 added
[ 1665.583509][T12418] team0: Port device team_slave_1 added
[ 1665.831907][T12701] tun0: tun_chr_ioctl cmd 1074025675
[ 1665.833950][ T5839] Bluetooth: hci5: command tx timeout
[ 1665.837624][T12701] tun0: persist enabled
[ 1665.853183][T12707] tun0: tun_chr_ioctl cmd 1074025675
[ 1665.869351][T12707] tun0: persist enabled
[ 1665.877215][T12418] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1665.885637][T12418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1665.911653][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1665.920575][T12418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1665.923055][T12418] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1665.940732][T12418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1665.955537][T12690] input: syz1 as /devices/virtual/input/input367
[ 1665.972107][T12418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1666.273597][T12418] hsr_slave_0: entered promiscuous mode
[ 1666.282989][T12418] hsr_slave_1: entered promiscuous mode
[ 1666.290336][T12418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1666.298255][T12418] Cannot create hsr debugfs directory
[ 1667.914065][ T5839] Bluetooth: hci5: command tx timeout
[ 1668.883320][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.890035][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1668.910910][T12889] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1669.812985][T12963] binder: 12953:12963 ioctl c018620c 200000000140 returned -1
[ 1669.996701][ T5839] Bluetooth: hci5: command tx timeout
[ 1670.328583][T12418] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1670.401060][T12418] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1670.785523][T12418] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1670.906914][T12418] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1671.206816][T13023] binder: 13021:13023 ioctl c0306201 2000000003c0 returned -14
[ 1671.916195][T12418] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1671.980230][T12418] 8021q: adding VLAN 0 to HW filter on device team0
[ 1671.990803][T13059] tty tty32: ldisc open failed (-12), clearing slot 31
[ 1672.054762][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1672.061979][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1672.075589][ T5839] Bluetooth: hci5: command tx timeout
[ 1672.128767][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1672.136101][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1672.858861][T12418] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1673.626510][T12418] veth0_vlan: entered promiscuous mode
[ 1673.675278][T12418] veth1_vlan: entered promiscuous mode
[ 1673.795616][T12418] veth0_macvtap: entered promiscuous mode
[ 1673.829968][T12418] veth1_macvtap: entered promiscuous mode
[ 1673.917978][T12418] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1673.961847][T12418] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1674.021456][T12418] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1674.049302][T12418] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1674.083742][T12418] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1674.092504][T12418] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1674.661136][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1674.679784][T13144] input: syz0 as /devices/virtual/input/input368
[ 1674.682306][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1674.805949][T24062] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1674.831461][T24062] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1678.808136][T13273] random: crng reseeded on system resumption
[ 1679.719531][T13312] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1679.811082][T13306] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1682.389480][T13401] syz.4.9632: attempt to access beyond end of device
[ 1682.389480][T13401] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1683.168049][T13415] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1683.423984][T13436] usb usb1: usbfs: process 13436 (syz.3.9638) did not claim interface 0 before use
[ 1684.859712][T13482] loop8: detected capacity change from 0 to 16
[ 1684.976775][T13486] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1685.036693][T13482]  loop8: unable to read partition table
[ 1685.084118][T13482] loop8: partition table beyond EOD, truncated
[ 1685.122867][T13482] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[ 1685.134651][T13475] loop6: detected capacity change from 0 to 4
[ 1685.298478][ T5206]  loop8: unable to read partition table
[ 1685.322060][ T5206] loop8: partition table beyond EOD, truncated
[ 1685.353847][T13500] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1685.708017][T13527] mkiss: ax0: crc mode is auto.
[ 1689.559583][T13652] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1690.342788][T13679] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1690.782291][T13696] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1690.964469][T13697] binder: BINDER_SET_CONTEXT_MGR already set
[ 1690.974354][T13697] binder: 13694:13697 ioctl 4018620d 200000000240 returned -16
[ 1692.079857][T13765] QAT: failed to copy from user cfg_data.
[ 1692.527713][T13783] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1695.014068][T13872] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1695.938535][T13897] loop6: detected capacity change from 0 to 524288000
[ 1696.062737][T13896] tty tty33: ldisc open failed (-12), clearing slot 32
[ 1696.142091][T13910] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1701.804772][T14111] CUSE: info not properly terminated
[ 1701.810295][T14112] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1701.932118][T14114] QAT: failed to copy from user cfg_data.
[ 1702.010038][T14127] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1702.184133][T14121] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1702.497376][T14147] Scaler: =================  START STATUS  =================
[ 1702.513721][T14147] Scaler: ==================  END STATUS  ==================
[ 1703.931395][T14190] syz.4.9728: attempt to access beyond end of device
[ 1703.931395][T14190] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1704.011074][T14191] syz.4.9728: attempt to access beyond end of device
[ 1704.011074][T14191] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1704.787899][T14211] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1706.301961][T14308] CUSE: unknown device info ""
[ 1706.353764][T14308] CUSE: DEVNAME unspecified
[ 1707.724842][T14349] syz.8.9751: attempt to access beyond end of device
[ 1707.724842][T14349] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1709.592455][T14422] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1709.645146][T14429] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1709.687005][T14441] PM: Enabling pm_trace changes system date and time during resume.
