last executing test programs:

6m15.620827679s ago: executing program 4 (id=6006):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x44}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r10}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6m14.715150067s ago: executing program 4 (id=6014):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
setxattr(0x0, 0x0, 0x0, 0x0, 0x1)
write$binfmt_script(r4, &(0x7f0000000080), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x10012, r4, 0x0)

6m13.831261874s ago: executing program 4 (id=6020):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00'})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}]}, 0x3c}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r9}, 0x18)

6m12.873842773s ago: executing program 4 (id=6025):
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)

6m11.794796613s ago: executing program 4 (id=6029):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = inotify_init1(0x800)
fcntl$setsig(r1, 0xa, 0xe)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002180), 0xa0002, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="66b832000f23c80f21f8350800000f23f866f042f65e2e3e0f01c8440f20c03509000000440f22c0f0438636c481596bc1660f3839e866ba4200ed66baf80cb87824f588ef66bafc0cb80e000000ed2666400f3828c5", 0x56}], 0x1, 0x6, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe1000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r9, 0x8916, &(0x7f0000000000)={'bond_slave_1\x00', {0x2, 0x4e31, @empty=0xfdfdffff}})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0xa2, &(0x7f0000000240)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x6c, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1803"}, {}, {0x1, 0x1, "fe906d26efe3"}]}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})

6m10.90285462s ago: executing program 4 (id=6036):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="b0", @ANYRES16=r0], 0xb0)
write$FUSE_LSEEK(r2, &(0x7f0000000600)={0x18, 0x0, 0x0, {0xb9}}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(&(0x7f0000000a00)='./file0\x00', 0x0)

5m59.124841757s ago: executing program 3 (id=6088):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x1a1800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00'], 0x44}}, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

5m59.050452939s ago: executing program 3 (id=6089):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00'})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}]}, 0x3c}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r10}, 0x18)

5m58.229635914s ago: executing program 3 (id=6093):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000680)={{{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@loopback, 0x4e23, 0x0, 0x4e22, 0x5, 0x2, 0x20}, {0x5, 0x3, 0x1, 0x1, 0x8, 0x80000000000, 0x4, 0x1}, {0xa, 0x7, 0x100000001, 0x10}, 0x81, 0x6e6bbf, 0x2, 0x1, 0x2, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x14}, 0x4d4, 0x3c}, 0x2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x3502, 0x0, 0x0, 0x5, 0x3, 0x100, 0x9f}}, 0xe8)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x13, 0xe, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28}, 0x94)
syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000140)='./bus\x00', 0x200000, &(0x7f0000000000)=ANY=[], 0x1, 0x35a, &(0x7f0000000b00)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlEyoRMTWk1fx5j8guOxxbwX1H+jFWwXx4q2XgqBFxJH51ebHJGnSlLTb7wdKnsn7PpP3TUJ43oF5e/DBN582ao5RMzuSzKokRESORIqSlEgifEz6cVp67cir1//cf/HOvfvvliuVm+uqt8p3Xyup6vLKj599kQu77WZkr/jRwWHpj71n954/+O/uJ3VH6442Wx019UHr9475wLZ0o+40DNXbtmU6ltabjtUO2ltBe81ubW521Wxu3Mhvti3HUbPZ1YbV1U5LO+2umh+b9aYahqE38nK1ZGfIqT5aXzfLM77gwxnzMG//uK47prndLptLIkZuqKX66FzHBQAALqSB+v+7qEYoSvK4oEz0rQWG6/8o9ut/b7FwUv8/funnzvX3nyyH9f9uOq7+f/3XIL+v/vdefe71/w8Dx8MV0aW3PU3nM9X/uBhW0kNPJfqOvPo/H67ffV99+HjVD6j/AQAAAAAAAAAAAAAAAAAAAAC4DI5ct+C6biF6jP5ObiEIj6OjcTca49IZ9flnwh0Fjr8PeCrduXdfsv6Ne6llEfvrrepWNXgM26OOq1KQf/3vQyjYcGLHb1RPUX6yt8P87a3qkt9SFlGxxZI1KUixL9+Pb71Tubmmgf78RCrv5dek7ueXpCDPxOeXYvPT8srLPfmGFOSXh9ISWzbC37Eo/8s11bffqwzk5/x+cd48/48FAAAAAIC5MlSz4fI5dv1uGKpx7d5aXnrX58PXB47X16ux6/NU4YXUYucOAAAAAMBV4aQ/b5i2bbWd7sggJ5P6ZMKzjT9PfJCaprMX7PvBtXF9lnpm2NsU7ZQal5UO/4PGFIMPziNHwQWP02T9lZHYNzN2YNkzvKumHc3/FJ2z034EbScZ+x5OCla88ehM0+kJostGo/rI7VnPPCqIds79bULn5779/u/ZXiIR7trb2/TGk+yEmfpBYuCZnQlf2kPXnTiea+f1ewMAAABgcaKiP+dEz7y12AEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAFzXWbtBHBoucIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXBT/BwAA//8L3Pjk")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r4, 0x0, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r5 = syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
wait4(r5, 0x0, 0x40000000, 0x0)

5m57.90151141s ago: executing program 3 (id=6095):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
ioctl$TCSETSW2(r0, 0x80047456, &(0x7f0000000040)={0x3, 0xb, 0xfffffffe, 0x7fffffff, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0xffffffff})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r5)
rmdir(&(0x7f0000000040)='./control\x00')
r6 = openat$cgroup_freezer_state(r5, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r6, &(0x7f00000000c0)='FROZEN\x00', 0x7)
sendfile(r6, r6, 0x0, 0x8000002)

5m56.801432312s ago: executing program 3 (id=6098):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x401, 0x28}, 0x50) (fail_nth: 1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r3)
sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x20, r4, 0x1, 0x70bd28, 0x25dfdffb, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000}, 0x4000000)

5m56.642878035s ago: executing program 3 (id=6100):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYRES32], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000000000004b62e9d6826ccb4f5a93a1a1f4850000001b000000b70000000000000095000000000000002cf4e4c64925ab72833ed0021676affee9f42333d03179d5e4d56537c22a7b261581f2476d3297b1162c8db7ad845e1ed284b3668eaa0f3fba9247b310434b294463f44fb552db6bbdff36cb822341714a82af553d051e508a24e42fd62f6a047f6591e73b7a54fd029d25e5"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'batadv0\x00'})
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r6 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000000010d804dd00000000000001090224"], 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r7}, 0x10)
sync()
sync()
r8 = fsmount(r6, 0x0, 0xa)
fchdir(r8)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
getdents64(r9, &(0x7f0000000080)=""/175, 0xaf)

5m55.34470642s ago: executing program 32 (id=6036):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="b0", @ANYRES16=r0], 0xb0)
write$FUSE_LSEEK(r2, &(0x7f0000000600)={0x18, 0x0, 0x0, {0xb9}}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(&(0x7f0000000a00)='./file0\x00', 0x0)

5m41.525596146s ago: executing program 33 (id=6100):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYRES32], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000000000004b62e9d6826ccb4f5a93a1a1f4850000001b000000b70000000000000095000000000000002cf4e4c64925ab72833ed0021676affee9f42333d03179d5e4d56537c22a7b261581f2476d3297b1162c8db7ad845e1ed284b3668eaa0f3fba9247b310434b294463f44fb552db6bbdff36cb822341714a82af553d051e508a24e42fd62f6a047f6591e73b7a54fd029d25e5"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'batadv0\x00'})
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r6 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000000010d804dd00000000000001090224"], 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r7}, 0x10)
sync()
sync()
r8 = fsmount(r6, 0x0, 0xa)
fchdir(r8)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
getdents64(r9, &(0x7f0000000080)=""/175, 0xaf)

2m45.718798114s ago: executing program 5 (id=7017):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe2d, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$getownex(r0, 0x10, &(0x7f0000000500)={0x0, <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x34}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x1800, 0x76}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r5 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$int_in(r6, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r6, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r7, 0x30e0}], 0x1, 0x0, 0x0, 0x0)
dup2(r6, r7)
fcntl$setown(r7, 0x8, r5)
tkill(r5, 0x13)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='jbd2_lock_buffer_stall\x00', r2, 0x0, 0x2}, 0x18)
kcmp(r4, r5, 0x0, r3, r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(0xffffffffffffffff, 0xf505, 0x0)
r9 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x925, 0x8888, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r9, 0x0, 0x0)
syz_usb_control_io(r9, &(0x7f0000000340)={0x2c, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0}, 0x0)

2m43.452683118s ago: executing program 5 (id=7021):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$AUDIT_SIGNAL_INFO(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x48080)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip6_mr_vif\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x18, 0x68, 0x1, 0x100003, 0x25dfdbfe}, 0x18}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
read$FUSE(r1, &(0x7f0000000240)={0x2020}, 0x2020)
pread64(r1, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
socket$inet6(0xa, 0xa, 0xcd7)
read$ptp(r1, &(0x7f0000000240)=""/225, 0xe1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000000008500000020000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000400)="e0b9547ed387dbe9abc89b6f5b7e", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
syz_mount_image$f2fs(&(0x7f0000010600), &(0x7f0000000040)='./file2\x00', 0x4, &(0x7f00000001c0)=ANY=[], 0x1, 0x1061d, &(0x7f0000020c80)="$eJzs3L1vG2UcB/CfE/pKWyrUFwYQJyGkRKqjOn0RLKhAK0C0VUVhYALHdi23ti+K3dR0YYEBiYmFf4IJ/gYW2FlhYWMBia2iyHePEaVFUMfULfl8pMv3uefufn4e65Ynl1wA29bB7NdfKnEg9kTEYkTsiyjalbQVzpTxVEQ8m7oW0lZJ/X907IyIvRFxYFy8rFlJh57+7dYPX357/plPvv/suw8///nyfGYMPAyej4jeetm+0Sszb5d5NfXXNztF9k5upiwP9K6l/bzMG621osKN+uS8epEn2uX5+fr1wTivdOuNcbY7V4r+9X75gYPN9qROccHV+kax32ytFdkZ5EW2b5bjGqW8ORiWdZqp3gdF+RgOJ1n2t0atcj7r14ps9Iepv6ybN1ujcW6mTB8XjbzbLMaxNvXX/NA73+lfH2WbrY1BJ+9np1ZqL6zUTldrG3mzNWydrNZ7zdMns6V2d3xaddiq986087zdba008t5yttRuNKq1WrZ0trXWqfezWm3lxMrx6qnl1DqWvXbxnazbzJbG+Uqnf33Y6Q6yK/lGVl6xnK2unHhxOXuull2+cCm79Na5cxcuvf3e2XcvvnzhjVfTSXcNK1taPb66Wq0dr67Wlqed+bHbpe06/9KosrXr2ebcPwD3bZr1/4L1P7BF1v/W/7Gt1//mH9b/bNVd98/u+YwDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH7scdX71eNA6W+4+n/v2p68mIOBoRRyLicETcvofF2HlHzUMRUUnte52/4y9j+LoSRYXxNbvStjcizqTt1hP/9bcAAAAAj4DKdJd98c1HH0csjpvFj5dmOyoebumXNrtnVa+4Cx+797H9913tUFFstOVRlQ5PSs7EkYjYcfCnGVU7GhEL+96fUbV/ZfGO2P2nqJSx8CBHAwAAPBh3rgT+ZvUGAADA/8Cn8x4A81E8r01/i5+eBe8qIz0Q3DPZe3MOowMAAABmYcr/GgAAAAAeIcX6/5/f/7c4t/f/TWp4/x8AAABMr3z/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDv7NxNTupQFAfwA7w+eB9GYvjYCiPjkAGLcAkOXYDuxhlrMCGsA2cuwYChvSZWGZj0Akp+v6Tc26b8c0qYnN6mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs01Mxnz4s7+6b5qw3zeS5GgAAAGCXVTGflpN+tf8vHT9Lhy4iYhwRo4gYRsSu3r0Tv2uZg4hopfmu84sPNTxGlAnb73TT9jcirtL2cr7vXwEAAABO13IxmUV0ttPy4/LTGa0jVMWBpJs2vVx55Z/lV660QRl2mylt+BaZxSgiiv5zprRxRLT/X2dK+5JObei9G1rV0D5kNQAAwGHUO4Fs3RsAAADfzs2xC+A4yvXa9Cx+WgvuVkNaEPxT2wMAAAB+IA/3AwAAwOkr+3/v/wMAAIDTVr3/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH1aFfPpcjGZNc1Zb5rJczUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAr+/OSgiEMBGGw/6d6p+D9b6U06FZX7qog8DFDCAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODK6zh5n/FprEm+nTZ+HY8k/64aU1eNuevG0gvj9rnt+R8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO/vzcgIgEINhML61p8X+a/Ki/KBnb4IwA8JHQpAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4m+7+qn9iSOxVNWaamDJuVTVnlViySqw5SGw5aG9/O84PngQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYX/ebSIGwiiMXg8gcEIAJZBbPGogIUJQAg8JyZJroAAaIiEitWiEbWFX8o7jzbzBnpPcL5hgfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg4650vjpI0KXOWlIfPy//jJCcpX+N4fzpl8736G862+fzz+1jzIk9XbZI2zRLnAAAsrpt3ivO8f/Rv18m0N3Vv697V7V6G/nW/3wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMPO/bM2EcZxAH+SNtG6uTiIglbBgmj6h9K0dFEUquAb6BbaWIqplraDLYLUpbgILu4uLrp1cvIdOLmIKOgeQUEEQSpJ7vSpbSVdcil+PvAkvx7H3fPccPC93zUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAP9fVwPq1zIYTjvX/qhrdf7s3s9l2/f2w0HY9OPl+Mj9k4RCGEcHO+Vh3s4Fq62dkw3Pz+8PnhQHwN/95veXXtVqVWqy4pFIruKRo3tUynkcFNCwCAA6uQjEau/1jYnGpsy02GsPV0e/4/F9Whzfy/9WTgdXyuOP8PdWyF3S3N/9PXNyb+lf9LKwuLpeXVtQvzC5W56lz19tDY+NjgSHl0eKzUfJ5S8lQFAACAvRWTEef//OTO/v+RqA5t5v9XL69Nx+fqkf93SPP/5f7+Z+31/zOYJAAAwH/i6KlvX3O7bM8Vi+FuZWVlaaj1+fvv4dZnBlPdt0PJiPN/z2TWswIAAAA6ob6e29b/n43q0Gb///33KyfiY/aEEPqS/v/FmTu12c4tp2ul/f+JS5UbWf//fwbLBwAAoEP6khH3/wvN9//zp9N98iGEgTOtOvkZwLby/88H42/ic8Xv/490boldKV9uXY80/2+8ezG/V/5v7lsOobec0WQBAAA48A4no5H/PxU2p5Z+PL5a9P4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL3bsGKWZIIoD+CSbfF+jGBDE0kIbC1FBsApYCBIPYSEKgieQgHgABc9i4R1EUielB0jhDWRmd0JIo4JkNfx+MPk/QpJ9O9vkDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAp8ZHYSPXRXzplHWzem/43j+POZrJ9N3btYO4Yt2Yb9t/znqVL6PT5+HUHjYO6+sJAACAxVPk+T6E8NZ+OonZ7Kb5fyt/Js78/eWyzvP87NyfM8/+cS09FmeTC3XK67RDCJdX1xe7c7vD320z7KfsvW4/TPbwpjw7mbbyhd9qpeeTTmiK9NiavbvVcTvteuN+MDj+l8r/P38XAMB37eSsivz/KOZenY0BsLBa1QpT83/RrbcnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHn4CAAA//9siZh3")
r7 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r8 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r8, 0x0)
fallocate(r7, 0x0, 0x0, 0x1000f4)
io_setup(0x5ff, &(0x7f0000000040)=<r9=>0x0)
io_submit(r9, 0x1ffffff0, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r8, &(0x7f0000000000)="96", 0xffffff20}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r7, 0x0, 0x0, 0xffffffffffffffff}])
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x4)
setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000001c0)={@remote}, 0x14)

2m40.684091671s ago: executing program 5 (id=7032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00'})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r8}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2m39.74933332s ago: executing program 5 (id=7037):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x44}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r7}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)

2m38.541889603s ago: executing program 5 (id=7039):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @multicast2, @loopback}, 0xc)
r5 = socket$inet(0x2, 0x3, 0x2)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1e, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7000000000000009539e900553d431d34cf9f91da0efe3661dcee43a857b5f2057c528d117c0aae6f13c734e950c84eb40e6df7947c5919961a0cda96d533dcf3f6b956290d2e38bca7bfddf742450d01a748d2233c5b5b1c8697f42458ab711c5b40f181498d5698d44cd71fdcb12498329c8dbc92cfea70"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x4000000, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0)
r7 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x50480, 0x10)
mknodat$null(r7, &(0x7f0000000340)='./bus\x00', 0x2, 0x103)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc2002}]})
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)

2m37.171595729s ago: executing program 5 (id=7042):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000080000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000d0000000000000000060e90000"], 0x50) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f00000006c0), &(0x7f0000000700)='%pS    \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

2m21.588052371s ago: executing program 34 (id=7042):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000080000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000d0000000000000000060e90000"], 0x50) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f00000006c0), &(0x7f0000000700)='%pS    \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

8.011459855s ago: executing program 2 (id=7706):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000005b574e69622bf85eda07b3"], 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000380)={0x20, 0x15, 0x1, '('}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0)

7.461398956s ago: executing program 2 (id=7730):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$getownex(r0, 0x10, &(0x7f0000000500)={0x0, <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x34}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x1800, 0x76}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r4 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r5, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r6, 0x30e0}], 0x1, 0x0, 0x0, 0x0)
dup2(r5, r6)
fcntl$setown(r6, 0x8, r4)
tkill(r4, 0x13)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='jbd2_lock_buffer_stall\x00', r1, 0x0, 0x2}, 0x18)
kcmp(r3, r4, 0x0, r2, r7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(0xffffffffffffffff, 0xf505, 0x0)
r8 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x925, 0x8888, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r8, 0x0, 0x0)
syz_usb_control_io(r8, &(0x7f0000000340)={0x2c, &(0x7f0000000700)=ANY=[@ANYBLOB=' \n\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)

7.145851572s ago: executing program 0 (id=7733):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r9}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

6.702317191s ago: executing program 2 (id=7735):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x103043, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8, 0x4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
memfd_create(0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'syz_tun\x00'})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x0, 0x4, 0x29d}, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5432, 0x0)

6.314084648s ago: executing program 0 (id=7737):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = inotify_init1(0x800)
fcntl$setsig(r0, 0xa, 0xe)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002180), 0xa0002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="66b832000f23c80f21f8350800000f23f866f042f65e2e3e0f01c8440f20c03509000000440f22c0f0438636c481596bc1660f3839e866ba4200ed66baf80cb87824f588ef66bafc0cb80e000000ed2666400f3828c5", 0x56}], 0x1, 0x6, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe1000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000000)={'bond_slave_1\x00', {0x2, 0x4e31, @empty=0xfdfdffff}})
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0xa2, &(0x7f0000000240)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x6c, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1803"}, {}, {0x1, 0x1, "fe906d26efe3"}]}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
syz_read_part_table(0x1047, &(0x7f0000001180)="$eJzsz8sNwjAQBNCx4wjSBU3RTw7QDF1QCpUYWcmBFIAQ0nuX8Wd3pQ0/VZO8WtsOu9O4zDXpvS8ZkeQ8fkqSduifL/NtSk0ph+dlz8/itWddU+/l2TJt066P720GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/jHQAA//8m0Qug")

5.409536306s ago: executing program 7 (id=7740):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000200)={r0, 0x0, 0x0, 0x4}, 0x20)

5.409151816s ago: executing program 7 (id=7741):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00'], 0x48)
getgid()
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000000140)=ANY=[], 0x1, 0x152b, &(0x7f0000000a00)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40850)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x104000b, @empty, 0x80ad}, 0x1c)
r6 = socket$inet6(0xa, 0x80002, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000340)={0x1, &(0x7f0000000300)=[{0x6, 0xe, 0x3, 0x3}]})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = syz_io_uring_setup(0xf00, &(0x7f0000000180)={0x0, 0x7c99, 0x1, 0x0, 0x332}, &(0x7f0000000000), &(0x7f0000000040))
io_uring_register$IORING_REGISTER_BUFFERS(r9, 0x0, &(0x7f0000000140)=[{0x0}], 0x1)
io_uring_register$IORING_UNREGISTER_BUFFERS(r4, 0x1, 0x0, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)

4.832115407s ago: executing program 0 (id=7742):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0xa000, 0x1da)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703"], 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61120c00000000006113500000000000bf200000000000001500000008ffffffbd0301000000000095000000000000006916320000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c61449347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e00"/773], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000040))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x503, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x40}}, 0x8000)

4.617377791s ago: executing program 6 (id=7744):
syz_usb_connect(0x0, 0x3e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x41, 0xb3, 0x45, 0x8, 0xa46, 0x9601, 0x9468, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2c, 0x1, 0xf4, 0x4, 0x10, 0x0, [{{0x9, 0x4, 0xe4, 0xd5, 0x2, 0xbc, 0xb6, 0x71, 0x0, [], [{{0x9, 0x5, 0x2, 0x0, 0x200, 0x8, 0x1, 0x1}}, {{0x9, 0x5, 0xc, 0x4, 0x20, 0x8, 0x2, 0x26, [@generic={0x8, 0xb, "8e647ecf2009"}]}}]}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d49"], 0x0}, 0x94)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r0, 0x88, 0x2f, &(0x7f00000004c0)={0x2, {{0x2, 0x4e20, @multicast2}}, {{0x2, 0x4e21, @remote}}}, 0x108)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ptrace(0x10, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x7ff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r4}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c", 0xd4d}], 0x1}, 0x0)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000a40))
syz_usb_connect$cdc_ncm(0x3, 0x137, &(0x7f0000000d80)=ANY=[@ANYBLOB="12010207020000ff2505a1a44000010203010902250102014010050904000001020d00000b2406000119d8a7db102305240008000d240f01c50000000800020b6a06241af8ff0c08241ce20a030300052415b9ffaf241302ce4e49bc09578a42ea8804774428738aea89f4a04305cd3a3a883da776d3094ee01e6877e331c0e3dd9037adadd97049c42d790d953af2caaccd814b2d9eb40d98eb14d3d8988e7752fdd8b0c2878b35e09713b73109652cd75caac090bd559870b59a2be5347d53b6642cc6cf627300afdb3f742768198689bff127228d1ebd9777936397d7d48bc105250344bb5616d900f1b3cb2bfc9289479529bae72dbbe3a000f1c3f8c4fd5f352d07240a0115eb05090581035c000003f40904010000020d00000904010102020d0000090582022000010709090503024000fa02b8"], &(0x7f0000001080)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x110, 0x12, 0x92, 0x0, 0x20, 0x3}, 0xc5, &(0x7f0000000ec0)={0x5, 0xf, 0xc5, 0x3, [@generic={0xaf, 0x10, 0xb, "eb25ae6e24acb77ae87a74cfe71ff036e63a77b39e2f6392c6589b442cd738f70d18759ec6cd4fd2d4495046f8618a654eacbbf439ba41ba84c7480e6594c8e0823f3679fa76af27e3cd275866b889a201460c00e9c643930a34060d1bf396eacd6dba52a8950e88905ec40fb57e518b8612aaae0e31f761f74b7c4d9c3fde3089b852b32e201a673410f572c07d8712b8e830f933c16396cd75281be83461696a13a17e3ca08888a8ec39f4"}, @ext_cap={0x7, 0x10, 0x2, 0x5cf526b0f89026a5, 0xe, 0x2, 0x7fff}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x6, 0x4, 0xb, 0x4}]}, 0x3, [{0x4, &(0x7f0000000fc0)=@lang_id={0x4, 0x3, 0x440a}}, {0x4, &(0x7f0000001000)=@lang_id={0x4, 0x3, 0xf8ff}}, {0x4, &(0x7f0000001040)=@lang_id={0x4, 0x3, 0x44a}}]})
ioctl$VHOST_VDPA_GET_CONFIG_SIZE(r1, 0x8004af79, &(0x7f00000014c0))

4.483171584s ago: executing program 2 (id=7746):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x336, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0xc, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x6, 0xa, 0x40}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@global=@item_012={0x1, 0x1, 0x8, "1f"}, @main=@item_012={0x2, 0x0, 0x8, 'Q;'}, @local=@item_012={0x1, 0x2, 0x5, "94"}]}}, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x18000000000002a0, 0x28, 0x0, &(0x7f00000007c0)="d2205d96c717ab96f0ded75d86dd9927dad402a5852031a40676897d78362ab4c958b6f9213de17f", 0x0, 0xd5b7, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r6 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCy8zwzu8/z3cmTeZ6dPDsBlNZ49iON2BVx51QSMdaybTQaG8fz/W7/du10tiRRq73+axJJntfcP8kft+eJ4Yj49mjEo5XV5S5cuXp2ulpreC9i/+K5i/sXrlzdN39u+szsmdnzUwdeOHho8sWpg1MbEuf2/PHY8dee/Pj9t5+f+666L4nDcXLw3ZlYEcdGGY/xuJOH2Jo/EBGHspU278vDZguEUGqV/PdxMCIej7Go1FMNYzH/UaGVA3qqVomoASWVaP9QUs1+QHNs3904+GSPeyX9c+tIYwC0Ov6BxmcjMVwfG227nbSMjBqfbezYgPKzMv65tvvzbIlln0P8effoDGxAOZ0sXY+IJ9rFn9TrtqMeaRZ/uqwe2bhxMiKG8vq98gB1SFrWe/E5zFrWG38aEYfzxyz/6DrLH1+R7nf8AJTTzSP5iXwpS907/2V9j2b/J9r0f0bbnLvWo+jzX+f+X/N8P1zv66Qr+mFZn+VE+5ccXJnx04fHPu1Ufmv/L1uy8pt9wX64dT1i94r4P8iCzfs/WfxJm+Of7XLqcHdlvPr9L8c6bSs6/tqNiD1txz/3eqXZ2hrXJ/fPzVdnJxs/25bx9Tdvfdmp/KLjz47/tg7xtxz/dOXzsvfkYpdlfHXixrlO20bvG3/681DSGG8O5TnvTC8uXpqKGEqO57u05B9Yuy7NfZqvkcW/95n27X/Z7//15a8z0vyT2YWLb5y93Wnbeo5/y8XkO7Uu69BJFv/M/Y//qvaf5X3SZRl/vHn5qU7b1op/5EECAwAAAAAAgBJK69dgk3Ti7nqaTkw05ss+FtvS6oWFxWfnLlw+PxOxt/7/kINp80r3WCOdZOmp/P9hm+kDK9LPRcTOiPisMlJPT5y+UJ0pOngAAAAAAAAAAAAAAAAAAADYJLbn8/+b96n+vdKY/w+URC9vMAdsbto/lFe9/a+6xRNQBs7/UF7aP5SX9g/lpf1DeWn/UF7aP5SX9g/lpf0DAAAAwJa08+mbPyYRsfTSSH3JDOXbzAiCrW2w6AoAhakUXQGgMHcv/evsQ+l01f//K/9ywN5XByhA0i6z3jmord34b7Z9JgAAAAAAAAAAAADQA3t2dZ7/b24wbG2m/UF5PcD8f18dAA85X/0P5WWMD9xvFv9wpw3m/wMAAAAAAAAAAABA34zWlySdyOcCj0aaTkxE/D8idsRgMjdfnZ2MiEci4ofK4P+y9FTRlQYAAAAAAAAAAAAAAAAAAIAtZuHK1bPT1erspdaVv1flbO2V5l1Q+1DWy/EfnxVJ/9+WkYgo/KD0bGWgJSeJWMqO/Kao2KWF2BzVqK8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hzjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793K0XHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8nP4NAAD//4n5QC4=")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
preadv(r7, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {0x0, 0x1}, 0x0, 0x80, 0x0, 0x0, 0x6, 0x81, 0x0, 0x1, 0x101, 0x0})
r8 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
fgetxattr(r6, &(0x7f0000000300)=@random={'btrfs.', 'msdos\x00'}, 0x0, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

4.314588027s ago: executing program 7 (id=7747):
r0 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x1, &(0x7f0000000000)=0x70, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x2, 0x2)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x0, 0xea}]}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x40000102)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_THP_DISABLE(0x29, 0x1)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x44, 0x1, 0x1, 0x201, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @private}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x899}]}]}, 0x44}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x510, 0xd0, 0xd0, 0x428, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x1b8, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6, 0x0, 0x0, 0x4a}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r6, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r6, 0x0, 0x8, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r6, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/229, 0xe5}, 0x4}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/14, 0xe}, 0x6}], 0x2, 0x45833af92e4b39ff, 0x0)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000004c0)="ea6d177f4bca9fdd116cfe98efd4953a9819c23df89e1915ca87034640e03a455bc243e90b1abb18f2907a0741170177e74f7c883ffacb823f2db3515b8e6aa8a863eae7ac1773e9dd0213bd2742121b65b50995549076c9053cda2e6e3ddbb32ccf7e412a91831178f0c14dceff81869199bbb78b0924f83081c310971a9f7022b66741f1d374e0288348a3669c277bc4da04fe3b113afe9ca8e5d085795d3b78d4cb78f48d37b113e200bcd56a2f892326882a27f6ecf8a3ab9db8f1d61f4131cbb288ce3e8c8aaefd62", 0xcb}], 0x1}}], 0x1, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000840)={{{@in6=@private2, @in6=@dev}}, {{@in6=@local}, 0x0, @in6=@empty}}, &(0x7f00000005c0)=0xe8)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
getegid()
sendto$inet(r0, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