[ 1709.687005][T14441] PM: Correct system time has to be restored manually after resume.
[ 1710.713335][T14492] random: crng reseeded on system resumption
[ 1710.786330][T14492] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1711.540639][T14531] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1713.080649][T14579] [U] 
[ 1713.312950][T14606] syz.8.9791: attempt to access beyond end of device
[ 1713.312950][T14606] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1713.478604][T14612] misc userio: Begin command sent, but we're already running
[ 1714.524789][T14636] usb usb1: usbfs: process 14636 (syz.8.9799) did not claim interface 0 before use
[ 1716.081094][T14686] program syz.6.9806 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1716.282788][T14690] Bluetooth: hci6: received HCILL_GO_TO_SLEEP_ACK in state 2
[ 1716.295918][ T8918] Bluetooth: hci6: Frame reassembly failed (-84)
[ 1716.515930][T14707] input: syz1 as /devices/virtual/input/input372
[ 1718.316961][T22668] Bluetooth: hci6: command 0x1003 tx timeout
[ 1718.327610][ T5839] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1718.801858][T14785] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1719.451379][T14822] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1723.808991][T14971] program syz.6.9854 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1723.819630][T14971] program syz.6.9854 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1723.835603][T14971] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1728.072900][T15084] QAT: failed to copy from user.
[ 1730.321610][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.331035][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.634249][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.641754][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.658867][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.670145][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.724822][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.733615][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.759469][T22668] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1730.770279][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.780246][T22668] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1730.793403][T22668] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1730.800900][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.810788][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.820669][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.830261][T22668] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1730.838598][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.846900][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.854981][T22668] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1730.862324][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.873293][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.894031][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.901671][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.909803][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.917571][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.925247][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.933947][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.941552][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.949195][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.957420][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.965510][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.973059][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.980714][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.988423][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1730.996012][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.003575][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.012435][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.020084][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.028905][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.038908][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.046482][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.054195][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.061721][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.069369][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.077758][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.086937][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.155794][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.179250][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.193355][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.211162][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.227254][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.252892][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.269941][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.286992][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.304018][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.321775][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.334229][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.354913][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.370151][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.388584][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.404420][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.417794][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.496331][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.508657][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.525872][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.550310][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.587959][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.601849][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.619146][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.636445][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.645161][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.654099][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.662712][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.679412][T15161] chnl_net:caif_netlink_parms(): no params data found
[ 1731.694237][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.701701][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.734305][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.763707][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.789459][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.807446][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.827718][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.838751][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.846620][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.859706][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.867582][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.881094][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.889113][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.898317][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.906279][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.914386][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.921943][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.929942][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.938823][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.954216][T15297] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1731.962633][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1731.990042][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.013742][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.039105][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051325][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051360][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051385][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051410][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051433][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051456][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051478][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051499][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051519][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051539][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051558][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051580][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051605][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051628][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051652][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051676][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051700][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051723][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051748][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051773][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051797][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051822][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051847][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051881][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051906][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051931][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051956][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.051981][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052006][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052031][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052066][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052091][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052116][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052141][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052165][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052190][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052215][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052240][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052266][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052291][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052315][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052340][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052365][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052391][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052415][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052440][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052465][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052490][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052515][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052540][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052564][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052588][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052613][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052637][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052662][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052687][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052712][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052737][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052762][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052787][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052812][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052837][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052862][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052886][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052912][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052936][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052961][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.052986][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053011][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053036][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053072][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053097][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053122][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053147][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053172][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053197][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053222][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053247][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053272][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053297][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053322][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053347][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053372][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053397][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053422][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053447][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053473][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053498][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053522][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053547][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053572][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053597][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.053622][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075619][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075653][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075678][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075702][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075724][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075749][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075773][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075799][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075824][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075848][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075873][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075898][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075922][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075948][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.075974][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076000][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076024][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076063][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076088][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076112][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076137][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076162][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076187][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076212][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076236][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076261][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076286][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076308][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076333][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076358][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.076383][   T24] hid-generic 01FF:0004:0400.0016: unknown main item tag 0x0
[ 1732.085337][   T24] hid-generic 01FF:0004:0400.0016: hidraw0: <UNKNOWN> HID v0.05 Device [syz0] on syz1
[ 1732.212487][T15312] fido_id[15312]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1732.420077][T15333] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[ 1732.678583][T15161] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1732.678795][T15161] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.679010][T15161] bridge_slave_0: entered allmulticast mode
[ 1732.686508][T15161] bridge_slave_0: entered promiscuous mode
[ 1732.692815][T15161] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1732.693355][T15161] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1732.693535][T15161] bridge_slave_1: entered allmulticast mode
[ 1732.701055][T15161] bridge_slave_1: entered promiscuous mode
[ 1732.953969][T22668] Bluetooth: hci6: command tx timeout
[ 1733.082489][T15161] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1733.086700][T15161] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1733.347264][T15161] team0: Port device team_slave_0 added
[ 1733.358065][T15161] team0: Port device team_slave_1 added