4.077383331s ago: executing program 6 (id=7748):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_emit_ethernet(0x3a, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x9, 0x4, 0x1, 0xb, 0x2c, 0x66, 0x0, 0x6, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, {[@ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0xc, 0x8, 0x3, 0x7, [{@empty, 0x5}]}]}}, @address_reply={0x12, 0x0, 0x0, 0xfffffff9}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xe75f0000)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = dup2(r2, r2)
sendto$inet6(r3, &(0x7f0000000000)="7800000018001f05b9409b0dffff000d0203be040205060506014007040016000f000000fac8388827a685a168d9a4c6040045653600648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902003a03004a32000400040012000a00000000000000000000080756ede4ccbe5880", 0x78, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r4}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r5 = io_uring_setup(0x1698, &(0x7f0000000080)={0x0, 0x49b7, 0x20})
r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000200)={0x7fff, 0x100000000})
ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000580)={0x4, 0x1, 0x8080000, 0x2000, &(0x7f00007f9000/0x2000)=nil, 0x149, r6})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r8}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x9c)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
mincore(&(0x7f0000496000/0x1000)=nil, 0x1000, &(0x7f00000003c0)=""/228)
r9 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_IPV6_RTHDR(r9, 0x29, 0x39, 0x0, 0x0)

3.998462503s ago: executing program 7 (id=7749):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @cgroup_device=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x1b, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
close_range(r6, r7, 0x0)
r8 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r8, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')

3.893429255s ago: executing program 2 (id=7750):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="700000001000010025bd7000fddbdf2500000000", @ANYRES32=r3, @ANYBLOB="380100005f0202002c0012801100010062"], 0x70}, 0x1, 0x0, 0x0, 0x8001}, 0x40040c4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e000000eb0c0000980c00000400000020440000", @ANYRES32=r0, @ANYBLOB="0200"/20, @ANYRES32=r3, @ANYRES32, @ANYBLOB="00000000020000000000000002000000000000040000000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket(0x2, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x30, 0x3, 0x51, 0xfffff034}]}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@multicast, @random="bad4f9431624", @val={@val={0x88a8, 0x4, 0x1}, {0x8100, 0x6, 0x1, 0x1}}, {@ipv6={0x86dd, @dccp_packet={0x8, 0x6, "ef0ea7", 0x10, 0x21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], {{0x4e21, 0x4e22, 0x4, 0x1, 0xe, 0x0, 0x0, 0x6, 0x5, "a09617", 0x6, "549a6e"}}}}}}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="88291242a03c3f98722780b605a7", 0x0, 0xfeff, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.697766959s ago: executing program 6 (id=7751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r8}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)

3.613770971s ago: executing program 1 (id=7752):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000200)={r0, 0x0, 0x0, 0x4}, 0x20)

2.841542206s ago: executing program 1 (id=7753):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = inotify_init1(0x800)
fcntl$setsig(r0, 0xa, 0xe)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002180), 0xa0002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="66b832000f23c80f21f8350800000f23f866f042f65e2e3e0f01c8440f20c03509000000440f22c0f0438636c481596bc1660f3839e866ba4200ed66baf80cb87824f588ef66bafc0cb80e000000ed2666400f3828c5", 0x56}], 0x1, 0x6, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe1000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000000)={'bond_slave_1\x00', {0x2, 0x4e31, @empty=0xfdfdffff}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
syz_read_part_table(0x1047, &(0x7f0000001180)="$eJzsz8sNwjAQBNCx4wjSBU3RTw7QDF1QCpUYWcmBFIAQ0nuX8Wd3pQ0/VZO8WtsOu9O4zDXpvS8ZkeQ8fkqSduifL/NtSk0ph+dlz8/itWddU+/l2TJt066P720GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/jHQAA//8m0Qug")

2.423188234s ago: executing program 6 (id=7754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x44}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r10}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.302112776s ago: executing program 0 (id=7755):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = inotify_init1(0x800)
fcntl$setsig(r1, 0xa, 0xe)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002180), 0xa0002, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="66b832000f23c80f21f8350800000f23f866f042f65e2e3e0f01c8440f20c03509000000440f22c0f0438636c481596bc1660f3839e866ba4200ed66baf80cb87824f588ef66bafc0cb80e000000ed2666400f3828c5", 0x56}], 0x1, 0x6, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe1000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, 0x0, 0x0)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r9, 0x8916, &(0x7f0000000000)={'bond_slave_1\x00', {0x2, 0x4e31, @empty=0xfdfdffff}})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0xa2, &(0x7f0000000240)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x6c, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1803"}, {}, {0x1, 0x1, "fe906d26efe3"}]}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})

2.291022286s ago: executing program 7 (id=7756):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x103043, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8, 0x4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
memfd_create(0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'syz_tun\x00'})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x0, 0x4, 0x29d}, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5432, 0x0)

1.891900974s ago: executing program 1 (id=7757):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x6, 0x4, 0xfff, 0x7, 0x88}, 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000040000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x14200, 0x0)
io_cancel(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x6, 0x100, 0xffffffffffffffff, &(0x7f0000000180)="37187c2e17837ab6ca200df181f7e599fe3c7bd346fbaa7feaa7935a080dfcf69204f2499ef86fce87d84c53ebf32c47dffb4fc37b3dd791016fa157092da211bc633ee51187c5d802337357ebcd0b4452a54b0b1d7c3bd1a8e2fa53a4833a408d016cd7734e4ee2deae0e0f7466c3cf46c6e5445f40cb6b568dbb71df0893a40b3132f12d6b21", 0x87, 0xa, 0x0, 0x2, r2}, &(0x7f00000002c0))

1.837529235s ago: executing program 1 (id=7758):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
flock(r5, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}]}}]}, 0x38}}, 0x4048000)

1.710175657s ago: executing program 2 (id=7759):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe2d, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$getownex(r0, 0x10, &(0x7f0000000500)={0x0, <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x34}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x1800, 0x76}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r5 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
fcntl$setsig(r6, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r7, 0x30e0}], 0x1, 0x0, 0x0, 0x0)
dup2(r6, r7)
fcntl$setown(r7, 0x8, r5)
tkill(r5, 0x13)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='jbd2_lock_buffer_stall\x00', r2, 0x0, 0x2}, 0x18)
kcmp(r4, r5, 0x0, r3, r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(0xffffffffffffffff, 0xf505, 0x0)
r9 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x925, 0x8888, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r9, 0x0, 0x0)
syz_usb_control_io(r9, &(0x7f0000000340)={0x2c, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.514245961s ago: executing program 0 (id=7760):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x336, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0xc, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x6, 0xa, 0x40}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@global=@item_012={0x1, 0x1, 0x8, "1f"}, @main=@item_012={0x2, 0x0, 0x8, 'Q;'}, @local=@item_012={0x1, 0x2, 0x5, "94"}]}}, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x18000000000002a0, 0x28, 0x0, &(0x7f00000007c0)="d2205d96c717ab96f0ded75d86dd9927dad402a5852031a40676897d78362ab4c958b6f9213de17f", 0x0, 0xd5b7, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r6 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCy8zwzu8/z3cmTeZ6dPDsBlNZ49iON2BVx51QSMdaybTQaG8fz/W7/du10tiRRq73+axJJntfcP8kft+eJ4Yj49mjEo5XV5S5cuXp2ulpreC9i/+K5i/sXrlzdN39u+szsmdnzUwdeOHho8sWpg1MbEuf2/PHY8dee/Pj9t5+f+666L4nDcXLw3ZlYEcdGGY/xuJOH2Jo/EBGHspU278vDZguEUGqV/PdxMCIej7Go1FMNYzH/UaGVA3qqVomoASWVaP9QUs1+QHNs3904+GSPeyX9c+tIYwC0Ov6BxmcjMVwfG227nbSMjBqfbezYgPKzMv65tvvzbIlln0P8effoDGxAOZ0sXY+IJ9rFn9TrtqMeaRZ/uqwe2bhxMiKG8vq98gB1SFrWe/E5zFrWG38aEYfzxyz/6DrLH1+R7nf8AJTTzSP5iXwpS907/2V9j2b/J9r0f0bbnLvWo+jzX+f+X/N8P1zv66Qr+mFZn+VE+5ccXJnx04fHPu1Ufmv/L1uy8pt9wX64dT1i94r4P8iCzfs/WfxJm+Of7XLqcHdlvPr9L8c6bSs6/tqNiD1txz/3eqXZ2hrXJ/fPzVdnJxs/25bx9Tdvfdmp/KLjz47/tg7xtxz/dOXzsvfkYpdlfHXixrlO20bvG3/681DSGG8O5TnvTC8uXpqKGEqO57u05B9Yuy7NfZqvkcW/95n27X/Z7//15a8z0vyT2YWLb5y93Wnbeo5/y8XkO7Uu69BJFv/M/Y//qvaf5X3SZRl/vHn5qU7b1op/5EECAwAAAAAAgBJK69dgk3Ti7nqaTkw05ss+FtvS6oWFxWfnLlw+PxOxt/7/kINp80r3WCOdZOmp/P9hm+kDK9LPRcTOiPisMlJPT5y+UJ0pOngAAAAAAAAAAAAAAAAAAADYJLbn8/+b96n+vdKY/w+URC9vMAdsbto/lFe9/a+6xRNQBs7/UF7aP5SX9g/lpf1DeWn/UF7aP5SX9g/lpf0DAAAAwJa08+mbPyYRsfTSSH3JDOXbzAiCrW2w6AoAhakUXQGgMHcv/evsQ+l01f//K/9ywN5XByhA0i6z3jmord34b7Z9JgAAAAAAAAAAAADQA3t2dZ7/b24wbG2m/UF5PcD8f18dAA85X/0P5WWMD9xvFv9wpw3m/wMAAAAAAAAAAABA34zWlySdyOcCj0aaTkxE/D8idsRgMjdfnZ2MiEci4ofK4P+y9FTRlQYAAAAAAAAAAAAAAAAAAIAtZuHK1bPT1erspdaVv1flbO2V5l1Q+1DWy/EfnxVJ/9+WkYgo/KD0bGWgJSeJWMqO/Kao2KWF2BzVqK8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hzjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793K0XHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8nP4NAAD//4n5QC4=")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
preadv(r7, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {0x0, 0x1}, 0x0, 0x80, 0x0, 0x0, 0x6, 0x81, 0x0, 0x1, 0x101, 0x0})
r8 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
fgetxattr(r6, &(0x7f0000000300)=@random={'btrfs.', 'msdos\x00'}, 0x0, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

1.510584801s ago: executing program 6 (id=7761):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @cgroup_device=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x1b, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
close_range(r6, r7, 0x0)
r8 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r8, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')

760.075566ms ago: executing program 7 (id=7762):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @cgroup_device=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r7, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')

696.330517ms ago: executing program 1 (id=7763):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000"], 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000200)={r0, 0x0, 0x0, 0x4}, 0x20)

254.075336ms ago: executing program 0 (id=7764):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
flock(r3, 0x8)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}]}}]}, 0x38}}, 0x4048000)

253.524456ms ago: executing program 1 (id=7765):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdb, 0xc1fa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
fsmount(0xffffffffffffffff, 0x0, 0x78)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r8}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)

0s ago: executing program 6 (id=7766):
read$FUSE(0xffffffffffffffff, &(0x7f0000001740)={0x2020, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x2020)
prlimit64(r0, 0xa, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getuid()
ioctl$EXT4_IOC_GETSTATE(r3, 0x40046629, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