[ 1733.579863][T15161] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1733.579885][T15161] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1733.579926][T15161] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1733.587556][T15161] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1733.587575][T15161] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1733.587616][T15161] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1734.026083][T15161] hsr_slave_0: entered promiscuous mode
[ 1734.027334][T15161] hsr_slave_1: entered promiscuous mode
[ 1734.028159][T15161] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1734.028181][T15161] Cannot create hsr debugfs directory
[ 1735.033784][T22668] Bluetooth: hci6: command tx timeout
[ 1735.316628][T15598] input: syz1 as /devices/virtual/input/input376
[ 1735.639705][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1735.738458][T15385] tty tty4: ldisc open failed (-12), clearing slot 3
[ 1737.118397][T22668] Bluetooth: hci6: command tx timeout
[ 1738.118155][T15161] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1738.302280][T15161] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1738.435518][T15161] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1738.561470][T15161] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1738.975493][T15161] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1739.050210][T15161] 8021q: adding VLAN 0 to HW filter on device team0
[ 1739.078083][T24062] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1739.085401][T24062] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1739.150900][T24062] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1739.158198][T24062] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1739.194049][T22668] Bluetooth: hci6: command tx timeout
[ 1739.796951][T15161] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1739.909491][T15161] veth0_vlan: entered promiscuous mode
[ 1740.496067][T15161] veth1_vlan: entered promiscuous mode
[ 1740.702301][T15161] veth0_macvtap: entered promiscuous mode
[ 1740.725141][T15161] veth1_macvtap: entered promiscuous mode
[ 1740.800164][T15161] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1740.863129][T15161] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1740.916593][T15161] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1740.941619][T15161] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1740.942379][T15806] input: syz1 as /devices/virtual/input/input377
[ 1740.952487][T15161] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1740.987362][T15161] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1741.450110][ T2071] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1741.482637][ T2071] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1741.589347][ T3463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1741.617180][ T3463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1742.081280][T15856] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1742.635841][ T5839] Bluetooth: hci3: command 0x0406 tx timeout
[ 1744.504859][T15931] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1744.607823][T15923] kvm_intel: kvm [15919]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xff
[ 1745.661431][T15974] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1747.949434][T16043] ALSA: mixer_oss: invalid OSS volume 'LIE1'
[ 1748.365315][T16066] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1749.338324][T16090] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1749.488176][T16100] usb usb8: usbfs: process 16100 (syz.6.9966) did not claim interface 4 before use
[ 1749.760080][T16112] vivid-000: =================  START STATUS  =================
[ 1749.788772][T16112] vivid-000: Test Pattern: 100% Colorbar
[ 1749.803716][T16112] vivid-000: Fill Percentage of Frame: 4
[ 1749.823878][T16112] vivid-000: Horizontal Movement: Move Left Slow
[ 1749.836848][T16112] vivid-000: Vertical Movement: Move Up Slow
[ 1749.870980][T16112] vivid-000: OSD Text Mode: Counters Only
[ 1749.898264][T16112] vivid-000: Show Border: true
[ 1749.903122][T16112] vivid-000: Show Square: true
[ 1749.928088][T16114] tap0: tun_chr_ioctl cmd 1074025678
[ 1749.933534][T16114] tap0: group set to 0
[ 1749.933709][T16112] vivid-000: Sensor Flipped Horizontally: true
[ 1750.003869][T16112] vivid-000: Sensor Flipped Vertically: true
[ 1750.044044][T16112] vivid-000: Insert SAV Code in Image: true
[ 1750.062146][T16112] vivid-000: Insert EAV Code in Image: false
[ 1750.070816][T16112] vivid-000: Insert Video Guard Band: true
[ 1750.087609][T16112] vivid-000: Reduced Framerate: true
[ 1750.093086][T16112] vivid-000: HDMI 000-0 Is Connected To: Output HDMI 000-0
[ 1750.123505][T16112] vivid-000: S-Video 000-0 Is Connected To: None
[ 1750.153734][T16112] vivid-000: Enable Capture Cropping: true
[ 1750.199395][T16112] vivid-000: Enable Capture Composing: false
[ 1750.250331][T16112] vivid-000: Enable Capture Scaler: false
[ 1750.273719][T16112] vivid-000: Timestamp Source: Start of Exposure
[ 1750.280140][T16112] vivid-000: Colorspace: SMPTE 170M
[ 1750.301858][T16112] vivid-000: Transfer Function: sRGB
[ 1750.321843][T16112] vivid-000: Y'CbCr Encoding: ITU-R 601
[ 1750.336478][T16112] vivid-000: HSV Encoding: Hue 0-256
[ 1750.341983][T16112] vivid-000: Quantization: Limited Range
[ 1750.354140][T16112] vivid-000: Apply Alpha To Red Only: true
[ 1750.360410][T16112] vivid-000: Standard Aspect Ratio: 14x9
[ 1750.424088][T16112] vivid-000: DV Timings Signal Mode: Out of Range inactive
[ 1750.434383][T16112] vivid-000: DV Timings: 4096x2160p60 inactive
[ 1750.473965][T16112] vivid-000: DV Timings Aspect Ratio: 14x9
[ 1750.493453][T16112] vivid-000: Maximum EDID Blocks: 1
[ 1750.512918][T16112] vivid-000: Limited RGB Range (16-235): false
[ 1750.543805][T16112] vivid-000: Rx RGB Quantization Range: RGB Full Range (0-255)
[ 1750.551559][T16112] vivid-000: Power Present: 0x00000001
[ 1750.613853][T16112] tpg source WxH: 720x576 (R'G'B)
[ 1750.618949][T16112] tpg field: 4
[ 1750.622356][T16112] tpg crop: (0,0)/16x16
[ 1750.732090][T16112] tpg compose: (0,0)/16x16
[ 1750.746735][T16112] tpg colorspace: 6
[ 1750.750606][T16112] tpg transfer function: 2/2
[ 1750.777093][T16150] input: syz1 as /devices/virtual/input/input380
[ 1750.845873][T16112] tpg quantization: 2/2
[ 1750.887308][T16112] tpg RGB range: 0/2
[ 1750.891265][T16112] vivid-000: ==================  END STATUS  ==================
[ 1751.039693][T16157] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1751.538365][T16182] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1751.847464][T16201] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1752.337624][T16222] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1756.712631][T16372] CUSE: info not properly terminated
[ 1758.764442][T16435] input: syz0 as /devices/virtual/input/input381
[ 1759.233095][T16456] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1759.265682][T16457] vivid-000: =================  START STATUS  =================
[ 1759.273390][T16457] vivid-000: Generate PTS: true
[ 1759.278811][T16457] vivid-000: Generate SCR: true
[ 1759.293681][T16457] tpg source WxH: 720x576 (R'G'B)
[ 1759.325851][T16457] tpg field: 4
[ 1759.341108][T16457] tpg crop: (0,0)/16x16
[ 1759.370682][T16457] tpg compose: (0,0)/16x16
[ 1759.409851][T16457] tpg colorspace: 6
[ 1759.424558][T16457] tpg transfer function: 2/2
[ 1759.443729][T16457] tpg quantization: 2/2
[ 1759.529370][T16457] tpg RGB range: 0/2
[ 1759.551880][T16457] vivid-000: ==================  END STATUS  ==================
[ 1759.995113][T16487] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1761.153303][T16539] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1761.194690][T16540] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1761.975282][T16593] syz.0.10033: attempt to access beyond end of device
[ 1761.975282][T16593] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1764.048234][T16693] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1764.457003][T16715] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1765.479976][T16773] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1765.822631][T16788] random: crng reseeded on system resumption
[ 1765.991907][T16791] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1766.290333][T16807] sp0: Synchronizing with TNC
[ 1766.337325][T16808] sp0: Found TNC
[ 1766.413116][T16808] [U] è`
[ 1772.023325][T17053] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1772.092666][T17030] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1772.168752][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1772.200340][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1772.208416][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1772.217055][ T5848] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1772.232352][ T5848] rtc rtc0: __rtc_set_alarm: err=-22
[ 1772.339612][T17062] dlm: no locking on control device
[ 1773.400222][   T30] audit: type=1400 audit(1750330157.327:61): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A21D01A0B978D2F2F262D2A83D1 pid=17102 comm="syz.6.10108"
[ 1774.301736][T17133] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1774.801800][T17160] input input387: cannot allocate more than FF_MAX_EFFECTS effects
[ 1775.528487][T17200] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1775.641244][T17207] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1776.011077][T17230] random: crng reseeded on system resumption
[ 1776.727013][T17282] binder: 17279:17282 ioctl c00c620f 0 returned -14
[ 1777.355285][T17312] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1777.572186][T17324] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1779.635342][T17400] vivid-003: disconnect
[ 1779.736072][T17404] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1780.014416][T17399] vivid-003: reconnect
[ 1780.438241][T17438] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1782.211381][ T5839] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1782.220689][ T5839] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1782.229347][ T5839] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1782.240380][ T5839] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1782.248979][ T5839] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1782.733321][T17597] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1782.885687][T17495] chnl_net:caif_netlink_parms(): no params data found
[ 1783.327930][T17495] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1783.344722][T17495] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1783.366201][T17495] bridge_slave_0: entered allmulticast mode
[ 1783.375033][T17495] bridge_slave_0: entered promiscuous mode
[ 1783.391474][T17495] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1783.400143][T17495] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1783.414289][T17495] bridge_slave_1: entered allmulticast mode
[ 1783.423134][T17495] bridge_slave_1: entered promiscuous mode
[ 1783.661451][T17495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1783.727692][T17495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1784.071324][T17495] team0: Port device team_slave_0 added
[ 1784.099194][T17495] team0: Port device team_slave_1 added
[ 1784.313913][T22668] Bluetooth: hci7: command tx timeout
[ 1784.401867][T17495] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1784.426283][T17495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1784.459851][T17495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1784.471218][T17801] syz.4.10206: attempt to access beyond end of device
[ 1784.471218][T17801] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1784.490043][T17495] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1784.509467][T17495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1784.543709][T17495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1784.981629][T17495] hsr_slave_0: entered promiscuous mode
[ 1785.002335][T17495] hsr_slave_1: entered promiscuous mode
[ 1785.019257][T17495] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1785.044016][T17495] Cannot create hsr debugfs directory
[ 1785.851158][T17926] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1785.935821][T17926] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1786.394343][T22668] Bluetooth: hci7: command tx timeout
[ 1788.477703][ T5839] Bluetooth: hci7: command tx timeout
[ 1788.715183][ T5839] Bluetooth: hci5: command 0x0406 tx timeout
[ 1789.435686][T17495] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1789.493301][T17495] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1789.624487][T17495] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1789.671252][T17495] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1789.982992][T18150] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1790.408764][T17495] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1790.487589][T17495] 8021q: adding VLAN 0 to HW filter on device team0
[ 1790.554261][T22668] Bluetooth: hci7: command tx timeout
[ 1790.571268][T24062] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1790.578536][T24062] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1790.664404][T24062] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1790.671635][T24062] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1791.636109][T17495] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1791.760649][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.783061][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.636558][T17495] veth0_vlan: entered promiscuous mode
[ 1792.680245][T17495] veth1_vlan: entered promiscuous mode
[ 1792.836056][T17495] veth0_macvtap: entered promiscuous mode
[ 1792.859288][T17495] veth1_macvtap: entered promiscuous mode
[ 1792.941375][T17495] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1792.989170][T18284] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1793.007209][T17495] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1793.013064][T17495] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1793.013104][T17495] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1793.013131][T17495] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1793.013159][T17495] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1793.491992][ T2071] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1793.526962][ T2071] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1793.691693][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1793.730730][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1794.531092][T18354] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1794.770599][T18377] binder: 18375:18377 ioctl c0306201 200000000540 returned -22
[ 1794.801351][T18377] CUSE: zero length info key specified
[ 1795.112898][T18395] input: syz1 as /devices/virtual/input/input397
[ 1795.392076][T18406] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1795.948286][T18434] syz.8.10283: attempt to access beyond end of device
[ 1795.948286][T18434] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1796.004872][T18429] cgroup: fork rejected by pids controller in /syz8
[ 1796.110250][ T2071] Bluetooth: (null): Invalid header checksum
[ 1796.136519][T18489] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1796.301742][ T2071] Bluetooth: (null): Invalid header checksum
[ 1797.315576][T18592] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1797.928706][   T13] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1798.320830][   T13] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1798.879494][   T13] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1799.271945][   T13] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1799.394984][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1799.407045][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1799.420657][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1799.450547][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1799.465677][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1800.120447][   T13] bridge_slave_1: left allmulticast mode
[ 1800.134300][   T13] bridge_slave_1: left promiscuous mode
[ 1800.140186][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1800.276805][   T13] bridge_slave_0: left allmulticast mode
[ 1800.282540][   T13] bridge_slave_0: left promiscuous mode
[ 1800.327302][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1801.516510][ T5839] Bluetooth: hci3: command tx timeout
[ 1802.000186][   T31] INFO: task syz.1.9486:11924 blocked for more than 143 seconds.