s_ioctl+0x7b/0x90
[ 1018.039046][T15135]  x64_sys_call+0x58b/0x9a0
[ 1018.043532][T15135]  do_syscall_64+0x4c/0xa0
[ 1018.048030][T15135]  ? clear_bhb_loop+0x30/0x80
[ 1018.052697][T15135]  ? clear_bhb_loop+0x30/0x80
[ 1018.057367][T15135]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1018.063242][T15135] RIP: 0033:0x7fd96998ebe9
[ 1018.067639][T15135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1018.087227][T15135] RSP: 002b:00007fd96a7a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1018.095622][T15135] RAX: ffffffffffffffda RBX: 00007fd969bc5fa0 RCX: 00007fd96998ebe9
[ 1018.103584][T15135] RDX: 0000000000000000 RSI: 0000000000008946 RDI: 0000000000000003
[ 1018.111553][T15135] RBP: 00007fd96a7a0090 R08: 0000000000000000 R09: 0000000000000000
[ 1018.119520][T15135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1018.127484][T15135] R13: 00007fd969bc6038 R14: 00007fd969bc5fa0 R15: 00007fff1249c478
[ 1018.135451][T15135]  </TASK>
[ 1018.144099][T15137] device pim6reg1 entered promiscuous mode
[ 1018.270950][T15150] device pim6reg1 entered promiscuous mode
[ 1018.320944][   T24] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 1018.450913][T11564] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 1018.510899][   T24] usb 1-1: Using ep0 maxpacket: 8
[ 1018.516985][   T24] usb 1-1: config 244 has an invalid interface number: 228 but max is 0
[ 1018.525418][   T24] usb 1-1: config 244 has no interface number 0
[ 1018.531717][   T24] usb 1-1: config 244 interface 228 altsetting 213 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1018.543182][   T24] usb 1-1: config 244 interface 228 has no altsetting 0
[ 1018.551687][   T24] usb 1-1: New USB device found, idVendor=0a46, idProduct=9601, bcdDevice=94.68
[ 1018.560795][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1018.568845][   T24] usb 1-1: Product: syz
[ 1018.573139][   T24] usb 1-1: Manufacturer: syz
[ 1018.577776][   T24] usb 1-1: SerialNumber: syz
[ 1018.590934][  T413] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1018.632196][T11564] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1018.642382][T11564] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1018.651307][T11564] usb 3-1: config 1 has no interface number 0
[ 1018.657454][T11564] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1018.671877][T11564] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1018.681337][T11564] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1018.690015][T11564] usb 3-1: Product: syz
[ 1018.694768][T11564] usb 3-1: Manufacturer: syz
[ 1018.699977][T11564] usb 3-1: SerialNumber: syz
[ 1018.705930][T11564] usb 3-1: selecting invalid altsetting 1
[ 1018.771959][  T413] usb 4-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1018.781250][  T413] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.790031][  T413] usb 4-1: config 0 descriptor??
[ 1018.792326][T15136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1018.803559][T15136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1018.816496][   T24] dm9601: probe of 1-1:244.228 failed with error -22
[ 1018.824741][   T24] usb 1-1: USB disconnect, device number 127
[ 1018.906610][T11564] cdc_ncm 3-1:1.1: bind() failure
[ 1018.912487][T11564] usb 3-1: USB disconnect, device number 125
[ 1019.040914][ T3734] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1019.204270][  T413] smartjoyplus 0003:0925:8888.00BD: unknown main item tag 0x0
[ 1019.211795][  T413] smartjoyplus 0003:0925:8888.00BD: unknown main item tag 0x0
[ 1019.219267][  T413] smartjoyplus 0003:0925:8888.00BD: unknown main item tag 0x0
[ 1019.226794][  T413] smartjoyplus 0003:0925:8888.00BD: unknown main item tag 0x0
[ 1019.234321][  T413] smartjoyplus 0003:0925:8888.00BD: unknown main item tag 0x0
[ 1019.240889][ T3734] usb 2-1: Using ep0 maxpacket: 8
[ 1019.242410][  T413] smartjoyplus 0003:0925:8888.00BD: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.3-1/input0
[ 1019.247944][ T3734] usb 2-1: config 244 has an invalid interface number: 228 but max is 0
[ 1019.258785][  T413] smartjoyplus 0003:0925:8888.00BD: no output reports found
[ 1019.267203][ T3734] usb 2-1: config 244 has no interface number 0
[ 1019.282338][ T3734] usb 2-1: config 244 interface 228 altsetting 213 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1019.294706][ T3734] usb 2-1: config 244 interface 228 has no altsetting 0
[ 1019.304729][ T3734] usb 2-1: New USB device found, idVendor=0a46, idProduct=9601, bcdDevice=94.68
[ 1019.335896][ T3734] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1019.344668][ T3734] usb 2-1: Product: syz
[ 1019.349226][ T3734] usb 2-1: Manufacturer: syz
[ 1019.354679][ T3734] usb 2-1: SerialNumber: syz
[ 1019.438196][  T413] usb 4-1: USB disconnect, device number 13
[ 1019.695820][T15153] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1019.705040][T15153] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1019.722477][ T3734] dm9601: probe of 2-1:244.228 failed with error -22
[ 1019.738407][ T3734] usb 2-1: USB disconnect, device number 88
[ 1019.890932][T11564] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1020.073084][T11564] usb 1-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1020.082265][T11564] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1020.090663][T11564] usb 1-1: config 0 descriptor??
[ 1020.194197][T15175] FAULT_INJECTION: forcing a failure.
[ 1020.194197][T15175] name failslab, interval 1, probability 0, space 0, times 0
[ 1020.207131][T15175] CPU: 1 PID: 15175 Comm: syz.3.4389 Not tainted syzkaller #0
[ 1020.214599][T15175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1020.224662][T15175] Call Trace:
[ 1020.227948][T15175]  <TASK>
[ 1020.230883][T15175]  __dump_stack+0x21/0x24
[ 1020.235205][T15175]  dump_stack_lvl+0xee/0x150
[ 1020.239786][T15175]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1020.245231][T15175]  ? __kasan_check_write+0x14/0x20
[ 1020.250338][T15175]  dump_stack+0x15/0x24
[ 1020.254494][T15175]  should_fail_ex+0x3d4/0x520
[ 1020.259159][T15175]  ? getname_flags+0xb9/0x500
[ 1020.263820][T15175]  __should_failslab+0xac/0xf0
[ 1020.268571][T15175]  should_failslab+0x9/0x20
[ 1020.273086][T15175]  kmem_cache_alloc+0x3b/0x330
[ 1020.277838][T15175]  getname_flags+0xb9/0x500
[ 1020.282334][T15175]  getname+0x19/0x20
[ 1020.286217][T15175]  do_sys_openat2+0xcb/0x7e0
[ 1020.290827][T15175]  ? __kasan_check_write+0x14/0x20
[ 1020.295933][T15175]  ? do_sys_open+0xe0/0xe0
[ 1020.300330][T15175]  ? ksys_write+0x1eb/0x240
[ 1020.304819][T15175]  ? __cfi_ksys_write+0x10/0x10
[ 1020.309655][T15175]  __x64_sys_openat+0x136/0x160
[ 1020.314492][T15175]  x64_sys_call+0x783/0x9a0
[ 1020.318979][T15175]  do_syscall_64+0x4c/0xa0
[ 1020.323376][T15175]  ? clear_bhb_loop+0x30/0x80
[ 1020.328041][T15175]  ? clear_bhb_loop+0x30/0x80
[ 1020.332713][T15175]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1020.338598][T15175] RIP: 0033:0x7f1c39d8ebe9
[ 1020.343006][T15175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1020.362599][T15175] RSP: 002b:00007f1c3ab3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1020.371091][T15175] RAX: ffffffffffffffda RBX: 00007f1c39fc6180 RCX: 00007f1c39d8ebe9
[ 1020.379054][T15175] RDX: 000000000000275a RSI: 0000200000000240 RDI: ffffffffffffff9c
[ 1020.387011][T15175] RBP: 00007f1c3ab3f090 R08: 0000000000000000 R09: 0000000000000000
[ 1020.394962][T15175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1020.402917][T15175] R13: 00007f1c39fc6218 R14: 00007f1c39fc6180 R15: 00007fff3624fe88
[ 1020.410877][T15175]  </TASK>
[ 1020.819770][T11564] smartjoyplus 0003:0925:8888.00BE: unknown main item tag 0x0
[ 1020.827507][T11564] smartjoyplus 0003:0925:8888.00BE: unknown main item tag 0x0
[ 1020.835061][T11564] smartjoyplus 0003:0925:8888.00BE: unknown main item tag 0x0
[ 1020.843284][T11564] smartjoyplus 0003:0925:8888.00BE: unknown main item tag 0x0
[ 1021.348712][T15187] device pim6reg1 entered promiscuous mode
[ 1021.356332][T11564] smartjoyplus 0003:0925:8888.00BE: unknown main item tag 0x0
[ 1021.364535][T11564] smartjoyplus 0003:0925:8888.00BE: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.0-1/input0
[ 1021.376408][T11564] smartjoyplus 0003:0925:8888.00BE: no output reports found
[ 1021.385064][T11564] usb 1-1: USB disconnect, device number 2
[ 1021.556115][T15195] device pim6reg1 entered promiscuous mode
[ 1021.750927][  T347] usb 3-1: new high-speed USB device number 126 using dummy_hcd
[ 1021.816733][T15198] device pim6reg1 entered promiscuous mode
[ 1021.840917][ T9700] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1021.941952][  T347] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1021.952117][  T347] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1021.961020][  T347] usb 3-1: config 1 has no interface number 0
[ 1021.967120][  T347] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1021.982652][  T347] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1021.991914][  T347] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1022.000007][  T347] usb 3-1: Product: syz
[ 1022.004491][  T347] usb 3-1: Manufacturer: syz
[ 1022.009139][  T347] usb 3-1: SerialNumber: syz
[ 1022.015377][  T347] usb 3-1: selecting invalid altsetting 1
[ 1022.022372][ T9700] usb 5-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1022.031598][ T9700] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1022.040052][ T9700] usb 5-1: config 0 descriptor??
[ 1022.359819][  T347] cdc_ncm 3-1:1.1: bind() failure
[ 1022.366068][  T347] usb 3-1: USB disconnect, device number 126
[ 1022.473575][ T9700] smartjoyplus 0003:0925:8888.00BF: unknown main item tag 0x0
[ 1022.481197][ T9700] smartjoyplus 0003:0925:8888.00BF: unknown main item tag 0x0
[ 1022.698251][ T9700] smartjoyplus 0003:0925:8888.00BF: unknown main item tag 0x0
[ 1022.705877][ T9700] smartjoyplus 0003:0925:8888.00BF: unknown main item tag 0x0
[ 1022.714038][ T9700] smartjoyplus 0003:0925:8888.00BF: unknown main item tag 0x0
[ 1022.722231][ T9700] smartjoyplus 0003:0925:8888.00BF: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.4-1/input0
[ 1022.734896][ T9700] smartjoyplus 0003:0925:8888.00BF: no output reports found
[ 1022.743651][ T9700] usb 5-1: USB disconnect, device number 15
[ 1023.075906][T15216] loop2: detected capacity change from 0 to 256
[ 1023.084437][   T28] audit: type=1400 audit(1756864570.898:494): avc:  denied  { mount } for  pid=15214 comm="syz.2.4400" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1023.107422][   T28] audit: type=1400 audit(1756864570.928:495): avc:  denied  { write } for  pid=15214 comm="syz.2.4400" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1023.129599][   T28] audit: type=1400 audit(1756864570.928:496): avc:  denied  { add_name } for  pid=15214 comm="syz.2.4400" name="cpuacct.usage_percpu_sys" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1023.152005][   T28] audit: type=1400 audit(1756864570.928:497): avc:  denied  { associate } for  pid=15214 comm="syz.2.4400" name="cpuacct.usage_percpu_sys" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1023.175959][   T28] audit: type=1400 audit(1756864570.988:498): avc:  denied  { read append open } for  pid=15214 comm="syz.2.4400" path=2F3238372FE91F7189591E9233614B2F637075616363742E75736167655F7065726370755F737973 dev="loop2" ino=1048623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1023.240074][  T409] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1023.270993][T13174] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1023.472707][T13174] usb 1-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1023.482269][T13174] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.656295][T13174] usb 1-1: config 0 descriptor??
[ 1023.674353][T15229] device pim6reg1 entered promiscuous mode
[ 1024.179807][   T28] audit: type=1400 audit(1756864571.988:499): avc:  denied  { unmount } for  pid=9926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1024.405238][T13174] smartjoyplus 0003:0925:8888.00C0: unknown main item tag 0x0
[ 1024.412950][T13174] smartjoyplus 0003:0925:8888.00C0: unknown main item tag 0x0
[ 1024.420504][T13174] smartjoyplus 0003:0925:8888.00C0: unknown main item tag 0x0
[ 1024.428444][T13174] smartjoyplus 0003:0925:8888.00C0: unknown main item tag 0x0
[ 1024.436111][T13174] smartjoyplus 0003:0925:8888.00C0: unknown main item tag 0x0
[ 1024.446123][T13174] smartjoyplus 0003:0925:8888.00C0: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.0-1/input0
[ 1024.458050][T13174] smartjoyplus 0003:0925:8888.00C0: no output reports found
[ 1024.652025][T13174] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1024.756397][ T9700] usb 1-1: USB disconnect, device number 3
[ 1024.803749][T15249] device pim6reg1 entered promiscuous mode
[ 1024.932234][T13174] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1024.942573][T13174] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1024.951792][T13174] usb 4-1: config 1 has no interface number 0
[ 1024.958161][T13174] usb 4-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1024.973406][T13174] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1024.982583][T13174] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1024.990712][T13174] usb 4-1: Product: syz
[ 1024.994948][T13174] usb 4-1: Manufacturer: syz
[ 1024.999732][T13174] usb 4-1: SerialNumber: syz
[ 1025.008273][T13174] usb 4-1: selecting invalid altsetting 1
[ 1025.208120][T13174] cdc_ncm 4-1:1.1: bind() failure
[ 1025.214428][T13174] usb 4-1: USB disconnect, device number 14
[ 1025.291101][T15220] Bluetooth: hci0: command 0x1003 tx timeout
[ 1025.297310][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1025.994149][ T9700] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[ 1026.182296][ T9700] usb 3-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1026.191409][ T9700] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.199887][ T9700] usb 3-1: config 0 descriptor??
[ 1026.366605][T15278] xt_hashlimit: max too large, truncated to 1048576
[ 1026.460937][T10451] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1026.607385][ T9700] smartjoyplus 0003:0925:8888.00C1: unknown main item tag 0x0
[ 1026.638309][ T9700] smartjoyplus 0003:0925:8888.00C1: unknown main item tag 0x0
[ 1026.646113][ T9700] smartjoyplus 0003:0925:8888.00C1: unknown main item tag 0x0
[ 1026.653672][ T9700] smartjoyplus 0003:0925:8888.00C1: unknown main item tag 0x0
[ 1026.661191][ T9700] smartjoyplus 0003:0925:8888.00C1: unknown main item tag 0x0
[ 1026.669113][ T9700] smartjoyplus 0003:0925:8888.00C1: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.2-1/input0
[ 1026.671985][T10451] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1026.680817][ T9700] smartjoyplus 0003:0925:8888.00C1: no output reports found
[ 1026.690840][T13174] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1026.706141][T10451] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1026.720509][T10451] usb 1-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[ 1026.730657][T10451] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.742399][T10451] usb 1-1: config 0 descriptor??
[ 1026.859925][ T9700] usb 3-1: USB disconnect, device number 127
[ 1026.903401][T15281] device pim6reg1 entered promiscuous mode
[ 1026.940937][T13174] usb 5-1: Using ep0 maxpacket: 32
[ 1026.949181][T13174] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[ 1026.959315][T13174] usb 5-1: config 0 has no interface number 0
[ 1026.970457][T13174] usb 5-1: config 0 interface 184 has no altsetting 0
[ 1026.988308][T13174] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1027.029743][T13174] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1027.052526][   T28] audit: type=1400 audit(1756864574.868:500): avc:  denied  { ioctl } for  pid=15284 comm="syz.3.4420" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1027.133419][T13174] usb 5-1: Product: syz
[ 1027.137885][T13174] usb 5-1: Manufacturer: syz
[ 1027.145162][T13174] usb 5-1: SerialNumber: syz
[ 1027.173015][T13174] usb 5-1: config 0 descriptor??
[ 1027.182921][T13174] smsc75xx v1.0.0
[ 1027.198134][T10451] wacom 0003:056A:0336.00C2: hidraw0: USB HID v0.00 Device [HID 056a:0336] on usb-dummy_hcd.0-1/input0
[ 1027.277021][   T28] audit: type=1400 audit(1756864575.088:501): avc:  denied  { write } for  pid=15295 comm="syz.3.4424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1027.380531][T13174] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[ 1027.446669][T15306] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15306 comm=syz.3.4429
[ 1027.460074][T13174] smsc75xx: probe of 5-1:0.184 failed with error -71
[ 1027.469196][T13174] usb 5-1: USB disconnect, device number 16
[ 1027.499510][   T28] audit: type=1400 audit(1756864575.308:502): avc:  denied  { getopt } for  pid=15308 comm="syz.3.4431" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1027.605365][   T28] audit: type=1400 audit(1756864575.418:503): avc:  denied  { ioctl } for  pid=15330 comm="syz.1.4441" path="socket:[82113]" dev="sockfs" ino=82113 ioctlcmd=0x8918 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1027.672037][ T9700] usb 1-1: USB disconnect, device number 4
[ 1027.679225][T15341] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4446'.
[ 1027.714107][T15347] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1027.727168][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1027.741837][T11357] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1027.748923][T11357] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1027.765932][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1027.776091][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1027.787592][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1027.797427][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1027.805897][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1027.814400][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1028.145709][   T28] kauditd_printk_skb: 7 callbacks suppressed
[ 1028.145722][   T28] audit: type=1400 audit(1756864575.958:511): avc:  denied  { write } for  pid=15382 comm="syz.4.4465" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1028.177168][   T28] audit: type=1400 audit(1756864575.988:512): avc:  denied  { ioctl } for  pid=15382 comm="syz.4.4465" path="/dev/loop-control" dev="devtmpfs" ino=117 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1028.598538][   T28] audit: type=1400 audit(1756864576.388:513): avc:  denied  { mounton } for  pid=15400 comm="syz.2.4471" path="/proc/980/task" dev="proc" ino=81860 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 1028.621353][   T28] audit: type=1400 audit(1756864576.388:514): avc:  denied  { mount } for  pid=15400 comm="syz.2.4471" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1028.972394][   T28] audit: type=1400 audit(1756864576.778:515): avc:  denied  { mount } for  pid=15405 comm="syz.2.4473" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1029.146127][   T28] audit: type=1400 audit(1756864576.958:516): avc:  denied  { sqpoll } for  pid=15415 comm="syz.1.4477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1029.174630][   T28] audit: type=1400 audit(1756864576.988:517): avc:  denied  { unmount } for  pid=9598 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1029.271010][T10451] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[ 1029.534037][   T28] audit: type=1400 audit(1756864577.348:518): avc:  denied  { create } for  pid=15433 comm="syz.4.4485" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1029.556201][T10451] usb 1-1: config 0 has an invalid interface number: 251 but max is 0
[ 1029.567064][T15435] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4484'.
[ 1029.585689][T15434] block device autoloading is deprecated and will be removed.
[ 1029.601325][T10451] usb 1-1: config 0 has no interface number 0
[ 1029.617249][T15435] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4484'.
[ 1029.627730][T10451] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1029.713635][   T28] audit: type=1400 audit(1756864577.398:519): avc:  denied  { write } for  pid=15433 comm="syz.4.4485" name="file0" dev="tmpfs" ino=1519 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1029.741011][T15435] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4484'.
[ 1029.750105][T10451] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1029.974559][   T28] audit: type=1400 audit(1756864577.398:520): avc:  denied  { open } for  pid=15433 comm="syz.4.4485" path="/291/file0" dev="tmpfs" ino=1519 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1029.987942][T10451] usb 1-1: Product: syz
[ 1030.021477][T10451] usb 1-1: Manufacturer: syz
[ 1030.029638][T10451] usb 1-1: SerialNumber: syz
[ 1030.113786][T10451] usb 1-1: config 0 descriptor??
[ 1031.569303][  T357] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1031.577178][T10451] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1031.605037][T10451] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71
[ 1031.624058][T15488] loop2: detected capacity change from 0 to 512
[ 1031.644703][T10451] asix: probe of 1-1:0.251 failed with error -5
[ 1031.655863][T10451] usb 1-1: USB disconnect, device number 5
[ 1031.672343][  T402] kernel write not supported for file /1171/gid_map (pid: 402 comm: kworker/1:6)
[ 1031.810984][  T357] usb 2-1: Using ep0 maxpacket: 16
[ 1031.822053][  T357] usb 2-1: config 0 has an invalid interface number: 180 but max is 0
[ 1031.851944][T15488] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.4506: casefold flag without casefold feature
[ 1031.902585][  T357] usb 2-1: config 0 has no interface number 0
[ 1031.910625][T15488] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.4506: couldn't read orphan inode 15 (err -117)
[ 1031.958523][  T357] usb 2-1: New USB device found, idVendor=0421, idProduct=0114, bcdDevice=11.72
[ 1032.426161][  T357] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1032.434462][  T357] usb 2-1: Product: syz
[ 1032.438698][  T357] usb 2-1: Manufacturer: syz
[ 1032.443518][  T357] usb 2-1: SerialNumber: syz
[ 1032.448823][  T357] usb 2-1: config 0 descriptor??
[ 1032.468272][  T357] usb 2-1: bad CDC descriptors
[ 1032.483243][T15488] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1032.596342][T15519] netlink: 'syz.0.4516': attribute type 11 has an invalid length.
[ 1032.625842][T15519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4516'.
[ 1032.669825][  T357] usb 2-1: USB disconnect, device number 89
[ 1032.683653][ T9926] EXT4-fs (loop2): unmounting filesystem.
[ 1032.919872][T15542] usb usb8: usbfs: process 15542 (syz.3.4522) did not claim interface 0 before use
[ 1032.985483][T15546] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[ 1033.105400][T15552] loop2: detected capacity change from 0 to 512
[ 1033.113159][T15552] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1033.594102][T15555] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[ 1033.604106][T15555] FAT-fs (loop2): Filesystem has been set read-only
[ 1033.760933][  T357] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1034.014863][   T28] kauditd_printk_skb: 14 callbacks suppressed
[ 1034.014909][   T28] audit: type=1400 audit(1756864581.828:535): avc:  denied  { unmount } for  pid=9926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1034.049796][  T357] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1034.324424][  T357] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1034.374746][  T357] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1034.487144][  T357] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1034.640036][  T357] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.649225][  T357] usb 1-1: config 0 descriptor??
[ 1034.672991][   T28] audit: type=1400 audit(1756864582.488:536): avc:  denied  { mount } for  pid=15607 comm="syz.2.4555" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1035.014576][T15619] syz.2.4556 (15619): /proc/15609/oom_adj is deprecated, please use /proc/15609/oom_score_adj instead.
[ 1035.032608][   T28] audit: type=1400 audit(1756864582.778:537): avc:  denied  { setattr } for  pid=15614 comm="syz.1.4558" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1035.114769][   T28] audit: type=1400 audit(1756864582.778:538): avc:  denied  { read } for  pid=15614 comm="syz.1.4558" name="usbmon2" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1035.246782][   T28] audit: type=1400 audit(1756864582.778:539): avc:  denied  { open } for  pid=15614 comm="syz.1.4558" path="/dev/usbmon2" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1035.272502][  T357] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0xe
[ 1035.285507][  T357] plantronics 0003:047F:FFFF.00C3: unknown main item tag 0x0
[ 1035.308148][  T357] plantronics 0003:047F:FFFF.00C3: No inputs registered, leaving
[ 1035.331015][  T357] plantronics 0003:047F:FFFF.00C3: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1035.351240][   T28] audit: type=1400 audit(1756864582.818:540): avc:  denied  { shutdown } for  pid=15609 comm="syz.2.4556" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1035.543421][T11564] usb 1-1: USB disconnect, device number 6
[ 1035.596185][  T347] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1035.704210][T15644] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39784 sclass=netlink_route_socket pid=15644 comm=syz.1.4569
[ 1036.176346][T15652] loop2: detected capacity change from 0 to 1024
[ 1036.192766][T15652] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1036.197736][  T347] usb 5-1: Using ep0 maxpacket: 16
[ 1036.204646][   T28] audit: type=1400 audit(1756864584.018:541): avc:  denied  { append } for  pid=15651 comm="syz.2.4571" name="loop2" dev="devtmpfs" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1036.230560][   T28] audit: type=1400 audit(1756864584.018:542): avc:  denied  { map } for  pid=15651 comm="syz.2.4571" path="/dev/loop2" dev="devtmpfs" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1036.230589][  T347] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1036.263284][  T347] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1036.273626][  T347] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1036.289137][  T347] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1036.300802][ T9926] EXT4-fs (loop2): unmounting filesystem.
[ 1036.306611][  T347] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1036.315416][  T347] usb 5-1: Product: syz
[ 1036.319645][  T347] usb 5-1: Manufacturer: syz
[ 1036.324569][  T347] usb 5-1: SerialNumber: syz
[ 1036.336911][T15660] loop2: detected capacity change from 0 to 16
[ 1036.343934][T15660] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1036.353636][T15660] erofs: (device loop2): erofs_find_target_block: corrupted dir block 8200 @ nid 36
[ 1036.373832][T15662] loop2: detected capacity change from 0 to 128
[ 1036.394499][T15664] netlink: 'syz.2.4575': attribute type 3 has an invalid length.
[ 1036.402433][T15664] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4575'.
[ 1036.411702][T15664] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4575'.
[ 1036.420750][T15664] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4575'.
[ 1036.443598][T15667] loop2: detected capacity change from 0 to 512
[ 1036.450643][T15667] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1036.451308][T15668] syz_tun: refused to change device tx_queue_len
[ 1036.468390][T15668] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[ 1036.472945][T15667] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1036.493602][T15667] ext4 filesystem being mounted at /321/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1036.546780][   T28] audit: type=1400 audit(1756864584.358:543): avc:  denied  { setattr } for  pid=15665 comm="syz.2.4577" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1036.564490][T15674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4579'.
[ 1036.577600][   T28] audit: type=1400 audit(1756864584.388:544): avc:  denied  { append } for  pid=15665 comm="syz.2.4577" path="/321/bus/blkio.bfq.time" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1036.603156][T15667] EXT4-fs (loop2): unmounting filesystem.
[ 1036.630373][T15677] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4579'.
[ 1037.552146][  T347] usb 5-1: 0:2 : does not exist
[ 1037.576955][  T347] usb 5-1: USB disconnect, device number 17
[ 1038.405685][T15726] binder: 15725:15726 ioctl c018620c 200000000000 returned -22
[ 1038.604628][T15736] fuse: Bad value for 'fd'
[ 1038.632077][T15736] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1038.642196][T15731] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4602'.
[ 1038.670956][T15731] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4602'.
[ 1038.679955][T15731] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4602'.
[ 1039.259508][T15789] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15789 comm=syz.1.4614
[ 1039.441583][   T28] kauditd_printk_skb: 10 callbacks suppressed
[ 1039.441596][   T28] audit: type=1400 audit(1756864587.258:555): avc:  denied  { bind } for  pid=15800 comm="syz.4.4630" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1039.465591][T15805] fuse: Bad value for 'fd'
[ 1039.468248][   T28] audit: type=1400 audit(1756864587.258:556): avc:  denied  { name_bind } for  pid=15800 comm="syz.4.4630" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 1039.477212][T15805] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1039.493458][   T28] audit: type=1400 audit(1756864587.258:557): avc:  denied  { node_bind } for  pid=15800 comm="syz.4.4630" saddr=::ffff:172.30.1.5 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[ 1039.559392][   T28] audit: type=1400 audit(1756864587.368:558): avc:  denied  { setopt } for  pid=15814 comm="syz.2.4637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1039.590346][   T28] audit: type=1326 audit(1756864587.368:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.2.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f125b38ebe9 code=0x7ffc0000
[ 1039.614953][T15820] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1039.623378][   T28] audit: type=1326 audit(1756864587.368:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.2.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f125b38ebe9 code=0x7ffc0000
[ 1039.652020][   T28] audit: type=1326 audit(1756864587.368:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.2.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f125b38ebe9 code=0x7ffc0000
[ 1039.675604][   T28] audit: type=1326 audit(1756864587.368:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.2.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f125b38ebe9 code=0x7ffc0000
[ 1039.699349][   T28] audit: type=1326 audit(1756864587.368:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.2.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f125b38ebe9 code=0x7ffc0000
[ 1039.835885][T15832] fuse: Bad value for 'fd'
[ 1039.841796][T15832] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1039.909709][   T28] audit: type=1400 audit(1756864587.718:564): avc:  denied  { read } for  pid=15833 comm="syz.1.4645" name="file0" dev="fuse" ino=288230376151711744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1039.941020][  T357] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1039.980119][T15841] kvm: emulating exchange as write
[ 1040.130926][  T357] usb 5-1: Using ep0 maxpacket: 16
[ 1040.137244][  T357] usb 5-1: config index 0 descriptor too short (expected 4495, got 71)
[ 1040.146068][  T357] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[ 1040.160902][  T357] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1040.178519][  T357] usb 5-1: config 0 has no interface number 0
[ 1040.321202][  T357] usb 5-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01
[ 1040.330576][  T357] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1040.338863][  T357] usb 5-1: Product: syz
[ 1040.343126][  T357] usb 5-1: Manufacturer: syz
[ 1040.347770][  T357] usb 5-1: SerialNumber: syz
[ 1040.357751][  T357] usb 5-1: config 0 descriptor??
[ 1040.437056][T15867] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1040.531447][T15879] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4662'.
[ 1040.555289][T15879] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4662'.
[ 1040.578121][   T39] usb 5-1: USB disconnect, device number 18
[ 1040.750603][T15910] netlink: 'syz.2.4677': attribute type 4 has an invalid length.
[ 1041.336357][  T347] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1041.531042][  T347] usb 4-1: Using ep0 maxpacket: 16
[ 1041.537330][  T347] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1041.548637][  T347] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1041.558498][  T347] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1041.565163][  T347] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1041.574259][  T347] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1041.582725][  T347] usb 4-1: config 0 descriptor??
[ 1041.991644][  T347] hid (null): bogus close delimiter
[ 1041.997009][  T347] hid (null): unknown global tag 0xd
[ 1042.006590][  T347] hid (null): unknown global tag 0xd
[ 1042.012022][  T347] hid (null): invalid report_size 19635
[ 1042.272475][   T39] usb 4-1: USB disconnect, device number 15
[ 1042.641200][  T347] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 1042.851920][  T347] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1042.862879][  T347] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1042.872689][  T347] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1042.881810][  T347] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.890269][  T347] usb 2-1: config 0 descriptor??
[ 1043.372939][T16059] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16059 comm=syz.0.4742
[ 1043.740944][   T39] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1043.856436][  T347] hid-led 0003:27B8:01ED.00C5: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.1-1/input0
[ 1043.869376][  T347] hid-led 0003:27B8:01ED.00C5: ThingM blink(1) initialized
[ 1043.930953][   T39] usb 4-1: Using ep0 maxpacket: 8
[ 1043.937374][   T39] usb 4-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[ 1043.946496][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1043.955148][   T39] usb 4-1: config 0 descriptor??
[ 1044.058076][  T347] usb 2-1: USB disconnect, device number 90
[ 1044.363537][   T39] magicmouse 0003:05AC:0269.00C6: hidraw0: USB HID v0.05 Device [HID 05ac:0269] on usb-dummy_hcd.3-1/input0
[ 1044.661860][T16095] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16095 comm=syz.2.4757
[ 1044.672930][  T347] usb 4-1: USB disconnect, device number 16
[ 1044.703951][   T28] kauditd_printk_skb: 12 callbacks suppressed
[ 1044.703966][   T28] audit: type=1400 audit(1756864592.518:577): avc:  denied  { getopt } for  pid=16102 comm="syz.1.4761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1044.813007][   T28] audit: type=1400 audit(1756864592.628:578): avc:  denied  { getopt } for  pid=16110 comm="syz.1.4765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1045.400220][T16134] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) !