[ 1802.013521][   T31]       Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0
[ 1802.021331][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1802.042460][   T31] task:syz.1.9486      state:D stack:26504 pid:11924 tgid:11923 ppid:4115   task_flags:0x400040 flags:0x00004004
[ 1802.055020][   T31] Call Trace:
[ 1802.058351][   T31]  <TASK>
[ 1802.061753][   T31]  __schedule+0x16f5/0x4d00
[ 1802.076379][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1802.090813][   T31]  ? schedule+0x165/0x360
[ 1802.118720][   T31]  ? __pfx___schedule+0x10/0x10
[ 1802.132022][   T31]  ? schedule+0x91/0x360
[ 1802.136979][   T31]  schedule+0x165/0x360
[ 1802.172059][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1802.182167][   T31]  __mutex_lock+0x724/0xe80
[ 1802.213727][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1802.218948][   T31]  ? snd_seq_info_clients_read+0x14a/0x7e0
[ 1802.257595][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1802.262705][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1802.279143][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1802.285899][   T31]  ? __up_read+0x280/0x680
[ 1802.290397][   T31]  ? __pfx___up_read+0x10/0x10
[ 1802.295442][   T31]  ? client_use_ptr+0xa9/0xab0
[ 1802.300270][   T31]  ? snd_seq_info_clients_read+0x71d/0x7e0
[ 1802.307731][   T31]  snd_seq_info_clients_read+0x14a/0x7e0
[ 1802.313536][   T31]  snd_info_seq_show+0xd9/0x100
[ 1802.318552][   T31]  seq_read_iter+0x4ea/0xe10
[ 1802.323186][   T31]  seq_read+0x2e2/0x3d0
[ 1802.327440][   T31]  ? __pfx_seq_read+0x10/0x10
[ 1802.332174][   T31]  ? __pfx_seq_read+0x10/0x10
[ 1802.337049][   T31]  proc_reg_read+0x1e9/0x2e0
[ 1802.341757][   T31]  vfs_readv+0x5a7/0x850
[ 1802.346169][   T31]  ? __pfx_proc_reg_read+0x10/0x10
[ 1802.351312][   T31]  ? __pfx_vfs_readv+0x10/0x10
[ 1802.356276][   T31]  ? __fget_files+0x2a/0x420
[ 1802.360907][   T31]  ? __fget_files+0x3a0/0x420
[ 1802.365906][   T31]  ? __fget_files+0x2a/0x420
[ 1802.370552][   T31]  __x64_sys_preadv+0x197/0x2a0
[ 1802.375586][   T31]  ? __pfx___x64_sys_preadv+0x10/0x10
[ 1802.381009][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1802.385856][   T31]  ? do_syscall_64+0xbe/0x3b0
[ 1802.390558][   T31]  do_syscall_64+0xfa/0x3b0
[ 1802.395483][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1802.400757][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1802.409866][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1802.414890][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1802.420833][   T31] RIP: 0033:0x7fb60d58e929
[ 1802.425333][   T31] RSP: 002b:00007fb60b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1802.433923][   T31] RAX: ffffffffffffffda RBX: 00007fb60d7b5fa0 RCX: 00007fb60d58e929
[ 1802.441925][   T31] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000008
[ 1802.450077][   T31] RBP: 00007fb60d610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1802.458107][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1802.466193][   T31] R13: 0000000000000000 R14: 00007fb60d7b5fa0 R15: 00007fffa433abd8
[ 1802.474547][   T31]  </TASK>
[ 1802.477638][   T31] 
[ 1802.477638][   T31] Showing all locks held in the system:
[ 1802.487740][   T31] 4 locks held by kworker/u8:1/13:
[ 1802.492867][   T31]  #0: ffff88801b6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1802.503906][   T31]  #1: ffffc90000127bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1802.516591][   T31]  #2: ffffffff8f715950 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[ 1802.526097][   T31]  #3: ffffffff8f722548 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x990
[ 1802.535289][   T31] 3 locks held by kworker/1:0/24:
[ 1802.540336][   T31]  #0: ffff88801a880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1802.553235][   T31]  #1: ffffc900001e7bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1802.571377][   T31]  #2: ffffffff8f722548 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[ 1802.581931][   T31] 1 lock held by khungtaskd/31:
[ 1802.588035][   T31]  #0: ffffffff8e33eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1802.598095][   T31] 3 locks held by kworker/u8:5/191:
[ 1802.603322][   T31]  #0: ffff88801a889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1802.616326][   T31]  #1: ffffc90002ff7bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1802.627537][   T31]  #2: ffffffff8f722548 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1802.637321][   T31] 1 lock held by dhcpcd/5501:
[ 1802.642029][   T31]  #0: ffffffff8f722548 (rtnl_mutex){+.+.}-{4:4}, at: inet6_rtm_deladdr+0x20f/0x330
[ 1802.651712][   T31] 2 locks held by getty/5599:
[ 1802.656472][   T31]  #0: ffff88814cb990a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1802.666321][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1802.676654][   T31] 1 lock held by syz.9.8844/5426:
[ 1802.681722][   T31] 2 locks held by syz.1.9486/11924:
[ 1802.687012][   T31]  #0: ffff888057333c30 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb7/0xe10
[ 1802.696749][   T31]  #1: ffff88804d30a9d0 (&client->ioctl_mutex){+.+.}-{4:4}, at: snd_seq_info_clients_read+0x14a/0x7e0
[ 1802.707899][   T31] 3 locks held by syz.3.9802/14657:
[ 1802.714666][   T31]  #0: ffff888027de82b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x320
[ 1802.723899][   T31]  #1: ffff88802fadd540 (&p->lock){+.+.}-{4:4}, at: seq_lseek+0x52/0x260
[ 1802.732402][   T31]  #2: ffff88804d30a9d0 (&client->ioctl_mutex){+.+.}-{4:4}, at: snd_seq_info_clients_read+0x14a/0x7e0
[ 1802.743470][   T31] 3 locks held by syz.0.10068/16836:
[ 1802.748814][   T31]  #0: ffff88806495c638 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x320
[ 1802.758121][   T31]  #1: ffff88804f764d58 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb7/0xe10
[ 1802.767029][   T31]  #2: ffff88804d30a9d0 (&client->ioctl_mutex){+.+.}-{4:4}, at: snd_seq_info_clients_read+0x14a/0x7e0
[ 1802.778176][   T31] 2 locks held by syz-executor/18739:
[ 1802.783548][   T31]  #0: ffffffff8fc43418 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[ 1802.793211][   T31]  #1: ffffffff8f722548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[ 1802.802356][   T31] 2 locks held by syz.5.10302/18915:
[ 1802.807704][   T31]  #0: ffffffff8ef06048 (ppp_mutex){+.+.}-{4:4}, at: ppp_ioctl+0xcd/0x19a0
[ 1802.819986][   T31]  #1: ffffffff8f722548 (rtnl_mutex){+.+.}-{4:4}, at: ppp_ioctl+0x695/0x19a0
[ 1802.829232][   T31] 1 lock held by syz.6.10305/18928:
[ 1802.834534][   T31]  #0: ffffffff8e344780 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 1802.845985][   T31] 
[ 1802.848380][   T31] =============================================
[ 1802.848380][   T31] 
[ 1802.887838][   T31] NMI backtrace for cpu 0
[ 1802.887862][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) 
[ 1802.887886][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1802.887898][   T31] Call Trace:
[ 1802.887907][   T31]  <TASK>
[ 1802.887917][   T31]  dump_stack_lvl+0x189/0x250
[ 1802.887945][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 1802.887975][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1802.887998][   T31]  ? __pfx__printk+0x10/0x10
[ 1802.888040][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1802.888069][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1802.888092][   T31]  ? _printk+0xcf/0x120
[ 1802.888126][   T31]  ? __pfx__printk+0x10/0x10
[ 1802.888151][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1802.888183][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1802.888213][   T31]  watchdog+0xfee/0x1030
[ 1802.888235][   T31]  ? watchdog+0x1de/0x1030
[ 1802.888262][   T31]  kthread+0x70e/0x8a0
[ 1802.888293][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1802.888311][   T31]  ? __pfx_kthread+0x10/0x10
[ 1802.888339][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1802.888366][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1802.888392][   T31]  ? __pfx_kthread+0x10/0x10
[ 1802.888420][   T31]  ret_from_fork+0x3f9/0x770
[ 1802.888443][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1802.888470][   T31]  ? __switch_to_asm+0x39/0x70
[ 1802.888493][   T31]  ? __switch_to_asm+0x33/0x70
[ 1802.888515][   T31]  ? __pfx_kthread+0x10/0x10
[ 1802.888542][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1802.888583][   T31]  </TASK>
[ 1802.888591][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1803.051643][    C1] NMI backtrace for cpu 1
[ 1803.051661][    C1] CPU: 1 UID: 0 PID: 12418 Comm: syz-executor Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) 
[ 1803.051681][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1803.051691][    C1] RIP: 0010:lock_release+0x26e/0x3e0
[ 1803.051712][    C1] Code: 85 ee fe ff ff 41 8d 45 ff 48 83 c5 d8 45 85 ed 41 89 c5 7f d0 4c 89 ff 4c 89 f6 48 8b 54 24 18 e8 57 30 00 00 48 8b 5c 24 08 <48> c7 c7 71 ae c3 8d e8 e6 a9 ce 09 b8 ff ff ff ff 65 0f c1 05 19
[ 1803.051725][    C1] RSP: 0018:ffffc9000ef674d0 EFLAGS: 00000046
[ 1803.051741][    C1] RAX: ffffffffffffffff RBX: 0000000000000202 RCX: a87b2047b43a8d00
[ 1803.051753][    C1] RDX: 0000000000000000 RSI: ffffffff8e33eda0 RDI: ffff88805f00c6f0
[ 1803.051764][    C1] RBP: ffff88805f00c6f0 R08: ffffc9000ef67878 R09: 0000000000000000
[ 1803.051775][    C1] R10: ffffc9000ef67658 R11: fffff52001dececd R12: 0000000000000000
[ 1803.051812][    C1] R13: 0000000000000000 R14: ffffffff8e33eda0 R15: ffff88805f00bc00
[ 1803.051823][    C1] FS:  0000000000000000(0000) GS:ffff888125b1c000(0000) knlGS:0000000000000000
[ 1803.051836][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1803.051848][    C1] CR2: 000000110c302647 CR3: 000000003471a000 CR4: 00000000003526f0