[ 1046.082466][T16172] __nla_validate_parse: 2 callbacks suppressed
[ 1046.082482][T16172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4792'.
[ 1046.104657][   T28] audit: type=1400 audit(1756864593.918:579): avc:  denied  { audit_read } for  pid=16173 comm="syz.1.4787" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1046.164680][T16182] fuse: Bad value for 'fd'
[ 1046.200378][T16193] xt_TCPMSS: Only works on TCP SYN packets
[ 1046.252354][   T28] audit: type=1400 audit(1756864594.068:580): avc:  denied  { setopt } for  pid=16198 comm="syz.4.4804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1047.504111][   T28] audit: type=1400 audit(1756864595.318:581): avc:  denied  { setattr } for  pid=16239 comm="syz.4.4818" name="timer" dev="devtmpfs" ino=274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[ 1048.041011][T10451] usb 2-1: new full-speed USB device number 91 using dummy_hcd
[ 1048.041082][   T39] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1048.232580][   T39] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1048.242974][T10451] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1048.250749][   T39] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1048.261865][T10451] usb 2-1: not running at top speed; connect to a high speed hub
[ 1048.271278][   T39] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1048.280684][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1048.289956][   T39] usb 5-1: SerialNumber: syz
[ 1048.295129][T10451] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1048.306216][T10451] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1048.320599][T10451] usb 2-1: config 1 has no interface number 1
[ 1048.466259][T10451] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1048.479793][T10451] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[ 1048.572349][T10451] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1048.581554][T10451] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1048.589628][T10451] usb 2-1: Product: syz
[ 1048.593882][T10451] usb 2-1: Manufacturer: syz
[ 1048.598517][T10451] usb 2-1: SerialNumber: syz
[ 1048.672178][   T28] audit: type=1400 audit(1756864596.488:582): avc:  denied  { module_load } for  pid=16266 comm="syz.3.4830" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1
[ 1048.672587][T16267] kernel read not supported for file /policy (pid: 16267 comm: syz.3.4830)
[ 1048.706005][   T39] usb 5-1: 0:2 : does not exist
[ 1048.711086][   T39] usb 5-1: unit 5: unexpected type 0x03
[ 1048.718846][   T39] usb 5-1: USB disconnect, device number 19
[ 1048.811266][T10451] hub 2-1:1.0: Invalid hub with more than one config or interface
[ 1048.819115][T10451] hub: probe of 2-1:1.0 failed with error -22
[ 1048.826881][T10451] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[ 1048.839762][T10451] usb 2-1: USB disconnect, device number 91
[ 1049.117108][T16290] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1049.256300][   T28] audit: type=1400 audit(1756864596.998:583): avc:  denied  { audit_write } for  pid=16291 comm="syz.0.4841" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1050.245223][T16307] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4846'.
[ 1050.300926][ T9700] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1050.751558][T16320] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16320 comm=syz.1.4847
[ 1051.771956][ T9700] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1051.788443][ T9700] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1051.801780][ T9700] usb 5-1: config 1 has no interface number 0
[ 1051.807898][ T9700] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1051.831167][ T9700] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1051.840234][ T9700] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1051.853921][ T9700] usb 5-1: Product: syz
[ 1051.858118][ T9700] usb 5-1: Manufacturer: syz
[ 1051.862925][ T9700] usb 5-1: SerialNumber: syz
[ 1051.888334][ T9700] usb 5-1: selecting invalid altsetting 1
[ 1052.229549][  T402] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[ 1052.422800][ T9700] cdc_ncm 5-1:1.1: bind() failure
[ 1052.428849][ T9700] usb 5-1: USB disconnect, device number 20
[ 1052.441945][  T402] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1052.454704][  T402] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1052.464859][  T402] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1052.478053][  T402] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1052.487171][  T402] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1052.495746][  T402] usb 2-1: config 0 descriptor??
[ 1053.122388][  T402] plantronics 0003:047F:FFFF.00C7: collection stack underflow
[ 1053.129943][  T402] plantronics 0003:047F:FFFF.00C7: item 0 4 0 12 parsing failed
[ 1053.137823][  T402] plantronics 0003:047F:FFFF.00C7: parse failed
[ 1053.144116][  T402] plantronics: probe of 0003:047F:FFFF.00C7 failed with error -22
[ 1053.270937][   T39] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1053.451950][   T39] usb 5-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1053.461088][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.469556][   T39] usb 5-1: config 0 descriptor??
[ 1053.500451][T16373] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4866'.
[ 1053.957999][   T39] smartjoyplus 0003:0925:8888.00C8: unknown main item tag 0x0
[ 1053.965576][   T39] smartjoyplus 0003:0925:8888.00C8: unknown main item tag 0x0
[ 1053.973138][   T39] smartjoyplus 0003:0925:8888.00C8: unknown main item tag 0x0
[ 1053.980656][   T39] smartjoyplus 0003:0925:8888.00C8: unknown main item tag 0x0
[ 1053.988573][   T39] smartjoyplus 0003:0925:8888.00C8: unknown main item tag 0x0
[ 1054.062361][   T39] smartjoyplus 0003:0925:8888.00C8: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.4-1/input0
[ 1054.088199][   T39] smartjoyplus 0003:0925:8888.00C8: no output reports found
[ 1054.216835][   T39] usb 5-1: USB disconnect, device number 21
[ 1054.707309][ T9700] usb 2-1: USB disconnect, device number 92
[ 1054.951975][T16408] device pim6reg1 entered promiscuous mode
[ 1057.265224][T16435] device pim6reg1 entered promiscuous mode
[ 1057.412160][T16433] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4885'.
[ 1058.364675][T16443] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1058.445862][T16448] netlink: 80 bytes leftover after parsing attributes in process `syz.3.4889'.
[ 1059.254182][T16464] device pim6reg1 entered promiscuous mode
[ 1060.256091][T16485] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1060.389988][T16495] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4904'.
[ 1064.263644][T16560] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4923'.
[ 1064.320949][   T39] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1064.502016][   T39] usb 5-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1064.511393][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1064.519931][   T39] usb 5-1: config 0 descriptor??
[ 1064.950049][   T39] smartjoyplus 0003:0925:8888.00C9: unknown main item tag 0x0
[ 1064.957975][   T39] smartjoyplus 0003:0925:8888.00C9: unknown main item tag 0x0
[ 1064.994692][   T39] smartjoyplus 0003:0925:8888.00C9: unknown main item tag 0x0
[ 1065.002551][   T39] smartjoyplus 0003:0925:8888.00C9: unknown main item tag 0x0
[ 1065.010130][   T39] smartjoyplus 0003:0925:8888.00C9: unknown main item tag 0x0
[ 1065.018560][   T39] smartjoyplus 0003:0925:8888.00C9: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.4-1/input0
[ 1065.030320][   T39] smartjoyplus 0003:0925:8888.00C9: no output reports found
[ 1065.197014][   T39] usb 5-1: USB disconnect, device number 22
[ 1066.708755][T16609] netlink: 80 bytes leftover after parsing attributes in process `syz.3.4938'.
[ 1066.721605][T16610] device pim6reg1 entered promiscuous mode
[ 1067.949626][T16622] fuse: Bad value for 'fd'
[ 1068.223116][T16639] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16639 comm=syz.1.4949
[ 1068.420933][T11564] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1068.601962][T11564] usb 5-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1068.611100][T11564] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1068.619545][T11564] usb 5-1: config 0 descriptor??
[ 1068.926328][T16657] netlink: 80 bytes leftover after parsing attributes in process `syz.3.4956'.
[ 1069.026463][T11564] smartjoyplus 0003:0925:8888.00CA: unknown main item tag 0x0
[ 1069.034045][T11564] smartjoyplus 0003:0925:8888.00CA: unknown main item tag 0x0
[ 1069.041565][T11564] smartjoyplus 0003:0925:8888.00CA: unknown main item tag 0x0
[ 1069.049069][T11564] smartjoyplus 0003:0925:8888.00CA: unknown main item tag 0x0
[ 1069.056683][T11564] smartjoyplus 0003:0925:8888.00CA: unknown main item tag 0x0
[ 1069.080624][T11564] smartjoyplus 0003:0925:8888.00CA: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.4-1/input0
[ 1069.097230][T11564] smartjoyplus 0003:0925:8888.00CA: no output reports found
[ 1069.303994][T16663] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4958'.
[ 1069.331186][T11564] usb 5-1: USB disconnect, device number 23
[ 1069.622715][T16671] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16671 comm=syz.2.4961
[ 1069.799898][T16679] fuse: Bad value for 'fd'
[ 1070.201292][T11564] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1070.382019][T11564] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1070.392211][T11564] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1070.401112][T11564] usb 5-1: config 1 has no interface number 0
[ 1070.407217][T11564] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1070.421561][T11564] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1070.430628][T11564] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1070.438674][T11564] usb 5-1: Product: syz
[ 1070.442910][T11564] usb 5-1: Manufacturer: syz
[ 1070.447516][T11564] usb 5-1: SerialNumber: syz
[ 1070.453117][T11564] usb 5-1: selecting invalid altsetting 1
[ 1070.653321][T11564] cdc_ncm 5-1:1.1: bind() failure
[ 1070.659224][T11564] usb 5-1: USB disconnect, device number 24
[ 1070.688942][T16696] netlink: 80 bytes leftover after parsing attributes in process `syz.3.4970'.
[ 1071.237308][T16710] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16710 comm=syz.1.4974
[ 1071.428268][T16722] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4979'.
[ 1071.882577][T16732] device pim6reg1 entered promiscuous mode
[ 1072.399828][T16744] fuse: Bad value for 'fd'
[ 1072.776415][T16750] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16750 comm=syz.4.4988
[ 1073.387323][T16771] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1073.405041][T16774] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4996'.
[ 1074.366783][T16787] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16787 comm=syz.0.5001
[ 1074.783471][T16816] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5011'.
[ 1074.940312][T16822] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16822 comm=syz.4.5014
[ 1075.041565][T16828] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16828 comm=syz.0.5017
[ 1075.384215][T16842] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5022'.
[ 1075.616693][T16851] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5025'.
[ 1077.313562][T16878] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5034'.
[ 1079.930724][T16913] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5046'.
[ 1081.809464][T16955] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5057'.
[ 1081.818646][T16955] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5057'.
[ 1082.339648][T16955] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1082.352541][T16963] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5060'.
[ 1086.418458][T17021] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5076'.
[ 1086.603199][T17023] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5079'.
[ 1089.772510][T17081] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17081 comm=syz.2.5095
[ 1090.242355][T17107] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17107 comm=syz.1.5103
[ 1093.532491][T17152] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17152 comm=syz.4.5115
[ 1095.368348][T17183] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5125'.
[ 1095.685437][T17190] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17190 comm=syz.3.5127
[ 1095.913546][T17203] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17203 comm=syz.2.5133
[ 1096.831414][T17226] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17226 comm=syz.2.5140
[ 1096.942527][T17239] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5146'.
[ 1096.954521][T17241] fuse: Bad value for 'fd'
[ 1097.540536][T17259] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17259 comm=syz.0.5153
[ 1098.814052][T17292] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17292 comm=syz.0.5164
[ 1101.282068][T17334] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17334 comm=syz.4.5176
[ 1103.384664][T17388] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5195'.
[ 1103.393718][T17388] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5195'.
[ 1106.209148][T17440] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5210'.
[ 1106.218203][T17440] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5210'.
[ 1107.569001][T17464] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17464 comm=syz.2.5218
[ 1110.416691][T17511] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17511 comm=syz.3.5234
[ 1110.434710][T17512] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5232'.
[ 1110.448693][T17512] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5232'.
[ 1110.460666][T17515] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5236'.
[ 1112.865661][T17555] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5248'.
[ 1112.878939][T17557] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17557 comm=syz.3.5246
[ 1112.881359][T17555] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5248'.
[ 1112.936922][T17561] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5250'.
[ 1113.132083][   T28] audit: type=1400 audit(1756864660.948:584): avc:  denied  { map } for  pid=17568 comm="syz.0.5251" path="socket:[88460]" dev="sockfs" ino=88460 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1113.180963][   T28] audit: type=1400 audit(1756864660.978:585): avc:  denied  { read } for  pid=17568 comm="syz.0.5251" path="socket:[88460]" dev="sockfs" ino=88460 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1114.155389][T17597] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17597 comm=syz.0.5260
[ 1114.250058][T17603] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5263'.
[ 1114.262255][T17603] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5263'.
[ 1116.076383][T17630] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17630 comm=syz.4.5271
[ 1116.555603][T17641] sch_fq: defrate 4294967295 ignored.
[ 1116.790244][T17649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5277'.
[ 1116.813788][T17649] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5277'.
[ 1117.796599][T17672] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17672 comm=syz.2.5284
[ 1118.384647][   T28] audit: type=1400 audit(1756864666.198:586): avc:  denied  { remount } for  pid=17675 comm="syz.3.5286" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1118.727151][T17698] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5293'.
[ 1118.737145][T17698] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5293'.
[ 1118.855840][T17702] fuse: Bad value for 'fd'
[ 1119.771405][T17709] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17709 comm=syz.4.5296
[ 1119.839552][T17713] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=17713 comm=syz.4.5298
[ 1122.055754][T17755] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17755 comm=syz.2.5309
[ 1124.386449][T17790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=17790 comm=syz.1.5320
[ 1124.411969][T17793] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17793 comm=syz.1.5321
[ 1126.891431][T17824] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=17824 comm=syz.3.5332
[ 1126.916096][T17826] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17826 comm=syz.3.5333
[ 1128.071616][T17845] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5339'.
[ 1128.081165][T17845] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5339'.
[ 1128.405422][T17860] syz.4.5343[17860] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1128.405696][T17860] syz.4.5343[17860] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1128.491087][   T28] audit: type=1400 audit(1756864676.238:587): avc:  denied  { create } for  pid=17853 comm="syz.4.5343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 1129.549016][T17887] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1130.065380][T17896] fuse: Bad value for 'fd'
[ 1130.284065][T17910] fuse: Bad value for 'fd'
[ 1130.568331][T17923] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17923 comm=syz.4.5366
[ 1131.081910][T17934] fuse: Bad value for 'fd'
[ 1131.839389][T17957] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17957 comm=syz.1.5378
[ 1131.887177][T17965] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5382'.
[ 1132.364156][T17977] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5386'.
[ 1132.373524][T17977] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5386'.
[ 1132.734224][T17988] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17988 comm=syz.4.5390
[ 1132.753990][T17986] device wg2 entered promiscuous mode
[ 1134.071697][T18020] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18020 comm=syz.2.5402
[ 1134.464434][T18035] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5406'.
[ 1135.176218][T18054] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18054 comm=syz.0.5414
[ 1135.212127][T18059] netlink: 80 bytes leftover after parsing attributes in process `syz.0.5416'.
[ 1136.297928][T18089] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18089 comm=syz.0.5426
[ 1136.503156][T18098] sch_fq: defrate 4294967295 ignored.
[ 1138.572244][T18137] sch_fq: defrate 4294967295 ignored.
[ 1139.728071][T18174] fuse: Bad value for 'fd'
[ 1140.543529][T18203] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5466'.
[ 1146.768203][T18316] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18316 comm=syz.1.5498
[ 1150.243516][T18359] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18359 comm=syz.1.5512
[ 1154.657158][T18427] fuse: Bad value for 'fd'
[ 1154.775413][T18433] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5532'.
[ 1157.267952][T18478] fuse: Bad value for 'fd'
[ 1159.231193][T18507] syz.4.5550[18507] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1159.231285][T18507] syz.4.5550[18507] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1160.879177][T18529] fuse: Bad value for 'fd'
[ 1163.644973][T18564] xt_l2tp: wrong L2TP version: 0
[ 1163.781956][   T28] audit: type=1400 audit(1756864711.598:588): avc:  denied  { read } for  pid=18565 comm="syz.4.5567" path="socket:[90068]" dev="sockfs" ino=90068 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1164.281939][T18576] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18576 comm=syz.1.5570
[ 1167.503162][   T28] audit: type=1400 audit(1756864715.318:589): avc:  denied  { relabelfrom } for  pid=18586 comm="syz.4.5572" name="NETLINK" dev="sockfs" ino=90827 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 1167.551952][   T28] audit: type=1400 audit(1756864715.338:590): avc:  denied  { mac_admin } for  pid=18586 comm="syz.4.5572" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1169.869986][T18649] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18649 comm=syz.2.5591
[ 1171.556972][T18684] sch_fq: defrate 4294967295 ignored.
[ 1174.966998][T18746] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5618'.
[ 1175.041170][T18746] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5618'.
[ 1176.215155][T18771] fuse: Bad value for 'fd'
[ 1176.905645][T18777] sch_fq: defrate 4294967295 ignored.
[ 1177.092938][T18784] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18784 comm=syz.2.5629
[ 1178.156150][T18796] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5633'.
[ 1178.165856][T18796] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5633'.
[ 1178.216542][T18796] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1178.473393][T18805] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5634'.
[ 1178.494897][T18805] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5634'.
[ 1180.104566][T18834] fuse: Bad value for 'fd'
[ 1180.511785][T18849] sch_fq: defrate 4294967295 ignored.
[ 1182.299090][T18872] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5650'.
[ 1182.320536][T18872] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5650'.
[ 1182.411759][T18884] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5655'.
[ 1189.466102][T18972] sch_fq: defrate 4294967295 ignored.
[ 1189.750054][T18979] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18979 comm=syz.1.5679
[ 1189.958944][T18988] sch_fq: defrate 4294967295 ignored.
[ 1192.106226][T19002] sch_fq: defrate 4294967295 ignored.
[ 1192.294826][T19000] sch_fq: defrate 4294967295 ignored.
[ 1193.785771][T19032] sch_fq: defrate 4294967295 ignored.
[ 1196.390787][T19086] fuse: Bad value for 'fd'
[ 1196.488440][   T28] audit: type=1400 audit(1756864744.298:591): avc:  denied  { mounton } for  pid=19091 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 1196.525091][T19091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1196.532222][T19091] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1196.539552][T19091] device bridge_slave_0 entered promiscuous mode
[ 1196.546446][T19091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1196.553636][T19091] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1196.561158][T19091] device bridge_slave_1 entered promiscuous mode
[ 1196.637407][T19091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1196.644550][T19091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1196.651867][T19091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1196.658919][T19091] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1196.680237][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1196.687854][T11357] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1196.695172][T11357] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1196.704394][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1196.712691][T11357] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1196.719769][T11357] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1196.749611][T19091] device veth0_vlan entered promiscuous mode
[ 1196.763431][T19091] device veth1_macvtap entered promiscuous mode
[ 1196.801107][   T28] audit: type=1400 audit(1756864744.598:592): avc:  denied  { mounton } for  pid=19091 comm="syz-executor" path="/root/syzkaller.liBo3E/syz-tmp" dev="sda1" ino=2057 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1196.831198][   T28] audit: type=1400 audit(1756864744.598:593): avc:  denied  { mount } for  pid=19091 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1196.853647][   T28] audit: type=1400 audit(1756864744.598:594): avc:  denied  { mounton } for  pid=19091 comm="syz-executor" path="/root/syzkaller.liBo3E/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1196.881144][   T28] audit: type=1400 audit(1756864744.598:595): avc:  denied  { mounton } for  pid=19091 comm="syz-executor" path="/root/syzkaller.liBo3E/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=92745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1196.910518][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1196.911340][   T28] audit: type=1400 audit(1756864744.598:596): avc:  denied  { mounton } for  pid=19091 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=570 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1196.925429][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1196.955872][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1196.964750][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1196.973206][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1196.981424][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1196.989122][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1197.010109][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1197.019668][T11357] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1197.026755][T11357] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1197.036949][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1197.045328][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1197.693338][   T28] audit: type=1400 audit(1756864745.508:597): avc:  denied  { map } for  pid=19119 comm="syz.3.5716" path="/dev/ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1199.517962][T19134] device bridge0 entered promiscuous mode
[ 1199.529222][T19134] device pim6reg1 entered promiscuous mode
[ 1201.159921][T19170] device pim6reg1 entered promiscuous mode
[ 1202.810811][T19192] device pim6reg1 entered promiscuous mode
[ 1206.775961][T19233] sch_fq: defrate 4294967295 ignored.
[ 1206.836460][T19225] sch_fq: defrate 4294967295 ignored.
[ 1207.551171][T19249] fuse: Bad value for 'fd'
[ 1209.037361][   T28] audit: type=1400 audit(1756864756.848:598): avc:  denied  { mounton } for  pid=19260 comm="syz.2.5754" path="/587/file0" dev="tmpfs" ino=3089 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1209.170063][T19274] overlayfs: failed to clone upperpath
[ 1209.745029][T19282] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1209.759302][T19282] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1210.669166][T19289] fuse: Bad value for 'fd'
[ 1211.321045][T15491] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1211.531302][T15491] usb 4-1: Using ep0 maxpacket: 8
[ 1211.538342][T15491] usb 4-1: config 244 has an invalid interface number: 228 but max is 0
[ 1211.547892][T15491] usb 4-1: config 244 has no interface number 0
[ 1211.555028][T15491] usb 4-1: config 244 interface 228 altsetting 213 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1211.567407][T15491] usb 4-1: config 244 interface 228 has no altsetting 0
[ 1211.666959][T19305] sch_fq: defrate 4294967295 ignored.
[ 1211.680408][T15491] usb 4-1: New USB device found, idVendor=0a46, idProduct=9601, bcdDevice=94.68
[ 1211.692326][T15491] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1211.700696][T15491] usb 4-1: Product: syz
[ 1211.705914][T15491] usb 4-1: Manufacturer: syz
[ 1211.710610][T15491] usb 4-1: SerialNumber: syz
[ 1212.058536][T19292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1212.067319][T19292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1212.081119][T19315] fuse: Bad value for 'fd'
[ 1212.136282][T15491] dm9601: probe of 4-1:244.228 failed with error -22
[ 1212.157902][T15491] usb 4-1: USB disconnect, device number 17
[ 1212.290152][   T28] audit: type=1400 audit(1756864760.104:599): avc:  denied  { connect } for  pid=19312 comm="syz.1.5767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1214.798864][T19345] netlink: 80 bytes leftover after parsing attributes in process `syz.3.5776'.
[ 1217.980963][T19406] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5793'.
[ 1220.827523][T19436] sch_fq: defrate 4294967295 ignored.
[ 1221.334104][T19447] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1221.360898][T19447] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1221.375406][T19447] device bridge_slave_0 entered promiscuous mode
[ 1221.445085][T19447] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1221.461157][T19447] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1221.526172][T19447] device bridge_slave_1 entered promiscuous mode
[ 1222.252603][   T43] device bridge_slave_1 left promiscuous mode
[ 1222.268139][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1222.290187][   T43] device bridge_slave_0 left promiscuous mode
[ 1222.340083][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1222.360094][   T43] device bridge0 left promiscuous mode
[ 1222.382300][   T43] device veth1_macvtap left promiscuous mode
[ 1222.388489][   T43] device veth0_vlan left promiscuous mode
[ 1223.629162][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1223.636953][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1223.656908][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1223.665964][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1223.703930][ T6481] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1223.711048][ T6481] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1223.723507][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1223.732221][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1223.740445][ T6481] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1223.747564][ T6481] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1223.765725][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1223.774427][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1223.782774][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1223.790792][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1223.800440][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1223.815416][T19447] device veth0_vlan entered promiscuous mode
[ 1223.841029][T19447] device veth1_macvtap entered promiscuous mode
[ 1223.882504][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1223.948667][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1223.957927][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1223.966808][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1223.977020][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1223.986785][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1224.148068][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1224.290130][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1224.337978][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1224.346526][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1224.354927][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1224.378818][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1224.386470][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1224.732734][T19506] loop2: detected capacity change from 0 to 8192
[ 1224.781912][T19511] fuse: Bad value for 'fd'
[ 1224.812013][T19506]  loop2: p3 p4 < >
[ 1224.815915][T19506] loop2: p3 size 16744448 extends beyond EOD, truncated
[ 1225.991250][T19530] sch_fq: defrate 4294967295 ignored.
[ 1226.676720][T19540] device bridge0 entered promiscuous mode
[ 1226.690693][T19540] device pim6reg1 entered promiscuous mode
[ 1227.227771][T19546] fuse: Bad value for 'fd'
[ 1227.325252][T19550] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5829'.
[ 1227.334302][T19550] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5829'.
[ 1227.344445][T19550] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1229.060988][ T3734] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 1229.298925][ T3734] usb 3-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1229.309070][ T3734] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1229.368515][ T3734] usb 3-1: config 0 descriptor??
[ 1229.424127][T19586] fuse: Bad value for 'fd'
[ 1229.784632][ T3734] smartjoyplus 0003:0925:8888.00CB: unknown main item tag 0x0
[ 1229.794366][ T3734] smartjoyplus 0003:0925:8888.00CB: unknown main item tag 0x0
[ 1229.810961][ T3734] smartjoyplus 0003:0925:8888.00CB: unknown main item tag 0x0
[ 1229.907968][T19594] block device autoloading is deprecated and will be removed.
[ 1229.921085][ T3734] smartjoyplus 0003:0925:8888.00CB: unknown main item tag 0x0
[ 1229.933836][ T3734] smartjoyplus 0003:0925:8888.00CB: unknown main item tag 0x0
[ 1229.975706][ T3734] smartjoyplus 0003:0925:8888.00CB: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.2-1/input0
[ 1229.995774][ T3734] smartjoyplus 0003:0925:8888.00CB: no output reports found
[ 1230.011107][ T3734] usb 3-1: USB disconnect, device number 2
[ 1230.657774][T19607] device pim6reg1 entered promiscuous mode
[ 1231.128175][T19614] loop2: detected capacity change from 0 to 40427
[ 1231.136019][T19614] F2FS-fs (loop2): invalid crc value
[ 1231.142522][T19614] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1231.174484][T19614] F2FS-fs (loop2): Start checkpoint disabled!
[ 1231.181523][T19614] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1231.189895][   T28] audit: type=1400 audit(1756864779.004:600): avc:  denied  { read } for  pid=19612 comm="syz.2.5846" path="/5/file0/file1" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1231.190523][T19614] FAULT_INJECTION: forcing a failure.
[ 1231.190523][T19614] name failslab, interval 1, probability 0, space 0, times 0
[ 1231.225856][T19614] CPU: 1 PID: 19614 Comm: syz.2.5846 Not tainted syzkaller #0
[ 1231.233332][T19614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1231.243473][T19614] Call Trace:
[ 1231.246755][T19614]  <TASK>
[ 1231.249692][T19614]  __dump_stack+0x21/0x24
[ 1231.254032][T19614]  dump_stack_lvl+0xee/0x150
[ 1231.258641][T19614]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1231.263683][T19614]  dump_stack+0x15/0x24
[ 1231.267845][T19614]  should_fail_ex+0x3d4/0x520
[ 1231.272531][T19614]  __should_failslab+0xac/0xf0
[ 1231.277279][T19614]  ? kvmalloc_node+0x294/0x480
[ 1231.282049][T19614]  should_failslab+0x9/0x20
[ 1231.286531][T19614]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 1231.291888][T19614]  ? kvmalloc_node+0x294/0x480
[ 1231.296641][T19614]  __kmalloc_node+0xa1/0x1e0
[ 1231.301237][T19614]  ? xas_find+0x1c2/0x830
[ 1231.305555][T19614]  kvmalloc_node+0x294/0x480
[ 1231.310144][T19614]  ? __cfi_kvmalloc_node+0x10/0x10
[ 1231.315273][T19614]  __exchange_data_block+0x2d9/0x2990
[ 1231.320762][T19614]  ? __cfi_find_get_entries+0x10/0x10
[ 1231.326139][T19614]  ? mlock_page_drain_local+0x10f/0x190
[ 1231.331749][T19614]  ? __f2fs_ioc_move_range+0xd00/0xd00
[ 1231.337237][T19614]  ? down_read+0xa0/0xf0
[ 1231.341476][T19614]  ? __cfi_down_read+0x10/0x10
[ 1231.346226][T19614]  ? up_read+0x56/0x1d0
[ 1231.350369][T19614]  ? unmap_mapping_range+0x90/0x100
[ 1231.355621][T19614]  f2fs_collapse_range+0x3b3/0x510
[ 1231.360735][T19614]  ? f2fs_punch_hole+0x470/0x470
[ 1231.365668][T19614]  ? file_modified+0x20/0x20
[ 1231.370254][T19614]  f2fs_fallocate+0x431/0x720
[ 1231.374928][T19614]  vfs_fallocate+0x4c5/0x5a0
[ 1231.379592][T19614]  __x64_sys_fallocate+0xc0/0x110
[ 1231.384613][T19614]  x64_sys_call+0x7fa/0x9a0
[ 1231.389106][T19614]  do_syscall_64+0x4c/0xa0
[ 1231.393507][T19614]  ? clear_bhb_loop+0x30/0x80
[ 1231.398175][T19614]  ? clear_bhb_loop+0x30/0x80
[ 1231.402845][T19614]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1231.408744][T19614] RIP: 0033:0x7f504638ebe9
[ 1231.413171][T19614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1231.432764][T19614] RSP: 002b:00007f5047153038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1231.441163][T19614] RAX: ffffffffffffffda RBX: 00007f50465c5fa0 RCX: 00007f504638ebe9
[ 1231.449118][T19614] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[ 1231.457083][T19614] RBP: 00007f5047153090 R08: 0000000000000000 R09: 0000000000000000
[ 1231.465041][T19614] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001
[ 1231.473015][T19614] R13: 00007f50465c6038 R14: 00007f50465c5fa0 R15: 00007ffc6d2cc098
[ 1231.480995][T19614]  </TASK>
[ 1231.585705][T11357] kworker/u4:7: attempt to access beyond end of device
[ 1231.585705][T11357] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1232.643387][T19636] loop2: detected capacity change from 0 to 512
[ 1232.715409][T19636] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1236.452871][T19702] sch_fq: defrate 4294967295 ignored.
[ 1236.729232][T19706] netlink: 100 bytes leftover after parsing attributes in process `syz.3.5871'.
[ 1239.531314][T19757] loop2: detected capacity change from 0 to 128
[ 1239.560040][T19757] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1239.568900][T19757] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1239.590195][T19447] EXT4-fs (loop2): unmounting filesystem.
[ 1239.859650][T19768] sch_fq: defrate 4294967295 ignored.
[ 1242.560947][   T39] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 1242.772757][   T39] usb 3-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1242.789865][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.824777][   T39] usb 3-1: config 0 descriptor??
[ 1243.233060][   T39] smartjoyplus 0003:0925:8888.00CC: unknown main item tag 0x0
[ 1243.243917][   T39] smartjoyplus 0003:0925:8888.00CC: unknown main item tag 0x0
[ 1243.256012][   T39] smartjoyplus 0003:0925:8888.00CC: unknown main item tag 0x0
[ 1243.270243][   T39] smartjoyplus 0003:0925:8888.00CC: unknown main item tag 0x0
[ 1243.327746][   T39] smartjoyplus 0003:0925:8888.00CC: unknown main item tag 0x0
[ 1243.339211][   T39] smartjoyplus 0003:0925:8888.00CC: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.2-1/input0
[ 1243.351503][   T39] smartjoyplus 0003:0925:8888.00CC: no output reports found
[ 1243.455324][   T39] usb 3-1: USB disconnect, device number 3
[ 1243.544836][T19826] device wg2 entered promiscuous mode
[ 1247.280507][T19883] loop2: detected capacity change from 0 to 512
[ 1247.301356][T19883] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1249.338226][T19908] device pim6reg1 entered promiscuous mode
[ 1250.080912][T11564] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 1250.270988][T11564] usb 3-1: Using ep0 maxpacket: 16
[ 1250.277633][T11564] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[ 1250.304170][T11564] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1250.334077][T11564] usb 3-1: config 0 has no interface number 0
[ 1250.351550][T11564] usb 3-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 1250.383449][T11564] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1250.407829][T11564] usb 3-1: Product: syz
[ 1250.422331][T11564] usb 3-1: Manufacturer: syz
[ 1250.435741][T11564] usb 3-1: SerialNumber: syz
[ 1250.530708][T11564] usb 3-1: config 0 descriptor??
[ 1250.778117][T11564] usb 3-1: Found UVC 0.00 device syz (046d:08d3)
[ 1250.785967][T11564] usb 3-1: No valid video chain found.
[ 1250.796809][T11564] usb 3-1: USB disconnect, device number 4
[ 1250.899896][T19947] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5940'.
[ 1250.919116][T19947] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5940'.
[ 1251.565732][T19962] device pim6reg1 entered promiscuous mode
[ 1253.389131][T19984] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1253.396479][T19984] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1253.403668][T11564] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1253.404170][T19984] device bridge_slave_0 entered promiscuous mode
[ 1253.418874][T19984] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1253.426790][T19984] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1253.437615][T19984] device bridge_slave_1 entered promiscuous mode
[ 1253.445722][T19990] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5952'.
[ 1253.685405][T19984] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1253.692489][T19984] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1253.699738][T19984] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1253.706810][T19984] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1253.725385][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1253.733002][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1253.740214][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1253.748071][T11564] usb 3-1: Using ep0 maxpacket: 16
[ 1253.756808][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1253.765361][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1253.765529][T11564] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[ 1253.772432][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1253.788556][T11564] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1253.799298][T11564] usb 3-1: config 0 has no interface number 0
[ 1253.806114][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1253.807102][T11564] usb 3-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 1253.815207][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1253.823260][T11564] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1253.830272][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1253.838259][T11564] usb 3-1: Product: syz
[ 1253.846341][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1253.849642][T11564] usb 3-1: Manufacturer: syz
[ 1253.857951][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1253.861988][T11564] usb 3-1: SerialNumber: syz
[ 1253.876199][T11564] usb 3-1: config 0 descriptor??
[ 1253.881625][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1253.891035][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1253.899022][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1253.906716][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1253.915296][T19984] device veth0_vlan entered promiscuous mode
[ 1253.927831][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1253.937109][T19984] device veth1_macvtap entered promiscuous mode
[ 1253.947059][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1253.957414][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1254.105879][T11564] usb 3-1: Found UVC 0.00 device syz (046d:08d3)
[ 1254.114386][T11564] usb 3-1: No valid video chain found.
[ 1254.161036][T11564] usb 3-1: USB disconnect, device number 5
[ 1254.181921][T19739] device bridge_slave_1 left promiscuous mode
[ 1254.244880][T19739] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1254.272337][T19739] device bridge_slave_0 left promiscuous mode
[ 1254.280722][T19739] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1254.289044][T19739] device bridge0 left promiscuous mode
[ 1254.294736][T19739] device veth0_vlan left promiscuous mode
[ 1254.498969][T20008] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5954'.
[ 1254.518138][T20008] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5954'.
[ 1255.269466][T20025] device bridge0 entered promiscuous mode
[ 1255.279551][T20025] device pim6reg1 entered promiscuous mode
[ 1257.476338][T20050] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5964'.
[ 1257.856676][T20055] sch_fq: defrate 4294967295 ignored.
[ 1257.876598][T11564] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1258.092762][T11564] usb 1-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1258.103610][T11564] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1258.112277][T11564] usb 1-1: config 0 descriptor??
[ 1258.728353][T11564] smartjoyplus 0003:0925:8888.00CD: unknown main item tag 0x0
[ 1258.848735][T20074] overlayfs: failed to clone upperpath
[ 1258.857623][T20074] overlayfs: failed to clone upperpath
[ 1258.910937][T11564] smartjoyplus 0003:0925:8888.00CD: unknown main item tag 0x0
[ 1259.092197][T11564] smartjoyplus 0003:0925:8888.00CD: unknown main item tag 0x0
[ 1259.103892][T11564] smartjoyplus 0003:0925:8888.00CD: unknown main item tag 0x0
[ 1259.123151][T11564] smartjoyplus 0003:0925:8888.00CD: unknown main item tag 0x0
[ 1259.132115][T11564] smartjoyplus 0003:0925:8888.00CD: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.0-1/input0
[ 1259.143897][T11564] smartjoyplus 0003:0925:8888.00CD: no output reports found
[ 1259.154004][T11564] usb 1-1: USB disconnect, device number 7
[ 1260.283247][T20096] device pim6reg1 entered promiscuous mode
[ 1260.562418][T20106] loop2: detected capacity change from 0 to 4096
[ 1260.571796][T20106] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1260.792894][T20113] netlink: 80 bytes leftover after parsing attributes in process `syz.3.5979'.
[ 1261.402260][T19447] EXT4-fs (loop2): unmounting filesystem.
[ 1262.718111][T20133] device pim6reg1 entered promiscuous mode
[ 1263.525935][   T28] audit: type=1326 audit(1756864811.344:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20147 comm="syz.0.5989" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7265f8ebe9 code=0x0
[ 1265.761922][T20195] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6004'.
[ 1265.775548][T20195] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6004'.
[ 1265.792134][T20195] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1266.605297][T20220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6011'.
[ 1266.879864][T20232] syz.4.6014[20232] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1266.880198][T20232] syz.4.6014[20232] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1267.555172][T20248] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6016'.
[ 1268.002961][T20260] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6022'.
[ 1268.012143][T20260] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6022'.
[ 1268.021204][T11564] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1268.132707][T20262] syz.3.6021[20262] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1268.133155][T20262] syz.3.6021[20262] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1268.222019][T11564] usb 1-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1268.251774][T11564] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1268.265252][T11564] usb 1-1: config 0 descriptor??
[ 1268.485471][T20273] sch_fq: defrate 4294967295 ignored.
[ 1268.774938][T20278] syz.4.6025[20278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1268.775435][T20278] syz.4.6025[20278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1269.634912][T11564] smartjoyplus 0003:0925:8888.00CE: unknown main item tag 0x0
[ 1269.660002][T11564] smartjoyplus 0003:0925:8888.00CE: unknown main item tag 0x0
[ 1269.667910][T11564] smartjoyplus 0003:0925:8888.00CE: unknown main item tag 0x0
[ 1269.675491][T11564] smartjoyplus 0003:0925:8888.00CE: unknown main item tag 0x0
[ 1269.683098][T11564] smartjoyplus 0003:0925:8888.00CE: unknown main item tag 0x0
[ 1269.693247][T11564] smartjoyplus 0003:0925:8888.00CE: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.0-1/input0
[ 1269.728688][T11564] smartjoyplus 0003:0925:8888.00CE: no output reports found
[ 1269.737042][T11564] usb 1-1: USB disconnect, device number 8
[ 1270.750936][T10451] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1271.273372][T10451] usb 3-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1271.282826][T10451] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1271.357474][T10451] usb 3-1: config 0 descriptor??
[ 1272.039679][T10451] smartjoyplus 0003:0925:8888.00CF: unknown main item tag 0x0
[ 1272.047460][T10451] smartjoyplus 0003:0925:8888.00CF: unknown main item tag 0x0
[ 1272.055249][T10451] smartjoyplus 0003:0925:8888.00CF: unknown main item tag 0x0
[ 1272.063025][T10451] smartjoyplus 0003:0925:8888.00CF: unknown main item tag 0x0
[ 1272.070496][T10451] smartjoyplus 0003:0925:8888.00CF: unknown main item tag 0x0
[ 1272.079649][T10451] smartjoyplus 0003:0925:8888.00CF: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.2-1/input0
[ 1272.091603][T10451] smartjoyplus 0003:0925:8888.00CF: no output reports found
[ 1272.317238][T20334] sch_fq: defrate 4294967295 ignored.
[ 1272.522107][ T9700] usb 3-1: USB disconnect, device number 6
[ 1276.310948][T11564] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1276.641992][T11564] usb 1-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1276.651133][T11564] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1276.659501][T11564] usb 1-1: config 0 descriptor??
[ 1276.680907][ T9700] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1277.030901][ T9700] usb 3-1: Using ep0 maxpacket: 16
[ 1277.037035][ T9700] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[ 1277.045309][ T9700] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1277.055435][ T9700] usb 3-1: config 0 has no interface number 0
[ 1277.062879][ T9700] usb 3-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 1277.071960][ T9700] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1277.079959][ T9700] usb 3-1: Product: syz
[ 1277.084163][ T9700] usb 3-1: Manufacturer: syz
[ 1277.088782][ T9700] usb 3-1: SerialNumber: syz
[ 1277.093867][ T9700] usb 3-1: config 0 descriptor??
[ 1277.099466][T11564] smartjoyplus 0003:0925:8888.00D0: unknown main item tag 0x0
[ 1277.107048][T11564] smartjoyplus 0003:0925:8888.00D0: unknown main item tag 0x0
[ 1277.114643][T11564] smartjoyplus 0003:0925:8888.00D0: unknown main item tag 0x0
[ 1277.122554][T11564] smartjoyplus 0003:0925:8888.00D0: unknown main item tag 0x0
[ 1277.130060][T11564] smartjoyplus 0003:0925:8888.00D0: unknown main item tag 0x0
[ 1277.138056][T11564] smartjoyplus 0003:0925:8888.00D0: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.0-1/input0
[ 1277.149746][T11564] smartjoyplus 0003:0925:8888.00D0: no output reports found
[ 1277.301560][T13174] usb 1-1: USB disconnect, device number 9
[ 1277.442250][T20417] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6064'.
[ 1277.451749][T20417] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6064'.
[ 1277.733004][ T9700] usb 3-1: Found UVC 0.00 device syz (046d:08d3)
[ 1277.739393][ T9700] usb 3-1: No valid video chain found.
[ 1277.745807][ T9700] usb 3-1: USB disconnect, device number 7
[ 1278.430939][ T9700] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1278.590929][ T9700] usb 3-1: device descriptor read/64, error -71
[ 1279.015553][ T9700] usb 3-1: device descriptor read/64, error -71
[ 1279.654019][ T9700] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1279.866306][T20460] device pim6reg1 entered promiscuous mode
[ 1279.960920][ T9700] usb 3-1: device descriptor read/64, error -71
[ 1280.230921][ T9700] usb 3-1: device descriptor read/64, error -71
[ 1280.350955][ T9700] usb usb3-port1: attempt power cycle
[ 1280.512079][T20468] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6079'.
[ 1280.521092][T20468] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6079'.
[ 1280.760982][ T9700] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1280.792054][ T9700] usb 3-1: device descriptor read/8, error -71
[ 1280.941594][ T9700] usb 3-1: device descriptor read/8, error -71
[ 1281.520952][ T9700] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1281.546299][T20489] sch_fq: defrate 4294967295 ignored.
[ 1281.562329][ T9700] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1281.572323][ T9700] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1281.585278][ T9700] usb 3-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[ 1281.594359][ T9700] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1281.602911][ T9700] usb 3-1: config 0 descriptor??
[ 1281.640945][  T401] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1281.820912][  T401] usb 1-1: Using ep0 maxpacket: 16
[ 1281.827092][  T401] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[ 1281.835315][  T401] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1281.845756][  T401] usb 1-1: config 0 has no interface number 0
[ 1282.047145][ T9700] wacom 0003:056A:0336.00D1: hidraw0: USB HID v0.00 Device [HID 056a:0336] on usb-dummy_hcd.2-1/input0
[ 1282.060090][  T401] usb 1-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 1282.069309][  T401] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1282.077353][  T401] usb 1-1: Product: syz
[ 1282.081555][  T401] usb 1-1: Manufacturer: syz
[ 1282.086220][  T401] usb 1-1: SerialNumber: syz
[ 1282.091402][  T401] usb 1-1: config 0 descriptor??
[ 1282.247751][T20481] loop2: detected capacity change from 0 to 1024
[ 1282.254827][T20481] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1282.264345][T20481] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000]
[ 1282.274299][T20481] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.6083: Freeing blocks not in datazone - block = 0, count = 4096
[ 1282.287945][T20481] EXT4-fs (loop2): Remounting filesystem read-only
[ 1282.294649][T20481] EXT4-fs (loop2): 1 orphan inode deleted
[ 1282.300475][T20481] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1282.315575][  T401] usb 1-1: Found UVC 0.00 device syz (046d:08d3)
[ 1282.322889][  T401] usb 1-1: No valid video chain found.
[ 1282.329183][  T401] usb 1-1: USB disconnect, device number 10
[ 1282.431048][ T9700] usb 3-1: USB disconnect, device number 11
[ 1282.840953][T20498] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 1: padding at end of block bitmap is not set
[ 1282.859108][T20498] EXT4-fs (loop2): Remounting filesystem read-only
[ 1282.971923][T19447] EXT4-fs (loop2): unmounting filesystem.
[ 1283.319564][T20520] loop2: detected capacity change from 0 to 4096
[ 1283.329669][T20520] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1283.740916][ T9700] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1283.921967][ T9700] usb 1-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1283.931130][ T9700] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1283.939539][ T9700] usb 1-1: config 0 descriptor??
[ 1284.139331][T19447] EXT4-fs (loop2): unmounting filesystem.
[ 1284.300130][T20536] FAULT_INJECTION: forcing a failure.
[ 1284.300130][T20536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1284.313303][T20536] CPU: 1 PID: 20536 Comm: syz.2.6097 Not tainted syzkaller #0
[ 1284.320772][T20536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1284.330827][T20536] Call Trace:
[ 1284.334111][T20536]  <TASK>
[ 1284.337051][T20536]  __dump_stack+0x21/0x24
[ 1284.341391][T20536]  dump_stack_lvl+0xee/0x150
[ 1284.345988][T20536]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1284.351018][T20536]  dump_stack+0x15/0x24
[ 1284.355170][T20536]  should_fail_ex+0x3d4/0x520
[ 1284.359856][T20536]  should_fail+0xb/0x10
[ 1284.364041][T20536]  should_fail_usercopy+0x1a/0x20
[ 1284.369078][T20536]  _copy_from_user+0x1e/0xc0
[ 1284.373673][T20536]  ___sys_sendmsg+0x155/0x290
[ 1284.374155][ T9700] smartjoyplus 0003:0925:8888.00D2: unknown main item tag 0x0
[ 1284.378354][T20536]  ? __sys_sendmsg+0x270/0x270
[ 1284.386075][ T9700] smartjoyplus 0003:0925:8888.00D2: unknown main item tag 0x0
[ 1284.390551][T20536]  ? probe_sched_switch+0x63/0x90
[ 1284.390579][T20536]  ? _raw_spin_unlock+0x4c/0x70
[ 1284.398202][ T9700] smartjoyplus 0003:0925:8888.00D2: unknown main item tag 0x0
[ 1284.403017][T20536]  ? finish_task_switch+0x16b/0x7b0
[ 1284.403052][T20536]  ? __fdget+0x19c/0x220
[ 1284.407960][ T9700] smartjoyplus 0003:0925:8888.00D2: unknown main item tag 0x0
[ 1284.415325][T20536]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 1284.415355][T20536]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 1284.415373][T20536]  x64_sys_call+0x171/0x9a0
[ 1284.415392][T20536]  do_syscall_64+0x4c/0xa0
[ 1284.425810][ T9700] smartjoyplus 0003:0925:8888.00D2: unknown main item tag 0x0
[ 1284.432222][T20536]  ? clear_bhb_loop+0x30/0x80
[ 1284.432250][T20536]  ? clear_bhb_loop+0x30/0x80
[ 1284.432268][T20536]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1284.432285][T20536] RIP: 0033:0x7f504638ebe9
[ 1284.437950][ T9700] smartjoyplus 0003:0925:8888.00D2: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.0-1/input0
[ 1284.442640][T20536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1284.442656][T20536] RSP: 002b:00007f5044df7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1284.447172][ T9700] smartjoyplus 0003:0925:8888.00D2: no output reports found
[ 1284.451562][T20536] RAX: ffffffffffffffda RBX: 00007f50465c6180 RCX: 00007f504638ebe9
[ 1284.451577][T20536] RDX: 0000000004000000 RSI: 0000200000000800 RDI: 0000000000000006
[ 1284.451587][T20536] RBP: 00007f5044df7090 R08: 0000000000000000 R09: 0000000000000000
[ 1284.451597][T20536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1284.451607][T20536] R13: 00007f50465c6218 R14: 00007f50465c6180 R15: 00007ffc6d2cc098
[ 1284.451624][T20536]  </TASK>
[ 1284.601506][ T9700] usb 1-1: USB disconnect, device number 11
[ 1284.675230][T20541] sch_fq: defrate 4294967295 ignored.
[ 1286.263335][T20573] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1286.270532][T20573] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1286.278268][T20573] device bridge_slave_0 entered promiscuous mode
[ 1286.285955][T20573] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1286.380338][T20573] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1286.391356][T20573] device bridge_slave_1 entered promiscuous mode
[ 1286.459452][T20573] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1286.466576][T20573] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1286.473912][T20573] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1286.480964][T20573] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1287.210002][T20590] tipc: Started in network mode
[ 1287.215300][T20590] tipc: Node identity 2, cluster identity 4711
[ 1287.221508][T20590] tipc: Node number set to 2
[ 1287.316980][  T334] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1287.326106][  T334] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1287.564297][T20573] device veth0_vlan entered promiscuous mode
[ 1287.570635][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1287.579036][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1287.590309][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1287.599863][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1287.608435][  T334] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1287.615550][  T334] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1287.623375][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1287.631864][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1287.701893][  T334] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1287.708961][  T334] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1287.718144][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1287.727490][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1287.738573][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1287.779301][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1287.812661][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1287.821163][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1287.829556][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1287.837558][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1287.846757][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1287.854328][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1287.868533][T20573] device veth1_macvtap entered promiscuous mode
[ 1287.877107][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1287.885543][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1287.894054][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1287.910177][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1287.918822][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1287.927961][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1287.936771][  T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1288.461890][T20617] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6116'.
[ 1288.485486][T20617] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6116'.
[ 1289.001842][T20624] loop2: detected capacity change from 0 to 2048
[ 1289.087459][T20627] FAULT_INJECTION: forcing a failure.
[ 1289.087459][T20627] name failslab, interval 1, probability 0, space 0, times 0
[ 1289.100181][T20627] CPU: 1 PID: 20627 Comm: syz.5.6118 Not tainted syzkaller #0
[ 1289.107643][T20627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1289.117702][T20627] Call Trace:
[ 1289.120976][T20627]  <TASK>
[ 1289.123896][T20627]  __dump_stack+0x21/0x24
[ 1289.128219][T20627]  dump_stack_lvl+0xee/0x150
[ 1289.132829][T20627]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1289.137851][T20627]  dump_stack+0x15/0x24
[ 1289.142000][T20627]  should_fail_ex+0x3d4/0x520
[ 1289.146676][T20627]  ? getname_flags+0xb9/0x500
[ 1289.149996][T20624]  loop2: p1 < > p3
[ 1289.151349][T20627]  __should_failslab+0xac/0xf0
[ 1289.151372][T20627]  should_failslab+0x9/0x20
[ 1289.151388][T20627]  kmem_cache_alloc+0x3b/0x330
[ 1289.155629][T20624] loop2: p3 size 134217728 extends beyond EOD, 
[ 1289.159915][T20627]  getname_flags+0xb9/0x500
[ 1289.159945][T20627]  getname+0x19/0x20
[ 1289.165321][T20624] truncated
[ 1289.169180][T20627]  do_sys_openat2+0xcb/0x7e0
[ 1289.191377][T20627]  ? do_sys_open+0xe0/0xe0
[ 1289.195787][T20627]  ? release_firmware_map_entry+0x194/0x194
[ 1289.201658][T20627]  ? ksys_write+0x1eb/0x240
[ 1289.206149][T20627]  __x64_sys_openat+0x136/0x160
[ 1289.210982][T20627]  x64_sys_call+0x783/0x9a0
[ 1289.215476][T20627]  do_syscall_64+0x4c/0xa0
[ 1289.219872][T20627]  ? clear_bhb_loop+0x30/0x80
[ 1289.224531][T20627]  ? clear_bhb_loop+0x30/0x80
[ 1289.229192][T20627]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1289.235066][T20627] RIP: 0033:0x7f8ad218ebe9
[ 1289.239462][T20627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1289.259045][T20627] RSP: 002b:00007f8ad2f91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1289.267438][T20627] RAX: ffffffffffffffda RBX: 00007f8ad23c6180 RCX: 00007f8ad218ebe9
[ 1289.275390][T20627] RDX: 0000000000000302 RSI: 0000200000000340 RDI: ffffffffffffff9c
[ 1289.283341][T20627] RBP: 00007f8ad2f91090 R08: 0000000000000000 R09: 0000000000000000
[ 1289.291313][T20627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1289.299265][T20627] R13: 00007f8ad23c6218 R14: 00007f8ad23c6180 R15: 00007ffec00ae0b8
[ 1289.307225][T20627]  </TASK>
[ 1289.414966][T20624] loop2: detected capacity change from 0 to 128
[ 1289.421917][T20624] FAT-fs (loop2): Unrecognized mount option " Ŕ" or missing value
[ 1289.849175][T20640] fuse: Bad value for 'fd'
[ 1290.842859][T20646] sch_fq: defrate 4294967295 ignored.
[ 1291.372231][T20176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1292.240928][  T401] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1292.442265][  T401] usb 3-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1292.451470][  T401] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1292.460092][  T401] usb 3-1: config 0 descriptor??
[ 1292.867643][  T401] smartjoyplus 0003:0925:8888.00D3: unknown main item tag 0x0
[ 1292.875212][  T401] smartjoyplus 0003:0925:8888.00D3: unknown main item tag 0x0
[ 1292.882705][  T401] smartjoyplus 0003:0925:8888.00D3: unknown main item tag 0x0
[ 1292.890216][  T401] smartjoyplus 0003:0925:8888.00D3: unknown main item tag 0x0
[ 1292.897980][  T401] smartjoyplus 0003:0925:8888.00D3: unknown main item tag 0x0
[ 1292.905911][  T401] smartjoyplus 0003:0925:8888.00D3: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.2-1/input0
[ 1292.917572][  T401] smartjoyplus 0003:0925:8888.00D3: no output reports found
[ 1293.068953][T15491] usb 3-1: USB disconnect, device number 12
[ 1293.971855][T20699] sch_fq: defrate 4294967295 ignored.
[ 1294.612606][T20714] device ip6erspan0 entered promiscuous mode
[ 1295.248928][T20721] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6148'.
[ 1295.358879][T20723] device bridge0 entered promiscuous mode
[ 1295.750976][  T357] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1295.931985][  T357] usb 3-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1295.941142][  T357] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1295.949527][  T357] usb 3-1: config 0 descriptor??
[ 1297.010334][  T357] smartjoyplus 0003:0925:8888.00D4: unknown main item tag 0x0
[ 1297.017914][  T357] smartjoyplus 0003:0925:8888.00D4: unknown main item tag 0x0
[ 1297.052812][  T357] smartjoyplus 0003:0925:8888.00D4: unknown main item tag 0x0
[ 1298.220932][  T357] smartjoyplus 0003:0925:8888.00D4: unknown main item tag 0x0
[ 1298.228722][  T357] smartjoyplus 0003:0925:8888.00D4: unknown main item tag 0x0
[ 1298.370097][  T357] smartjoyplus 0003:0925:8888.00D4: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.2-1/input0
[ 1298.470934][  T357] smartjoyplus 0003:0925:8888.00D4: no output reports found
[ 1298.500980][  T357] usb 3-1: USB disconnect, device number 13
[ 1299.373558][T20777] netlink: 80 bytes leftover after parsing attributes in process `syz.5.6162'.
[ 1300.120014][T20795] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1300.127125][T20795] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.134572][T20795] device bridge_slave_0 entered promiscuous mode
[ 1300.141652][T20795] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1300.148724][T20795] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.156268][T20795] device bridge_slave_1 entered promiscuous mode
[ 1300.197649][T20795] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1300.204739][T20795] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1300.212040][T20795] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1300.219066][T20795] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1300.270730][T20795] device veth0_vlan entered promiscuous mode
[ 1300.285120][T20795] device veth1_macvtap entered promiscuous mode
[ 1300.296735][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1300.305260][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1300.314463][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1300.323005][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1300.331492][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1300.339875][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1300.348495][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1300.357956][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1300.367574][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1300.378301][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1300.401957][T20813] syz.5.6168[20813] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1300.402409][T20813] syz.5.6168[20813] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1300.488770][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1300.519479][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1300.528026][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1300.559832][   T28] audit: type=1400 audit(1756864848.374:602): avc:  denied  { read write } for  pid=20795 comm="syz-executor" name="loop6" dev="devtmpfs" ino=2638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1300.587942][   T28] audit: type=1400 audit(1756864848.404:603): avc:  denied  { open } for  pid=20795 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=2638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1300.739891][   T28] audit: type=1400 audit(1756864848.404:604): avc:  denied  { ioctl } for  pid=20795 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=2638 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1300.892340][T20822] sch_fq: defrate 4294967295 ignored.
[ 1300.974235][T20828] syz.2.6170[20828] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1300.974329][T20828] syz.2.6170[20828] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1300.991131][T20828] loop2: detected capacity change from 0 to 256
[ 1301.017113][T20828] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1301.054588][   T28] audit: type=1400 audit(1756864848.874:605): avc:  denied  { map } for  pid=20820 comm="syz.2.6170" path="/56/file1/blkio.bfq.io_serviced_recursive" dev="loop2" ino=1048648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1301.081781][   T28] audit: type=1400 audit(1756864848.894:606): avc:  denied  { execute } for  pid=20820 comm="syz.2.6170" path="/56/file1/blkio.bfq.io_serviced_recursive" dev="loop2" ino=1048648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1301.764508][T20845] device pim6reg1 entered promiscuous mode
[ 1301.852409][T20848] netlink: 80 bytes leftover after parsing attributes in process `syz.2.6178'.
[ 1301.910925][T13174] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1302.101971][T13174] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1302.114906][T13174] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1302.145777][T13174] usb 7-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[ 1302.163947][T13174] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1302.173211][T13174] usb 7-1: config 0 descriptor??
[ 1302.581634][T13174] wacom 0003:056A:0336.00D5: hidraw0: USB HID v0.00 Device [HID 056a:0336] on usb-dummy_hcd.6-1/input0
[ 1302.786850][T20840] loop6: detected capacity change from 0 to 1024
[ 1302.794228][T20840] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1302.803750][T20840] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000]
[ 1302.813907][T20840] EXT4-fs error (device loop6): ext4_free_blocks:6210: comm syz.6.6175: Freeing blocks not in datazone - block = 0, count = 4096
[ 1302.827529][T20840] EXT4-fs (loop6): Remounting filesystem read-only
[ 1302.834222][T20840] EXT4-fs (loop6): 1 orphan inode deleted
[ 1302.840078][T20840] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1303.142425][  T347] usb 7-1: USB disconnect, device number 2
[ 1303.671768][T20795] EXT4-fs (loop6): unmounting filesystem.
[ 1303.781785][T20892] netlink: 80 bytes leftover after parsing attributes in process `syz.5.6192'.
[ 1304.545118][T20907] loop6: detected capacity change from 0 to 128
[ 1304.553265][T20907] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1304.561996][T20907] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1304.573628][T20907] FAULT_INJECTION: forcing a failure.
[ 1304.573628][T20907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1304.587469][T20907] CPU: 0 PID: 20907 Comm: syz.6.6195 Not tainted syzkaller #0
[ 1304.594940][T20907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1304.604995][T20907] Call Trace:
[ 1304.608279][T20907]  <TASK>
[ 1304.611206][T20907]  __dump_stack+0x21/0x24
[ 1304.615529][T20907]  dump_stack_lvl+0xee/0x150
[ 1304.620115][T20907]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1304.625139][T20907]  dump_stack+0x15/0x24
[ 1304.629294][T20907]  should_fail_ex+0x3d4/0x520
[ 1304.634048][T20907]  should_fail+0xb/0x10