[ 1803.051864][    C1] DR0: 0000000000000008 DR1: 00000000000000ff DR2: fffffffffffffffb
[ 1803.051875][    C1] DR3: 3e00000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1803.051886][    C1] Call Trace:
[ 1803.051893][    C1]  <TASK>
[ 1803.051900][    C1]  ? unwind_next_frame+0xa5/0x2390
[ 1803.051920][    C1]  ? unwind_next_frame+0xa5/0x2390
[ 1803.051936][    C1]  unwind_next_frame+0x19a9/0x2390
[ 1803.051954][    C1]  ? unwind_next_frame+0xa5/0x2390
[ 1803.051971][    C1]  ? save_stack+0xf5/0x1f0
[ 1803.051990][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1803.052010][    C1]  arch_stack_walk+0x11c/0x150
[ 1803.052030][    C1]  ? __reset_page_owner+0x71/0x1f0
[ 1803.052113][    C1]  stack_trace_save+0x9c/0xe0
[ 1803.052142][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1803.052165][    C1]  save_stack+0xf5/0x1f0
[ 1803.052184][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1803.052206][    C1]  ? page_ext_put+0x97/0xc0
[ 1803.052225][    C1]  __reset_page_owner+0x71/0x1f0
[ 1803.052244][    C1]  __free_frozen_pages+0xc71/0xe70
[ 1803.052267][    C1]  vfree+0x25a/0x400
[ 1803.052285][    C1]  ? __pfx_kcov_close+0x10/0x10
[ 1803.052299][    C1]  kcov_close+0x28/0x50
[ 1803.052312][    C1]  __fput+0x44c/0xa70
[ 1803.052332][    C1]  task_work_run+0x1d1/0x260
[ 1803.052354][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1803.052374][    C1]  ? kmem_cache_free+0x18f/0x400
[ 1803.052394][    C1]  do_exit+0x6ad/0x22e0
[ 1803.052417][    C1]  ? do_raw_spin_lock+0x121/0x290
[ 1803.052437][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1803.052462][    C1]  do_group_exit+0x21c/0x2d0
[ 1803.052490][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1803.052513][    C1]  get_signal+0x1286/0x1340
[ 1803.052536][    C1]  arch_do_signal_or_restart+0x9a/0x750
[ 1803.052558][    C1]  ? __pfx_get_timespec64+0x10/0x10
[ 1803.052574][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1803.052600][    C1]  ? exit_to_user_mode_loop+0x40/0x110
[ 1803.052617][    C1]  exit_to_user_mode_loop+0x75/0x110
[ 1803.052633][    C1]  do_syscall_64+0x2bd/0x3b0
[ 1803.052648][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1803.052670][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1803.052685][    C1]  ? clear_bhb_loop+0x60/0xb0
[ 1803.052702][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1803.052717][    C1] RIP: 0033:0x7f7e715c11e5
[ 1803.052732][    C1] Code: Unable to access opcode bytes at 0x7f7e715c11bb.
[ 1803.052740][    C1] RSP: 002b:00007ffc7d1fa850 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1803.052759][    C1] RAX: 0000000000000000 RBX: 00000000000002e4 RCX: 00007f7e715c11e5
[ 1803.052778][    C1] RDX: 00007ffc7d1fa890 RSI: 0000000000000000 RDI: 0000000000000000
[ 1803.052789][    C1] RBP: 00007ffc7d1fa8fc R08: 0000000000000000 R09: 0000000000000000
[ 1803.052799][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388
[ 1803.052818][    C1] R13: 00000000000927c0 R14: 00000000001b7e91 R15: 00007ffc7d1fa950
[ 1803.052836][    C1]  </TASK>
[ 1803.055619][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1803.055639][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00082-gfb4d33ab452e #0 PREEMPT(full) 
[ 1803.055662][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1803.055673][   T31] Call Trace:
[ 1803.055682][   T31]  <TASK>
[ 1803.055691][   T31]  dump_stack_lvl+0x99/0x250
[ 1803.055717][   T31]  ? __asan_memcpy+0x40/0x70
[ 1803.055737][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1803.055757][   T31]  ? __pfx__printk+0x10/0x10
[ 1803.055789][   T31]  panic+0x2db/0x790
[ 1803.055811][   T31]  ? __pfx_panic+0x10/0x10
[ 1803.055827][   T31]  ? __pfx_delay_tsc+0x10/0x10
[ 1803.055848][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 1803.055873][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1803.055900][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 1803.055930][   T31]  watchdog+0x102d/0x1030
[ 1803.055950][   T31]  ? watchdog+0x1de/0x1030
[ 1803.055975][   T31]  kthread+0x70e/0x8a0
[ 1803.056003][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1803.056019][   T31]  ? __pfx_kthread+0x10/0x10
[ 1803.056044][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1803.056079][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1803.056103][   T31]  ? __pfx_kthread+0x10/0x10
[ 1803.056127][   T31]  ret_from_fork+0x3f9/0x770
[ 1803.056148][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1803.056172][   T31]  ? __switch_to_asm+0x39/0x70
[ 1803.056192][   T31]  ? __switch_to_asm+0x33/0x70
[ 1803.056213][   T31]  ? __pfx_kthread+0x10/0x10
[ 1803.056236][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1803.056272][   T31]  </TASK>
[ 1803.599133][   T31] Kernel Offset: disabled
[ 1803.603454][   T31] Rebooting in 86400 seconds..