[ 1304.638541][T20907]  should_fail_usercopy+0x1a/0x20
[ 1304.643551][T20907]  _copy_to_user+0x1e/0x90
[ 1304.647951][T20907]  simple_read_from_buffer+0xe9/0x160
[ 1304.653302][T20907]  proc_fail_nth_read+0x19a/0x210
[ 1304.658307][T20907]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 1304.663833][T20907]  ? security_file_permission+0x94/0xb0
[ 1304.669361][T20907]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 1304.674888][T20907]  vfs_read+0x26e/0x8c0
[ 1304.679035][T20907]  ? __cfi_vfs_read+0x10/0x10
[ 1304.683697][T20907]  ? __kasan_check_write+0x14/0x20
[ 1304.688792][T20907]  ? mutex_lock+0x8d/0x1a0
[ 1304.693188][T20907]  ? __cfi_mutex_lock+0x10/0x10
[ 1304.698018][T20907]  ? __fdget_pos+0x2cd/0x380
[ 1304.702590][T20907]  ? ksys_read+0x71/0x240
[ 1304.706909][T20907]  ksys_read+0x140/0x240
[ 1304.711135][T20907]  ? __cfi_ksys_read+0x10/0x10
[ 1304.715883][T20907]  ? fput+0x154/0x1a0
[ 1304.719844][T20907]  ? debug_smp_processor_id+0x17/0x20
[ 1304.725201][T20907]  __x64_sys_read+0x7b/0x90
[ 1304.729724][T20907]  x64_sys_call+0x2f/0x9a0
[ 1304.734145][T20907]  do_syscall_64+0x4c/0xa0
[ 1304.738538][T20907]  ? clear_bhb_loop+0x30/0x80
[ 1304.743201][T20907]  ? clear_bhb_loop+0x30/0x80
[ 1304.747868][T20907]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1304.753740][T20907] RIP: 0033:0x7fba8ef8d5fc
[ 1304.758137][T20907] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1304.777725][T20907] RSP: 002b:00007fba8fe13030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1304.786208][T20907] RAX: ffffffffffffffda RBX: 00007fba8f1c5fa0 RCX: 00007fba8ef8d5fc
[ 1304.794161][T20907] RDX: 000000000000000f RSI: 00007fba8fe130a0 RDI: 0000000000000005
[ 1304.802121][T20907] RBP: 00007fba8fe13090 R08: 0000000000000000 R09: 0000000000000000
[ 1304.810077][T20907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1304.818028][T20907] R13: 00007fba8f1c6038 R14: 00007fba8f1c5fa0 R15: 00007ffd5f0e1878
[ 1304.826005][T20907]  </TASK>
[ 1304.855847][T20795] EXT4-fs (loop6): unmounting filesystem.
[ 1305.211119][T11564] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1305.401996][T11564] usb 7-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1305.411138][T11564] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1305.419802][T11564] usb 7-1: config 0 descriptor??
[ 1305.931335][T11564] smartjoyplus 0003:0925:8888.00D6: unknown main item tag 0x0
[ 1305.939764][T20945] netlink: 80 bytes leftover after parsing attributes in process `syz.0.6207'.
[ 1305.948788][T11564] smartjoyplus 0003:0925:8888.00D6: unknown main item tag 0x0
[ 1305.956500][T11564] smartjoyplus 0003:0925:8888.00D6: unknown main item tag 0x0
[ 1305.964611][T11564] smartjoyplus 0003:0925:8888.00D6: unknown main item tag 0x0
[ 1305.972541][T11564] smartjoyplus 0003:0925:8888.00D6: unknown main item tag 0x0
[ 1305.980650][T11564] smartjoyplus 0003:0925:8888.00D6: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.6-1/input0
[ 1305.992519][T11564] smartjoyplus 0003:0925:8888.00D6: no output reports found
[ 1306.139282][T13174] usb 7-1: USB disconnect, device number 3
[ 1307.004017][T20966] loop6: detected capacity change from 0 to 8192
[ 1307.041469][T20966]  loop6: p3 p4 < >
[ 1307.045386][T20966] loop6: p3 size 16744448 extends beyond EOD, truncated
[ 1308.471487][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1309.249844][T21001] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6223'.
[ 1310.693980][T21031] loop6: detected capacity change from 0 to 1024
[ 1310.712377][T21031] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1310.721090][T21031] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1311.712682][T20795] EXT4-fs (loop6): unmounting filesystem.
[ 1311.980759][   T28] audit: type=1400 audit(1756864859.794:607): avc:  denied  { name_bind } for  pid=21056 comm="syz.5.6237" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[ 1311.990022][T21053] loop6: detected capacity change from 0 to 2048
[ 1312.121432][T21053]  loop6: p1 < > p3
[ 1312.125777][T21053] loop6: p3 size 134217728 extends beyond EOD, truncated
[ 1312.975257][T21072] loop6: detected capacity change from 0 to 128
[ 1313.004287][T21072] FAT-fs (loop6): Unrecognized mount option "GPL" or missing value
[ 1313.062700][T21075] sch_fq: defrate 4294967295 ignored.
[ 1314.177324][ T3734] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1314.521079][ T3734] usb 7-1: Using ep0 maxpacket: 16
[ 1314.527298][ T3734] usb 7-1: config 0 has an invalid interface number: 105 but max is 0
[ 1314.535560][ T3734] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1314.545727][ T3734] usb 7-1: config 0 has no interface number 0
[ 1314.553310][ T3734] usb 7-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 1314.562403][ T3734] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1314.570392][ T3734] usb 7-1: Product: syz
[ 1314.574939][ T3734] usb 7-1: Manufacturer: syz
[ 1314.579543][ T3734] usb 7-1: SerialNumber: syz
[ 1314.585059][ T3734] usb 7-1: config 0 descriptor??
[ 1314.794145][ T3734] usb 7-1: Found UVC 0.00 device syz (046d:08d3)
[ 1314.801149][ T3734] usb 7-1: No valid video chain found.
[ 1314.811084][ T3734] usb 7-1: USB disconnect, device number 4
[ 1315.457376][T21129] sch_fq: defrate 4294967295 ignored.
[ 1315.909461][   T28] audit: type=1400 audit(1756864863.724:608): avc:  denied  { setopt } for  pid=21136 comm="syz.2.6259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1316.372152][T21150] netlink: 80 bytes leftover after parsing attributes in process `syz.6.6264'.
[ 1316.813375][T21163] fuse: Bad value for 'fd'
[ 1318.038913][T21178] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6273'.
[ 1318.048093][T21178] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6273'.
[ 1319.153449][T21184] device bridge0 entered promiscuous mode
[ 1319.161910][T21188] device pim6reg1 entered promiscuous mode
[ 1319.532412][T21205] IPv6: sit1: Disabled Multicast RS
[ 1322.175313][T21228] netlink: 80 bytes leftover after parsing attributes in process `syz.0.6283'.
[ 1322.193442][T21233] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6284'.
[ 1324.531769][T21249] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6290'.
[ 1324.543975][T21249] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6290'.
[ 1325.398711][T21267] loop6: detected capacity change from 0 to 8192
[ 1325.456510][T21267]  loop6: p3 p4 < >
[ 1325.460415][T21267] loop6: p3 size 16744448 extends beyond EOD, truncated
[ 1326.573516][T21286] netlink: 80 bytes leftover after parsing attributes in process `syz.0.6298'.
[ 1326.748625][T21295] loop6: detected capacity change from 0 to 2048
[ 1326.959821][T21300] sch_fq: defrate 4294967295 ignored.
[ 1326.977100][T21295] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1327.024334][   T28] audit: type=1400 audit(1756864874.844:609): avc:  denied  { append } for  pid=21294 comm="syz.6.6302" name="loop6" dev="devtmpfs" ino=2638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1327.065157][T21295] EXT4-fs error (device loop6): __ext4_get_inode_loc:4509: comm syz.6.6302: Invalid inode table block 163208811354 in block_group 0
[ 1327.083086][   T28] audit: type=1400 audit(1756864874.864:610): avc:  denied  { map } for  pid=21294 comm="syz.6.6302" path="/dev/loop6" dev="devtmpfs" ino=2638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1327.111265][T20795] EXT4-fs (loop6): unmounting filesystem.
[ 1327.402999][T21311] fuse: Bad value for 'fd'
[ 1327.420987][T21260] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1327.586171][T21316] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1327.593372][T21316] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1327.600760][T21316] device bridge_slave_0 entered promiscuous mode
[ 1327.607689][T21316] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1327.616172][T21316] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1327.624133][T21316] device bridge_slave_1 entered promiscuous mode
[ 1327.630673][T21260] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1327.644029][T21260] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1327.666048][T21260] usb 7-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[ 1327.684237][T21260] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1327.706093][T21260] usb 7-1: config 0 descriptor??
[ 1327.743418][   T43] tipc: Left network mode
[ 1327.792240][T21323] sch_fq: defrate 4294967295 ignored.
[ 1327.818404][T21316] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1327.825478][T21316] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1327.832781][T21316] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1327.839806][T21316] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1327.937901][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1327.945766][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1327.956306][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1327.965804][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1327.975137][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1327.984042][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1328.195885][T21316] device veth0_vlan entered promiscuous mode
[ 1328.230568][T21260] wacom 0003:056A:0336.00D7: hidraw0: USB HID v0.00 Device [HID 056a:0336] on usb-dummy_hcd.6-1/input0
[ 1328.230631][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1328.250657][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1328.258654][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1328.327350][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1328.337333][T21316] device veth1_macvtap entered promiscuous mode
[ 1328.348104][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1328.365713][ T6481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1328.623543][T21309] loop6: detected capacity change from 0 to 1024
[ 1328.624954][T21343] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6307'.
[ 1328.631335][T21309] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1328.647779][T21343] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6307'.
[ 1328.659678][T21309] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000]
[ 1328.669342][T21343] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1328.676747][T21309] EXT4-fs error (device loop6): ext4_free_blocks:6210: comm syz.6.6304: Freeing blocks not in datazone - block = 0, count = 4096
[ 1328.697156][T21309] EXT4-fs (loop6): Remounting filesystem read-only
[ 1328.704110][T21309] EXT4-fs (loop6): 1 orphan inode deleted
[ 1328.709899][T21309] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1328.801864][   T43] device bridge_slave_1 left promiscuous mode
[ 1328.824893][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1328.842457][   T43] device bridge_slave_0 left promiscuous mode
[ 1328.861021][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1329.087182][   T43] device bridge0 left promiscuous mode
[ 1329.099479][   T43] device veth1_macvtap left promiscuous mode
[ 1329.105965][   T43] device veth0_vlan left promiscuous mode
[ 1329.278462][ T9700] usb 7-1: USB disconnect, device number 5
[ 1329.310929][T21345] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 1: padding at end of block bitmap is not set
[ 1329.335622][T21345] EXT4-fs (loop6): Remounting filesystem read-only
[ 1329.780990][T13174] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 1329.815963][T21369] netlink: 80 bytes leftover after parsing attributes in process `syz.5.6316'.
[ 1329.851066][T20795] EXT4-fs (loop6): unmounting filesystem.
[ 1330.082739][T13174] usb 2-1: New USB device found, idVendor=0925, idProduct=8888, bcdDevice= 0.00
[ 1330.121535][T13174] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1330.209252][T13174] usb 2-1: config 0 descriptor??
[ 1331.128182][T13174] smartjoyplus 0003:0925:8888.00D8: unknown main item tag 0x0
[ 1331.135827][T13174] smartjoyplus 0003:0925:8888.00D8: unknown main item tag 0x0
[ 1331.143555][T13174] smartjoyplus 0003:0925:8888.00D8: unknown main item tag 0x0
[ 1331.151215][T13174] smartjoyplus 0003:0925:8888.00D8: unknown main item tag 0x0
[ 1331.158703][T13174] smartjoyplus 0003:0925:8888.00D8: unknown main item tag 0x0
[ 1331.167804][T13174] smartjoyplus 0003:0925:8888.00D8: hidraw0: USB HID v0.00 Device [HID 0925:8888] on usb-dummy_hcd.1-1/input0
[ 1331.179778][T13174] smartjoyplus 0003:0925:8888.00D8: no output reports found
[ 1331.615778][T13174] usb 2-1: USB disconnect, device number 93
[ 1331.760955][T11564] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1331.934756][T21394] fuse: Bad value for 'fd'
[ 1331.981985][T11564] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1331.994234][T11564] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1332.003247][T11564] usb 7-1: config 1 has no interface number 0
[ 1332.013548][T11564] usb 7-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1332.058403][   T28] audit: type=1400 audit(1756864879.874:611): avc:  denied  { read } for  pid=21397 comm="syz.5.6325" path="socket:[99807]" dev="sockfs" ino=99807 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1332.101300][   T28] audit: type=1400 audit(1756864879.924:612): avc:  denied  { create } for  pid=21397 comm="syz.5.6325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[ 1332.991050][T21411] device bridge0 entered promiscuous mode
[ 1333.164092][T11564] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1333.173472][T11564] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1333.181990][T11564] usb 7-1: Product: syz
[ 1333.186314][T11564] usb 7-1: Manufacturer: syz
[ 1333.191004][T11564] usb 7-1: SerialNumber: syz
[ 1333.196711][T11564] cdc_ncm 7-1:1.1: NCM or ECM functional descriptors missing
[ 1333.204380][T11564] cdc_ncm 7-1:1.1: bind() failure
[ 1333.339874][T21412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1333.438206][T21421] syz.5.6331[21421] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1333.438683][T21421] syz.5.6331[21421] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1334.189678][T21260] usb 7-1: USB disconnect, device number 6
[ 1335.124986][T21431] device pim6reg1 entered promiscuous mode
[ 1336.104296][T21439] sch_fq: defrate 4294967295 ignored.
[ 1336.130467][T11564] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[ 1337.441351][T21463] fuse: Bad value for 'fd'
[ 1338.986160][T21467] sch_fq: defrate 4294967295 ignored.
[ 1341.013291][T21506] fuse: Bad value for 'fd'
[ 1341.410942][  T413] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[ 1341.433190][T21515] fuse: Bad value for 'fd'
[ 1341.747367][T21525] FAULT_INJECTION: forcing a failure.
[ 1341.747367][T21525] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.760677][T21525] CPU: 0 PID: 21525 Comm: syz.6.6359 Not tainted syzkaller #0
[ 1341.768152][T21525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1341.778207][T21525] Call Trace:
[ 1341.781557][T21525]  <TASK>
[ 1341.784746][T21525]  __dump_stack+0x21/0x24
[ 1341.789079][T21525]  dump_stack_lvl+0xee/0x150
[ 1341.793664][T21525]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1341.798698][T21525]  ? internal_get_user_pages_fast+0x1377/0x17e0
[ 1341.804927][T21525]  dump_stack+0x15/0x24
[ 1341.809062][T21525]  should_fail_ex+0x3d4/0x520
[ 1341.813721][T21525]  __should_failslab+0xac/0xf0
[ 1341.818474][T21525]  ? kvmalloc_node+0x294/0x480
[ 1341.823221][T21525]  should_failslab+0x9/0x20
[ 1341.827701][T21525]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 1341.833069][T21525]  ? kvmalloc_node+0x294/0x480
[ 1341.837820][T21525]  __kmalloc_node+0xa1/0x1e0
[ 1341.842413][T21525]  ? timer_update_keys+0xb0/0xb0
[ 1341.847357][T21525]  kvmalloc_node+0x294/0x480
[ 1341.851963][T21525]  ? get_user_pages_fast_only+0x34/0x50
[ 1341.857519][T21525]  ? __cfi_kvmalloc_node+0x10/0x10
[ 1341.862634][T21525]  ? hva_to_pfn+0x2f0/0xa20
[ 1341.867140][T21525]  ? __kasan_check_write+0x14/0x20
[ 1341.872259][T21525]  __kvm_mmu_topup_memory_cache+0x35e/0x500
[ 1341.878162][T21525]  ? __kasan_check_write+0x14/0x20
[ 1341.883284][T21525]  ? mutex_unlock+0x89/0x220
[ 1341.887878][T21525]  kvm_mmu_topup_memory_cache+0x20/0x30
[ 1341.893435][T21525]  kvm_mmu_load+0x9c/0x25a0
[ 1341.897942][T21525]  ? __kasan_check_read+0x11/0x20
[ 1341.902981][T21525]  ? find_highest_vector+0x1d2/0x2f0
[ 1341.908272][T21525]  ? kvm_apic_has_interrupt+0x4fb/0x7a0
[ 1341.913813][T21525]  ? __cfi_kvm_lapic_sync_to_vapic+0x10/0x10
[ 1341.919793][T21525]  vcpu_enter_guest+0x4958/0x6be0
[ 1341.924819][T21525]  ? __kasan_check_write+0x14/0x20
[ 1341.929936][T21525]  ? pvclock_gtod_update_fn+0x270/0x270
[ 1341.935484][T21525]  ? 0xffffffffa0000754
[ 1341.939632][T21525]  ? is_bpf_text_address+0x177/0x190
[ 1341.944917][T21525]  ? kernel_text_address+0xa0/0xd0
[ 1341.950030][T21525]  ? __kernel_text_address+0xd/0x30
[ 1341.955224][T21525]  ? unwind_get_return_address+0x4d/0x90
[ 1341.960851][T21525]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 1341.967012][T21525]  ? arch_stack_walk+0xfc/0x150
[ 1341.971865][T21525]  ? vmx_vcpu_pi_load+0x12d/0x810
[ 1341.976879][T21525]  ? stack_trace_save+0x98/0xe0
[ 1341.981723][T21525]  ? __cfi_vmx_vcpu_pi_load+0x10/0x10
[ 1341.987078][T21525]  ? __stack_depot_save+0x36/0x480
[ 1341.992177][T21525]  ? _parse_integer_limit+0x18a/0x1d0
[ 1341.997536][T21525]  ? do_vfs_ioctl+0xc36/0x1c80
[ 1342.002285][T21525]  ? __this_cpu_preempt_check+0x13/0x20
[ 1342.007818][T21525]  ? xfd_validate_state+0x70/0x150
[ 1342.012914][T21525]  ? __local_bh_enable_ip+0x58/0x80
[ 1342.018100][T21525]  ? fpu_swap_kvm_fpstate+0x4ef/0x5d0
[ 1342.023451][T21525]  ? fpu_swap_kvm_fpstate+0x81/0x5d0
[ 1342.028736][T21525]  kvm_arch_vcpu_ioctl_run+0xec4/0x1fa0
[ 1342.034287][T21525]  kvm_vcpu_ioctl+0x882/0xb70
[ 1342.038948][T21525]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 1342.044129][T21525]  ? selinux_file_ioctl+0x377/0x480
[ 1342.049307][T21525]  ? __cfi_selinux_file_ioctl+0x10/0x10
[ 1342.054834][T21525]  ? mutex_unlock+0x89/0x220
[ 1342.059405][T21525]  ? __cfi_mutex_unlock+0x10/0x10
[ 1342.064407][T21525]  ? __fget_files+0x2d5/0x330
[ 1342.069065][T21525]  ? security_file_ioctl+0x95/0xc0
[ 1342.074158][T21525]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 1342.079341][T21525]  __se_sys_ioctl+0x12f/0x1b0
[ 1342.084001][T21525]  __x64_sys_ioctl+0x7b/0x90
[ 1342.088572][T21525]  x64_sys_call+0x58b/0x9a0
[ 1342.093061][T21525]  do_syscall_64+0x4c/0xa0
[ 1342.097457][T21525]  ? clear_bhb_loop+0x30/0x80
[ 1342.102116][T21525]  ? clear_bhb_loop+0x30/0x80
[ 1342.106779][T21525]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1342.112675][T21525] RIP: 0033:0x7fba8ef8ebe9
[ 1342.117074][T21525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1342.136661][T21525] RSP: 002b:00007fba8fe13038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1342.145060][T21525] RAX: ffffffffffffffda RBX: 00007fba8f1c5fa0 RCX: 00007fba8ef8ebe9
[ 1342.153012][T21525] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1342.160965][T21525] RBP: 00007fba8fe13090 R08: 0000000000000000 R09: 0000000000000000
[ 1342.168919][T21525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1342.176869][T21525] R13: 00007fba8f1c6038 R14: 00007fba8f1c5fa0 R15: 00007ffd5f0e1878
[ 1342.184823][T21525]  </TASK>
[ 1342.210959][  T413] usb 2-1: Using ep0 maxpacket: 16
[ 1342.217289][  T413] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[ 1342.225870][  T413] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1342.236486][  T413] usb 2-1: config 0 has no interface number 0
[ 1342.257345][  T413] usb 2-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 1342.286862][  T413] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1342.303625][  T413] usb 2-1: Product: syz
[ 1342.311947][  T413] usb 2-1: Manufacturer: syz
[ 1342.321701][  T413] usb 2-1: SerialNumber: syz
[ 1342.332628][  T413] usb 2-1: config 0 descriptor??
[ 1342.547834][  T413] usb 2-1: Found UVC 0.00 device syz (046d:08d3)
[ 1342.565555][   T60] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1342.597665][  T413] usb 2-1: No valid video chain found.
[ 1342.604188][  T413] usb 2-1: USB disconnect, device number 95
[ 1342.846547][   T60] usb 7-1: Using ep0 maxpacket: 8
[ 1342.855008][   T60] usb 7-1: config 244 has an invalid interface number: 228 but max is 0
[ 1342.893732][   T60] usb 7-1: config 244 has no interface number 0
[ 1342.900108][T21550] fuse: Bad value for 'fd'
[ 1342.905147][   T60] usb 7-1: config 244 interface 228 altsetting 213 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1342.916527][   T60] usb 7-1: config 244 interface 228 has no altsetting 0
[ 1342.932184][   T60] usb 7-1: New USB device found, idVendor=0a46, idProduct=9601, bcdDevice=94.68
[ 1342.942260][   T60] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1342.950354][   T60] usb 7-1: Product: syz
[ 1342.954894][   T60] usb 7-1: Manufacturer: syz
[ 1342.959567][   T60] usb 7-1: SerialNumber: syz
[ 1343.167532][T21558] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1343.225416][T21533] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1343.234150][T21533] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1343.272416][   T60] dm9601: probe of 7-1:244.228 failed with error -22
[ 1343.280210][   T60] usb 7-1: USB disconnect, device number 7
[ 1345.472206][T21583] sch_fq: defrate 4294967295 ignored.
[ 1345.561576][T21592] fuse: Bad value for 'user_id'
[ 1345.741479][T21599] xt_hashlimit: size too large, truncated to 1048576
[ 1346.065635][T21412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1348.102898][T21628] fuse: Bad value for 'fd'
[ 1348.161556][T21634] fuse: Bad value for 'fd'
[ 1349.662787][T21641] sch_fq: defrate 4294967295 ignored.
[ 1351.720858][T21669] fuse: Bad value for 'fd'
[ 1351.781625][T21675] fuse: Bad value for 'fd'
[ 1352.133950][T21686] netlink: 'syz.1.6404': attribute type 4 has an invalid length.
[ 1352.416442][T21690] netlink: 80 bytes leftover after parsing attributes in process `syz.0.6407'.
[ 1353.757131][T21705] fuse: Bad value for 'fd'
[ 1354.570946][T21713] sch_fq: defrate 4294967295 ignored.
[ 1355.399114][T21735] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6420'.
[ 1355.408280][T21735] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6420'.
[ 1356.317227][T21738] netlink: 80 bytes leftover after parsing attributes in process `syz.5.6421'.
[ 1356.522880][   T28] audit: type=1326 audit(1756864904.344:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21742 comm="syz.6.6423" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fba8ef8ebe9 code=0x0
[ 1359.427183][T21782] fuse: Bad value for 'fd'
[ 1360.326123][T21793] block device autoloading is deprecated and will be removed.
[ 1362.489859][T21824] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6446'.
[ 1365.138622][T21845] tipc: Started in network mode
[ 1365.143705][T21845] tipc: Node identity 2, cluster identity 4711
[ 1365.149932][T21845] tipc: Node number set to 2
[ 1369.565648][T21902] tipc: Started in network mode
[ 1369.570766][T21902] tipc: Node identity 2, cluster identity 4711
[ 1369.577035][T21902] tipc: Node number set to 2
[ 1372.648445][ T4785] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1372.747716][T21906] sch_fq: defrate 4294967295 ignored.
[ 1373.488420][T21923] sch_fq: defrate 4294967295 ignored.
[ 1379.781108][   T28] audit: type=1400 audit(1756864927.554:614): avc:  denied  { accept } for  pid=22020 comm="syz.5.6498" path="socket:[101887]" dev="sockfs" ino=101887 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1383.100960][   T28] audit: type=1400 audit(1756864930.424:615): avc:  denied  { associate } for  pid=22098 comm="syz.2.6521" name=01 scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[ 1383.151057][T22109] fuse: Bad value for 'fd'
[ 1384.237895][T22133] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6533'.
[ 1384.593458][T22137] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6530'.
[ 1386.256043][T22162] sch_fq: defrate 4294967295 ignored.
[ 1386.682038][T22169] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6542'.
[ 1386.691166][T22169] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6542'.
[ 1389.323161][T22224] fuse: Bad value for 'fd'
[ 1390.071050][T22237] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6563'.
[ 1390.080028][T22237] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6563'.
[ 1390.487009][T22251] sch_fq: defrate 4294967295 ignored.
[ 1391.712291][   T28] audit: type=1400 audit(1756864939.534:616): avc:  denied  { search } for  pid=22279 comm="syz.6.6574" name="/" dev="configfs" ino=14209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1391.742570][   T28] audit: type=1400 audit(1756864939.534:617): avc:  denied  { read } for  pid=22279 comm="syz.6.6574" name="/" dev="configfs" ino=14209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1391.765270][   T28] audit: type=1400 audit(1756864939.534:618): avc:  denied  { open } for  pid=22279 comm="syz.6.6574" path="/" dev="configfs" ino=14209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1393.556086][T22308] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6581'.
[ 1393.566718][T22308] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6581'.
[ 1395.015007][   T28] audit: type=1400 audit(1756864942.834:619): avc:  denied  { watch } for  pid=22332 comm="syz.6.6590" path="/76/file1" dev="tmpfs" ino=423 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1395.213885][T22341] fuse: Bad value for 'fd'
[ 1396.641392][   T28] audit: type=1400 audit(1756864944.434:620): avc:  denied  { connect } for  pid=22354 comm="syz.2.6595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1398.012487][T22376] fuse: Bad value for 'fd'
[ 1399.186273][T22393] fuse: Bad value for 'fd'
[ 1400.906014][T22419] fuse: Bad value for 'fd'
[ 1401.927706][T22424] sch_fq: defrate 4294967295 ignored.
[ 1401.988266][T22429] netlink: 80 bytes leftover after parsing attributes in process `syz.5.6617'.
[ 1403.626694][T22455] tipc: Started in network mode
[ 1403.631603][T22455] tipc: Node identity 2, cluster identity 4711
[ 1403.637751][T22455] tipc: Node number set to 2
[ 1403.831858][T22469] fuse: Bad value for 'fd'
[ 1405.100792][T22480] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6631'.
[ 1406.820220][T22517] sch_fq: defrate 4294967295 ignored.
[ 1408.364927][T22553] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6652'.
[ 1408.374060][T22553] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6652'.
[ 1409.315517][T22573] fuse: Bad value for 'fd'
[ 1409.976736][T22590] syz.2.6663[22590] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1409.976813][T22590] syz.2.6663[22590] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1410.173182][   T28] audit: type=1400 audit(1756864957.994:621): avc:  denied  { accept } for  pid=22596 comm="syz.1.6665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1410.418227][T22604] netlink: 80 bytes leftover after parsing attributes in process `syz.2.6666'.
[ 1411.411323][   T28] audit: type=1400 audit(1756864959.234:622): avc:  denied  { ioctl } for  pid=22644 comm="syz.2.6680" path="socket:[102703]" dev="sockfs" ino=102703 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1411.446980][T22651] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6683'.
[ 1411.456223][T22651] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6683'.
[ 1411.473583][T22651] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1415.585200][T22756] tipc: Started in network mode
[ 1415.590162][T22756] tipc: Node identity 2, cluster identity 4711
[ 1415.596477][T22756] tipc: Node number set to 2
[ 1416.407089][T22777] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6722'.
[ 1417.488718][T22797] netlink: 36 bytes leftover after parsing attributes in process `syz.6.6729'.
[ 1417.497823][T22797] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6729'.
[ 1417.524845][T22797] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1418.587920][   T29] INFO: task syz.3.6100:20547 blocked for more than 123 seconds.
[ 1418.595843][   T29]       Not tainted syzkaller #0
[ 1418.600842][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1418.609661][   T29] task:syz.3.6100      state:D stack:26752 pid:20547 ppid:19091  flags:0x00004004
[ 1418.619060][   T29] Call Trace:
[ 1418.622480][   T29]  <TASK>
[ 1418.625495][   T29]  __schedule+0xb87/0x14e0
[ 1418.630013][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1418.636031][   T29]  ? __kasan_check_write+0x14/0x20
[ 1418.641245][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1418.646457][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1418.652184][   T29]  schedule+0xbd/0x170
[ 1418.656363][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1418.661940][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1418.668231][   T29]  ? down_write_killable+0x40/0x40
[ 1418.673469][   T29]  ? iput+0x289/0x670
[ 1418.677555][   T29]  ? __kasan_check_write+0x14/0x20
[ 1418.682731][   T29]  ? downgrade_write+0x330/0x350
[ 1418.687671][   T29]  down_read+0x96/0xf0
[ 1418.691784][   T29]  ? __cfi_down_read+0x10/0x10
[ 1418.696635][   T29]  ? __put_super+0x55/0x2d0
[ 1418.701147][   T29]  iterate_supers+0xad/0x1f0
[ 1418.705730][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1418.711407][   T29]  ksys_sync+0x91/0x150
[ 1418.715597][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1418.720355][   T29]  ? switch_fpu_return+0xe/0x10
[ 1418.725322][   T29]  __ia32_sys_sync+0xe/0x20
[ 1418.729846][   T29]  x64_sys_call+0x7de/0x9a0
[ 1418.734522][   T29]  do_syscall_64+0x4c/0xa0
[ 1418.738944][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1418.743632][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1418.748306][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1418.754206][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1418.758613][   T29] RSP: 002b:00007f1abfabe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1418.767034][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6090 RCX: 00007f1abeb8ebe9
[ 1418.775035][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1418.783060][   T29] RBP: 00007f1abedc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1418.791038][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1418.799001][   T29] R13: 00007f1abedc6128 R14: 00007f1abedc6090 R15: 00007ffd812397e8
[ 1418.806984][   T29]  </TASK>
[ 1418.811692][   T29] INFO: task syz.3.6100:20548 blocked for more than 123 seconds.
[ 1418.821347][   T29]       Not tainted syzkaller #0
[ 1418.826297][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1418.835043][   T29] task:syz.3.6100      state:D stack:28016 pid:20548 ppid:19091  flags:0x00004004
[ 1418.844348][   T29] Call Trace:
[ 1418.847627][   T29]  <TASK>
[ 1418.850554][   T29]  __schedule+0xb87/0x14e0
[ 1418.854989][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[ 1418.861849][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1418.867732][   T29]  ? __kasan_check_write+0x14/0x20
[ 1418.872864][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1418.877883][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1418.883530][   T29]  schedule+0xbd/0x170
[ 1418.887591][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1418.893078][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1418.898709][   T29]  ? down_write_killable+0x40/0x40
[ 1418.903838][   T29]  ? __this_cpu_preempt_check+0x13/0x20
[ 1418.909380][   T29]  ? __pv_queued_spin_lock_slowpath+0x889/0xc40
[ 1418.915626][   T29]  ? __kasan_check_write+0x14/0x20
[ 1418.920733][   T29]  ? __cfi___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1418.927323][   T29]  ? downgrade_write+0x330/0x350
[ 1418.932266][   T29]  down_read+0x96/0xf0
[ 1418.936354][   T29]  ? __cfi_down_read+0x10/0x10
[ 1418.941121][   T29]  ? __put_super+0x55/0x2d0
[ 1418.945618][   T29]  iterate_supers+0xad/0x1f0
[ 1418.950196][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1418.955755][   T29]  ksys_sync+0x91/0x150
[ 1418.959906][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1418.964686][   T29]  ? debug_smp_processor_id+0x17/0x20
[ 1418.970054][   T29]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1418.976129][   T29]  __ia32_sys_sync+0xe/0x20
[ 1418.980625][   T29]  x64_sys_call+0x7de/0x9a0
[ 1418.985135][   T29]  do_syscall_64+0x4c/0xa0
[ 1418.989539][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1418.994309][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1418.998975][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1419.004868][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1419.009272][   T29] RSP: 002b:00007f1abfa9d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1419.017679][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6180 RCX: 00007f1abeb8ebe9
[ 1419.025660][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1419.033631][   T29] RBP: 00007f1abedc6180 R08: 0000000000000000 R09: 0000000000000000
[ 1419.041600][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1419.049554][   T29] R13: 00007f1abedc6218 R14: 00007f1abedc6180 R15: 00007ffd812397e8
[ 1419.057532][   T29]  </TASK>
[ 1419.068865][   T29] NMI backtrace for cpu 0
[ 1419.073218][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1419.080511][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1419.090673][   T29] Call Trace:
[ 1419.093951][   T29]  <TASK>
[ 1419.096879][   T29]  __dump_stack+0x21/0x24
[ 1419.101212][   T29]  dump_stack_lvl+0xee/0x150
[ 1419.105842][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1419.110878][   T29]  dump_stack+0x15/0x24
[ 1419.115034][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[ 1419.119974][   T29]  ? rcu_read_unlock_special+0xab/0x480
[ 1419.125521][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[ 1419.130973][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[ 1419.135915][   T29]  ? memcpy+0x56/0x70
[ 1419.139884][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[ 1419.145857][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[ 1419.151895][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1419.157775][   T29]  watchdog+0xd44/0xe80
[ 1419.162006][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1419.166680][   T29]  ? __kasan_check_read+0x11/0x20
[ 1419.171695][   T29]  ? __kthread_parkme+0x142/0x180
[ 1419.176722][   T29]  kthread+0x281/0x320
[ 1419.180781][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1419.185443][   T29]  ? __cfi_kthread+0x10/0x10
[ 1419.190021][   T29]  ret_from_fork+0x1f/0x30
[ 1419.194444][   T29]  </TASK>
[ 1419.197615][   T29] Sending NMI from CPU 0 to CPUs 1:
[ 1419.202853][    C1] NMI backtrace for cpu 1
[ 1419.202864][    C1] CPU: 1 PID: 22808 Comm: syz.0.6730 Not tainted syzkaller #0
[ 1419.202881][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1419.202890][    C1] RIP: 0010:cpupri_set+0x6/0x1e0
[ 1419.202918][    C1] Code: 00 e9 02 ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 b8 ec ba e5 ff 55 48 89 e5 41 57 <41> 56 41 55 41 54 53 48 83 ec 30 41 89 d5 41 89 f7 49 be 00 00 00
[ 1419.202931][    C1] RSP: 0018:ffffc900029f7838 EFLAGS: 00000046
[ 1419.202946][    C1] RAX: 0000000000000000 RBX: 0000000000000063 RCX: ffffffff81515e8f
[ 1419.202957][    C1] RDX: 0000000000000063 RSI: 0000000000000001 RDI: ffff8881003280b8
[ 1419.202968][    C1] RBP: ffffc900029f7840 R08: 000000000000005b R09: 1ffff1102286e7a5
[ 1419.202979][    C1] R10: ffffed103ee27022 R11: 1ffff1103ee27021 R12: ffff888114373e80
[ 1419.202991][    C1] R13: 1ffff1103ee270eb R14: 0000000000000063 R15: ffff8881f7138930
[ 1419.203002][    C1] FS:  00007f7266e1a6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1419.203016][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1419.203027][    C1] CR2: 0000000000000000 CR3: 0000000116b7f000 CR4: 00000000003506a0
[ 1419.203041][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1419.203051][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1419.203061][    C1] Call Trace:
[ 1419.203066][    C1]  <TASK>
[ 1419.203072][    C1]  dequeue_rt_stack+0x582/0xc90
[ 1419.203089][    C1]  ? _raw_spin_unlock+0x4c/0x70
[ 1419.203106][    C1]  dequeue_task_rt+0xd6/0x3d0
[ 1419.203125][    C1]  dequeue_task+0x1aa/0x750
[ 1419.203142][    C1]  __schedule+0x349/0x14e0
[ 1419.203156][    C1]  ? plist_add+0x3e8/0x470
[ 1419.203173][    C1]  ? release_firmware_map_entry+0x194/0x194
[ 1419.203188][    C1]  ? __cfi___futex_queue+0x10/0x10
[ 1419.203210][    C1]  ? futex_wait_setup+0x1b0/0x240
[ 1419.203226][    C1]  schedule+0xbd/0x170
[ 1419.203239][    C1]  futex_wait_queue+0xf5/0x230
[ 1419.203255][    C1]  futex_wait+0x1a3/0x750
[ 1419.203271][    C1]  ? __cfi_futex_wait+0x10/0x10
[ 1419.203287][    C1]  ? __cfi_futex_wake+0x10/0x10
[ 1419.203304][    C1]  ? __kasan_check_write+0x14/0x20
[ 1419.203327][    C1]  ? mutex_unlock+0x89/0x220
[ 1419.203344][    C1]  do_futex+0x2dc/0x420
[ 1419.203357][    C1]  ? __cfi_do_futex+0x10/0x10
[ 1419.203378][    C1]  ? bpf_enable_stats+0x119/0x140
[ 1419.203394][    C1]  ? __sys_bpf+0x5a3/0x780
[ 1419.203408][    C1]  __se_sys_futex+0x273/0x2e0
[ 1419.203422][    C1]  ? __x64_sys_futex+0x100/0x100
[ 1419.203438][    C1]  __x64_sys_futex+0xe5/0x100
[ 1419.203452][    C1]  x64_sys_call+0x7ec/0x9a0
[ 1419.203470][    C1]  do_syscall_64+0x4c/0xa0
[ 1419.203484][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1419.203500][    C1]  ? clear_bhb_loop+0x30/0x80
[ 1419.203517][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1419.203534][    C1] RIP: 0033:0x7f7265f8ebe9
[ 1419.203546][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1419.203559][    C1] RSP: 002b:00007f7266e1a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1419.203574][    C1] RAX: ffffffffffffffda RBX: 00007f72661c5fa8 RCX: 00007f7265f8ebe9
[ 1419.203585][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f72661c5fa8
[ 1419.203595][    C1] RBP: 00007f72661c5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1419.203611][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1419.203621][    C1] R13: 00007f72661c6038 R14: 00007ffe61b3e480 R15: 00007ffe61b3e568
[ 1419.203635][    C1]  </TASK>
[ 1420.549780][T22826] sch_fq: defrate 4294967295 ignored.
[ 1423.782776][T22861] fuse: Bad value for 'fd'
[ 1423.789255][T22862] fuse: Bad value for 'fd'
[ 1424.171675][T22872] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6747'.
[ 1424.180700][T22872] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6747'.
[ 1424.250284][T22879] tipc: Started in network mode
[ 1424.255192][T22879] tipc: Node identity 2, cluster identity 4711
[ 1424.261578][T22879] tipc: Node number set to 2
[ 1426.320406][T22881] sch_fq: defrate 4294967295 ignored.
[ 1426.351032][T22883] sch_fq: defrate 4294967295 ignored.
[ 1427.309654][T22904] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6755'.
[ 1427.318824][T22904] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6755'.
[ 1427.442434][T22909] fuse: Bad value for 'fd'
[ 1429.087730][T22943] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6765'.
[ 1429.096887][T22943] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6765'.
[ 1429.158880][T22941] sch_fq: defrate 4294967295 ignored.
[ 1429.698381][T22954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6767'.
[ 1429.718615][T22956] fuse: Bad value for 'fd'
[ 1429.744457][T22958] netlink: 80 bytes leftover after parsing attributes in process `syz.6.6769'.
[ 1430.926575][T22975] netlink: 36 bytes leftover after parsing attributes in process `syz.6.6775'.
[ 1431.100285][T22975] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6775'.
[ 1431.916436][T22995] fuse: Unknown parameter '0xffffffffffffffff'
[ 1431.975671][T23002] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6782'.
[ 1431.984982][T23002] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6782'.
[ 1433.728539][T23031] fuse: Unknown parameter '0xffffffffffffffff'
[ 1434.568898][T23038] fuse: Bad value for 'fd'
[ 1434.718211][T23041] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6793'.
[ 1434.820596][T23041] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6793'.
[ 1436.019975][T23069] sch_fq: defrate 4294967295 ignored.
[ 1436.621565][T23080] fuse: Unknown parameter '0xffffffffffffffff'
[ 1437.807253][T23120] fuse: Unknown parameter '0xffffffffffffffff'
[ 1437.858215][T23122] sch_fq: defrate 4294967295 ignored.
[ 1437.987359][   T28] audit: type=1400 audit(1756864985.804:623): avc:  denied  { ioctl } for  pid=23129 comm="syz.6.6821" path="socket:[104435]" dev="sockfs" ino=104435 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1439.075922][T23163] fuse: Unknown parameter '0x0000000000000003'
[ 1439.174744][T23159] sch_fq: defrate 4294967295 ignored.
[ 1439.689264][   T29] INFO: task syz.3.6100:20547 blocked for more than 144 seconds.
[ 1439.698207][   T29]       Not tainted syzkaller #0
[ 1439.703307][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1439.712219][   T29] task:syz.3.6100      state:D stack:26752 pid:20547 ppid:19091  flags:0x00004004
[ 1439.721590][   T29] Call Trace:
[ 1439.724919][   T29]  <TASK>
[ 1439.727935][   T29]  __schedule+0xb87/0x14e0
[ 1439.732453][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1439.738422][   T29]  ? __kasan_check_write+0x14/0x20
[ 1439.743693][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1439.748908][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1439.754554][   T29]  schedule+0xbd/0x170
[ 1439.758698][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1439.764261][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1439.769976][   T29]  ? down_write_killable+0x40/0x40
[ 1439.775261][   T29]  ? iput+0x289/0x670
[ 1439.779396][   T29]  ? __kasan_check_write+0x14/0x20
[ 1439.784726][   T29]  ? downgrade_write+0x330/0x350
[ 1439.789815][   T29]  down_read+0x96/0xf0
[ 1439.794029][   T29]  ? __cfi_down_read+0x10/0x10
[ 1439.798898][   T29]  ? __put_super+0x55/0x2d0
[ 1439.803494][   T29]  iterate_supers+0xad/0x1f0
[ 1439.808186][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1439.813871][   T29]  ksys_sync+0x91/0x150
[ 1439.818123][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1439.822983][   T29]  ? switch_fpu_return+0xe/0x10
[ 1439.842147][   T29]  __ia32_sys_sync+0xe/0x20
[ 1439.846790][   T29]  x64_sys_call+0x7de/0x9a0
[ 1439.851443][   T29]  do_syscall_64+0x4c/0xa0
[ 1439.855958][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1439.860701][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1439.865478][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1439.871489][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1439.876002][   T29] RSP: 002b:00007f1abfabe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1439.884531][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6090 RCX: 00007f1abeb8ebe9
[ 1439.892684][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1439.900711][   T29] RBP: 00007f1abedc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1439.915159][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1439.932395][   T29] R13: 00007f1abedc6128 R14: 00007f1abedc6090 R15: 00007ffd812397e8
[ 1439.940383][   T29]  </TASK>
[ 1439.961916][   T29] INFO: task syz.3.6100:20548 blocked for more than 144 seconds.
[ 1439.983305][   T29]       Not tainted syzkaller #0
[ 1439.997536][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1440.030673][   T29] task:syz.3.6100      state:D stack:28016 pid:20548 ppid:19091  flags:0x00004004
[ 1440.040132][   T29] Call Trace:
[ 1440.043574][   T29]  <TASK>
[ 1440.060276][   T29]  __schedule+0xb87/0x14e0
[ 1440.065048][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[ 1440.072484][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1440.078680][   T29]  ? __kasan_check_write+0x14/0x20
[ 1440.091125][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1440.096299][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1440.107836][   T29]  schedule+0xbd/0x170
[ 1440.114206][T23175] sch_fq: defrate 4294967295 ignored.
[ 1440.131099][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1440.136828][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1440.180445][   T29]  ? down_write_killable+0x40/0x40
[ 1440.185718][   T29]  ? __this_cpu_preempt_check+0x13/0x20
[ 1440.191453][   T29]  ? __pv_queued_spin_lock_slowpath+0x889/0xc40
[ 1440.197752][   T29]  ? __kasan_check_write+0x14/0x20
[ 1440.202947][   T29]  ? __cfi___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1440.209575][   T29]  ? downgrade_write+0x330/0x350
[ 1440.214585][   T29]  down_read+0x96/0xf0
[ 1440.218691][   T29]  ? __cfi_down_read+0x10/0x10
[ 1440.249915][   T29]  ? __put_super+0x55/0x2d0
[ 1440.254554][   T29]  iterate_supers+0xad/0x1f0
[ 1440.259166][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1440.264742][   T29]  ksys_sync+0x91/0x150
[ 1440.268974][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1440.273771][   T29]  ? debug_smp_processor_id+0x17/0x20
[ 1440.279140][   T29]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1440.285227][   T29]  __ia32_sys_sync+0xe/0x20
[ 1440.289725][   T29]  x64_sys_call+0x7de/0x9a0
[ 1440.294234][   T29]  do_syscall_64+0x4c/0xa0
[ 1440.298663][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1440.303414][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1440.308106][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1440.314100][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1440.318540][   T29] RSP: 002b:00007f1abfa9d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1440.327019][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6180 RCX: 00007f1abeb8ebe9
[ 1440.335110][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1440.343180][   T29] RBP: 00007f1abedc6180 R08: 0000000000000000 R09: 0000000000000000
[ 1440.351198][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1440.359169][   T29] R13: 00007f1abedc6218 R14: 00007f1abedc6180 R15: 00007ffd812397e8
[ 1440.367160][   T29]  </TASK>
[ 1440.397143][   T29] NMI backtrace for cpu 1
[ 1440.401507][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1440.408707][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1440.418849][   T29] Call Trace:
[ 1440.422134][   T29]  <TASK>
[ 1440.425062][   T29]  __dump_stack+0x21/0x24
[ 1440.429392][   T29]  dump_stack_lvl+0xee/0x150
[ 1440.433987][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1440.439021][   T29]  dump_stack+0x15/0x24
[ 1440.443178][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[ 1440.448125][   T29]  ? rcu_read_unlock_special+0xab/0x480
[ 1440.453687][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[ 1440.459150][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[ 1440.464083][   T29]  ? memcpy+0x56/0x70
[ 1440.468044][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[ 1440.474010][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[ 1440.479997][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1440.485869][   T29]  watchdog+0xd44/0xe80
[ 1440.490017][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1440.494677][   T29]  ? __kasan_check_read+0x11/0x20
[ 1440.499692][   T29]  ? __kthread_parkme+0x142/0x180
[ 1440.504696][   T29]  kthread+0x281/0x320
[ 1440.508754][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1440.513427][   T29]  ? __cfi_kthread+0x10/0x10
[ 1440.518000][   T29]  ret_from_fork+0x1f/0x30
[ 1440.522429][   T29]  </TASK>
[ 1440.525612][   T29] Sending NMI from CPU 1 to CPUs 0:
[ 1440.531048][    C0] NMI backtrace for cpu 0
[ 1440.531061][    C0] CPU: 0 PID: 23189 Comm: syz.5.6838 Not tainted syzkaller #0
[ 1440.531079][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1440.531088][    C0] RIP: 0033:0x7f8ad206ebeb
[ 1440.531102][    C0] Code: 74 28 25 ff 0f 00 00 83 f0 3d 8d 04 c0 89 c5 c1 ed 04 31 c5 69 ed 2d eb d4 27 89 e8 c1 e8 0f 31 c5 81 e5 ff 0f 00 00 48 31 d5 <80> 3d 56 34 35 00 00 0f 84 a8 00 00 00 4c 89 f6 48 8b 0d 36 34 35
[ 1440.531116][    C0] RSP: 002b:00007ffec00ae0f0 EFLAGS: 00000286
[ 1440.531131][    C0] RAX: 000000000001c4fd RBX: 00007f8ad2ef5720 RCX: 00000000000011b2
[ 1440.531153][    C0] RDX: ffffffff8166a78e RSI: ffffffff8166a400 RDI: 0000000000000005
[ 1440.531164][    C0] RBP: ffffffff8166a400 R08: 00007f8ad23c6038 R09: 00007f8ad23b2000
[ 1440.531175][    C0] R10: 00007f8ad1bff008 R11: 0000000000000005 R12: 0000000000000005
[ 1440.531184][    C0] R13: 0000000000000000 R14: ffffffff8166a78e R15: 00000000000011b2
[ 1440.531194][    C0] FS:  0000555563e4b500 GS:  0000000000000000
[ 1442.038831][T23213] fuse: Bad value for 'fd'
[ 1442.069097][T23218] netlink: 36 bytes leftover after parsing attributes in process `syz.6.6847'.
[ 1442.134983][T23218] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6847'.
[ 1443.708027][T23253] fuse: Bad value for 'fd'
[ 1445.324443][T23267] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6863'.
[ 1445.539097][T23270] fuse: Bad value for 'fd'
[ 1445.553791][T23267] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6863'.
[ 1445.646060][T23278] fuse: Unknown parameter 'fd0xffffffffffffffff'
[ 1445.671847][T23279] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6862'.
[ 1445.703539][T23279] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6862'.
[ 1446.145508][T23289] fuse: Bad value for 'fd'
[ 1448.044957][T23313] fuse: Unknown parameter 'fd0xffffffffffffffff'
[ 1451.157152][T23354] fuse: Bad value for 'fd'
[ 1454.502236][T23371] fuse: Bad value for 'fd'
[ 1455.431741][T23393] fuse: Bad value for 'fd'
[ 1456.612325][T23427] fuse: Bad value for 'fd'
[ 1458.086694][T23444] fuse: Bad value for 'fd'
[ 1458.107790][T23450] fuse: Bad value for 'fd'
[ 1458.158763][T23454] fuse: Bad value for 'fd'
[ 1459.305627][T23484] fuse: Bad value for 'fd'
[ 1460.129914][   T28] audit: type=1326 audit(1756865007.714:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.154695][   T28] audit: type=1326 audit(1756865007.714:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.245012][T23485] sch_fq: defrate 4294967295 ignored.
[ 1460.681734][   T28] audit: type=1326 audit(1756865007.824:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.716566][   T28] audit: type=1326 audit(1756865007.824:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.740216][   T28] audit: type=1326 audit(1756865007.824:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.764251][   T28] audit: type=1326 audit(1756865007.884:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.788847][   T28] audit: type=1326 audit(1756865007.884:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.812796][   T28] audit: type=1326 audit(1756865007.884:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.836521][   T28] audit: type=1326 audit(1756865007.974:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1460.946368][   T28] audit: type=1326 audit(1756865007.974:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23470 comm="syz.6.6927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x7ffc0000
[ 1461.403640][   T29] INFO: task syz.3.6100:20547 blocked for more than 165 seconds.
[ 1461.441358][   T29]       Not tainted syzkaller #0
[ 1461.446470][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1462.148660][   T29] task:syz.3.6100      state:D stack:26752 pid:20547 ppid:19091  flags:0x00004004
[ 1462.158427][   T29] Call Trace:
[ 1462.161801][   T29]  <TASK>
[ 1462.164817][   T29]  __schedule+0xb87/0x14e0
[ 1462.169398][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1462.175396][   T29]  ? __kasan_check_write+0x14/0x20
[ 1462.180606][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1462.266807][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1462.272484][   T29]  schedule+0xbd/0x170
[ 1462.276617][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1462.282175][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1462.287901][   T29]  ? down_write_killable+0x40/0x40
[ 1462.293072][   T29]  ? iput+0x289/0x670
[ 1462.297104][   T29]  ? __kasan_check_write+0x14/0x20
[ 1462.302389][   T29]  ? downgrade_write+0x330/0x350
[ 1462.307360][   T29]  down_read+0x96/0xf0
[ 1462.311504][   T29]  ? __cfi_down_read+0x10/0x10
[ 1462.316441][   T29]  ? __put_super+0x55/0x2d0
[ 1462.320999][   T29]  iterate_supers+0xad/0x1f0
[ 1462.325605][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1462.331217][   T29]  ksys_sync+0x91/0x150
[ 1462.335374][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1462.340141][   T29]  ? switch_fpu_return+0xe/0x10
[ 1462.345003][   T29]  __ia32_sys_sync+0xe/0x20
[ 1462.349507][   T29]  x64_sys_call+0x7de/0x9a0
[ 1462.354011][   T29]  do_syscall_64+0x4c/0xa0
[ 1462.358415][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1462.363195][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1462.367863][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1462.373762][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1462.378164][   T29] RSP: 002b:00007f1abfabe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1462.386573][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6090 RCX: 00007f1abeb8ebe9
[ 1462.394544][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1462.402512][   T29] RBP: 00007f1abedc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1462.410471][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1462.418479][   T29] R13: 00007f1abedc6128 R14: 00007f1abedc6090 R15: 00007ffd812397e8
[ 1462.426495][   T29]  </TASK>
[ 1462.458501][   T29] INFO: task syz.3.6100:20548 blocked for more than 167 seconds.
[ 1462.467553][   T29]       Not tainted syzkaller #0
[ 1462.473241][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1462.481988][   T29] task:syz.3.6100      state:D stack:28016 pid:20548 ppid:19091  flags:0x00004004
[ 1462.491221][   T29] Call Trace:
[ 1462.494490][   T29]  <TASK>
[ 1462.497405][   T29]  __schedule+0xb87/0x14e0
[ 1462.501853][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[ 1462.508702][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1462.514603][   T29]  ? __kasan_check_write+0x14/0x20
[ 1462.519713][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1462.524754][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1462.530295][   T29]  schedule+0xbd/0x170
[ 1462.534434][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1462.539887][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1462.545553][   T29]  ? down_write_killable+0x40/0x40
[ 1462.550675][   T29]  ? __this_cpu_preempt_check+0x13/0x20
[ 1462.556247][   T29]  ? __pv_queued_spin_lock_slowpath+0x889/0xc40
[ 1462.562521][   T29]  ? __kasan_check_write+0x14/0x20
[ 1462.567629][   T29]  ? __cfi___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1462.574222][   T29]  ? downgrade_write+0x330/0x350
[ 1462.579159][   T29]  down_read+0x96/0xf0
[ 1462.583231][   T29]  ? __cfi_down_read+0x10/0x10
[ 1462.587981][   T29]  ? __put_super+0x55/0x2d0
[ 1462.592487][   T29]  iterate_supers+0xad/0x1f0
[ 1462.597068][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1462.602624][   T29]  ksys_sync+0x91/0x150
[ 1462.606779][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1462.611555][   T29]  ? debug_smp_processor_id+0x17/0x20
[ 1462.617005][   T29]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1462.623094][   T29]  __ia32_sys_sync+0xe/0x20
[ 1462.627591][   T29]  x64_sys_call+0x7de/0x9a0
[ 1462.632098][   T29]  do_syscall_64+0x4c/0xa0
[ 1462.636501][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1462.641267][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1462.646541][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1462.652446][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1462.656850][   T29] RSP: 002b:00007f1abfa9d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1462.665265][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6180 RCX: 00007f1abeb8ebe9
[ 1462.673238][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1462.681227][   T29] RBP: 00007f1abedc6180 R08: 0000000000000000 R09: 0000000000000000
[ 1462.689192][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1462.697162][   T29] R13: 00007f1abedc6218 R14: 00007f1abedc6180 R15: 00007ffd812397e8
[ 1462.705140][   T29]  </TASK>
[ 1462.720012][   T29] NMI backtrace for cpu 1
[ 1462.724371][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1462.731567][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1462.741618][   T29] Call Trace:
[ 1462.744898][   T29]  <TASK>
[ 1462.747821][   T29]  __dump_stack+0x21/0x24
[ 1462.752151][   T29]  dump_stack_lvl+0xee/0x150
[ 1462.756746][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1462.761779][   T29]  dump_stack+0x15/0x24
[ 1462.765935][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[ 1462.770876][   T29]  ? rcu_read_unlock_special+0xab/0x480
[ 1462.776429][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[ 1462.781896][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[ 1462.783285][T23525] fuse: Bad value for 'fd'
[ 1462.786843][   T29]  ? memcpy+0x56/0x70
[ 1462.786864][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[ 1462.801212][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[ 1462.807197][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1462.813099][   T29]  watchdog+0xd44/0xe80
[ 1462.817268][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1462.821959][   T29]  ? __kasan_check_read+0x11/0x20
[ 1462.826996][   T29]  ? __kthread_parkme+0x142/0x180
[ 1462.832036][   T29]  kthread+0x281/0x320
[ 1462.836113][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1462.840812][   T29]  ? __cfi_kthread+0x10/0x10
[ 1462.845414][   T29]  ret_from_fork+0x1f/0x30
[ 1462.849843][   T29]  </TASK>
[ 1462.852961][   T29] Sending NMI from CPU 1 to CPUs 0:
[ 1462.858166][    C0] NMI backtrace for cpu 0
[ 1462.858177][    C0] CPU: 0 PID: 23522 Comm: syz.5.6944 Not tainted syzkaller #0
[ 1462.858195][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1462.858204][    C0] RIP: 0010:kasan_check_range+0x7f/0x290
[ 1462.858231][    C0] Code: 5c 37 ff 48 c1 eb 03 4e 8d 14 3b 4d 89 d6 4d 29 ce 49 83 fe 10 7f 26 4d 85 f6 0f 84 39 01 00 00 48 f7 d3 4c 01 db 41 80 39 00 <0f> 85 c2 01 00 00 49 ff c1 48 ff c3 75 ee e9 1c 01 00 00 44 89 cb
[ 1462.858245][    C0] RSP: 0018:ffffc9000c0ffab0 EFLAGS: 00000246
[ 1462.858259][    C0] RAX: ffffffff81667c01 RBX: fffffffffffffffc RCX: ffffffff81667c4d
[ 1462.858271][    C0] RDX: 0000000000000001 RSI: 0000000000000050 RDI: ffffc9000c0ffb80
[ 1462.858282][    C0] RBP: ffffc9000c0ffac8 R08: dffffc0000000000 R09: fffff5200181ff76
[ 1462.858294][    C0] R10: fffff5200181ff7a R11: 1ffff9200181ff70 R12: ffffc9000c0ffb80
[ 1462.858306][    C0] R13: ffffc9000c0ffbf0 R14: 000000000000000a R15: dffffc0000000001
[ 1462.858317][    C0] FS:  0000555563e4b500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1462.858332][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1462.858343][    C0] CR2: 0000001b32a22ff8 CR3: 0000000149624000 CR4: 00000000003506b0
[ 1462.858357][    C0] Call Trace:
[ 1462.858362][    C0]  <TASK>
[ 1462.858367][    C0]  memset+0x23/0x40
[ 1462.858396][    C0]  futex_wait+0xcd/0x750
[ 1462.858412][    C0]  ? futex_hash+0x1f/0x210
[ 1462.858432][    C0]  ? __kasan_check_read+0x11/0x20
[ 1462.858454][    C0]  ? futex_wake+0x583/0x890
[ 1462.858468][    C0]  ? __cfi_futex_wait+0x10/0x10
[ 1462.858483][    C0]  ? __this_cpu_preempt_check+0x13/0x20
[ 1462.858505][    C0]  ? __cfi_hrtimer_wakeup+0x10/0x10
[ 1462.858528][    C0]  ? __cfi_futex_wake+0x10/0x10
[ 1462.858547][    C0]  do_futex+0x2dc/0x420
[ 1462.858559][    C0]  ? _copy_from_user+0x8f/0xc0
[ 1462.858577][    C0]  ? __cfi_do_futex+0x10/0x10
[ 1462.858598][    C0]  ? __switch_to_asm+0x3a/0x60
[ 1462.858618][    C0]  __se_sys_futex+0x273/0x2e0
[ 1462.858632][    C0]  ? __x64_sys_futex+0x100/0x100
[ 1462.858645][    C0]  ? xfd_validate_state+0x70/0x150
[ 1462.858666][    C0]  __x64_sys_futex+0xe5/0x100
[ 1462.858680][    C0]  x64_sys_call+0x7ec/0x9a0
[ 1462.858697][    C0]  do_syscall_64+0x4c/0xa0
[ 1462.858710][    C0]  ? clear_bhb_loop+0x30/0x80
[ 1462.858728][    C0]  ? clear_bhb_loop+0x30/0x80
[ 1462.858745][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1462.858762][    C0] RIP: 0033:0x7f8ad218ebe9
[ 1462.858774][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1462.858786][    C0] RSP: 002b:00007ffec00ae218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1462.858801][    C0] RAX: ffffffffffffffda RBX: 0000000000165235 RCX: 00007f8ad218ebe9
[ 1462.858812][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8ad23c609c
[ 1462.858823][    C0] RBP: 0000000000000032 R08: 0031612d75e93138 R09: 00000012c00ae50f
[ 1462.858833][    C0] R10: 00007ffec00ae310 R11: 0000000000000246 R12: 00007f8ad23c609c
[ 1462.858844][    C0] R13: 00007ffec00ae310 R14: 0000000000165267 R15: 00007ffec00ae330
[ 1462.858858][    C0]  </TASK>
[ 1463.182527][T23529] sch_fq: defrate 4294967295 ignored.
[ 1463.715592][T23551] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6953'.
[ 1463.725731][T23551] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 1465.045769][T23577] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6960'.
[ 1466.311488][   T28] kauditd_printk_skb: 4 callbacks suppressed
[ 1466.311504][   T28] audit: type=1400 audit(1756865014.134:638): avc:  denied  { ioctl } for  pid=23600 comm="syz.2.6967" path="socket:[105703]" dev="sockfs" ino=105703 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1467.209302][T23628] incfs: Options parsing error. -22
[ 1467.214639][T23628] incfs: mount failed -22
[ 1467.352258][   T28] audit: type=1400 audit(1756865015.174:639): avc:  denied  { watch_reads } for  pid=23629 comm="syz.2.6975" path="/225" dev="tmpfs" ino=1191 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1467.364039][T23633] netlink: 80 bytes leftover after parsing attributes in process `syz.0.6976'.
[ 1468.085498][T23640] fuse: Bad value for 'fd'
[ 1469.524097][T23670] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6987'.
[ 1469.533682][T23670] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6987'.
[ 1469.865843][T23677] netlink: 80 bytes leftover after parsing attributes in process `syz.5.6989'.
[ 1469.931886][T23684] fuse: Bad value for 'fd'
[ 1474.287835][T23745] netlink: 80 bytes leftover after parsing attributes in process `syz.5.7009'.
[ 1475.637999][T23760] fuse: Bad value for 'fd'
[ 1475.688330][T23762] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7015'.
[ 1475.697504][T23762] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7015'.
[ 1479.969273][T23807] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7027'.
[ 1481.549985][T23834] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7035'.
[ 1481.612835][T23834] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7035'.
[ 1482.895781][   T29] INFO: task syz.3.6100:20547 blocked for more than 187 seconds.
[ 1482.903795][   T29]       Not tainted syzkaller #0
[ 1482.908891][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1482.917604][   T29] task:syz.3.6100      state:D stack:26752 pid:20547 ppid:19091  flags:0x00004004
[ 1482.926842][   T29] Call Trace:
[ 1482.930126][   T29]  <TASK>
[ 1482.933067][   T29]  __schedule+0xb87/0x14e0
[ 1482.937484][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1482.943442][   T29]  ? __kasan_check_write+0x14/0x20
[ 1482.948571][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1482.953624][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1482.959284][   T29]  schedule+0xbd/0x170
[ 1482.963651][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1482.969165][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1482.974948][   T29]  ? down_write_killable+0x40/0x40
[ 1482.980112][   T29]  ? iput+0x289/0x670
[ 1482.984177][   T29]  ? __kasan_check_write+0x14/0x20
[ 1482.989357][   T29]  ? downgrade_write+0x330/0x350
[ 1482.994445][   T29]  down_read+0x96/0xf0
[ 1482.998560][   T29]  ? __cfi_down_read+0x10/0x10
[ 1483.003356][   T29]  ? __put_super+0x55/0x2d0
[ 1483.007863][   T29]  iterate_supers+0xad/0x1f0
[ 1483.012497][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1483.018054][   T29]  ksys_sync+0x91/0x150
[ 1483.022232][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1483.027000][   T29]  ? switch_fpu_return+0xe/0x10
[ 1483.801204][T23861] overlayfs: missing 'lowerdir'
[ 1483.806289][   T29]  __ia32_sys_sync+0xe/0x20
[ 1483.810864][   T29]  x64_sys_call+0x7de/0x9a0
[ 1483.815425][   T29]  do_syscall_64+0x4c/0xa0
[ 1483.819867][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1483.824544][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1483.829209][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1483.835100][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1483.839502][   T29] RSP: 002b:00007f1abfabe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1483.848021][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6090 RCX: 00007f1abeb8ebe9
[ 1483.862140][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1483.870243][   T29] RBP: 00007f1abedc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1483.878904][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1483.886949][   T29] R13: 00007f1abedc6128 R14: 00007f1abedc6090 R15: 00007ffd812397e8
[ 1483.896066][   T29]  </TASK>
[ 1484.269121][   T29] INFO: task syz.3.6100:20548 blocked for more than 188 seconds.
[ 1484.271334][T23866] netlink: 80 bytes leftover after parsing attributes in process `syz.6.7043'.
[ 1484.278677][   T29]       Not tainted syzkaller #0
[ 1484.286803][   T28] audit: type=1326 audit(1756865032.104:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23865 comm="syz.5.7042" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8ad218ebe9 code=0x0
[ 1484.291200][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1484.322425][   T29] task:syz.3.6100      state:D stack:28016 pid:20548 ppid:19091  flags:0x00004004
[ 1484.331818][   T29] Call Trace:
[ 1484.335108][   T29]  <TASK>
[ 1484.338136][   T29]  __schedule+0xb87/0x14e0
[ 1484.342589][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[ 1484.358334][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1484.401499][   T29]  ? __kasan_check_write+0x14/0x20
[ 1484.419223][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1484.424368][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1484.429938][   T29]  schedule+0xbd/0x170
[ 1484.434090][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1484.439567][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1484.445229][   T29]  ? down_write_killable+0x40/0x40
[ 1484.450438][   T29]  ? __this_cpu_preempt_check+0x13/0x20
[ 1484.463506][T23876] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0
[ 1484.463779][   T29]  ? __pv_queued_spin_lock_slowpath+0x889/0xc40
[ 1484.479117][   T29]  ? __kasan_check_write+0x14/0x20
[ 1484.484795][   T29]  ? __cfi___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1484.491696][   T29]  ? downgrade_write+0x330/0x350
[ 1484.496669][   T29]  down_read+0x96/0xf0
[ 1484.500736][   T29]  ? __cfi_down_read+0x10/0x10
[ 1484.505593][   T29]  ? __put_super+0x55/0x2d0
[ 1484.510109][   T29]  iterate_supers+0xad/0x1f0
[ 1484.514858][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1484.520471][   T29]  ksys_sync+0x91/0x150
[ 1484.527094][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1484.532895][   T29]  ? debug_smp_processor_id+0x17/0x20
[ 1484.538465][   T29]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1484.545921][   T29]  __ia32_sys_sync+0xe/0x20
[ 1484.550578][   T29]  x64_sys_call+0x7de/0x9a0
[ 1484.556303][   T29]  do_syscall_64+0x4c/0xa0
[ 1484.561580][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1484.713462][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1484.718338][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1484.735469][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1484.739987][   T29] RSP: 002b:00007f1abfa9d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1484.748602][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6180 RCX: 00007f1abeb8ebe9
[ 1484.756641][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1484.764695][   T29] RBP: 00007f1abedc6180 R08: 0000000000000000 R09: 0000000000000000
[ 1484.772745][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1484.780786][   T29] R13: 00007f1abedc6218 R14: 00007f1abedc6180 R15: 00007ffd812397e8
[ 1484.788852][   T29]  </TASK>
[ 1484.792010][   T29] NMI backtrace for cpu 1
[ 1484.796348][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1484.803522][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1484.813558][   T29] Call Trace:
[ 1484.816820][   T29]  <TASK>
[ 1484.819737][   T29]  __dump_stack+0x21/0x24
[ 1484.824067][   T29]  dump_stack_lvl+0xee/0x150
[ 1484.828661][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1484.833686][   T29]  dump_stack+0x15/0x24
[ 1484.837821][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[ 1484.842756][   T29]  ? rcu_read_unlock_special+0xab/0x480
[ 1484.848313][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[ 1484.853783][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[ 1484.858724][   T29]  ? memcpy+0x56/0x70
[ 1484.862688][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[ 1484.868655][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[ 1484.874617][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1484.880507][   T29]  watchdog+0xd44/0xe80
[ 1484.884672][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1484.889351][   T29]  ? __kasan_check_read+0x11/0x20
[ 1484.894380][   T29]  ? __kthread_parkme+0x142/0x180
[ 1484.899390][   T29]  kthread+0x281/0x320
[ 1484.903471][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1484.908140][   T29]  ? __cfi_kthread+0x10/0x10
[ 1484.912718][   T29]  ret_from_fork+0x1f/0x30
[ 1484.917124][   T29]  </TASK>
[ 1484.920373][   T29] Sending NMI from CPU 1 to CPUs 0:
[ 1484.925671][    C0] NMI backtrace for cpu 0
[ 1484.925683][    C0] CPU: 0 PID: 32 Comm: kcompactd0 Not tainted syzkaller #0
[ 1484.925700][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1484.925710][    C0] RIP: 0010:pvclock_clocksource_read+0xf1/0x710
[ 1484.925732][    C0] Code: 00 fc ff df 48 89 55 a8 43 0f b6 04 33 84 c0 0f 85 4c 01 00 00 42 0f b6 04 32 84 c0 0f 85 87 01 00 00 8b 07 89 45 94 0f 01 f9 <66> 90 49 89 d5 48 8b 8d 38 ff ff ff 42 0f b6 0c 31 84 c9 0f 85 ae
[ 1484.925746][    C0] RSP: 0018:ffffc9000021f520 EFLAGS: 00000046
[ 1484.925760][    C0] RAX: 00000000c4f62aa2 RBX: ffffc9000021f660 RCX: 0000000000000000
[ 1484.925772][    C0] RDX: 00000000000002f9 RSI: ffffffff8796901c RDI: ffffffff87969000
[ 1484.925783][    C0] RBP: ffffc9000021f5f0 R08: ffffffff87969008 R09: ffffffff87969018
[ 1484.925795][    C0] R10: ffffffff87969003 R11: 1ffffffff0f2d200 R12: ffff8881f7037d80
[ 1484.925807][    C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000
[ 1484.925818][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1484.925832][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1484.925843][    C0] CR2: 0000001b31415ff8 CR3: 0000000107c85000 CR4: 00000000003506b0
[ 1484.925857][    C0] Call Trace:
[ 1484.925862][    C0]  <TASK>
[ 1484.925877][    C0]  kvm_sched_clock_read+0x18/0x40
[ 1484.925899][    C0]  sched_clock+0x9/0x10
[ 1484.925917][    C0]  sched_clock_cpu+0x6e/0x250
[ 1484.925935][    C0]  ? __cfi_sched_clock_cpu+0x10/0x10
[ 1484.925952][    C0]  ? __update_load_avg_cfs_rq+0xaf/0x2f0
[ 1484.925974][    C0]  newidle_balance+0x2d7/0xda0
[ 1484.925996][    C0]  ? dequeue_task_fair+0x4fc/0x1d50
[ 1484.926019][    C0]  ? put_prev_entity+0x3b0/0x3b0
[ 1484.926042][    C0]  pick_next_task_fair+0xe9/0xa30
[ 1484.926064][    C0]  ? __cfi_pick_next_task_fair+0x10/0x10
[ 1484.926084][    C0]  ? __kasan_check_write+0x14/0x20
[ 1484.926109][    C0]  ? dequeue_task+0x1aa/0x750
[ 1484.926126][    C0]  __schedule+0x454/0x14e0
[ 1484.926143][    C0]  ? release_firmware_map_entry+0x194/0x194
[ 1484.926161][    C0]  ? __mod_timer+0x7ae/0xb30
[ 1484.926179][    C0]  schedule+0xbd/0x170
[ 1484.926193][    C0]  schedule_timeout+0x12c/0x2e0
[ 1484.926212][    C0]  ? __cfi_schedule_timeout+0x10/0x10
[ 1484.926232][    C0]  ? __cfi_process_timeout+0x10/0x10
[ 1484.926249][    C0]  ? prepare_to_wait_event+0x40b/0x440
[ 1484.926271][    C0]  ? __kasan_check_read+0x11/0x20
[ 1484.926293][    C0]  kcompactd+0x921/0x1b00
[ 1484.926318][    C0]  ? __cfi_kcompactd+0x10/0x10
[ 1484.926337][    C0]  ? _raw_spin_unlock+0x4c/0x70
[ 1484.926351][    C0]  ? finish_task_switch+0x16b/0x7b0
[ 1484.926370][    C0]  ? __switch_to_asm+0x3a/0x60
[ 1484.926388][    C0]  ? __schedule+0xb8f/0x14e0
[ 1484.926402][    C0]  ? __kasan_check_write+0x14/0x20
[ 1484.926423][    C0]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 1484.926446][    C0]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[ 1484.926469][    C0]  ? __cfi_autoremove_wake_function+0x10/0x10
[ 1484.926490][    C0]  ? __kasan_check_read+0x11/0x20
[ 1484.926511][    C0]  ? __kthread_parkme+0x142/0x180
[ 1484.926526][    C0]  kthread+0x281/0x320
[ 1484.926540][    C0]  ? __cfi_kcompactd+0x10/0x10
[ 1484.926559][    C0]  ? __cfi_kthread+0x10/0x10
[ 1484.926574][    C0]  ret_from_fork+0x1f/0x30
[ 1484.926593][    C0]  </TASK>
[ 1485.878386][T23903] tmpfs: Unknown parameter 'nolazytime˙˙'
[ 1486.659138][T23917] netlink: 80 bytes leftover after parsing attributes in process `syz.6.7058'.
[ 1488.141282][T23950] xt_socket: unknown flags 0x50
[ 1490.456240][T23968] netlink: 80 bytes leftover after parsing attributes in process `syz.6.7073'.
[ 1491.972715][   T28] audit: type=1400 audit(1756865039.794:641): avc:  denied  { bind } for  pid=23999 comm="syz.0.7082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1492.846970][T24015] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7087'.
[ 1493.767497][T24029] fuse: Bad value for 'fd'
[ 1494.380711][T24035] device vcan0 entered promiscuous mode
[ 1494.386943][T24035] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check.
[ 1495.043097][T24051] fuse: Bad value for 'fd'
[ 1495.094131][T24055] netlink: 80 bytes leftover after parsing attributes in process `syz.0.7101'.
[ 1499.941876][T24099] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1499.948987][T24099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1499.957786][T24099] device bridge_slave_0 entered promiscuous mode
[ 1499.964975][T24099] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1499.972178][T24099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1499.979767][T24099] device bridge_slave_1 entered promiscuous mode
[ 1500.086247][T24106] netlink: 80 bytes leftover after parsing attributes in process `syz.6.7116'.
[ 1500.168275][T24099] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1500.175358][T24099] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1500.182680][T24099] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1500.189713][T24099] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1500.205901][T24119] fuse: Bad value for 'fd'
[ 1500.222777][  T409] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1500.233092][  T409] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1500.247482][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1500.255410][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1500.303781][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1500.320322][  T409] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1500.327457][  T409] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1500.347977][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1500.361499][  T409] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1500.368617][  T409] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1500.379871][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1500.387945][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1500.403697][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1500.428724][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1500.437689][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1500.445509][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1500.454618][T24099] device veth0_vlan entered promiscuous mode
[ 1500.469191][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1500.479198][T24099] device veth1_macvtap entered promiscuous mode
[ 1500.490472][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1500.503706][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1500.720047][T24133] device bridge0 entered promiscuous mode
[ 1500.837293][T24133] device pim6reg1 entered promiscuous mode
[ 1500.928308][T24137] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7124'.
[ 1500.948790][T24137] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7124'.
[ 1501.478582][   T28] audit: type=1326 audit(1756865049.294:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24139 comm="syz.0.7125" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7265f8ebe9 code=0x0
[ 1501.665285][T24156] device pim6reg1 entered promiscuous mode
[ 1502.002910][T24158] fuse: Bad value for 'fd'
[ 1503.312980][T24176] netlink: 80 bytes leftover after parsing attributes in process `syz.7.7134'.
[ 1503.593836][T24183] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7137'.
[ 1503.610980][T24183] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7137'.
[ 1504.562766][T24204] device pim6reg1 entered promiscuous mode
[ 1505.291067][   T29] INFO: task syz.3.6100:20547 blocked for more than 209 seconds.
[ 1505.298820][   T29]       Not tainted syzkaller #0
[ 1505.304094][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1505.313033][   T29] task:syz.3.6100      state:D stack:26752 pid:20547 ppid:19091  flags:0x00004004
[ 1505.322926][   T29] Call Trace:
[ 1505.326230][   T29]  <TASK>
[ 1505.329174][   T29]  __schedule+0xb87/0x14e0
[ 1505.333688][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1505.339621][   T29]  ? __kasan_check_write+0x14/0x20
[ 1505.344778][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1505.349812][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1505.355427][   T29]  schedule+0xbd/0x170
[ 1505.359511][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1505.365028][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1505.370703][   T29]  ? down_write_killable+0x40/0x40
[ 1505.376189][   T29]  ? iput+0x289/0x670
[ 1505.380278][   T29]  ? __kasan_check_write+0x14/0x20
[ 1505.385694][   T29]  ? downgrade_write+0x330/0x350
[ 1505.390657][   T29]  down_read+0x96/0xf0
[ 1505.395026][   T29]  ? __cfi_down_read+0x10/0x10
[ 1505.399848][   T29]  ? __put_super+0x55/0x2d0
[ 1505.404520][   T29]  iterate_supers+0xad/0x1f0
[ 1505.409206][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1505.414877][   T29]  ksys_sync+0x91/0x150
[ 1505.419042][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1505.423870][   T29]  ? switch_fpu_return+0xe/0x10
[ 1505.428782][   T29]  __ia32_sys_sync+0xe/0x20
[ 1505.433358][   T29]  x64_sys_call+0x7de/0x9a0
[ 1505.437872][   T29]  do_syscall_64+0x4c/0xa0
[ 1505.442378][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1505.447071][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1505.452119][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1505.458073][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1505.462523][   T29] RSP: 002b:00007f1abfabe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1505.472443][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6090 RCX: 00007f1abeb8ebe9
[ 1505.472860][   T28] audit: type=1400 audit(1756865053.294:643): avc:  denied  { create } for  pid=24223 comm="syz.1.7149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[ 1505.501698][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1505.509747][   T29] RBP: 00007f1abedc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1505.522581][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1505.531076][   T29] R13: 00007f1abedc6128 R14: 00007f1abedc6090 R15: 00007ffd812397e8
[ 1505.540685][   T29]  </TASK>
[ 1505.543984][   T29] INFO: task syz.3.6100:20548 blocked for more than 210 seconds.
[ 1505.552247][   T29]       Not tainted syzkaller #0
[ 1505.557239][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1505.566207][   T29] task:syz.3.6100      state:D stack:28016 pid:20548 ppid:19091  flags:0x00004004
[ 1505.582673][   T29] Call Trace:
[ 1505.589259][   T29]  <TASK>
[ 1505.593157][   T29]  __schedule+0xb87/0x14e0
[ 1505.598364][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[ 1505.605547][   T29]  ? release_firmware_map_entry+0x194/0x194
[ 1505.612004][   T29]  ? __kasan_check_write+0x14/0x20
[ 1505.617299][   T29]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1505.622869][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1505.628650][   T29]  schedule+0xbd/0x170
[ 1505.633028][   T29]  schedule_preempt_disabled+0x13/0x20
[ 1505.638578][   T29]  rwsem_down_read_slowpath+0x7c6/0x1510
[ 1505.644563][   T29]  ? down_write_killable+0x40/0x40
[ 1505.649748][   T29]  ? __this_cpu_preempt_check+0x13/0x20
[ 1505.655607][   T29]  ? __pv_queued_spin_lock_slowpath+0x889/0xc40
[ 1505.662061][   T29]  ? __kasan_check_write+0x14/0x20
[ 1505.667305][   T29]  ? __cfi___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1505.674150][   T29]  ? downgrade_write+0x330/0x350
[ 1505.697344][   T29]  down_read+0x96/0xf0
[ 1505.705939][   T29]  ? __cfi_down_read+0x10/0x10
[ 1505.715889][   T29]  ? __put_super+0x55/0x2d0
[ 1505.725560][   T29]  iterate_supers+0xad/0x1f0
[ 1505.735400][   T29]  ? __cfi_sync_inodes_one_sb+0x10/0x10
[ 1505.874366][   T29]  ksys_sync+0x91/0x150
[ 1505.890742][   T29]  ? __cfi_ksys_sync+0x10/0x10
[ 1505.939360][   T29]  ? debug_smp_processor_id+0x17/0x20
[ 1505.977689][   T29]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1505.984174][   T29]  __ia32_sys_sync+0xe/0x20
[ 1505.988894][   T29]  x64_sys_call+0x7de/0x9a0
[ 1505.993672][   T29]  do_syscall_64+0x4c/0xa0
[ 1505.998277][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1506.003238][   T29]  ? clear_bhb_loop+0x30/0x80
[ 1506.008195][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1506.014351][   T29] RIP: 0033:0x7f1abeb8ebe9
[ 1506.019113][   T29] RSP: 002b:00007f1abfa9d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1506.027871][   T29] RAX: ffffffffffffffda RBX: 00007f1abedc6180 RCX: 00007f1abeb8ebe9
[ 1506.035991][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1506.044028][   T29] RBP: 00007f1abedc6180 R08: 0000000000000000 R09: 0000000000000000
[ 1506.052156][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1506.060120][   T29] R13: 00007f1abedc6218 R14: 00007f1abedc6180 R15: 00007ffd812397e8
[ 1506.068109][   T29]  </TASK>
[ 1506.079024][   T29] NMI backtrace for cpu 1
[ 1506.083381][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1506.090577][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1506.100641][   T29] Call Trace:
[ 1506.103920][   T29]  <TASK>
[ 1506.106848][   T29]  __dump_stack+0x21/0x24
[ 1506.111176][   T29]  dump_stack_lvl+0xee/0x150
[ 1506.115772][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1506.120800][   T29]  dump_stack+0x15/0x24
[ 1506.124948][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[ 1506.129880][   T29]  ? rcu_read_unlock_special+0xab/0x480
[ 1506.135447][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[ 1506.140908][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[ 1506.145871][   T29]  ? memcpy+0x56/0x70
[ 1506.149855][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[ 1506.155841][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[ 1506.161826][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1506.167744][   T29]  watchdog+0xd44/0xe80
[ 1506.171926][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1506.176603][   T29]  ? __kasan_check_read+0x11/0x20
[ 1506.181612][   T29]  ? __kthread_parkme+0x142/0x180
[ 1506.186617][   T29]  kthread+0x281/0x320
[ 1506.190668][   T29]  ? __cfi_watchdog+0x10/0x10
[ 1506.195420][   T29]  ? __cfi_kthread+0x10/0x10
[ 1506.200000][   T29]  ret_from_fork+0x1f/0x30
[ 1506.204402][   T29]  </TASK>
[ 1506.207678][   T29] Sending NMI from CPU 1 to CPUs 0:
[ 1506.213050][    C0] NMI backtrace for cpu 0
[ 1506.213061][    C0] CPU: 0 PID: 24221 Comm: syz.0.7148 Not tainted syzkaller #0
[ 1506.213078][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1506.213087][    C0] RIP: 0010:__this_cpu_preempt_check+0x1/0x20
[ 1506.213115][    C0] Code: fb ff e8 ce c2 ff ff eb a7 e8 ab f5 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 b8 75 ff 2f 49 55 <48> 89 e5 48 89 fe 48 c7 c7 60 0b aa 85 e8 bd fe ff ff 5d c3 00 00
[ 1506.213128][    C0] RSP: 0018:ffffc90008fe7348 EFLAGS: 00000002
[ 1506.213142][    C0] RAX: 0000000000000001 RBX: ffff888113841440 RCX: 0000000000000002
[ 1506.213153][    C0] RDX: ffff88811c959440 RSI: 0000000000000001 RDI: ffffffff858a7800
[ 1506.213164][    C0] RBP: ffffc90008fe7388 R08: 0000000000000001 R09: fffffbfff0ee4b9e
[ 1506.213175][    C0] R10: 0000000000000000 R11: 1ffffffff0ee4b9d R12: 0000000000000001
[ 1506.213185][    C0] R13: 0000000000000001 R14: ffff88811c959440 R15: ffff88811c959440
[ 1506.213196][    C0] FS:  00007f7266e1a6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1506.213211][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1506.213222][    C0] CR2: 000000110c316d9c CR3: 000000014b8c1000 CR4: 00000000003506b0
[ 1506.213235][    C0] Call Trace:
[ 1506.213240][    C0]  <TASK>
[ 1506.213246][    C0]  ? tracing_record_taskinfo_sched_switch+0x41/0x3a0
[ 1506.213269][    C0]  ? probe_sched_switch+0x63/0x90
[ 1506.213284][    C0]  probe_sched_switch+0x71/0x90
[ 1506.213297][    C0]  ? __cfi_probe_sched_switch+0x10/0x10
[ 1506.213311][    C0]  __traceiter_sched_switch+0xa0/0xd0
[ 1506.213328][    C0]  __schedule+0x1263/0x14e0
[ 1506.213352][    C0]  ? release_firmware_map_entry+0x194/0x194
[ 1506.213366][    C0]  ? avc_has_perm+0x158/0x240
[ 1506.213388][    C0]  schedule+0xbd/0x170
[ 1506.213401][    C0]  schedule_timeout+0xa6/0x2e0
[ 1506.213421][    C0]  ? __cfi_schedule_timeout+0x10/0x10
[ 1506.213441][    C0]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 1506.213456][    C0]  ? prepare_to_wait_exclusive+0x191/0x1d0
[ 1506.213478][    C0]  unix_wait_for_peer+0x1e5/0x2e0
[ 1506.213499][    C0]  ? unix_find_other+0x880/0x880
[ 1506.213516][    C0]  ? __cfi_autoremove_wake_function+0x10/0x10
[ 1506.213537][    C0]  ? __cfi__raw_spin_lock+0x10/0x10
[ 1506.213562][    C0]  ? kasan_check_range+0xc/0x290
[ 1506.213581][    C0]  ? security_unix_may_send+0x8c/0xb0
[ 1506.213604][    C0]  unix_dgram_sendmsg+0xed4/0x16d0
[ 1506.213626][    C0]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1506.213647][    C0]  ? security_socket_sendmsg+0x93/0xb0
[ 1506.213662][    C0]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 1506.213680][    C0]  ____sys_sendmsg+0x5a9/0x990
[ 1506.213696][    C0]  ? _raw_spin_unlock+0x4c/0x70
[ 1506.213710][    C0]  ? __sys_sendmsg_sock+0x40/0x40
[ 1506.213725][    C0]  ? __schedule+0xb8f/0x14e0
[ 1506.213740][    C0]  ? import_iovec+0x7c/0xb0
[ 1506.213759][    C0]  ___sys_sendmsg+0x21c/0x290
[ 1506.213775][    C0]  ? __sys_sendmsg+0x270/0x270
[ 1506.213791][    C0]  ? futex_unqueue+0x132/0x160
[ 1506.213814][    C0]  ? __cfi_futex_wait+0x10/0x10
[ 1506.213833][    C0]  ? __fdget+0x19c/0x220
[ 1506.213847][    C0]  __sys_sendmmsg+0x274/0x460
[ 1506.213864][    C0]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 1506.213885][    C0]  ? fpregs_restore_userregs+0x128/0x260
[ 1506.213903][    C0]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1506.213919][    C0]  x64_sys_call+0x3f5/0x9a0
[ 1506.213937][    C0]  do_syscall_64+0x4c/0xa0
[ 1506.213951][    C0]  ? clear_bhb_loop+0x30/0x80
[ 1506.213968][    C0]  ? clear_bhb_loop+0x30/0x80
[ 1506.213985][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1506.214002][    C0] RIP: 0033:0x7f7265f8ebe9
[ 1506.214014][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1506.214027][    C0] RSP: 002b:00007f7266e1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1506.214042][    C0] RAX: ffffffffffffffda RBX: 00007f72661c5fa0 RCX: 00007f7265f8ebe9
[ 1506.214054][    C0] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 000000000000000c
[ 1506.214064][    C0] RBP: 00007f7266011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1506.214074][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1506.214083][    C0] R13: 00007f72661c6038 R14: 00007f72661c5fa0 R15: 00007ffe61b3e568
[ 1506.214097][    C0]  </TASK>
[ 1506.732925][T24244] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7154'.
[ 1506.758860][T24244] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7154'.
[ 1507.065976][T24242] sch_fq: defrate 4294967295 ignored.
[ 1507.285915][T24259] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1507.503136][T24270] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1508.679238][T24296] fuse: Bad value for 'fd'
[ 1508.824129][T24302] tipc: Started in network mode
[ 1508.832371][T24302] tipc: Node identity 2, cluster identity 4711
[ 1509.363390][T24302] tipc: Node number set to 2
[ 1509.474949][T24308] sch_fq: defrate 4294967295 ignored.
[ 1509.656211][T24314] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7175'.
[ 1509.669299][T24314] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7175'.
[ 1509.928897][T24326] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1509.944083][T24326] device syzkaller0 entered promiscuous mode
[ 1510.528015][T24312] tipc: Resetting bearer <eth:syzkaller0>
[ 1510.535944][T24312] tipc: Disabling bearer <eth:syzkaller0>
[ 1510.842596][T24339] fuse: Bad value for 'fd'
[ 1511.695222][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1511.890984][T24348] netlink: 'syz.1.7185': attribute type 27 has an invalid length.
[ 1512.482750][T24352] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=262 sclass=netlink_route_socket pid=24352 comm=syz.1.7185
[ 1512.496535][T24348] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.818679][T24361] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1512.929012][T24361] device bridge0 left promiscuous mode
[ 1512.968948][T24361] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1513.012902][T24361] device veth0_vlan left promiscuous mode
[ 1515.146454][T24361] device veth0_vlan entered promiscuous mode
[ 1515.157532][T24361] device veth1_macvtap left promiscuous mode
[ 1515.179107][T24361] device veth1_macvtap entered promiscuous mode
[ 1515.203261][T24361] device bridge0 entered promiscuous mode
[ 1515.631537][T24372] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7193'.
[ 1515.640682][T24372] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7193'.
[ 1515.687243][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1515.696427][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1515.704708][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1515.713215][T11357] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1515.720275][T11357] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1515.735311][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1515.747980][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1515.756434][T11357] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1515.763495][T11357] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1515.771156][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1515.779542][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1515.801844][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1515.827275][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1515.841251][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1515.859807][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1515.871563][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1515.882242][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1515.891412][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1515.905019][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1515.914435][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1515.925512][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1515.934177][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1515.943140][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1515.951343][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1515.959558][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1515.967855][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1515.978209][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1515.986947][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1515.995676][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1516.003804][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1516.011930][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1516.019498][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1516.027635][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1516.036167][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1516.044757][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1516.054089][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1516.065173][T11357] IPv6: ADDRCONF(NETDEV_CHANGE): macsec1: link becomes ready
[ 1517.274217][T24435] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7210'.
[ 1517.292542][T24435] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7210'.
[ 1517.315184][T24435] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.446892][T24498] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7227'.
[ 1521.500702][T24498] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7227'.
[ 1522.568154][T24514] sch_fq: defrate 4294967295 ignored.
[ 1524.031055][T24524] sch_fq: defrate 4294967295 ignored.
[ 1525.172088][T24542] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1525.180840][T24542] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1526.093453][T24549] sch_fq: defrate 4294967295 ignored.
[ 1526.271316][   T28] audit: type=1400 audit(1756865073.144:644): avc:  denied  { create } for  pid=24535 comm="syz.0.7238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1526.449012][T24559] netlink: 36 bytes leftover after parsing attributes in process `syz.7.7242'.
[ 1526.458511][T24559] netlink: 20 bytes leftover after parsing attributes in process `syz.7.7242'.
[ 1526.468366][T24559] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1526.529826][   T28] audit: type=1400 audit(1756865074.344:645): avc:  denied  { read } for  pid=24563 comm="syz.1.7244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1526.812864][T24571] netlink: 48 bytes leftover after parsing attributes in process `syz.6.7245'.
[ 1527.051237][T24575] sch_fq: defrate 4294967295 ignored.
[ 1528.197911][T24590] fuse: Bad value for 'fd'
[ 1530.843385][T24646] fuse: Bad value for 'fd'
[ 1531.973690][T24671] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7272'.
[ 1531.982952][T24671] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7272'.
[ 1534.526792][T24671] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7272'.
[ 1534.617207][T24671] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7272'.
[ 1534.680301][T24682] fuse: Bad value for 'fd'
[ 1536.846397][T24722] fuse: Bad value for 'fd'
[ 1539.355233][T24765] fuse: Bad value for 'fd'
[ 1542.954664][T24819] fuse: Bad value for 'fd'
[ 1543.249061][T24827] sch_fq: defrate 4294967295 ignored.
[ 1543.984038][T24846] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7322'.
[ 1543.993144][T24846] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7322'.
[ 1547.592263][T24869] fuse: Bad value for 'fd'
[ 1548.952834][T24887] sch_fq: defrate 4294967295 ignored.
[ 1549.836825][T24896] overlayfs: failed to clone upperpath
[ 1550.308778][T24914] fuse: Bad value for 'fd'
[ 1552.297151][T24937] sch_fq: defrate 4294967295 ignored.
[ 1556.490658][T24989] sch_fq: defrate 4294967295 ignored.
[ 1556.927154][T24995] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24995 comm=syz.6.7365
[ 1556.941153][T24995] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7365'.
[ 1556.979405][T24997] fuse: Bad value for 'fd'
[ 1556.993288][T25000] x_tables: unsorted entry at hook 1
[ 1557.025035][T25006] fuse: Bad value for 'fd'
[ 1560.311008][T25057] sch_fq: defrate 4294967295 ignored.
[ 1560.552071][T25068] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7387'.
[ 1560.723242][T25068] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7387'.
[ 1569.535247][T25123] sch_fq: defrate 4294967295 ignored.
[ 1575.914292][T25184] futex_wake_op: syz.1.7417 tries to shift op by -1; fix this program
[ 1578.065302][T25208] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1579.822533][T25228] bridge: RTM_NEWNEIGH with invalid ether address
[ 1580.141213][T25230] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7430'.
[ 1580.159736][T25231] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7430'.
[ 1580.237719][T25237] netlink: 172 bytes leftover after parsing attributes in process `syz.1.7430'.
[ 1582.370015][T25277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7441'.
[ 1583.992026][   T28] audit: type=1326 audit(1756865131.804:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25296 comm="syz.6.7447" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x0
[ 1585.824375][T25324] netlink: 'syz.2.7450': attribute type 3 has an invalid length.
[ 1585.835777][T25324] fuse: Bad value for 'fd'
[ 1586.632934][T25330] block device autoloading is deprecated and will be removed.
[ 1588.375163][T25368] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7465'.
[ 1590.301305][   T28] audit: type=1400 audit(1756865138.044:647): avc:  denied  { getopt } for  pid=25392 comm="syz.2.7472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1590.714551][T25401] xt_CT: No such helper "pptp"
[ 1590.895435][   T28] audit: type=1400 audit(1756865138.714:648): avc:  denied  { create } for  pid=25412 comm="syz.7.7480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1592.558058][T25413] futex_wake_op: syz.7.7480 tries to shift op by 32; fix this program
[ 1594.889813][T25443] sch_fq: defrate 4294967295 ignored.
[ 1598.046394][T25467] sch_fq: defrate 4294967295 ignored.
[ 1598.441303][T25480] incfs: Options parsing error. -22
[ 1598.446614][T25480] incfs: mount failed -22
[ 1598.814685][   T28] audit: type=1400 audit(1756865146.634:649): avc:  denied  { setattr } for  pid=25481 comm="syz.2.7496" name="file0" dev="tmpfs" ino=1767 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1599.037402][T25486] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7495'.
[ 1599.049795][T25486] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7495'.
[ 1599.146673][T25487] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7496'.
[ 1600.477869][T25510] incfs: Options parsing error. -22
[ 1600.483156][T25510] incfs: mount failed -22
[ 1600.858319][T25512] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7503'.
[ 1600.908792][T25512] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7503'.
[ 1606.165461][T25576] sch_fq: defrate 4294967295 ignored.
[ 1607.684539][T25582] sch_fq: defrate 4294967295 ignored.
[ 1608.844884][T25605] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7531'.
[ 1611.304759][T25651] syz.7.7546[25651] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1611.304864][T25651] syz.7.7546[25651] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1611.650217][   T28] audit: type=1400 audit(1756865159.464:650): avc:  denied  { nlmsg_read } for  pid=25673 comm="syz.1.7553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1611.721889][T25674] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7553'.
[ 1612.198840][   T28] audit: type=1400 audit(1756865159.724:651): avc:  denied  { read } for  pid=25671 comm="poweroff" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1614.675089][T25689] 9pnet_fd: Insufficient options for proto=fd
[ 1619.404079][   T28] audit: type=1326 audit(1756865166.434:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25796 comm="syz.1.7569" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdee5b8ebe9 code=0x0
[ 1620.313639][T25825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7573'.
[ 1620.361176][   T28] audit: type=1400 audit(1756865168.134:653): avc:  denied  { shutdown } for  pid=25812 comm="syz.2.7573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1622.547493][T25848] netlink: 96 bytes leftover after parsing attributes in process `syz.6.7582'.
[ 1623.421164][   T28] audit: type=1326 audit(1756865171.204:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25869 comm="syz.0.7592" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7265f8ebe9 code=0x0
[ 1623.636590][T25887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7597'.
[ 1624.780991][   T28] audit: type=1326 audit(1756865172.554:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25921 comm="syz.7.7607" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f66c6f8ebe9 code=0x0
[ 1625.686900][   T28] audit: type=1326 audit(1756865173.004:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25928 comm="syz.0.7609" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7265f8ebe9 code=0x0
[ 1625.902569][   T28] audit: type=1326 audit(1756865173.714:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25936 comm="syz.2.7610" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f504638ebe9 code=0x0
[ 1627.446632][T25940] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7611'.
[ 1630.468520][T25980] overlayfs: failed to resolve '/˙˙': -2
[ 1630.477857][   T28] audit: type=1326 audit(1756865178.294:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25979 comm="syz.1.7623" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdee5b8ebe9 code=0x0
[ 1630.756814][   T28] audit: type=1400 audit(1756865178.574:659): avc:  denied  { setopt } for  pid=26000 comm="syz.0.7630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1630.767554][T26009] netlink: 104 bytes leftover after parsing attributes in process `syz.1.7634'.
[ 1631.352273][T26018] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7635'.
[ 1631.395146][   T28] audit: type=1326 audit(1756865179.214:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26021 comm="syz.6.7637" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba8ef8ebe9 code=0x0
[ 1631.400431][T26003] netlink: 'syz.0.7630': attribute type 27 has an invalid length.
[ 1631.429355][T26026] Invalid ELF header type: 2 != 1
[ 1631.430493][   T28] audit: type=1400 audit(1756865179.244:661): avc:  denied  { module_load } for  pid=26025 comm="syz.1.7639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[ 1631.470833][T26003] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1631.513380][T26003] device vcan0 left promiscuous mode
[ 1631.573878][T26003] device ip6erspan0 left promiscuous mode
[ 1631.753275][   T28] audit: type=1400 audit(1756865179.574:662): avc:  denied  { create } for  pid=26060 comm="syz.1.7655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1631.807742][T26065] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7657'.
[ 1632.228195][   T28] audit: type=1400 audit(1756865180.044:663): avc:  denied  { nlmsg_write } for  pid=26089 comm="syz.0.7669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1632.457123][T26108] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1632.485706][T26114] overlayfs: failed to clone upperpath
[ 1632.591720][   T28] audit: type=1326 audit(1756865180.414:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26127 comm="syz.1.7687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdee5b8ebe9 code=0x7ffc0000
[ 1632.615224][   T28] audit: type=1326 audit(1756865180.414:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26127 comm="syz.1.7687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdee5b8ebe9 code=0x7ffc0000
[ 1632.638846][   T28] audit: type=1326 audit(1756865180.414:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26127 comm="syz.1.7687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fdee5b8ebe9 code=0x7ffc0000
[ 1632.665274][   T28] audit: type=1326 audit(1756865180.414:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26127 comm="syz.1.7687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdee5b8ebe9 code=0x7ffc0000
[ 1632.689795][T26129] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1632.697323][T26133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7689'.
[ 1632.927153][T26148] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7696'.
[ 1633.136489][T26160] /dev/loop0: Can't open blockdev
[ 1633.148132][T26162] @: renamed from vlan0
[ 1633.644094][T26188] tmpfs: Unknown parameter 'usrquota'
[ 1633.670427][T26194] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7719'.
[ 1634.043294][T26221] netlink: 36 bytes leftover after parsing attributes in process `syz.7.7732'.
[ 1634.052799][T26221] netlink: 20 bytes leftover after parsing attributes in process `syz.7.7732'.
[ 1636.763650][   T28] kauditd_printk_skb: 7 callbacks suppressed
[ 1636.763667][   T28] audit: type=1326 audit(1756865184.584:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26254 comm="syz.7.7741" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f66c6f8ebe9 code=0x0
[ 1637.456203][T26281] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7748'.
[ 1637.537665][T26286] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7750'.
[ 1637.550961][T26286] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7750'.
[ 1639.842598][T26318] sch_fq: defrate 4294967295 ignored.
serialport: VM disconnected.